Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Extremely slow internet speeds + frequent disconnections [Solved]

Started by iamsuperstarr , Aug 28 2012 10:14 AM

  • This topic is locked This topic is locked

#1
iamsuperstarr
Posted 28 August 2012 - 10:14 AM

iamsuperstarr

    New Member

  • Member
  • Pip
  • 7 posts
Hey guys, first off I'd like to thank you guys for taking your time to read my log and hopefully figure out what the problem is for me. I just moved into an apartment about a month ago and I decided to sign up with the default ISP that came with the building (it's a student accommodation so they already had an ISP set up for convenience). FYI my ethernet cable is connected from my PC to a "Ruckus" box in my room which is where the internet is coming from, presumably.

Anyway in my first week, I was amazed by the speeds I got which was about 2MB/s. Anyway the next week my ISP goes down and I am net-less for a couple of days, and when it goes back up, my speeds feel slower and I'm starting to notice frequent disconnections. This has steadily gone downhill and from then I have not had a single day where I haven't been disconnected. My internet speed has also slowed to a crawl, from 2MB/s to 10KB/s. As you can imagine, it took me MUCH longer than I'd like to download the OTL software (imagine a minute's wait for a 500+kb file).

Right now my disconnections are more frequent, say maybe once every 15-30 minutes, and I don't even bother loading YouTube anymore because it's just too slow. Now I understand the whole "Fair Use" policy and I understand that other students in the building could be on the same network, therefore the bandwidth has been split, but getting speeds of 10KB/s is beyond ridiculous, and the frequent disconnections seem a little out of place too. I've called my ISP every single week and each time they tell me that the problem is with the engineering team and they are working to figure out what's the issue. I am planning on changing ISPs, but before I do I was wondering if perhaps there could be some malware on my PC that could be causing the slow speeds/frequent disconnections.

However oddly enough when I plug the Ethernet cable into my MacBook, the speeds while just as slow, aren't AS slow. YouTube videos actually load in the sense that you can actually see the bar moving, so I'm not sure why only on my PC is it so affected. Disconnections on my Mac are less frequent, although in all fairness I don't use it as often as I would my PC. I'm hoping it's not the network adapter in my motherboard since that will be extra problematic, but given that I had such good speeds in the first week, it seems doubtful (feel free to correct me). Anyway below is my OTL.txt that I have pasted, thanks for giving it a once over!

OTL logfile created on: 29-Aug-12 1:57:20 AM - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Seng Yip\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd-MMM-yy

7.95 Gb Total Physical Memory | 6.09 Gb Available Physical Memory | 76.64% Memory free
15.90 Gb Paging File | 12.71 Gb Available in Paging File | 79.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 540.09 Gb Free Space | 57.99% Space Free | Partition Type: NTFS
Drive E: | 6.66 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: SENGYIP-PC | User Name: Seng Yip | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-08-29 01:56:47 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Seng Yip\Downloads\OTL.exe
PRC - [2012-08-18 08:28:57 | 001,229,848 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012-07-28 02:48:36 | 002,297,856 | ---- | M] (SmoothPing) -- C:\Program Files (x86)\Smoothping Elite\SmoothPingProxy.exe
PRC - [2012-07-09 12:30:44 | 001,192,664 | ---- | M] () -- C:\Users\Seng Yip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012-07-08 19:50:09 | 001,107,552 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012-07-08 19:50:09 | 000,935,008 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
PRC - [2012-07-05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-07-04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
PRC - [2012-07-03 11:21:38 | 026,868,192 | ---- | M] (Dropbox, Inc.) -- C:\Users\Seng Yip\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012-06-11 11:57:30 | 000,679,424 | -HS- | M] () -- C:\Program Files (x86)\Pingzapper\PZService.exe
PRC - [2012-06-06 15:21:46 | 023,893,632 | ---- | M] () -- C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.exe
PRC - [2012-04-05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2012-03-09 09:02:14 | 000,621,568 | ---- | M] () -- C:\Program Files (x86)\Sticky-Notes\stickynotes.exe
PRC - [2012-02-14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2012-02-07 17:53:34 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012-02-07 17:53:32 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012-02-07 17:52:04 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012-01-05 05:59:50 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2011-11-29 20:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011-11-29 20:04:54 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010-11-21 13:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2005-07-16 07:48:33 | 000,479,232 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe


========== Modules (No Company Name) ==========

MOD - [2012-08-18 08:28:55 | 000,442,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\ppgooglenaclpluginchrome.dll
MOD - [2012-08-18 08:28:54 | 012,236,824 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll
MOD - [2012-08-18 08:28:52 | 003,997,720 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\pdf.dll
MOD - [2012-08-18 08:27:36 | 000,526,872 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\libglesv2.dll
MOD - [2012-08-18 08:27:35 | 000,104,984 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\libegl.dll
MOD - [2012-08-18 08:27:23 | 000,144,424 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\avutil-51.dll
MOD - [2012-08-18 08:27:22 | 000,266,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\avformat-54.dll
MOD - [2012-08-18 08:27:21 | 002,480,680 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\avcodec-54.dll
MOD - [2012-07-10 13:44:26 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012-07-10 13:44:22 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012-07-10 13:44:22 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012-07-10 13:44:22 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\acc563eb665e430df4375afb9697a5d9\IAStorCommon.ni.dll
MOD - [2012-07-10 13:44:21 | 000,487,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\33e53ffe7ba7362a2d483ef4ea79bfe3\IAStorUtil.ni.dll
MOD - [2012-07-10 13:44:19 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012-07-10 13:44:16 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012-07-10 13:44:08 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012-07-10 13:44:06 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012-07-10 13:44:06 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012-07-10 13:44:02 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012-07-09 12:30:44 | 001,192,664 | ---- | M] () -- C:\Users\Seng Yip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
MOD - [2012-07-08 19:50:09 | 001,107,552 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2012-07-08 19:50:09 | 000,132,704 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\SiteSafety.dll
MOD - [2012-06-06 15:21:46 | 023,893,632 | ---- | M] () -- C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.exe
MOD - [2012-05-30 20:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012-05-30 20:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012-05-30 17:40:04 | 000,237,568 | ---- | M] () -- C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\Speech.fpi
MOD - [2012-03-09 09:02:14 | 000,621,568 | ---- | M] () -- C:\Program Files (x86)\Sticky-Notes\stickynotes.exe
MOD - [2010-01-21 01:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010-01-09 20:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF


========== Services (SafeList) ==========

SRV:64bit: - [2012-02-15 00:13:00 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012-02-02 22:29:52 | 000,628,448 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2009-07-14 11:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012-08-16 03:58:18 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-08-06 16:09:30 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
SRV - [2012-08-03 09:24:16 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-07-28 02:48:36 | 002,297,856 | ---- | M] (SmoothPing) [Auto | Running] -- C:\Program Files (x86)\Smoothping Elite\SmoothPingProxy.exe -- (SmoothPingProxy)
SRV - [2012-07-08 19:50:09 | 000,935,008 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe -- (vToolbarUpdater11.2.0)
SRV - [2012-07-05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-07-04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012-07-03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-06-11 11:57:30 | 000,679,424 | -HS- | M] () [Auto | Running] -- C:\Program Files (x86)\Pingzapper\PZService.exe -- (PingzapperSvc)
SRV - [2012-02-14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2012-02-07 17:53:34 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012-02-07 17:53:32 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012-02-07 17:52:04 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011-11-29 20:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-11 07:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012-07-08 23:28:09 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012-04-25 12:11:36 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012-04-19 04:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012-03-19 05:17:26 | 000,383,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012-03-01 16:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-02-22 05:25:32 | 000,289,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012-02-15 00:48:32 | 010,856,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012-02-14 23:13:12 | 000,327,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012-01-31 04:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2012-01-18 06:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2012-01-05 05:58:50 | 000,786,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012-01-05 05:58:50 | 000,355,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012-01-05 05:58:50 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2011-12-23 13:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011-12-23 13:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:64bit: - [2011-12-23 13:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2011-12-05 16:47:30 | 000,095,248 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011-11-29 19:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011-11-10 01:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011-09-29 19:30:34 | 000,646,248 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011-03-11 16:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 16:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010-11-21 13:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-21 13:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-21 13:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010-08-18 03:28:32 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2009-07-14 11:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 11:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 11:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-14 10:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009-06-11 06:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-11 06:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-11 06:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-11 06:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-05-18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2007-08-17 07:48:46 | 000,030,336 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Lachesis.sys -- (VaneFltr)
DRV - [2009-07-14 11:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CE 0C DD 0C E9 84 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...fr&d=2012-07-08 19:50:09&v=11.1.0.12&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Seng Yip\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Seng Yip\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Seng Yip\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Seng Yip\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012-07-08 19:49:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.12\ [2012-07-08 19:50:11 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - homepage: http://www.google.com/ig
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://www.google.com/ig
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - Extension: YouTube = C:\Users\Seng Yip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: AdBlock = C:\Users\Seng Yip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.41_0\
CHR - Extension: Classic = C:\Users\Seng Yip\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkacjpbfdknhflllbcmjibkdeoafencn\1.1_1\
CHR - Extension: AVG Do Not Track = C:\Users\Seng Yip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: Google Reader = C:\Users\Seng Yip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjhlfkghdhmijklfnahfkpgmhcmfgcm\4.3_0\
CHR - Extension: Gmail = C:\Users\Seng Yip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009-06-11 07:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O4:64bit: - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe (Google Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HF_G_Jul] C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Seng Yip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [Sticky-Notes] C:\Program Files (x86)\Sticky-Notes\stickynotes.exe ()
O4 - Startup: C:\Users\Seng Yip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Seng Yip\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Seng Yip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\SmoothPingProxy64.dll (SmoothPing)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\SmoothPingProxy64.dll (SmoothPing)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\SmoothPingProxy64.dll (SmoothPing)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\SmoothPingProxy64.dll (SmoothPing)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Windows\SysNative\SmoothPingProxy64.dll (SmoothPing)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\SmoothPingProxy.dll (SmoothPing)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\SmoothPingProxy.dll (SmoothPing)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\SmoothPingProxy.dll (SmoothPing)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\SmoothPingProxy.dll (SmoothPing)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysWow64\SmoothPingProxy.dll (SmoothPing)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{62716099-EE31-41C5-8438-2FAED86E3B53}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9851170C-2263-4CBD-AF5B-AFCDC5D7621D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D5ACBEB7-572F-4295-B79E-28C643E3C174}: NameServer = 8.8.8.8
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{b8d1fac7-c7e6-11e1-9344-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{b8d1fac7-c7e6-11e1-9344-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Bin\ASSETUP.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012-08-23 00:28:05 | 000,000,000 | ---D | C] -- C:\Users\Seng Yip\AppData\Roaming\Mozilla
[2012-08-19 02:07:34 | 000,000,000 | ---D | C] -- C:\Users\Seng Yip\AppData\Local\SmoothpingElite
[2012-08-19 02:07:20 | 000,000,000 | -HSD | C] -- C:\Users\Seng Yip\wc
[2012-08-19 02:07:16 | 000,000,000 | -HSD | C] -- C:\Users\Seng Yip\AppData\Roaming\wyUpdate AU
[2012-08-19 02:07:15 | 000,000,000 | ---D | C] -- C:\Users\Seng Yip\Smoothping
[2012-08-19 02:06:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smoothping
[2012-08-19 02:06:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Smoothping Elite
[2012-08-17 14:43:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2012-08-17 14:43:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\World of Warcraft
[2012-08-17 13:58:05 | 000,315,320 | ---- | C] (Network Tunnel Lab) -- C:\Windows\SysWow64\networkdlllsp.dll
[2012-08-17 13:56:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pingzapper
[2012-08-17 13:56:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pingzapper
[2012-08-10 10:09:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comical
[2012-08-10 10:09:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comical
[2012-08-10 10:04:48 | 000,000,000 | ---D | C] -- C:\Users\Seng Yip\AppData\Local\IsolatedStorage
[2012-08-10 09:39:34 | 000,000,000 | ---D | C] -- C:\Users\Seng Yip\Documents\6 Batman Whatever happened to the Caped Crusader
[2012-08-07 16:07:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky-Notes
[2012-08-07 16:07:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sticky-Notes
[2012-08-06 19:07:14 | 000,000,000 | ---D | C] -- C:\Users\Seng Yip\Desktop\giz
[2012-08-03 14:59:06 | 000,000,000 | ---D | C] -- C:\Users\Seng Yip\Documents\UniLodge payments
[2010-11-11 15:34:12 | 000,201,728 | ---- | C] (Freebyte.com) -- C:\Users\Seng Yip\hjsplit.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Seng Yip\AppData\Local\*.tmp files -> C:\Users\Seng Yip\AppData\Local\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-08-29 01:57:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-08-29 01:53:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1706960784-2170888119-3124224816-1000UA.job
[2012-08-29 01:47:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-08-29 01:33:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-08-29 00:53:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1706960784-2170888119-3124224816-1000Core.job
[2012-08-28 22:58:21 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-08-28 22:58:21 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-08-28 22:55:40 | 001,229,542 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-08-28 22:55:40 | 000,623,940 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-08-28 22:55:40 | 000,407,668 | ---- | M] () -- C:\Windows\SysNative\perfh012.dat
[2012-08-28 22:55:40 | 000,106,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-08-28 22:55:40 | 000,104,604 | ---- | M] () -- C:\Windows\SysNative\perfc012.dat
[2012-08-28 22:51:20 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-08-28 22:51:08 | 2109,575,167 | -HS- | M] () -- C:\hiberfil.sys
[2012-08-28 17:22:26 | 105,088,910 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012-08-21 14:18:06 | 000,090,816 | ---- | M] () -- C:\Users\Seng Yip\Documents\coursedates.jpg
[2012-08-19 16:18:52 | 000,027,520 | ---- | M] () -- C:\Users\Seng Yip\AppData\Local\dt.dat
[2012-08-19 01:03:23 | 000,449,604 | ---- | M] () -- C:\Users\Seng Yip\Documents\profile.png
[2012-08-17 18:35:00 | 000,127,384 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012-08-17 03:19:17 | 000,416,760 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-08-06 16:09:30 | 000,151,552 | ---- | M] () -- C:\Windows\KMService.exe
[2012-08-06 16:09:30 | 000,008,192 | ---- | M] () -- C:\Windows\SysWow64\srvany.exe
[2012-08-06 11:46:56 | 000,061,038 | ---- | M] () -- C:\Users\Seng Yip\Documents\invoice_sem1.pdf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Seng Yip\AppData\Local\*.tmp files -> C:\Users\Seng Yip\AppData\Local\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-08-21 14:18:06 | 000,090,816 | ---- | C] () -- C:\Users\Seng Yip\Documents\coursedates.jpg
[2012-08-19 16:18:52 | 000,027,520 | ---- | C] () -- C:\Users\Seng Yip\AppData\Local\dt.dat
[2012-08-19 01:03:23 | 000,449,604 | ---- | C] () -- C:\Users\Seng Yip\Documents\profile.png
[2012-08-19 00:48:54 | 000,000,920 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1706960784-2170888119-3124224816-1000UA.job
[2012-08-19 00:48:54 | 000,000,868 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1706960784-2170888119-3124224816-1000Core.job
[2012-08-06 16:09:44 | 000,151,552 | ---- | C] () -- C:\Windows\KMService.exe
[2012-08-06 16:09:44 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
[2012-08-06 11:47:02 | 000,061,038 | ---- | C] () -- C:\Users\Seng Yip\Documents\invoice_sem1.pdf
[2012-07-08 00:29:46 | 000,000,000 | ---- | C] () -- C:\Users\Seng Yip\AppData\Local\{0B29EAF1-1DE8-451C-9406-A98F250B864B}
[2012-07-07 23:40:13 | 000,000,000 | ---- | C] () -- C:\Users\Seng Yip\AppData\Local\{987C7E23-84FE-48A4-842D-171E2CF6C254}
[2012-07-07 23:38:20 | 000,000,000 | ---- | C] () -- C:\Users\Seng Yip\AppData\Local\{798C7C1B-A669-4FF2-8D96-08E205D216A5}
[2012-07-07 16:24:16 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012-07-07 16:22:57 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012-07-07 16:22:57 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012-07-07 16:22:57 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012-07-07 16:07:39 | 000,053,427 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2012-07-07 16:03:58 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012-07-07 16:03:55 | 000,038,469 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012-02-14 22:05:16 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2012-02-02 22:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2012-01-31 06:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011-09-19 23:03:40 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll

========== LOP Check ==========

[2012-07-08 19:50:29 | 000,000,000 | ---D | M] -- C:\Users\Seng Yip\AppData\Roaming\AVG2012
[2012-07-09 00:49:28 | 000,000,000 | ---D | M] -- C:\Users\Seng Yip\AppData\Roaming\DAEMON Tools Lite
[2012-08-28 23:59:10 | 000,000,000 | ---D | M] -- C:\Users\Seng Yip\AppData\Roaming\Dropbox
[2012-07-31 11:57:41 | 000,000,000 | ---D | M] -- C:\Users\Seng Yip\AppData\Roaming\Foxit Software
[2012-07-08 21:18:09 | 000,000,000 | ---D | M] -- C:\Users\Seng Yip\AppData\Roaming\Rainmeter
[2012-07-09 13:44:48 | 000,000,000 | ---D | M] -- C:\Users\Seng Yip\AppData\Roaming\Spotify
[2012-08-27 09:45:38 | 000,000,000 | ---D | M] -- C:\Users\Seng Yip\AppData\Roaming\uTorrent
[2012-08-19 02:07:16 | 000,000,000 | -HSD | M] -- C:\Users\Seng Yip\AppData\Roaming\wyUpdate AU
[2009-07-14 15:08:49 | 000,015,964 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >


  • 0

Advertisements

#2
emeraldnzl
Posted 28 August 2012 - 03:53 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello iamsuperstarr,

Welcome to Geekstogo.

Note: Please don't include you logs in quotes... can be confusing when other comments are in quotes. Just post them directly into the thread. ;)

Anyway the next week my ISP goes down and I am net-less for a couple of days, and when it goes back up, my speeds feel slower and I'm starting to notice frequent disconnections...

However oddly enough when I plug the Ethernet cable into my MacBook, the speeds while just as slow, aren't AS slow.


Suggests that it began after the ISP went down and may not be your computer i.e. still slow. Are other students on that network experiencing problems?

In any event we will have a look. :)

Now

Please download MBRCheck.exe to your Desktop. Run the application.

It will produce a report on the desktop. Post that report in your next reply.

Next

Please download Farbar Service Scanner and run.
  • Make sure the following options are checked:

  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center
  • Windows Update

[*]Press Scan
[*]A log (FSS.txt) will be created in the same directory the tool is run.
[*]Copy and paste the log back here.
[/list]
After that

Download aswMBR.exe ( 4.5mb ) to your desktop.

Double click the aswMBR.exe to run it.

Posted ImageClick the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Finally in this post

Please download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy & Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

So when you return please post:

  • MBRCheck report
  • aswMBR log
  • FSS.txt
  • MBAM scan results
  • 0

#3
iamsuperstarr
Posted 28 August 2012 - 06:47 PM

iamsuperstarr

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Oops sorry about the quotes, thought it might look neater =) Anyway here are the logs:

MBRCheck report:

MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: ASUSTeK COMPUTER INC.
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: System manufacturer
System Product Name: System Product Name
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 162):
0x02E56000 \SystemRoot\system32\ntoskrnl.exe
0x02E0D000 \SystemRoot\system32\hal.dll
0x00BB4000 \SystemRoot\system32\kdcom.dll
0x00C7F000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00CCE000 \SystemRoot\system32\PSHED.dll
0x00CE2000 \SystemRoot\system32\CLFS.SYS
0x00D40000 \SystemRoot\system32\CI.dll
0x00EA9000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00F4D000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00F5C000 \SystemRoot\system32\drivers\ACPI.sys
0x00FB3000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00FBC000 \SystemRoot\system32\drivers\msisadrv.sys
0x00FC6000 \SystemRoot\system32\drivers\pci.sys
0x00E00000 \SystemRoot\system32\drivers\vdrvroot.sys
0x00E0D000 \SystemRoot\System32\drivers\partmgr.sys
0x00E22000 \SystemRoot\system32\drivers\volmgr.sys
0x00E37000 \SystemRoot\System32\drivers\volmgrx.sys
0x00C00000 \SystemRoot\System32\drivers\mountmgr.sys
0x0105C000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x01000000 \SystemRoot\system32\drivers\atapi.sys
0x01009000 \SystemRoot\system32\drivers\ataport.SYS
0x01033000 \SystemRoot\system32\drivers\msahci.sys
0x0103E000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x0104E000 \SystemRoot\system32\drivers\amdxata.sys
0x00C1A000 \SystemRoot\system32\drivers\fltmgr.sys
0x00E93000 \SystemRoot\system32\drivers\fileinfo.sys
0x01402000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01622000 \SystemRoot\System32\Drivers\msrpc.sys
0x01680000 \SystemRoot\System32\Drivers\ksecdd.sys
0x0169B000 \SystemRoot\System32\Drivers\cng.sys
0x0170D000 \SystemRoot\System32\drivers\pcw.sys
0x0171E000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x01804000 \SystemRoot\system32\drivers\ndis.sys
0x018F7000 \SystemRoot\system32\drivers\NETIO.SYS
0x01957000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01AEE000 \SystemRoot\System32\drivers\tcpip.sys
0x01CF1000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01D3B000 \SystemRoot\system32\drivers\volsnap.sys
0x01D87000 \SystemRoot\System32\Drivers\spldr.sys
0x01D8F000 \SystemRoot\System32\drivers\rdyboost.sys
0x01DC9000 \SystemRoot\System32\Drivers\mup.sys
0x01DDB000 \SystemRoot\system32\DRIVERS\iusb3hcs.sys
0x01DE4000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01A00000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01A3A000 \SystemRoot\system32\drivers\disk.sys
0x01A50000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x01A80000 \SystemRoot\system32\DRIVERS\avgrkx64.sys
0x01A8C000 \SystemRoot\system32\DRIVERS\avgidsha.sys
0x01AA4000 \SystemRoot\system32\DRIVERS\dtsoftbus01.sys
0x045CD000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x04200000 \SystemRoot\system32\DRIVERS\avgmfx64.sys
0x045F7000 \SystemRoot\System32\Drivers\Null.SYS
0x01DED000 \SystemRoot\System32\Drivers\Beep.SYS
0x01981000 \SystemRoot\System32\drivers\vga.sys
0x0198F000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x019B4000 \SystemRoot\System32\drivers\watchdog.sys
0x01DF4000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x019C4000 \SystemRoot\system32\drivers\rdpencdd.sys
0x019CD000 \SystemRoot\system32\drivers\rdprefmp.sys
0x019D6000 \SystemRoot\System32\Drivers\Msfs.SYS
0x019E1000 \SystemRoot\System32\Drivers\Npfs.SYS
0x01728000 \SystemRoot\system32\DRIVERS\tdx.sys
0x019F2000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x0174A000 \SystemRoot\system32\DRIVERS\avgtdia.sys
0x017AB000 \SystemRoot\System32\DRIVERS\netbt.sys
0x0709F000 \SystemRoot\system32\drivers\afd.sys
0x07128000 \SystemRoot\system32\drivers\ws2ifsl.sys
0x07133000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x0713C000 \SystemRoot\system32\DRIVERS\pacer.sys
0x07162000 \SystemRoot\system32\DRIVERS\netbios.sys
0x07171000 \SystemRoot\system32\DRIVERS\serial.sys
0x0718E000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x071A9000 \SystemRoot\system32\DRIVERS\termdd.sys
0x07000000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x07051000 \SystemRoot\system32\drivers\nsiproxy.sys
0x0705D000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x07068000 \SystemRoot\System32\drivers\discache.sys
0x07077000 \SystemRoot\System32\Drivers\dfsc.sys
0x071BD000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x015A5000 \SystemRoot\system32\DRIVERS\avgldx64.sys
0x071CE000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x07692000 \SystemRoot\system32\DRIVERS\atikmpag.sys
0x08478000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x076E7000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x08F36000 \SystemRoot\System32\drivers\dxgmms1.sys
0x08F7C000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x078BB000 \SystemRoot\system32\DRIVERS\iusb3xhc.sys
0x0797F000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x07981000 \SystemRoot\system32\DRIVERS\HECIx64.sys
0x07992000 \SystemRoot\system32\drivers\usbehci.sys
0x079A3000 \SystemRoot\system32\drivers\USBPORT.SYS
0x07800000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
0x078A0000 \SystemRoot\system32\DRIVERS\ICCWDT.sys
0x08FA0000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x078AC000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x08FBE000 \SystemRoot\system32\DRIVERS\serenum.sys
0x08FCA000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x08FD7000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x08FED000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x08400000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x08410000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x08426000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x0844A000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x07600000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x08456000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x0762F000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x07650000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x0766A000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x079F9000 \SystemRoot\system32\DRIVERS\swenum.sys
0x07ADA000 \SystemRoot\system32\DRIVERS\ks.sys
0x07B1D000 \SystemRoot\system32\DRIVERS\umbus.sys
0x07B2F000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x07B89000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x07BB8000 \SystemRoot\system32\drivers\portcls.sys
0x07A00000 \SystemRoot\system32\drivers\drmk.sys
0x07A22000 \SystemRoot\system32\drivers\ksthunk.sys
0x07A28000 \SystemRoot\system32\DRIVERS\iusb3hub.sys
0x0A0AA000 \SystemRoot\system32\drivers\RTKVHD64.sys
0x0A56B000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x0A588000 \SystemRoot\System32\Drivers\usbvideo.sys
0x0A5B6000 \SystemRoot\system32\drivers\usbaudio.sys
0x0A054000 \SystemRoot\system32\drivers\Lachesis.sys
0x0A05C000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x0A06A000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x0A083000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x0A08C000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x0A099000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x0A529000 \SystemRoot\System32\Drivers\crashdmp.sys
0x04210000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x0A537000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x00090000 \SystemRoot\System32\win32k.sys
0x0A54A000 \SystemRoot\System32\drivers\Dxapi.sys
0x0A556000 \SystemRoot\system32\DRIVERS\monitor.sys
0x00470000 \SystemRoot\System32\TSDDD.dll
0x007D0000 \SystemRoot\System32\cdd.dll
0x008F0000 \SystemRoot\System32\ATMFD.DLL
0x0A5D1000 \SystemRoot\system32\drivers\luafv.sys
0x0A000000 \SystemRoot\system32\drivers\WudfPf.sys
0x0A032000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x07AB6000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x074A9000 \SystemRoot\system32\drivers\HTTP.sys
0x07572000 \SystemRoot\system32\DRIVERS\bowser.sys
0x07590000 \SystemRoot\System32\drivers\mpsdrv.sys
0x075A8000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x07400000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x0744E000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x07472000 \SystemRoot\system32\DRIVERS\avgidsfiltera.sys
0x0901D000 \SystemRoot\system32\drivers\peauth.sys
0x090C3000 \SystemRoot\System32\Drivers\secdrv.SYS
0x090CE000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x090FF000 \SystemRoot\System32\drivers\tcpipreg.sys
0x09111000 \SystemRoot\system32\DRIVERS\avgidsdrivera.sys
0x0913D000 \SystemRoot\System32\DRIVERS\srv2.sys
0x0B2C6000 \SystemRoot\System32\DRIVERS\srv.sys
0x0B35E000 \SystemRoot\system32\DRIVERS\udfs.sys
0x0B271000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x0B3CD000 \SystemRoot\system32\drivers\AtihdW76.sys
0x0B3B3000 \SystemRoot\system32\DRIVERS\usb8023x.sys
0x0B3BD000 \SystemRoot\system32\DRIVERS\RNDISMPX.SYS
0x76E90000 \Windows\System32\ntdll.dll
0x47B50000 \Windows\System32\smss.exe
0xFF1B0000 \Windows\System32\apisetschema.dll

Processes (total 87):
0 System Idle Process
4 System
364 C:\Windows\System32\smss.exe
500 C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
552 C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
820 csrss.exe
884 C:\Windows\System32\wininit.exe
920 csrss.exe
944 C:\Windows\System32\services.exe
968 C:\Windows\System32\lsass.exe
976 C:\Windows\System32\lsm.exe
800 C:\Windows\System32\svchost.exe
1036 C:\Windows\System32\svchost.exe
1112 C:\Windows\System32\atiesrxx.exe
1152 C:\Windows\System32\winlogon.exe
1196 C:\Windows\System32\svchost.exe
1236 C:\Windows\System32\svchost.exe
1264 C:\Windows\System32\svchost.exe
1416 C:\Windows\System32\svchost.exe
1556 C:\Windows\System32\atieclxx.exe
1752 C:\Windows\System32\svchost.exe
1880 C:\Windows\System32\spoolsv.exe
1908 C:\Windows\System32\svchost.exe
1972 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2036 C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
1272 C:\Program Files\Intel\iCLS Client\HeciServer.exe
856 C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
2072 C:\Program Files (x86)\Pingzapper\PZService.exe
2256 C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
2332 C:\Program Files (x86)\Smoothping Elite\SmoothPingProxy.exe
2436 C:\Windows\System32\svchost.exe
2464 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
2520 C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
3308 C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
3448 C:\Windows\System32\svchost.exe
3492 C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
4036 C:\Windows\System32\taskhost.exe
1604 C:\Windows\System32\dwm.exe
3172 C:\Windows\explorer.exe
3600 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
4172 C:\Program Files\Microsoft IntelliType Pro\itype.exe
4188 C:\Program Files\Windows Sidebar\sidebar.exe
4208 C:\Users\Seng Yip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
4224 C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
4232 C:\Program Files (x86)\Sticky-Notes\stickynotes.exe
4812 C:\Users\Seng Yip\AppData\Roaming\Dropbox\bin\Dropbox.exe
4824 C:\Program Files\Rainmeter\Rainmeter.exe
4888 C:\Windows\System32\SearchIndexer.exe
4996 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
5004 C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
5020 C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
4484 C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
3976 C:\Program Files (x86)\AVG Secure Search\vprot.exe
4348 C:\Program Files (x86)\iTunes\iTunesHelper.exe
4600 C:\Program Files\iPod\bin\iPodService.exe
5180 C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.exe
2608 C:\Program Files\Bonjour\mDNSResponder.exe
5584 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
5512 C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
2556 C:\Program Files\Windows Media Player\wmpnetwk.exe
6296 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
7044 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
1548 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
5640 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
5844 C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
2448 C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
4924 C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
6576 C:\Windows\splwow64.exe
7544 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
3864 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
7872 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1532 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
8120 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
7360 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
7456 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1020 C:\Windows\System32\audiodg.exe
7792 C:\Windows\servicing\TrustedInstaller.exe
7808 WmiPrvSE.exe
4556 WmiPrvSE.exe
9604 C:\Windows\System32\wbem\WmiApSrv.exe
9264 C:\Windows\System32\SearchProtocolHost.exe
8368 C:\Users\Seng Yip\Downloads\mbam-setup-1.62.0.1300.exe
9912 C:\Users\SENGYI~1\AppData\Local\Temp\is-1RFIJ.tmp\mbam-setup-1.62.0.1300.tmp
9880 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
6116 C:\Windows\System32\SearchFilterHost.exe
7464 C:\Users\Seng Yip\Desktop\MBRCheck.exe
7532 C:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`06500000 (NTFS)

PhysicalDrive0 Model Number: ST1000DM003-9YN162, Rev: CC4C

Size Device Name MBR Status
--------------------------------------------
931 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


Done!

aswMBR log:


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-29 10:32:52
-----------------------------
10:32:52.425 OS Version: Windows x64 6.1.7601 Service Pack 1
10:32:52.425 Number of processors: 4 586 0x3A09
10:32:52.425 ComputerName: SENGYIP-PC UserName: Seng Yip
10:32:53.268 Initialize success
10:32:55.500 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
10:32:55.500 Disk 0 Vendor: ST1000DM CC4C Size: 953869MB BusType: 3
10:32:55.531 Disk 0 MBR read successfully
10:32:55.531 Disk 0 MBR scan
10:32:55.531 Disk 0 Windows 7 default MBR code
10:32:55.547 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
10:32:55.547 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 206848
10:32:55.547 Disk 0 scanning C:\Windows\system32\drivers
10:33:00.149 Service scanning
10:33:11.802 Modules scanning
10:33:11.802 Disk 0 trace - called modules:
10:33:11.802 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
10:33:11.802 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80075d1790]
10:33:11.802 3 CLASSPNP.SYS[fffff88001a5143f] -> nt!IofCallDriver -> [0xfffffa8007226950]
10:33:11.818 5 ACPI.sys[fffff88000f677a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80075d0050]
10:33:11.818 Scan finished successfully
10:33:24.198 Disk 0 MBR has been saved successfully to "C:\Users\Seng Yip\Desktop\MBR.dat"
10:33:24.198 The log file has been saved successfully to "C:\Users\Seng Yip\Desktop\aswMBR.txt"

FSS.txt:

Farbar Service Scanner Version: 06-08-2012
Ran by Seng Yip (administrator) on 29-08-2012 at 10:30:22
Running from "C:\Users\Seng Yip\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
WAN connected
Google IP is accessible.
Google.com is accessible.
Attempt to access Yahoo IP returned error: Yahoo IP is offline
Attempt to access Yahoo.com returned error: Yahoo.com is offline


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

MBAM scan results:


Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.28.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Seng Yip :: SENGYIP-PC [administrator]

29-Aug-12 10:37:26 AM
mbam-log-2012-08-29 (10-37-26).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 200082
Time elapsed: 1 minute(s), 20 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\KMService.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.

(end)
  • 0

#4
emeraldnzl
Posted 28 August 2012 - 07:30 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Did you install KMService?

Tell me when you return.

Now

Please run OTL.exe
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
[CreateRestorePoint]

:OTL
SRV - [2012-08-06 16:09:30 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)

:Files
ipconfig /flushdns /c
netsh int ip reset c:\resetlog.txt  /c
ipconfig /release /c
ipconfig /renew /c

:Reg
[-HKLM\System\CurrentControlSet\Services\KMService\Parameters\Application]
[-HKLM\System\CurrentControlSet\Services\KMService\ImagePath]

:Commands
[ResetHosts]
[EmptyTemp]
[emptyflash]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • It will produce a log for you on reboot, please post that log in your next reply.
Next

Please download Security Check by screen317 from here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
When you come back:
  • Tell me about KMService
  • Post the OTL fix log
  • Post checkup.txt
  • 0

#5
iamsuperstarr
Posted 28 August 2012 - 07:48 PM

iamsuperstarr

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
KMService was a file I downloaded and was supposedly needed for another program to run. I read the comments and it said that AVG would prompt me that it was a virus/malware because it was making changes to my registry, so I just ignored it. Anyway here is the log from the OTL fix and checkup.txt.

OTL Fix:

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Service KMService stopped successfully!
Service KMService deleted successfully!
C:\Windows\SysWOW64\srvany.exe moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Seng Yip\Downloads\cmd.bat deleted successfully.
C:\Users\Seng Yip\Downloads\cmd.txt deleted successfully.
< netsh int ip reset c:\resetlog.txt /c >
Reseting Global, OK!
Reseting Interface, OK!
Restart the computer to complete this action.
C:\Users\Seng Yip\Downloads\cmd.bat deleted successfully.
C:\Users\Seng Yip\Downloads\cmd.txt deleted successfully.
< ipconfig /release /c >
Windows IP Configuration
PPP adapter Broadband Connection:
Connection-specific DNS Suffix . :
IPv4 Address. . . . . . . . . . . : 203.132.79.29
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 0.0.0.0
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::8a3:f832:e62a:33e7%13
Autoconfiguration IPv4 Address. . : 169.254.51.231
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . : fe80::2d62:2e9a:f041:f640%13
192.168.2.1
Tunnel adapter isatap.{D5ACBEB7-572F-4295-B79E-28C643E3C174}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:38f5:6e1:347b:b0e2
Link-local IPv6 Address . . . . . : fe80::38f5:6e1:347b:b0e2%11
Default Gateway . . . . . . . . . :
Tunnel adapter isatap.{9851170C-2263-4CBD-AF5B-AFCDC5D7621D}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter 6TO4 Adapter:
Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : 2002:cb84:4f1d::cb84:4f1d
Default Gateway . . . . . . . . . : 2002:c058:6301::c058:6301
C:\Users\Seng Yip\Downloads\cmd.bat deleted successfully.
C:\Users\Seng Yip\Downloads\cmd.txt deleted successfully.
< ipconfig /renew /c >
Windows IP Configuration
An error occurred while renewing interface Local Area Connection : unable to contact your DHCP server. Request has timed out.
C:\Users\Seng Yip\Downloads\cmd.bat deleted successfully.
C:\Users\Seng Yip\Downloads\cmd.txt deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\KMService\Parameters\Application\ not found.
Registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\KMService\ImagePath\ not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Seng Yip
->Temp folder emptied: 98015052 bytes
->Temporary Internet Files folder emptied: 31625926 bytes
->Google Chrome cache emptied: 77376849 bytes
->Flash cache emptied: 33041 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 125676351 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67563 bytes
RecycleBin emptied: 15064 bytes

Total Files Cleaned = 317.00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: Seng Yip
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.59.1 log created on 08292012_113323

Files\Folders moved on Reboot...
File\Folder C:\Users\Seng Yip\AppData\Local\Temp\etilqs_jiYe73oUB1wZBYw not found!
File\Folder C:\Users\Seng Yip\AppData\Local\Temp\etilqs_Kpk0kyBqf4fgU2f not found!
File\Folder C:\Users\Seng Yip\AppData\Local\Temp\etilqs_ReurS1lyyzegBlS not found!
File\Folder C:\Users\Seng Yip\AppData\Local\Temp\etilqs_U93wEGqxTAZIIbr not found!
C:\Users\Seng Yip\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\Seng Yip\AppData\Local\Temp\~DF3430F987D5518EFF.TMP not found!
C:\Users\Seng Yip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRF{73CDF5BF-07B0-41E8-8598-4AE36C98A9CC}.tmp moved successfully.
File\Folder C:\Users\Seng Yip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{0F6566E4-E16C-4225-96A0-181BB5695DEF}.tmp not found!
File\Folder C:\Users\Seng Yip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{4721AB74-82C2-42CC-B88B-1679938103DF}.tmp not found!
File\Folder C:\Users\Seng Yip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{8E4AF3FA-E655-47B2-BF28-118AB43CC338}.tmp not found!
File\Folder C:\Users\Seng Yip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{C73E6A2D-335A-4DC5-8211-A11CD9CAE682}.tmp not found!
File\Folder C:\Users\Seng Yip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{DC683F39-B848-4FFC-B59D-0AF9095262AA}.tmp not found!
File\Folder C:\Users\Seng Yip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{F7D319DE-E859-4571-94E5-18182EE9A9F3}.tmp not found!
C:\Users\Seng Yip\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0 moved successfully.
C:\Users\Seng Yip\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1 moved successfully.
C:\Users\Seng Yip\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2 moved successfully.
C:\Users\Seng Yip\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3 moved successfully.
C:\Users\Seng Yip\AppData\Local\Google\Chrome\User Data\Default\Cache\index moved successfully.
File move failed. C:\Windows\temp\SmoothPingProxy.log scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

checkup.txt:


Results of screen317's Security Check version 0.99.49
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
AVG Anti-Virus Free Edition 2012
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.62.0.1300
Adobe Flash Player 11.3.300.271 Flash Player out of Date!
Google Chrome 21.0.1180.79
Google Chrome 21.0.1180.83
````````Process Check: objlist.exe by Laurent````````
AVG avgwdsvc.exe
AVG avgtray.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
  • 0

#6
emeraldnzl
Posted 28 August 2012 - 08:10 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
In itself KMService is okay but my understanding is that it can be used by a hacker to compromise your security.

I wondered if it might of been part of your problem.

Another possibility is that AVG is in conflict with something. That could slow your computer down heaps.

Let's try this:

Uninstall AVG and run the online AV scan below:

Please run a free online scan with the ESET Online Scanner
Note: ESET was designed to run with Internet Explorer, compatibility with other browsers has been added recently but if you find difficulty, go to using Internet Explorer
  • Click the green ESET Online Scanner box
  • Tick the box next to YES, I accept the Terms of Use
  • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install. If your firewall asks whether you want to allow installation, say yes.
  • Click Start and if your security program asks you if you want to allow the program, click yes.
  • If you anti-virus is active you may see a panel appear warning you that this may affect performance. Disabling the programs listed may speed things along.
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, press the LIST OF THREATS FOUND button
  • Press EXPORT TO TEXT FILE , name the file ESETSCAN and save it to your desktop
  • Copy and paste that log as a reply to this topic
  • Press the BACK button
  • Press Finish
If you find your computer is working better without AVG try downloading MSE as a replacement.


So when you return please post:
  • ESET scan results
  • and tell me how your computer is now
  • 0

#7
iamsuperstarr
Posted 29 August 2012 - 12:22 AM

iamsuperstarr

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Can't seem to download the program. I mean I tried using Internet Explorer, and when I click "Agree", this page pops up and there's nothing. I wait for maybe 5 minutes and nothing loads, so I try Chrome. I download the file, install it and it says "Downloading components". The bar fills up but stops, then says "Can not get update. Is proxy configured?" I think it's safe to assume my connection is crap and I will be needing a new ISP. It does not look like a malware problem because I tested it again on my Mac and I'm still getting the same problems. By the way is there any way to check to see if it could be the network adapter on my motherboard? I'm just worried when the new ISP is installed, I will be getting the same problems again.
  • 0

#8
emeraldnzl
Posted 29 August 2012 - 12:47 AM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello again iamsuperstarr,

Moving on:

Can't seem to download the program.


Hmm... try this one:

Please run a free on line scan with BitDefender Online Scanner

Note: these instructions were compiled using Firefox. IE users may find slight differences... just follow the prompts.

  • Click the green Start Scanner button
  • Click the green Free Scan Now button
  • Accept the plug in installation
  • Restart your browser if requested
  • Click the green Free Scan Now button again
  • Accept the eula agreement
  • The scan should start. It will be relatively quick.
  • Click View Report (note: this is not the facebook one - just click on the words View Report)
  • Notepad will open with a log
  • Save to your desktop
  • Copy and paste the report back here

By the way is there any way to check to see if it could be the network adapter on my motherboard?


This link may be of help.

Tell me, did uninstalling AVG make a difference?

When you come back please post:

  • Bitdefender log
  • tell me whether the Microsoft link was helpful
  • tell me if uninstalling AVG made a differenc
  • 0

#9
iamsuperstarr
Posted 29 August 2012 - 12:57 AM

iamsuperstarr

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
QuickScan 32-bit v0.9.9.118
---------------------------
Scan date: Wed Aug 29 16:50:04 2012
Machine ID: E47E7B25



No infection found.
-------------------



Processes
---------
Dropbox 3304 C:\Users\Seng Yip\AppData\Roaming\Dropbox\bin\Dropbox.exe
Gmail 3872 C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
Google Chrome 2888 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Google Chrome 3144 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Google Chrome 6408 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Google Chrome 6992 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Google Chrome 7288 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Google Chrome 7372 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Google Chrome 7464 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Google Chrome 7524 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Google Chrome 7624 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Google Chrome 7720 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Google Chrome 7780 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Google Chrome 7972 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Google Talk Plugin 8164 C:\Users\Seng Yip\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
IAStorDataSvc 3452 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
IAStorIcon 2984 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
Intel® Active Management Technology L 2840 C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
Intel® Dynamic Application Loader Hos 1804 C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
Intel® Management and Security Applic 5676 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
Intel® USB 3.0 Monitor 3896 C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
iTunes 3380 C:\Program Files (x86)\iTunes\iTunesHelper.exe
Microsoft Office 2010 3684 C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
Microsoft Office 2010 7176 C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
Microsoft® Windows® Operating System 5836 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
MobileDeviceService 1660 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PZService.exe 1868 C:\Program Files (x86)\Pingzapper\PZService.exe
Skype 3676 C:\Program Files (x86)\Skype\Phone\Skype.exe
Skype Click to Call 1924 C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
SmoothPingProxy.exe 1988 C:\Program Files (x86)\Smoothping Elite\SmoothPingProxy.exe
SpotifyWebHelper.exe 3668 C:\Users\Seng Yip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe


Network activity
----------------
Process chrome.exe (3144) connected on port 5222 (XMPP/Jabber) --> 74.125.31.125
Process chrome.exe (3144) connected on port 443 (HTTP over SSL) --> 74.125.237.54
Process chrome.exe (3144) connected on port 443 (HTTP over SSL) --> 74.125.237.40
Process chrome.exe (3144) connected on port 443 (HTTP over SSL) --> 74.125.237.115
Process chrome.exe (3144) connected on port 443 (HTTP over SSL) --> 74.125.237.42
Process chrome.exe (3144) connected on port 443 (HTTP over SSL) --> 74.125.237.61
Process chrome.exe (3144) connected on port 443 (HTTP over SSL) --> 74.125.237.47
Process chrome.exe (3144) connected on port 443 (HTTP over SSL) --> 173.194.42.47
Process chrome.exe (3144) connected on port 443 (HTTP over SSL) --> 213.155.152.152
Process chrome.exe (3144) connected on port 443 (HTTP over SSL) --> 74.125.237.55
Process chrome.exe (3144) connected on port 443 (HTTP over SSL) --> 23.48.13.177
Process chrome.exe (3144) connected on port 443 (HTTP over SSL) --> 23.48.13.177
Process chrome.exe (3144) connected on port 443 (HTTP over SSL) --> 203.106.85.59
Process chrome.exe (3144) connected on port 443 (HTTP over SSL) --> 74.125.31.84
Process chrome.exe (3144) connected on port 80 (HTTP) --> 74.125.237.40
Process chrome.exe (3144) connected on port 80 (HTTP) --> 58.26.1.16
Process chrome.exe (3144) connected on port 80 (HTTP) --> 65.55.175.183
Process chrome.exe (3144) connected on port 80 (HTTP) --> 65.55.175.183
Process chrome.exe (3144) connected on port 80 (HTTP) --> 65.55.175.183
Process chrome.exe (3144) connected on port 80 (HTTP) --> 65.55.175.183
Process chrome.exe (3144) connected on port 80 (HTTP) --> 74.125.31.95
Process chrome.exe (3144) connected on port 80 (HTTP) --> 64.4.11.36
Process chrome.exe (3144) connected on port 80 (HTTP) --> 64.4.11.36
Process chrome.exe (3144) connected on port 80 (HTTP) --> 23.48.15.139
Process chrome.exe (3144) connected on port 80 (HTTP) --> 74.125.237.40
Process chrome.exe (3144) connected on port 80 (HTTP) --> 74.125.237.96
Process chrome.exe (3144) connected on port 443 (HTTP over SSL) --> 74.125.237.74
Process chrome.exe (3144) connected on port 80 (HTTP) --> 66.235.142.20
Process chrome.exe (3144) connected on port 80 (HTTP) --> 23.48.15.139
Process chrome.exe (3144) connected on port 80 (HTTP) --> 23.48.15.139
Process chrome.exe (3144) connected on port 80 (HTTP) --> 66.235.142.20
Process chrome.exe (3144) connected on port 80 (HTTP) --> 66.235.142.20
Process chrome.exe (3144) connected on port 80 (HTTP) --> 203.190.124.15
Process chrome.exe (3144) connected on port 80 (HTTP) --> 203.190.124.15
Process chrome.exe (3144) connected on port 80 (HTTP) --> 37.59.67.149
Process chrome.exe (3144) connected on port 80 (HTTP) --> 37.59.67.149
Process chrome.exe (3144) connected on port 80 (HTTP) --> 37.59.67.149
Process chrome.exe (3144) connected on port 80 (HTTP) --> 74.125.237.40
Process chrome.exe (3144) connected on port 80 (HTTP) --> 74.125.237.40
Process chrome.exe (3144) connected on port 80 (HTTP) --> 203.190.124.25
Process chrome.exe (3144) connected on port 80 (HTTP) --> 203.190.124.25
Process chrome.exe (3144) connected on port 80 (HTTP) --> 203.190.124.25
Process chrome.exe (3144) connected on port 80 (HTTP) --> 68.232.45.253
Process chrome.exe (3144) connected on port 80 (HTTP) --> 68.232.45.253
Process chrome.exe (3144) connected on port 80 (HTTP) --> 68.232.45.253
Process Dropbox.exe (3304) connected on port 80 (HTTP) --> 199.47.219.148
Process Skype.exe (3676) connected on port 60410 --> 110.159.246.65
Process Skype.exe (3676) connected on port 80 (HTTP) --> 78.141.179.11
Process Skype.exe (3676) connected on port 443 (HTTP over SSL) --> 207.46.124.65
Process Skype.exe (3676) connected on port 5222 (XMPP/Jabber) --> 69.171.227.26
Process Skype.exe (3676) connected on port 80 (HTTP) --> 157.55.130.165
Process Skype.exe (3676) connected on port 80 (HTTP) --> 111.254.210.186
Process Skype.exe (3676) connected on port 80 (HTTP) --> 36.238.34.83
Process gnotify.exe (3872) connected on port 80 (HTTP) --> 74.125.237.53

Process Dropbox.exe (3304) listens on ports: 17500
Process Skype.exe (3676) listens on ports: 80 (HTTP), 443 (HTTP over SSL), 25214


Autoruns and critical files
---------------------------
Adobe® Flash® Player Update Service C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Apple Push C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
Catalyst® Control Center C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
DAEMON Tools Lite C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
Dropbox C:\Users\Seng Yip\AppData\Roaming\Dropbox\bin\Dropbox.exe
Gmail C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
Google Update C:\Users\Seng Yip\AppData\Local\Google\Update\GoogleUpdate.exe
IAStorIcon C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
Intel® USB 3.0 Monitor C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
iTunes C:\Program Files (x86)\iTunes\iTunesHelper.exe
kdbsync.exe C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe
Microsoft IntelliType Pro c:\Program Files\Microsoft IntelliType Pro\itype.exe
Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
Microsoft® Windows® Operating System C:\Program Files\Windows Sidebar\sidebar.exe
Microsoft® Windows® Operating System C:\Windows\system32\userinit.exe
Realtek HD Audio Manager C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
Skype C:\Program Files (x86)\Skype\Phone\Skype.exe
SpotifyWebHelper.exe C:\Users\Seng Yip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
Steam C:\Program Files (x86)\Steam\Steam.exe
(verified) Google Update C:\Program Files (x86)\Google\Update\GoogleUpdate.exe


Browser plugins
---------------
Bitdefender QuickScan C:\Users\Seng Yip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.118_0\npqscan.dll
Bonjour C:\Program Files (x86)\Bonjour\mdnsNSP.dll
Bonjour C:\Program Files\Bonjour\mdnsNSP.dll
Google Talk Plugin C:\Users\Seng Yip\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
Google Talk Plugin Video Accelerator C:\Users\Seng Yip\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
Google Update C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
Google Update C:\Users\Seng Yip\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
Intel® Identity Protection Technology C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
Intel® Identity Protection Technology C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL
Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL
Microsoft Office 2010 c:\program files (x86)\microsoft office\office14\urlredir.dll
Microsoft® Windows® Operating System C:\Windows\system32\MSWSOCK.dll
Microsoft® Windows® Operating System C:\Windows\system32\NLAapi.dll
npitunes.dll C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
NPSWF32_11_3_300_271.dll C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll
Silverlight Plug-In c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
Skype Click to Call c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
SmoothPingProxy.dll C:\Windows\system32\SmoothPingProxy.dll
Windows® Internet Explorer C:\Windows\SysWOW64\ieframe.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\napinsp.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\pnrpnsp.dll
(verified) Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll


Missing files
-------------
File not found: C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe
--> HKLM\Software\Microsoft\Windows\CurrentVersion\Run\"HF_G_Jul"

File not found: C:\Program Files (x86)\Sticky-Notes\stickynotes.exe
--> HKCU\Software\Microsoft\Windows\CurrentVersion\Run\"Sticky-Notes"

File not found: C:\Windows\system32\SmoothPingProxy64.dll
--> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000001\"PackedCatalogItem"
--> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000002\"PackedCatalogItem"
--> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000003\"PackedCatalogItem"
--> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000004\"PackedCatalogItem"
--> HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000015\"PackedCatalogItem"


Scan
----
MD5: 6e43238cada10ed92dcc50c67a9b742f C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe
MD5: d557a8dc77be32a8c773f0a257663ca4 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
MD5: 40947436a70e0034e41123df5a0a7702 C:\Program Files (x86)\Bonjour\mdnsNSP.dll
MD5: d7016846dbd0d73e6fbf5e68e0ea370e C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
MD5: b45f2c4076acfd9714037b7c69d90167 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
MD5: ba02f01be7ed88e8974c798acb3075f5 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
MD5: af54247f97ccf3539de7505c09972ff9 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
MD5: d3259d0dfc6a69af54240a59a86f07bd C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
MD5: 43a0a24cd12b110dc93462d6b035c961 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
MD5: 3bde52411df2fe4252c9289f51cb0f7e C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
MD5: 9abb7cdac0914579c86990048771b1b4 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
MD5: d47913f993a0e3a0c9f1e88fd02e98c6 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
MD5: 25f0095ba5a30a31ca538698d6fe234c C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MD5: 32d78dcabfb942275e01363d5232c77d C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
MD5: 62169bdd927a67c360a35f4526429b01 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
MD5: 8a1cbae63fc06edaedcce1b23e9c9267 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
MD5: 53a6ffb9fff5c3e64b64e9b68c31d4e5 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.DLL
MD5: 58b61578d5704e9fc8b8a9861a85069d C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MD5: f401929ee0cc92bfe7f15161ca535383 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
MD5: 3b7d8eae5e44cbda4cd772720594f116 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
MD5: d5369247b6c11eae2c0650d8303e23b4 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
MD5: b0bf87f9e247bb0621bce59eb8cd113f C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
MD5: d4c4092e92a86ac100ca4023c619521a C:\Program Files (x86)\Common Files\Microsoft Shared\office14\1033\MSOINTL.DLL
MD5: 25e3d482aa56b0babb49ce798c1b3c0e C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Csi.dll
MD5: ffc54fa19fd67dde232cfc0a87b0b1a7 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MD5: 022fef4e72936bc44f669559aca66891 C:\Program Files (x86)\Common Files\Microsoft Shared\office14\mso.dll
MD5: 58153a61b24881c06685188e763e851d C:\Program Files (x86)\Common Files\Microsoft Shared\office14\riched20.dll
MD5: 69e5c55137289de546610c39134a5820 C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\USP10.DLL
MD5: 1d9c3d7a1f8838e6280fa3f7d1fe4ed8 C:\Program Files (x86)\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL
MD5: 89812f289c226fd2712916468637485f C:\Program Files (x86)\Common Files\Steam\SteamService.exe
MD5: a974f7eb760451d7cf7342f9e088dbb0 C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
MD5: 8365491d751b04d41da91f0d26622bfc C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\avcodec-54.dll
MD5: dd6011bb97f615dd3a14295197d84d55 C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\avformat-54.dll
MD5: cf7b2fe6c7b0fa8b5e0cc89bc5f68ab1 C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\avutil-51.dll
MD5: 2d37fe9b777278940403a776af9f3c7b C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\chrome.dll
MD5: 7473d8c7ca524587e32d0ac2a47b63d5 C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\icudt.dll
MD5: dd26a2f241411f1219ab7d218e7f49f1 C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\libegl.dll
MD5: 022b7aa6319c6dfc21d1a1b91260c5bd C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\libglesv2.dll
MD5: 70d07f53a2cfa32159bb90747b24e10e C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\pdf.dll
MD5: a614c6ffece6267999604b501a6635c7 C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll
MD5: b61ea3832f444fcfde333dd4cefbddf8 C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
MD5: 2339760b238226dad9ed03f939d92323 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
MD5: 3df7ac30a381c57d0c70eaefee3c4ef2 C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
MD5: 8f628060daecf76c537bd89a53228d3b C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
MD5: c44b44e24b929631d9d7368f5b2b40cf C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
MD5: e5b64eef764ff090c6ad0c8c5c4c62b0 C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
MD5: d158d8f67851ca35efa39418b16940b8 C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
MD5: 75f29d77b0540fcf47ee3be000bbabda C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
MD5: e9850d9d9670aad8c532fe14525c20eb C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
MD5: d510406c5aefb51ef78c2cc758bded56 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\Common.dll
MD5: 29950c14f1492b9983e23dbd9512855f C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\CONFIGURATOR.dll
MD5: e5d24af84eaa3ff993d2c9f1574311e5 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\EVENTMANAGER.dll
MD5: f056d20dedbe9deaaa99109493aa4625 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\GmsCommon.dll
MD5: 9ff661d2b4ad7c7f618a252e56f7aa86 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\STATUSEVENTHANDLER.dll
MD5: 193ad338f2a64d17300ad640adfa5d0a C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
MD5: 2f0554c463601cafbbf6410e7063b021 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\WsmanClient.dll
MD5: 7d4b9a48430ed57aca6373b71d5904ca C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
MD5: 766ae515b1749f2141e418cc6c08515b C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
MD5: 0b4b3598a1750e115545d67afa02b90c C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUIHelper.dll
MD5: 523d0a842145f29855aab2ee814b9754 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll
MD5: 300a0be0401e783787dd38d4ed408081 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\ISDI.dll
MD5: 502d419765d2aacc963680e077e19a95 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
MD5: 4958b3e422a04d055a1a2be9b5a625bc C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
MD5: 6364fa7d825b600251a4d1de7d6ff695 C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
MD5: b1ca4aa760ff0ddfa1c38e95d19cfefb C:\Program Files (x86)\iTunes\iTunesHelper.dll
MD5: 34086f1dbb4065047ea3671cb70505cc C:\Program Files (x86)\iTunes\iTunesHelper.exe
MD5: e7fe89f69c3cc65cad3d1adc5d6a9f41 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.DLL
MD5: 0654195051d1024c005e7be135a6fee7 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.DLL
MD5: d28ad1cb902ac6d228532812d3850c7d C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
MD5: 877e4382e0b72289bfb9b959ec993e0d C:\Program Files (x86)\Microsoft Office\Office14\1033\ospintl.dll
MD5: 3fbf23d745ae69d33bc3afadfb9a5695 C:\Program Files (x86)\Microsoft Office\Office14\1033\wwintl.dll
MD5: 67bd916f01424deb8ab8cd9e0096f277 C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
MD5: 827aa972f0a21e73349654a57bca2848 C:\Program Files (x86)\Microsoft Office\Office14\css7Data0009.dll
MD5: af8857e76625f468ed44e3d22e0dbc8d C:\Program Files (x86)\Microsoft Office\Office14\gfx.dll
MD5: 01395f76bfd82d3ad7de725da8e97e9c C:\Program Files (x86)\Microsoft Office\Office14\mscss7en.dll
MD5: ad21d4c8d41075b2fceb6ab6468199a6 C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
MD5: ff2cda66375253a947b74feb7bcbf8fd C:\Program Files (x86)\Microsoft Office\Office14\msproof7.dll
MD5: f4a711affa63bce84677971bc6a005b3 C:\Program Files (x86)\Microsoft Office\Office14\oart.dll
MD5: 98b0304cccfa8c519921d53b58342f29 C:\Program Files (x86)\Microsoft Office\Office14\OLMAPI32.DLL
MD5: 25eeb144021412b738b22d38780ed8da C:\Program Files (x86)\Microsoft Office\OFFICE14\PROOF\1033\MSGR3EN.DLL
MD5: 9da89fdfda44fa183d088546b636dcac C:\Program Files (x86)\Microsoft Office\OFFICE14\PROOF\MSSP7EN.DLL
MD5: 2300108f6605bdcd33dc98c7a321671d C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
MD5: d1b1846f4ab85a554ac68eca4e87de04 C:\Program Files (x86)\Microsoft Office\Office14\wwlib.dll
MD5: 9013599b12923a45c029c34e8d2211ac c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
MD5: 559d9cbfc29dee2773b28d38851683ba C:\Program Files (x86)\Microsoft Silverlight\xapauthenticodesip.dll
MD5: 0710f431ba12bbb064fe564221727c4d C:\Program Files (x86)\Pingzapper\PZService.exe
MD5: cbec06e32d0ac9c3d0a9199edc1fb959 C:\Program Files (x86)\Skype\Phone\Skype.exe
MD5: aa79aace0f503ded96f33b20ca20211f c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
MD5: ea396139541706b4b433641d62ea53ce C:\Program Files (x86)\Skype\Updater\Updater.exe
MD5: 59aa1031795c4664e11da74f16dfa1ca C:\Program Files (x86)\Smoothping Elite\SmoothPingProxy.exe
MD5: 60a24ca5e2d760f4f619f1d1fe62fb27 C:\Program Files (x86)\Steam\Steam.exe
MD5: f9d908de6b166dac9b89bf62fa291ce8 C:\Program Files\Bonjour\mdnsNSP.dll
MD5: ebbcd5dfbb1de70e8f4af8fa59e401fd C:\Program Files\Bonjour\mDNSResponder.exe
MD5: 832ce330dd987227b7dea8c03f22aefa C:\Program Files\Intel\iCLS Client\HeciServer.exe
MD5: a9ab99ee7d39725eafec82732d2b3271 C:\Program Files\iPod\bin\iPodService.exe
MD5: 88ca0ffa894af4b0d90b93faa2a0a0d9 c:\Program Files\Microsoft IntelliType Pro\itype.exe
MD5: b7826a4d54c39019d8bc19a484d5d5ec C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
MD5: a9f3bfc9345f49614d5859ec95b9e994 C:\Program Files\Windows Media Player\wmpnetwk.exe
MD5: e3bf29ced96790cdaafa981ffddf53a3 C:\Program Files\Windows Sidebar\sidebar.exe
MD5: 0f97e7a47a52f4a36969f0fc319654c2 C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
MD5: 853e987a635c0008f53e3cc13290af6b C:\Users\Seng Yip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.118_0\npqscan.dll
MD5: 625704ec0b1424b85e38b2d3b2bc8e71 C:\Users\Seng Yip\AppData\Local\Google\Google Talk Plugin\googletalkplugin.dll
MD5: 09e411e1dc92d813f49dfeeb4039cbca C:\Users\Seng Yip\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
MD5: 8f628060daecf76c537bd89a53228d3b C:\Users\Seng Yip\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
MD5: 506708142bc63daba64f2d3ad1dcd5bf C:\Users\Seng Yip\AppData\Local\Google\Update\GoogleUpdate.exe
MD5: 1d976e6ef6552d29eb5d069ad3e46165 C:\Users\Seng Yip\AppData\Roaming\Dropbox\bin\Dropbox.exe
MD5: 6d74290856347cf8682277a54b433d4b C:\Users\Seng Yip\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
MD5: 64127cd56a7bb0c3bf8d2ed5b414e861 C:\Users\Seng Yip\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
MD5: d6c9b2a11af8c5f02459f373914e642f C:\Users\Seng Yip\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
MD5: e81df366705e8ade900e722bfeafe0e6 C:\Users\Seng Yip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
MD5: 5d3ecb0984715d0133494c1676c3d633 C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\acc563eb665e430df4375afb9697a5d9\IAStorCommon.ni.dll
MD5: c026e7fc9fc0fce25b82207e8a903a96 C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\04062da4d91ccee7d263b9d7a3546abb\IAStorDataMgr.ni.dll
MD5: ff945018243df61e12cff1bbfa06dfbb C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvc\2e82e56f3922f48e7ca9b4f2ce9f4f3f\IAStorDataMgrSvc.ni.exe
MD5: 4ae97b7aeb4a8da9f6f65f63d3589c95 C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\33e53ffe7ba7362a2d483ef4ea79bfe3\IAStorUtil.ni.dll
MD5: 3a0c60a5627eef0315b67b5901eb9222 C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\4a000739ab9060c0e8dd0e2ec6d69e36\IsdiInterop.ni.dll
MD5: c2335d714efafffb4c7a3c164f2024b1 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MD5: 10307046e19c8ec964c792a798b32bb3 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MD5: 3b919cbdde7ae3376ed296839846c3dd C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MD5: a490b22bd077d42e385581047801b6b2 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MD5: 17fadecb631ff8dbe735ba33409885c2 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll
MD5: fab18e11587305bf8039ea6f8f731207 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MD5: bd23077cbad092a5ea5f77ed874f32a2 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MD5: 2291d1fabc087e43d4122cace1ca30f9 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MD5: 26a68554f95a344b62e5771af598e0e8 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MD5: 01d585c95a0e752effb11ea899b0e387 C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MD5: c4002b6b41975f057d98c439030cea07 C:\Windows\ehome\ehRecvr.exe
MD5: 332feab1435662fc6c672e25beb37be3 C:\Windows\Explorer.exe
MD5: 5988fc40f8db5b0739cd1e3a5d0d78bd C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
MD5: a8b7f3818ab65695e3a0bb3279f6dce6 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
MD5: 7b46a076184b73aedc1a66a71d9131e8 C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
MD5: 75bcc4043512e41d83c8f224b168039c C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
MD5: 4552f8f61a7975c2359d19673483604d C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MD5: f5df6846f30e9f54ea60ccaeb3fb2055 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MD5: 773212b2aaa24c1e31f10246b15b276c C:\Windows\servicing\TrustedInstaller.exe
MD5: 37ce7a79d901235504f9add99a7ac177 C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
MD5: 7a044b0746d957bfd7aae18cfd8422c5 C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
MD5: 0a12d948b2cc7fbb01e28daa5e7c01ea C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
MD5: cb4863f2bd46aa02d954b86b56a149da C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
MD5: 2cae4ed96aa903578452b85e5383940c C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
MD5: e96170a923a69711b4d08e885f05d889 C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
MD5: 44ca750001f0db8c308d1ca4abd0f8e5 C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
MD5: 15df9eb8daba744e4d0e9b117f760f49 C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
MD5: a2385b02cb492131af6f79959a42a93f C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
MD5: 3ad0832e8e29fbe9bd722e3354dd4f57 C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
MD5: 88dc1714e38d4eb41a4378aab98e753b C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
MD5: a1d4deb5176c96b1a80715f6a1fdfb4f C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
MD5: b302a1630e5aea2d830b76bbcd761d72 C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
MD5: 22f767bb3b704f79363999bd4a49e68e C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
MD5: 00b83152f99e846fefb139c574cd4a96 C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
MD5: 50035c36acee069d0c209288208626d9 C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
MD5: cdf677ad479fa99f2e4d9766b83ef53c C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
MD5: 12c34c7325b74e8347e8db75279a8f3f C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
MD5: 96324ed3218133a13fff82055afac733 C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
MD5: a7bdf88a46bcc218b73e383e6547ba5f C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
MD5: 573c70d7076f2f101752a727db7c2280 C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
MD5: 29b01d02e9ff3d8a63f8747b50a5a1a3 C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
MD5: 0cc90316b34118e3b8af760d92c262a4 C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
MD5: 6f399c3e562c4e69df96039743a7aa26 C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
MD5: f3b94e04053c2483a6fecf953d6661d6 C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
MD5: c6942a18444bfffc3cceca69a7e1879c C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
MD5: f47e08b025ae376ef1342fc9ecfecdf1 C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
MD5: 8a13e14b68e00ac2cb67420396d8a1c5 C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
MD5: 863f793d15b4026b1a5fdeca873d4d84 C:\Windows\system32\apphelp.dll
MD5: e3e4013beae8a053876f7c3e6162d9d3 C:\Windows\system32\aticfx32.dll
MD5: 6ceb4c7a30c035393d6efb599894c32b C:\Windows\system32\atiu9pag.dll
MD5: 097b8d0348c976a659e3d9d82e35102c C:\Windows\system32\atiumdag.dll
MD5: 015ed8906d0e08134ed4bafb5708c00a C:\Windows\system32\atiumdva.dll
MD5: c940f2f5c60b3727c5f18840735b229c C:\Windows\system32\AUDIOSES.DLL
MD5: cdd35c1ce1ebfe80c055691cdc8df443 C:\Windows\system32\authui.dll
MD5: 0552a8684bf7566f744d5b19ff6aec6b C:\Windows\system32\bitsperf.dll
MD5: 72910f1deb838e6e08a9017bfb7d4f0b C:\Windows\system32\BROWCLI.DLL
MD5: ae9898d5600a232cd8ae3298692162e5 C:\Windows\system32\CLUSAPI.dll
MD5: ad7b9c14083b52bc532fba5948342b98 C:\Windows\system32\cmd.exe
MD5: 4e5fe39c1076d115ec8bfcfe14d75b80 C:\Windows\system32\credssp.dll
MD5: 108c2cfa5527458c096a699929ecbd80 C:\Windows\system32\credui.dll
MD5: 6316957bb3431dfb06bffa98c0f1926e C:\Windows\system32\cryptnet.dll
MD5: 06e771aa596b8761107ab57e99f128d7 C:\Windows\system32\cryptsvc.dll
MD5: 28ca821606669bb9215ce010767720fa C:\Windows\system32\cryptui.dll
MD5: 465bea35f7ed4a4a57686dea7ea10f47 C:\Windows\system32\cscapi.dll
MD5: 35cede6439ff0d8903223a0817ffe46c C:\Windows\system32\d2d1.dll
MD5: 2de90400a63818fa38c4c5c9adb166bf C:\Windows\system32\d3d10_1.dll
MD5: 9c36a3ca80f9b204c670336d344f5df8 C:\Windows\system32\d3d10_1core.dll
MD5: 78b7a3bda25c90daa50d36a56a8d1351 C:\Windows\system32\D3D10Warp.dll
MD5: 6ef5f3f18413c367195f06e503ab86a6 C:\Windows\system32\d3d9.dll
MD5: 1c9b45e87528b8bb8cfa884ea0099a85 C:\Windows\system32\d3dcompiler_43.dll
MD5: 86e39e9161c3d930d93822f1563c280d C:\Windows\system32\d3dx9_43.dll
MD5: 53223b673a3fa2f9a4d1c31c8d3f6cd8 C:\Windows\system32\dbghelp.dll
MD5: e9e01eb683c132f7fa27cd607b8a2b63 C:\Windows\system32\dhcpcore.dll
MD5: b40420876b9288e0a1c8cca8a84e5dc9 C:\Windows\system32\DNSAPI.dll
MD5: 062373995eae5f0eac9eaa9192136bfb C:\Windows\system32\dnssd.dll
MD5: a29d734f650f958424743be3baa052c8 C:\Windows\system32\DWrite.dll
MD5: 0411b7958c524bb2e91ee1b3035fe321 C:\Windows\system32\dxgi.dll
MD5: 8c9179609935f84202028849112d355a C:\Windows\system32\esentprf.dll
MD5: 53af1750fd45ddd705c9b68c7dc58827 C:\Windows\system32\EVR.dll
MD5: 8b88ebbb05a0e56b7dcc708498c02b3e C:\Windows\system32\explorer.exe
MD5: e2a17bcc08d92f42e08af6ba2f93aba7 C:\Windows\system32\explorerframe.dll
MD5: 03a03a453f1aaae0c73aaaf895321c7a C:\Windows\System32\fwpuclnt.dll
MD5: a6f09e5669d9a19035f6d942caa15882 C:\Windows\system32\IMM32.DLL
MD5: a90dc9abd65db1a8902f361103029952 C:\Windows\system32\iphlpapi.dll
MD5: 529879612a7fae235914e3aa6a9a669c C:\Windows\system32\loadperf.dll
MD5: 8ea53101ff2b15bdff934b62a8fb326d C:\Windows\system32\LOGONCLI.DLL
MD5: 8bc9db92c4b2f3be89185beab2afc1f6 C:\Windows\system32\mapi32.dll
MD5: fdba1dec4f9be4274a00b9b850c63484 C:\Windows\system32\mf.dll
MD5: 243974ec02f7ae49e4179c54624143ab C:\Windows\System32\MMDevApi.dll
MD5: d4191efab91e00fc09257aa5ebaf503b C:\Windows\system32\MPRAPI.dll
MD5: 7f8678c59f188528d60104e697c2361e C:\Windows\system32\mscms.dll
MD5: d83947a58613e9091b4c9cc0f1546a8d C:\Windows\SYSTEM32\MSCOREE.DLL
MD5: 7069aab8536f29ed7323140973a2894b C:\Windows\system32\msdmo.dll
MD5: 19b8c44bc54c7859e57e0ec1312d5b92 C:\Windows\system32\MSDTCPRX.dll
MD5: e991956ace9e57bfb9f8bb077d11b34e C:\Windows\system32\msdtcuiu.DLL
MD5: a6c29db53eca94fa8591c5388d604b82 C:\Windows\system32\msi.dll
MD5: eee470f2a771fc0b543bdeef74fceca0 C:\Windows\system32\msiexec.exe
MD5: c5413bc4f10ceb4c3070bbf04d324117 C:\Windows\system32\MSISIP.DLL
MD5: 35aae2e841aa1a949775168e119482c9 C:\Windows\system32\msls31.dll
MD5: 3de43bfdaf3f8979699650202aa18b12 C:\Windows\system32\msmpeg2vdec.dll
MD5: 2dc6285ec4f902be08e7c5fa6d3fd017 C:\Windows\system32\msscntrs.dll
MD5: ea009c246109a0eec4e4ed7d3eb3bf5c C:\Windows\system32\MSVCP100.dll
MD5: 397fc81bd0fb460508a680c5f825ff9b C:\Windows\system32\MSVCR100.dll
MD5: 8999b8631c7fd9f7f9ec3cafd953ba24 C:\Windows\system32\MSWSOCK.dll
MD5: 1cdea9188899e76d4ffd54c9d512ccdb C:\Windows\System32\msxml3.dll
MD5: d9a9702e43a5859896f34898d5fd3fec C:\Windows\System32\msxml6.dll
MD5: 8483dd8f87dbe86aab55bbf95c207061 C:\Windows\system32\MTXCLU.DLL
MD5: a4cc7227a452c4909f9499d91b184364 C:\Windows\system32\NCObjAPI.DLL
MD5: 591fe0a6ceb19bf886ceb1331f591940 C:\Windows\system32\ncrypt.dll
MD5: 2fca0d2c59a855c54bafa22aa329df0f C:\Windows\system32\NETAPI32.dll
MD5: c02f50bbc064689fe3fcd89348c884eb C:\Windows\system32\netfxperf.dll
MD5: 20b3934db73eaba2b49b7177873cb81f C:\Windows\system32\netutils.dll
MD5: 104a1070e90f1c530328e69b49718841 C:\Windows\system32\NLAapi.dll
MD5: 03f3b770dfbed6131653ceda8ca780f0 C:\Windows\system32\ntshrui.dll
MD5: 8e01332cc4b68bc6b5b7effe374442aa C:\Windows\system32\OLEACC.dll
MD5: 703ffd301ab900b047337c5d40fd6f96 C:\Windows\system32\olepro32.dll
MD5: 487f44b08efeaf5ad087878357b9403d C:\Windows\system32\pdh.dll
MD5: edd2ad141debd425d74a52a4d7be6ac4 C:\Windows\System32\Perfctrs.dll
MD5: 1acc2484f3f111d577abe4ffb1caf2a5 C:\Windows\System32\perfnet.dll
MD5: fb1ba42d1a1440e99c6b8667e141cfb1 C:\Windows\system32\perfts.dll
MD5: 414bba67a3ded1d28437eb66aeb8a720 C:\Windows\system32\pla.dll
MD5: 12c45e3cb6d65f73209549e2d02eca7a C:\Windows\system32\PROPSYS.dll
MD5: dbc02d918fff1cad628acbe0c0eaa8e8 C:\Windows\system32\provsvc.dll
MD5: 6e608664ebeeab5a03ba32324016695b C:\Windows\system32\rasctrs.dll
MD5: 2af094c822bd6094f14a8e85fb51d52a C:\Windows\system32\RESUTILS.dll
MD5: 102cf6879887bbe846a00c459e6d4abc C:\Windows\system32\RICHED20.dll
MD5: 5997d769cdb108390dcfaebf442bf816 C:\Windows\system32\RpcRtRemote.dll
MD5: 0915c4db6dbc3bb9e11b7ecbbe4b7159 C:\Windows\system32\rtutils.dll
MD5: 68ecca523ed760aafc03c5d587569859 C:\Windows\system32\samcli.dll
MD5: 236f286e103fd44bd85fdd93097fd5dd C:\Windows\system32\SearchIndexer.exe
MD5: f93674263f6b07c77956e966953242d9 C:\Windows\system32\Secur32.dll
MD5: 4ae380f39a0032eab7dd953030b26d28 C:\Windows\system32\sessenv.dll
MD5: be247ae996a9fde007a27b51413a6c79 C:\Windows\System32\shdocvw.dll
MD5: 414da952a35bf5d50192e28263b40577 C:\Windows\System32\shsvcs.dll
MD5: 7846855983170923b8deca1c3fcca498 C:\Windows\system32\SmoothPingProxy.dll
MD5: ce292c4c10b8db6070f262ea2733f0dc C:\Windows\system32\sqmapi.dll
MD5: 5ccdcd40e732d54e0f7451ac66ac1c87 C:\Windows\system32\srvcli.dll
MD5: 919001d2bb17df06ca3f8ac16ad039f6 C:\Windows\system32\SXS.DLL
MD5: 5bbd1f824741aa1fda9a9dfd3a9d5416 C:\Windows\system32\tapiperf.dll
MD5: 613bf4820361543956909043a265c6ac C:\Windows\System32\tapisrv.dll
MD5: 465dbf63a5049e4db4bc5c12ffe781cb C:\Windows\system32\tquery.dll
MD5: 109007869cb95cbd9b92fdf35b96d7b5 C:\Windows\system32\usbperf.dll
MD5: d15618a0ff8dbc2c5bf3726bacc75a0b C:\Windows\system32\USERENV.dll
MD5: 61ac3efdfacfdd3f0f11dd4fd4044223 C:\Windows\system32\userinit.exe
MD5: d25958b2a71ef488959272878ef934be C:\Windows\system32\UTILDLL.dll
MD5: cfc7d8289d2b5f3cf8d16e2db7f93d4a C:\Windows\system32\wbem\fastprox.dll
MD5: 91429e9a7458899034952047b2b58842 C:\Windows\system32\wbem\wmiaprpl.dll
MD5: 704314fd398c81d5f342caa5df7b7f21 C:\Windows\system32\wbemcomn.dll
MD5: 34eee0dfaadb4f691d6d5308a51315dc C:\Windows\System32\wcncsvc.dll
MD5: d205c24a9d069049fe2df2a1b38726a7 C:\Windows\system32\wdmaud.drv
MD5: a9d880f97530d5b8fee278923349929d C:\Windows\System32\webclnt.dll
MD5: fb19fc5951a88f3c523e35c2c98d23c0 C:\Windows\system32\webio.dll
MD5: 1db71a41daee6b3f8cd0dda8209fa2d5 C:\Windows\system32\WindowsCodecs.dll
MD5: ca9f7888b524d8100b977c81f44c3234 C:\Windows\system32\WINHTTP.dll
MD5: d5aefad57c08349a4393d987df7c715d C:\Windows\system32\WINMM.dll
MD5: 9e4b0e7472b4ceba9e17f440b8cb0ab8 C:\Windows\system32\WINSPOOL.DRV
MD5: 418e881201583a3039d81f43e39e6c78 C:\Windows\system32\WINSTA.dll
MD5: e5a4a1326a02f8e7b59e6c3270ce7202 C:\Windows\system32\wkscli.dll
MD5: 1b91cd34ea3a90ab6a4ef0550174f4cc C:\Windows\system32\WsmSvc.dll
MD5: 6a6b2ee4565a178035be2a4ff6f2c968 C:\Windows\system32\WTSAPI32.dll
MD5: 95e2376b3323f062eb562b8586d0f14a C:\Windows\syswow64\ADVAPI32.dll
MD5: f436e847fa799ecd75ad8c313673f450 C:\Windows\syswow64\CFGMGR32.dll
MD5: d1de1eafde97be41cf6585027ff3e732 C:\Windows\syswow64\COMDLG32.dll
MD5: 1295338cfe6f249823ef9bc8d4368a84 C:\Windows\syswow64\CRYPT32.dll
MD5: 2eeff4502f5e13b1bed4a04ccad64c08 C:\Windows\syswow64\DEVOBJ.dll
MD5: 4312debdacbe338f0b90e7f08e7672be C:\Windows\SysWOW64\Dxtmsft.dll
MD5: ca493a92da9880b6f1a89c3dbd54ba5b C:\Windows\SysWOW64\Dxtrans.dll
MD5: 19bc13711ac403feb830522e4831701b C:\Windows\SysWOW64\gameux.dll
MD5: d6d3ad7bf1d6f6ce9547613ed5e170a2 C:\Windows\syswow64\GDI32.dll
MD5: 32e15ecf5854f5610bc895490bc3246a C:\Windows\SysWOW64\ieframe.dll
MD5: b17adbbbdc97148d28f995f32c380f2e C:\Windows\syswow64\iertutil.dll
MD5: b2db6aba2e292235749b80a9c3dfa867 C:\Windows\syswow64\imagehlp.dll
MD5: 9f179da6bf972f2b8b7f90978d02d719 C:\Windows\SysWOW64\jscript9.dll
MD5: 99c3f8e9cc59d95666eb8d8a8b4c2beb C:\Windows\syswow64\kernel32.dll
MD5: 5c2d21c9b6b6175b89bc5d7e3cb979e1 C:\Windows\syswow64\KERNELBASE.dll
MD5: c140f86932b5b61f54a4d836e2d34ab2 C:\Windows\SysWOW64\ksproxy.ax
MD5: 630a31f277349109299e590856a4b004 C:\Windows\SysWOW64\kswdmcap.ax
MD5: a9d3b95e8466bd58eeb8a1154654e162 C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
MD5: 99b4b884fe9a878b4822f7f326c90ce1 C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll
MD5: dc6612a9ee015a36ba2a27bc9cc12537 C:\Windows\SysWOW64\MFC42.dll
MD5: 938f39b50bafe13d6f58c7790682c010 C:\Windows\syswow64\MSASN1.dll
MD5: 5e8e869e1342308752a37a2c90cca79d C:\Windows\SysWOW64\mshtml.dll
MD5: 9dc80a8aaaaac397bdab3c67165a824e C:\Windows\syswow64\msvcrt.dll
MD5: e73b0f1819602cb6ef176fb78d76a47b C:\Windows\SysWOW64\ntdll.dll
MD5: 7d34af98a706230cc2dedfe0cabf87ab C:\Windows\SysWOW64\ODBC32.dll
MD5: 928cf7268086631f54c3d8e17238c6dd C:\Windows\syswow64\ole32.dll
MD5: 6c765e82b57f2e66ce9c54ac238471d9 C:\Windows\syswow64\OLEAUT32.dll
MD5: c5ad8083cf94201f1f8084ecc696a8b7 C:\Windows\syswow64\RPCRT4.dll
MD5: 3d3cbd1847f980fb03343a63671e7886 C:\Windows\SysWOW64\schannel.dll
MD5: 10fb16b50affda6d44588f3c445dc273 C:\Windows\syswow64\SETUPAPI.dll
MD5: 29e9794708df51db5dc89fb2e903a0f6 C:\Windows\syswow64\SHELL32.dll
MD5: 8cc3c111d653e96f3ea1590891491d71 C:\Windows\syswow64\SHLWAPI.dll
MD5: eda7ad21df8945528f01f0a86d69e524 C:\Windows\syswow64\SspiCli.dll
MD5: 919001d2bb17df06ca3f8ac16ad039f6 C:\Windows\SysWOW64\SXS.DLL
MD5: 667981f2e7c26275f0694b58eee303b9 C:\Windows\syswow64\urlmon.dll
MD5: 5e0db2d8b2750543cd2ebb9ea8e6cdd3 C:\Windows\syswow64\USER32.dll
MD5: 804aaafebb3ad5f49334dd906bcb1de5 C:\Windows\syswow64\USP10.dll
MD5: cfc7d8289d2b5f3cf8d16e2db7f93d4a C:\Windows\sysWOW64\wbem\FastProx.dll
MD5: e6410546e86dc2c8068dca88065bd7ab C:\Windows\SysWOW64\wbem\WmiPerfClass.dll
MD5: a16195753e7c603fb732c53fe08c64bf C:\Windows\SysWOW64\wbem\WmiPerfInst.dll
MD5: 4fb491ac8d46aaf22ba8bc5c73dabef7 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
MD5: 590d5c506044fe02ff7643e32ff9bdac C:\Windows\SysWOW64\wer.dll
MD5: 2875b386b45b8a77e2343c5e129ae50c C:\Windows\SysWOW64\WindowsPowerShell\v1.0\pwrshsip.dll
MD5: 75a97a2c060e72ab49e071e08c7dd2ba C:\Windows\syswow64\WININET.dll
MD5: a7d79e9f660340ab20cd73f12910985f C:\Windows\syswow64\WINTRUST.dll
MD5: a8bb45f9ecad993461e0fef8e2a99152 C:\Windows\syswow64\WLDAP32.dll
MD5: 7ff15a4f092cd4a96055ba69f903e3e9 C:\Windows\syswow64\WS2_32.dll
MD5: e8f6851e4600cd3674422487ee240941 C:\Windows\SysWOW64\wshext.dll
MD5: edf2a5e96bec469da3f64e9bdd386111 C:\Windows\SysWOW64\XmlLite.dll
MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCP80.dll
MD5: c9564cf4976e7e96b4052737aa2492b4 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
MD5: 58a14c45a5cd2528f10a889e7b0c3fc2 C:\Windows\WinSxS\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.DLL
MD5: d34a527493f39af4491b3e909dc697ca C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
MD5: 4c39358ebdd2ffcd9132a30e1ec31e16 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCP90.dll
MD5: cdbe9690cf2b8409facad94fac9479c9 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll
MD5: bdac1aa64495d0f7e1ff810ebbf1f018 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\COMCTL32.dll
MD5: 352b3dc62a0d259a82a052238425c872 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MD5: 7717f84f483002815490033bf069dabd C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll

The following file(s) must be uploaded for server-side scanning:
C:\Windows\system32\SmoothPingProxy.dll

Upload started - 1 file(s)
SmoothPingProxy.dll (315392)
Upload speed - 7 KB/s
Upload finished - 1 uploaded, 0 failed

The uploaded file(s) were found clean.

Scan finished - communication took 41 sec
Total traffic - 0.32 MB sent, 1.04 KB recvd
Scanned 466 files and modules - 147 seconds

==============================================================================

Hmm I didn't notice any difference after uninstalling AVG. By speed are you referring to internet speed, or overall computer speed? My computer is almost brand new, had it for a little over a month now plus I don't do much besides watch movies and do work, so I can't say it's very bogged down by files and stuff. The Microsoft link was helpful, I tried disabling/enabling my network adapter but doesn't seem to make a difference. I don't think I will be able to tell unless I buy a new one which I'm trying not to.
  • 0

#10
emeraldnzl
Posted 29 August 2012 - 01:39 AM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

I didn't notice any difference after uninstalling AVG. By speed are you referring to internet speed, or overall computer speed?


It's a while since I used AVG but it used to have a web browsing security feature (even in the free version) that on some machines significantly slowed down the internet connection. Hence my purpose in trying an uninstall on your machine. Again, last time I checked, the latest versions are much more bloated that earlier ones and can also slow the machine itself. If either problem is affecting a machine I tend to recomment Avast or MSE. In your case I suggested MSE because it is particularly light and might have helped with the symptoms you describe.

However, if AVG is not troubling your computer then there is no real reason to change it.

Now

I am not finding malware on your machine. We could go on looking but I am of the opinion that your problems are not related to your computer itself but rather your ISP or something in between.

Tell me what you think or if you have any other questions.

After that, providing you are happy, we will clear away the tools we have been using at my next post. :)
  • 0

#11
iamsuperstarr
Posted 29 August 2012 - 10:00 PM

iamsuperstarr

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Sorry for the late reply! I was on the phone with this really cust rep who told me to try connecting to the wireless network. It was only recently installed which explained why when I moved in they told me I needed an Ehternet cable. Long story short, when I connected to the WiFi network I got my speeds back. I went and bought a WiFi dongle and now my PC is getting the same speeds as well. Problem solved, although I don't know why. They said the WiFi signal is coming from the box in my room, and if I'm getting those speeds on WiFi, I should get them with cable. Anyway yea I think my problem is solved.
  • 0

#12
emeraldnzl
Posted 29 August 2012 - 10:29 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

my problem is solved


Excellent news. :thumbsup:

Now

We have a couple of last steps to perform and then you're all set.Posted Image

  • Double-click OTL.exe to run it. (Vista users, please right click on OTL.exe and select "Run as an Administrator")
  • Click on the CleanUp! button
  • You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.
MBAM can be uninstalled via control panel add/remove but it may be a useful tool to keep.

-------------------------------------------------------------------------------------------------------------------

A reminder: Remember to turn back on any anti-malware programs you may have turned off during the cleaning process.

-------------------------------------------------------------------------------------------------------------------

Here are some things that I think are worth having a look at if you don't already know about them:

---------------------------------------------------------------------------------------------------------------------

It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article Strong passwords: How to create and use them.

----------------------------------------------------------------------------------------------------------------------

Regularly check that your Java is up to date. Older versions are vunerable to malicious attack.

  • Download Java for Windows

    Reboot your computer.
    You also need to unininstall older versions of Java.
  • Click Start > Control Panel > Add or Remove Programs
  • Remove all Java updates except the latest one you have just installed.
--------------------------------------------------------------------------------------------------------------------

Make Internet Explorer more secure
  • Click Start > Run
  • Type Inetcpl.cpl & click OK
  • Click on the Security tab
  • Click Reset all zones to default level
  • Make sure the Internet Zone is selected & Click Custom level
  • In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
  • Next Click OK, then Apply button and then OK to exit the Internet Properties page.
* Consider using an alternate browser.

Opera may be downloaded from here. It is one of the least targeted of all browers.

Avant may be downloaded from here. Another one that is less well known.

Firefox may be downloaded from Here. I use Firefox because I like it. Used to be one of the safest but now targeted probably as much as IE.

Adblock Plus is a good Add-on for Firefox that helps prevent those annoying pop ups.

-----------------------------------------------------------------------------------------------------------------------

To help protect your computer in the future here are some free programs you can look at:

  • If you do not already have automatic updates set then it is recommended that you do set Windows to check, download and install your updates automatically.

    * Click Start > Control Panel > System and Security > Windows Update
    * Under Windows Update click on Turn automatic updating on or off
    * Check items shown to ensure you receive updates automatically. Click OK.

    And to keep your system clean consider choosing from these free for home use malware scanners and updating and running weekly.
  • Malwarebytes
  • SuperAntiSpyWare
Be aware of what emails you open and websites you visit.

Go here for some good advice about how to prevent infection.
  • 0

#13
iamsuperstarr
Posted 30 August 2012 - 02:51 AM

iamsuperstarr

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
All done! Thanks for the tips, and the help, and for your time =)
  • 0

#14
emeraldnzl
Posted 30 August 2012 - 01:39 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
You are very welcome :happy:

I will leave this topic open for a day or two in case any issues arise that you want to come back to me on.
  • 0

#15
emeraldnzl
Posted 04 September 2012 - 08:34 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP