Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer suddenly gets real slow


  • Please log in to reply

#1
Terryc250

Terryc250

    Member

  • Member
  • PipPip
  • 54 posts
When I restart my computer it runs fine for a bit, then it suddenly becomes very slow and choppy. Even just typing I have to wait a second for the text to catch up.

OTL logfile created on: 8/27/2013 2:55:25 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dara\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.75 Gb Total Physical Memory | 3.64 Gb Available Physical Memory | 63.36% Memory free
11.50 Gb Paging File | 8.89 Gb Available in Paging File | 77.29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596.07 Gb Total Space | 541.99 Gb Free Space | 90.93% Space Free | Partition Type: NTFS
Drive D: | 4.36 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: DARA-PC | User Name: Dara | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/27 14:47:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dara\Downloads\OTL.exe
PRC - [2013/08/19 06:42:49 | 000,164,816 | ---- | M] (APN LLC.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
PRC - [2013/08/15 20:21:43 | 000,829,392 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/08/14 11:10:26 | 003,291,008 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/08/07 02:42:30 | 004,308,320 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013/05/16 07:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/05/12 15:43:32 | 000,413,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/13 14:25:17 | 000,023,552 | ---- | M] (Microsoft) -- C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe
PRC - [2013/03/06 15:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/03/06 15:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/03/06 15:32:42 | 000,136,912 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2012/01/18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe


========== Modules (No Company Name) ==========

MOD - [2013/08/15 20:21:41 | 000,410,576 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\ppgooglenaclpluginchrome.dll
MOD - [2013/08/15 20:21:40 | 013,594,064 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\PepperFlash\pepflashplayer.dll
MOD - [2013/08/15 20:21:39 | 004,053,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\pdf.dll
MOD - [2013/08/15 20:20:49 | 000,709,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\libglesv2.dll
MOD - [2013/08/15 20:20:48 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\libegl.dll
MOD - [2013/08/15 20:20:46 | 001,604,560 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\ffmpegsumo.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/03/06 15:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013/03/06 15:32:42 | 000,136,912 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:64bit: - [2010/05/20 15:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:64bit: - [2009/12/03 20:27:24 | 000,028,672 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV:64bit: - [2009/07/13 18:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/08/26 22:59:20 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/08/21 11:17:17 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/08/19 06:42:49 | 000,164,816 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
SRV - [2013/08/14 11:10:26 | 003,291,008 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/08/07 02:42:30 | 004,308,320 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013/07/26 15:46:24 | 000,563,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/06/03 16:21:54 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/16 07:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/05/12 15:43:32 | 000,413,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/01/18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/03/06 15:33:21 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/03/06 15:33:21 | 000,377,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013/03/06 15:33:21 | 000,178,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/03/06 15:33:21 | 000,070,992 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/03/06 15:33:21 | 000,068,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013/03/06 15:33:21 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/03/06 15:33:20 | 000,263,096 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis2.sys -- (aswNdis2)
DRV:64bit: - [2013/03/06 15:33:20 | 000,127,136 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswFW.sys -- (aswFW)
DRV:64bit: - [2013/03/06 15:33:20 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/03/06 15:33:20 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013/03/06 15:33:20 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2013/03/06 15:11:21 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis.sys -- (aswNdis)
DRV:64bit: - [2013/01/09 22:46:28 | 000,132,096 | ---- | M] (SteelSeries Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SteelBus64.sys -- (busenum)
DRV:64bit: - [2013/01/09 22:46:26 | 000,038,016 | ---- | M] (SteelSeries Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SAlpham64.sys -- (SAlphamHid)
DRV:64bit: - [2012/12/21 14:41:42 | 000,258,784 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2012/08/23 07:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 07:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/18 06:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012/01/18 06:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/05/20 15:26:30 | 002,060,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VX3000.sys -- (VX3000)
DRV:64bit: - [2010/03/04 18:26:58 | 000,349,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2010/01/26 17:52:22 | 001,212,416 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AGERESoftModem)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 13:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {214FFBA5-A348-4092-A0BF-5C095987C474}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.search.as...2013-08-13&psv=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 10 AC 61 66 9D 22 CE 01 [binary data]
IE - HKCU\..\URLSearchHook: {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTor.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
IE - HKCU\..\SearchScopes,DefaultScope = {214FFBA5-A348-4092-A0BF-5C095987C474}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{214FFBA5-A348-4092-A0BF-5C095987C474}: "URL" = http://search.condui...9140481667&UM=2
IE - HKCU\..\SearchScopes\{614762F5-2D23-41A2-81F7-6E9833A0E56B}: "URL" = http://www.search.as...archTerms}&psv=
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{A531D99C-5A22-449b-83DA-872725C6D0ED}: "URL" = http://search.alot.c...on=1.3.4000.0(B)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: plugin%40yontoo.com:1.20.02
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/03/16 16:39:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/06/15 18:45:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dara\AppData\Roaming\Mozilla\Extensions
[2013/03/16 17:34:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dara\AppData\Roaming\Mozilla\Firefox\extensions
[2013/03/16 17:34:17 | 000,000,000 | ---D | M] (uTorrentControl_v6) -- C:\Users\Dara\AppData\Roaming\Mozilla\Firefox\extensions\{96f454ea-9d38-474f-b504-56193e00c1a5}
[2013/08/26 22:09:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dara\AppData\Roaming\Mozilla\Firefox\Profiles\3b266e45.default\extensions
[2013/07/16 01:34:59 | 000,021,486 | ---- | M] () (No name found) -- C:\Users\Dara\AppData\Roaming\Mozilla\Firefox\Profiles\3b266e45.default\extensions\[email protected]
[2013/08/26 22:09:58 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\Dara\AppData\Roaming\Mozilla\Firefox\Profiles\3b266e45.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/08/26 22:59:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/08/26 22:59:13 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/08/26 22:59:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/08/26 22:59:12 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/08/26 22:59:21 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - Extension: Google Docs = C:\Users\Dara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Dara\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Dara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: uTorrentControl_v6 = C:\Users\Dara\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.16.100.504_0\
CHR - Extension: Google Search = C:\Users\Dara\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! WebRep = C:\Users\Dara\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: Productivity 3.2 = C:\Users\Dara\AppData\Local\Google\Chrome\User Data\Default\Extensions\lahmgkenijjaeppapddnjlbjbkfnaghd\10.16.100.504_0\
CHR - Extension: Skype Click to Call = C:\Users\Dara\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.11.0.13348_1\
CHR - Extension: Yontoo = C:\Users\Dara\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Dara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_1\
CHR - Extension: Gmail = C:\Users\Dara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/08/27 14:22:45 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Ask Toolbar) - {504C5432-2D56-3700-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\PLT2-V7\Passport.dll (APN LLC.)
O2 - BHO: (ALOT Appbar Helper) - {85F5CF95-EC8F-49fc-BB3F-38C79455CBA2} - C:\Program Files (x86)\alotappbar\bin\BHO\ALOTHelperBHO.dll File not found
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (uTorrentControl_v6 Toolbar) - {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {504C5432-2D56-3700-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\PLT2-V7\Passport.dll (APN LLC.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (uTorrentControl_v6 Toolbar) - {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ALOT Appbar) - {A531D99C-5A22-449b-83DA-872725C6D0ED} - C:\Program Files (x86)\alotappbar\bin\ALOTHelper.dll File not found
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentControl_v6 Toolbar) - {96F454EA-9D38-474F-B504-56193E00C1A5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTor.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [VX3000] C:\Windows\vVX3000.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SteelSeries Engine] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe (SteelSeries ApS)
O4 - Startup: C:\Users\Dara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk = C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{787248CD-466B-430A-B146-8FC7BB8AF5ED}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/08/27 14:22:47 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013/08/27 14:17:55 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/08/27 14:09:26 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/08/27 14:09:26 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/08/27 14:09:26 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/08/27 14:09:21 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013/08/27 14:08:35 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/08/27 14:08:19 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/08/27 13:50:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/08/27 13:50:23 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/08/27 13:50:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/08/26 22:59:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/08/20 13:00:17 | 000,000,000 | ---D | C] -- C:\Users\Dara\Desktop\TENANT NFORMATION
[2013/08/14 03:01:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013/08/13 13:02:08 | 008,152,576 | ---- | C] (Paltalk.com) -- C:\Users\Dara\Desktop\PalTextCtl.dll
[2013/08/13 09:55:19 | 000,000,000 | ---D | C] -- C:\ProgramData\AskPartnerNetwork
[2013/08/13 09:55:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AskPartnerNetwork
[2013/08/13 09:54:23 | 000,000,000 | ---D | C] -- C:\Users\Dara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger
[2013/08/13 09:54:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Paltalk Messenger

========== Files - Modified Within 30 Days ==========

[2013/08/27 14:40:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/27 14:36:28 | 000,021,200 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/08/27 14:36:28 | 000,021,200 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/08/27 14:29:20 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/27 14:28:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/08/27 14:28:44 | 334,929,919 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/27 14:22:45 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/08/27 14:17:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/08/27 13:50:26 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/08/26 15:53:16 | 000,022,626 | ---- | M] () -- C:\Users\Dara\Desktop\7874600030466080424.jpg
[2013/08/26 15:25:46 | 000,195,391 | ---- | M] () -- C:\Users\Dara\Desktop\rec0826-152538.mp3
[2013/08/26 15:25:36 | 001,820,945 | ---- | M] () -- C:\Users\Dara\Desktop\rec0826-152425.mp3
[2013/08/25 17:16:25 | 000,038,929 | ---- | M] () -- C:\Users\Dara\Desktop\Ry micky4.jpg
[2013/08/23 17:42:15 | 000,170,259 | ---- | M] () -- C:\Users\Dara\Desktop\75680317128192520615.jpg
[2013/08/22 10:44:12 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/08/17 22:52:05 | 000,401,216 | ---- | M] () -- C:\Users\Dara\Desktop\023.JPG
[2013/08/17 13:31:41 | 000,464,170 | ---- | M] () -- C:\Users\Dara\Desktop\007.JPG
[2013/08/14 22:59:33 | 000,001,185 | ---- | M] () -- C:\Users\Dara\Desktop\smoth hunsen.rtf
[2013/08/14 03:03:58 | 000,792,712 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/08/14 03:03:58 | 000,660,068 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/08/14 03:03:58 | 000,120,996 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/08/13 21:02:38 | 000,122,052 | ---- | M] () -- C:\Users\Dara\Desktop\004.JPG
[2013/08/13 13:02:27 | 008,152,576 | ---- | M] (Paltalk.com) -- C:\Users\Dara\Desktop\PalTextCtl.dll
[2013/08/13 09:54:23 | 000,002,023 | ---- | M] () -- C:\Users\Dara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk
[2013/08/13 09:54:23 | 000,002,003 | ---- | M] () -- C:\Users\Dara\Application Data\Microsoft\Internet Explorer\Quick Launch\Paltalk Messenger.lnk
[2013/08/13 09:54:23 | 000,001,979 | ---- | M] () -- C:\Users\Dara\Desktop\Paltalk Messenger.lnk
[2013/08/13 09:54:23 | 000,001,224 | ---- | M] () -- C:\Users\Dara\Desktop\Upgrade to Paltalk Extreme.lnk
[2013/08/13 09:54:22 | 000,001,224 | ---- | M] () -- C:\Users\Dara\Application Data\Microsoft\Internet Explorer\Quick Launch\Upgrade to Paltalk Extreme.lnk
[2013/08/13 02:29:35 | 000,001,090 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013/08/07 08:53:14 | 000,007,516 | ---- | M] () -- C:\Users\Dara\Desktop\69751067139471454120.jpg
[2013/08/07 08:52:26 | 000,015,577 | ---- | M] () -- C:\Users\Dara\Desktop\6975106724133666028.jpg
[2013/08/07 08:52:20 | 000,016,285 | ---- | M] () -- C:\Users\Dara\Desktop\69751067127243793229.jpg
[2013/08/07 08:52:09 | 000,018,860 | ---- | M] () -- C:\Users\Dara\Desktop\69751067145146270931.jpg
[2013/08/07 08:39:10 | 000,010,620 | ---- | M] () -- C:\Users\Dara\Desktop\6975106721262724339.jpg
[2013/08/07 08:38:49 | 000,008,134 | ---- | M] () -- C:\Users\Dara\Desktop\69751067133558843240.jpg
[2013/08/07 08:38:39 | 000,009,303 | ---- | M] () -- C:\Users\Dara\Desktop\6975106798616807743.jpg
[2013/08/07 08:38:39 | 000,008,353 | ---- | M] () -- C:\Users\Dara\Desktop\69751067143448602241.jpg
[2013/08/06 19:05:50 | 007,822,619 | ---- | M] () -- C:\Users\Dara\Desktop\rec0806-190102.mp3
[2013/08/06 18:55:40 | 008,492,788 | ---- | M] () -- C:\Users\Dara\Desktop\rec0806-185109.mp3
[2013/08/04 21:28:56 | 006,482,128 | ---- | M] () -- C:\Users\Dara\Desktop\halftime.mp3
[2013/08/04 21:26:18 | 006,108,054 | ---- | M] () -- C:\Users\Dara\Desktop\Lavenda2.mp3
[2013/08/04 21:20:22 | 004,852,505 | ---- | M] () -- C:\Users\Dara\Desktop\Lavenda1.mp3
[2013/08/01 17:56:01 | 006,301,480 | ---- | M] () -- C:\Users\Dara\Desktop\rec0801-175112.mp3
[2013/08/01 17:44:34 | 006,184,109 | ---- | M] () -- C:\Users\Dara\Desktop\rec0801-174024.mp3
[2013/07/29 21:39:13 | 004,092,237 | ---- | M] () -- C:\Users\Dara\Desktop\song2.mp3
[2013/07/29 20:56:59 | 003,660,485 | ---- | M] () -- C:\Users\Dara\Desktop\ornjern_jol_jos.mp3

========== Files Created - No Company Name ==========

[2013/08/27 14:09:26 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/08/27 14:09:26 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/08/27 14:09:26 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/08/27 14:09:26 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/08/27 14:09:26 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/08/27 13:50:26 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/08/26 15:53:16 | 000,022,626 | ---- | C] () -- C:\Users\Dara\Desktop\7874600030466080424.jpg
[2013/08/26 15:25:38 | 000,195,391 | ---- | C] () -- C:\Users\Dara\Desktop\rec0826-152538.mp3
[2013/08/26 15:24:25 | 001,820,945 | ---- | C] () -- C:\Users\Dara\Desktop\rec0826-152425.mp3
[2013/08/25 17:16:25 | 000,038,929 | ---- | C] () -- C:\Users\Dara\Desktop\Ry micky4.jpg
[2013/08/23 17:42:14 | 000,170,259 | ---- | C] () -- C:\Users\Dara\Desktop\75680317128192520615.jpg
[2013/08/17 22:52:05 | 000,401,216 | ---- | C] () -- C:\Users\Dara\Desktop\023.JPG
[2013/08/17 13:31:41 | 000,464,170 | ---- | C] () -- C:\Users\Dara\Desktop\007.JPG
[2013/08/14 22:59:33 | 000,001,185 | ---- | C] () -- C:\Users\Dara\Desktop\smoth hunsen.rtf
[2013/08/13 21:02:38 | 000,122,052 | ---- | C] () -- C:\Users\Dara\Desktop\004.JPG
[2013/08/13 09:54:23 | 000,001,224 | ---- | C] () -- C:\Users\Dara\Desktop\Upgrade to Paltalk Extreme.lnk
[2013/08/07 11:51:37 | 000,007,516 | ---- | C] () -- C:\Users\Dara\Desktop\69751067139471454120.jpg
[2013/08/07 11:50:58 | 000,015,577 | ---- | C] () -- C:\Users\Dara\Desktop\6975106724133666028.jpg
[2013/08/07 11:50:46 | 000,016,285 | ---- | C] () -- C:\Users\Dara\Desktop\69751067127243793229.jpg
[2013/08/07 11:50:34 | 000,018,860 | ---- | C] () -- C:\Users\Dara\Desktop\69751067145146270931.jpg
[2013/08/07 11:48:38 | 000,010,620 | ---- | C] () -- C:\Users\Dara\Desktop\6975106721262724339.jpg
[2013/08/07 08:54:43 | 000,008,134 | ---- | C] () -- C:\Users\Dara\Desktop\69751067133558843240.jpg
[2013/08/07 08:54:33 | 000,008,353 | ---- | C] () -- C:\Users\Dara\Desktop\69751067143448602241.jpg
[2013/08/07 08:54:24 | 000,009,303 | ---- | C] () -- C:\Users\Dara\Desktop\6975106798616807743.jpg
[2013/08/06 19:01:02 | 007,822,619 | ---- | C] () -- C:\Users\Dara\Desktop\rec0806-190102.mp3
[2013/08/06 18:51:09 | 008,492,788 | ---- | C] () -- C:\Users\Dara\Desktop\rec0806-185109.mp3
[2013/08/04 21:27:49 | 006,482,128 | ---- | C] () -- C:\Users\Dara\Desktop\halftime.mp3
[2013/08/04 21:25:13 | 006,108,054 | ---- | C] () -- C:\Users\Dara\Desktop\Lavenda2.mp3
[2013/08/04 21:19:26 | 004,852,505 | ---- | C] () -- C:\Users\Dara\Desktop\Lavenda1.mp3
[2013/08/01 17:51:12 | 006,301,480 | ---- | C] () -- C:\Users\Dara\Desktop\rec0801-175112.mp3
[2013/08/01 17:40:24 | 006,184,109 | ---- | C] () -- C:\Users\Dara\Desktop\rec0801-174024.mp3
[2013/07/29 21:38:31 | 004,092,237 | ---- | C] () -- C:\Users\Dara\Desktop\song2.mp3
[2013/07/29 20:56:22 | 003,660,485 | ---- | C] () -- C:\Users\Dara\Desktop\ornjern_jol_jos.mp3
[2013/06/01 20:01:22 | 000,772,214 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/01/18 06:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012/01/18 06:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012/01/18 06:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe

========== ZeroAccess Check ==========

[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/26 22:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/26 21:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/06/02 12:52:18 | 000,000,000 | ---D | M] -- C:\Users\Dara\AppData\Roaming\Absolute Audio Editor
[2013/06/01 20:11:21 | 000,000,000 | ---D | M] -- C:\Users\Dara\AppData\Roaming\Absolute Audio Recorder
[2013/03/24 16:51:48 | 000,000,000 | ---D | M] -- C:\Users\Dara\AppData\Roaming\DriverCure
[2013/03/31 19:57:53 | 000,000,000 | ---D | M] -- C:\Users\Dara\AppData\Roaming\Paltalk
[2013/03/24 16:51:48 | 000,000,000 | ---D | M] -- C:\Users\Dara\AppData\Roaming\PC Utility Kit
[2013/06/01 19:55:43 | 000,000,000 | ---D | M] -- C:\Users\Dara\AppData\Roaming\SteelSeries
[2013/06/01 18:43:15 | 000,000,000 | ---D | M] -- C:\Users\Dara\AppData\Roaming\TeamViewer
[2013/06/01 19:19:11 | 000,000,000 | ---D | M] -- C:\Users\Dara\AppData\Roaming\TuneUp Software
[2013/06/14 19:30:31 | 000,000,000 | ---D | M] -- C:\Users\Dara\AppData\Roaming\uTorrent
[2013/08/27 14:30:26 | 000,000,000 | ---D | M] -- C:\Users\Dara\AppData\Roaming\Yontoo

========== Purity Check ==========



< End of report >
  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,023 posts
  • MVP
Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

Wait until things start to slow down then:

File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.




Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).
sfc  /scannow

(This will check your critical system files. Does this finish without complaint? IF it says it couldn't fix everything then:

Copy the next two lines:

findstr /c:"[SR]" \windows\logs\cbs\cbs.log > \windows\logs\cbs\junk.txt
notepad \windows\logs\cbs\junk.txt

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue. Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application (this will overwrite the first log so copy and paste it into a reply before the second run).

When it has been on for a while:
Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button) Download, Save and Install it. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System. (It will be near the top about 10 lines down.) Attach the file to your next post.


Ron
  • 0

#3
Terryc250

Terryc250

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
Oddly enough, I don't seem to get that sudden lag anymore, unless I'm watching a Flash video, but I went ahead with the instructions anyway.

Attached Files


Edited by Terryc250, 28 August 2013 - 11:13 AM.

  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,023 posts
  • MVP

Graphics
SyncMaster ([email protected])
256MB NVIDIA GeForce 9100 (HP) 113 °C


If the temperature reported by speccy is accurate then your Video card is about to melt down. Surprised that smoke is not coming out of it. Does it have a fan on it? Is the fan running? Let's get a second opinion on the temps:


http://www.almico.com/sfdownload.php

Download, save and Install Speedfan (Win 7 or Vista right click and Run As Admin.) then run it.

It will tell you your temps. What does it say for GPU?


Process Explorer reports this is too high:

Interrupts 2.61 0 K 0 K n/a Hardware Interrupts and DPCs


Could be related to overheating of the video card or just a bad driver. (Usually it's the video driver see if your PC maker or NVidia has a new driver for your NVIDIA GeForce 9100 )

The following error is caused by driverpack solution professional 12.12 r302 beta (2013). See if you can uninstall it.

Log: 'Application' Date/Time: 28/08/2013 9:08:41 AM
Type: Error Category: 0
Event: 59 Source: SideBySide
Activation context generation failed for "c:\Users\Dara\downloads\driverpack solution professional 12.12 r302 beta (2013) [multi][www.lokotorrents.com]\programs\MRT.exe".Error in manifest or policy file "c:\Users\Dara\downloads\driverpack solution professional 12.12 r302 beta (2013) [multi][www.lokotorrents.com]\programs\MRT.exe" on line 0. Invalid Xml syntax.


You do have some adware. Won't hurt to remove it:

Download : ADWCleaner to your desktop.

NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs, pause your anti-virus and right click on the AdwCleaner icon and Run As Admin.

Posted Image

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder.



Junkware-Removal-Tool

Please download Junkware Removal Tool to your desktop.
  • Pause your anti-virus. Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

  • 0

#5
Terryc250

Terryc250

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
The SpeedFan says my GPU is at 115C. I opened up my computer and the fans were running fine. Is it possible that a malware could have overclocked my GPU, or messed something in the BIOS? I also did clean installation of of the latest nvidia drivers for my geforce 9100.

Attached Files


Edited by Terryc250, 28 August 2013 - 01:08 PM.

  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,023 posts
  • MVP
I don't know. Both of the programs claim the video is about to meltdown or catch fire. It could be the sensor itself is defective and giving a false temperature as I have never seen one that hot. Does the video card seem hot? 115 is 15 higher than the boiling point of water so it should be hot enough to burn you so be careful.

What does Process Explorer say now for the Interrupts line?
  • 0

#7
Terryc250

Terryc250

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
Its a video card attached to my motherboard but it doesnt seem that hot at all when i touched it. Whenever I watch a video on youtube or a stream from twitch though, after about 15 seconds it becomes super choppy and my computer becomes very laggy.
  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,023 posts
  • MVP
The card itself may be failing and may need to be replaced but let's try a new driver first: If you go to
http://www.nvidia.co...aspx?lang=en-us and click on Graphics Drivers button after
Option 2: Automatically find drivers for my NVIDIA products. It should tell you if you have the latest driver or not.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP