i have multiple conhost.exe running.cursor locks and unlocks,making typing very difficult.dont know if i have a bug or another problem.have scanned with anti virus,mbam,and sas,found nothing.after awhile it quits doing this and behaves normal.started yesterday after computer crashed.tried to reboot computer several times,would start but wouldnt boot.shut power off on back of puter,waited a few minutes,finally started normal.tried to restart my game,screen kept closing.thats when i looked at task mgr.and discovered this problem.
multiple conhost.exe
#1
Posted 01 August 2014 - 06:54 PM
#2
Posted 01 August 2014 - 07:19 PM
OTL logfile created on: 8/1/2014 8:02:51 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\john\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
6.00 Gb Total Physical Memory | 4.03 Gb Available Physical Memory | 67.24% Memory free
14.79 Gb Paging File | 12.53 Gb Available in Paging File | 84.75% Paging File free
Paging file location(s): c:\pagefile.sys 9000 9000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 189.91 Gb Total Space | 83.61 Gb Free Space | 44.02% Space Free | Partition Type: NTFS
Computer Name: JOHNSPC | User Name: john | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found --
PRC - [2014/08/01 20:02:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\john\Desktop\OTL.exe
PRC - [2014/07/25 08:51:18 | 002,403,104 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/07/25 08:51:13 | 001,720,608 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014/07/17 00:42:02 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/06/27 11:52:26 | 002,088,408 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2014/06/24 10:41:42 | 001,738,168 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2014/04/25 14:12:20 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2013/09/12 13:06:22 | 001,337,752 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2013/04/26 20:53:18 | 000,673,280 | ---- | M] () -- C:\ProgramData\BOINC\projects\www.primaboinca.com\primaboinca_7.05_windows_intelx86.exe
========== Modules (No Company Name) ==========
MOD - [2014/07/17 00:42:24 | 003,800,688 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/04/26 20:53:18 | 000,673,280 | ---- | M] () -- C:\ProgramData\BOINC\projects\www.primaboinca.com\primaboinca_7.05_windows_intelx86.exe
MOD - [2013/04/26 20:53:17 | 000,208,896 | ---- | M] () -- C:\ProgramData\BOINC\projects\www.primaboinca.com\gmp.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014/07/25 08:51:10 | 018,956,064 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2014/06/18 19:24:12 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/10/10 17:54:28 | 000,144,152 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2013/09/12 13:06:22 | 001,337,752 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/09/27 14:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2008/05/07 18:29:38 | 000,122,880 | ---- | M] (CrypKey (Canada) Ltd.) [Auto | Running] -- C:\Windows\SysNative\Crypserv.exe -- (Crypkey License)
SRV - [2014/07/25 08:51:13 | 001,720,608 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014/07/17 00:42:18 | 000,119,408 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/07/09 04:03:26 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/07/02 12:44:41 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/12/21 01:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/10 03:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) [Disabled | Stopped] -- C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe -- (pgsql-8.3)
SRV - [2009/11/04 07:07:31 | 000,163,840 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE -- (EPSON_EB_RPCV4_01)
SRV - [2009/11/04 07:07:31 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - File not found [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.2.0)
DRV:64bit: - File not found [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.01)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.0)
DRV:64bit: - [2014/07/25 08:51:10 | 000,020,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2014/03/31 11:42:44 | 000,040,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2014/03/19 15:23:14 | 000,050,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2013/11/28 08:38:18 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/10/01 21:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/09/17 16:17:38 | 000,239,320 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2013/09/17 16:17:38 | 000,168,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2013/09/17 16:17:38 | 000,157,432 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2012/10/16 17:59:22 | 000,073,552 | ---- | M] (Dataram, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RAMDiskVE.sys -- (RAMDiskVE)
DRV:64bit: - [2012/08/23 09:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/02 01:30:46 | 000,042,776 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2011/09/02 01:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/09/02 01:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/07/22 11:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 16:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/06/12 20:32:09 | 000,015,672 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)
DRV:64bit: - [2011/03/21 08:22:06 | 000,452,200 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/19 18:47:18 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2010/12/08 14:12:30 | 000,087,456 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2010/11/23 20:55:00 | 000,346,144 | ---- | M] (D-Link Corp. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DLKRT64.sys -- (DLKRT64)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 05:49:51 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2010/09/17 16:40:06 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2010/09/17 16:39:58 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2010/08/12 13:07:50 | 000,350,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2010/02/18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/11/23 20:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009/11/23 17:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009/07/16 11:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:35:58 | 000,047,872 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fet6x64.sys -- (FETNDIS)
DRV:64bit: - [2009/06/10 15:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/03/17 12:12:26 | 000,028,664 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\Ckldrv.sys -- (NetworkX)
DRV - [2012/02/10 03:28:14 | 000,056,448 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys -- (AODDriver4.1.0)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\..\SearchScopes,DefaultScope = {36377DD7-B3EB-42f5-986F-680BAF59BA9D}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{0E2533C4-0302-4CFF-8334-E6BC56F1E08C}: "URL" = https://www.google.c...q={searchTerms}
IE - HKCU\..\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: smarterwiki%40wikiatic.com:5.2.1
FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.17
FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.9.2
FF - prefs.js..extensions.enabledAddons: %7Bc36177c0-224a-11da-8cd6-0800200c9a91%7D:3.9.85
FF - prefs.js..extensions.enabledAddons: FasterFox_Lite%40BigRedBrent:3.9.9Lite
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.11.2: C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.11.2: C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@plugin.couponnetwork.com/Coupon Print Activator;version=4.5: C:\Users\john\AppData\Roaming\E-centives\NPcolPM460.dll (Invenda)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2013/11/07 05:19:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/05/22 04:25:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013/11/07 05:19:44 | 000,000,000 | ---D | M]
[2010/11/20 11:00:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\john\AppData\Roaming\Mozilla\Extensions
[2012/07/07 18:56:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\9qy3jov0.default-1341694108462\extensions
[2012/07/07 19:08:08 | 000,000,000 | ---D | M] (Fasterfox Lite) -- C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\9qy3jov0.default-1341694108462\extensions\FasterFox_Lite@BigRedBrent
[2014/07/23 08:18:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\bhiw3jaz.default-1369792834579\extensions
[2014/07/05 04:36:31 | 000,000,000 | ---D | M] (Fasterfox Lite) -- C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\bhiw3jaz.default-1369792834579\extensions\FasterFox_Lite@BigRedBrent
[2012/07/07 19:12:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\javxahwo.default\extensions
[2013/05/28 20:22:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\ru7vfyjm.default-1369789893882\extensions
[2013/06/15 03:31:10 | 000,000,000 | ---D | M] (DoNotTrackMe) -- C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\ru7vfyjm.default-1369789893882\extensions\[email protected]
[2012/07/07 18:47:11 | 000,023,197 | ---- | M] () (No name found) -- C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\9qy3jov0.default-1341694108462\extensions\{9fb8c270-7124-11dd-ad8b-0800200c9a66}.xpi
[2012/07/07 18:53:09 | 000,292,116 | ---- | M] () (No name found) -- C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\9qy3jov0.default-1341694108462\extensions\{ad48108d-92a6-4eb9-87e4-978aca1dbae4}.xpi
[2012/07/07 18:52:15 | 000,176,819 | ---- | M] () (No name found) -- C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\9qy3jov0.default-1341694108462\extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi
[2012/07/07 15:53:22 | 000,743,290 | ---- | M] () (No name found) -- C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\9qy3jov0.default-1341694108462\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/07/07 18:51:26 | 000,105,386 | ---- | M] () (No name found) -- C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\9qy3jov0.default-1341694108462\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.xpi
[2014/05/28 11:21:38 | 000,133,000 | ---- | M] () (No name found) -- C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\bhiw3jaz.default-1369792834579\extensions\[email protected]
[2013/11/29 07:15:53 | 000,367,561 | ---- | M] () (No name found) -- C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\bhiw3jaz.default-1369792834579\extensions\[email protected]
[2014/07/10 19:03:10 | 000,976,990 | ---- | M] () (No name found) -- C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\bhiw3jaz.default-1369792834579\extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi
[2014/07/05 04:36:09 | 000,102,696 | ---- | M] () (No name found) -- C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\bhiw3jaz.default-1369792834579\extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi
[2014/07/23 08:18:45 | 000,967,685 | ---- | M] () (No name found) -- C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\bhiw3jaz.default-1369792834579\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/05/01 11:20:51 | 000,731,942 | ---- | M] () (No name found) -- C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\bhiw3jaz.default-1369792834579\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2012/07/07 15:27:22 | 000,109,964 | ---- | M] () (No name found) -- C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\javxahwo.default\extensions\[email protected]
[2012/07/07 15:23:09 | 000,743,290 | ---- | M] () (No name found) -- C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\javxahwo.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/05/28 20:19:46 | 000,134,804 | ---- | M] () (No name found) -- C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\ru7vfyjm.default-1369789893882\extensions\[email protected]
[2013/05/28 20:22:49 | 000,123,385 | ---- | M] () (No name found) -- C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\ru7vfyjm.default-1369789893882\extensions\[email protected]
[2013/05/28 20:19:07 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\ru7vfyjm.default-1369789893882\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/05/28 20:22:07 | 000,434,392 | ---- | M] () (No name found) -- C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\ru7vfyjm.default-1369789893882\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
[2013/05/28 20:22:37 | 000,699,333 | ---- | M] () (No name found) -- C:\Users\john\AppData\Roaming\Mozilla\Firefox\Profiles\ru7vfyjm.default-1369789893882\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi
[2014/07/22 22:20:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/07/22 22:20:31 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2014/08/01 17:38:18 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4:64bit: - HKLM..\Run: [boincmgr] C:\Program Files\BOINC\boincmgr.exe (Space Sciences Laboratory)
O4:64bit: - HKLM..\Run: [boinctray] C:\Program Files\BOINC\boinctray.exe (Space Sciences Laboratory)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} http://www.logitech....Detection32.cab (Device Detection)
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus....ek_sys_ctrl.cab (asusTek_sysctrl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.217.0.5 71.9.127.107 24.159.64.23
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F7507E62-0096-4A37-A28E-610220340AA1}: DhcpNameServer = 24.217.0.5 71.9.127.107 24.159.64.23
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F7507E62-0096-4A37-A28E-610220340AA1}: NameServer = 208.67.222.222,208.67.220.220
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\gopher - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21:64bit: - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\SysNative\WPDShServiceObj.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/02/15 15:39:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/08/01 20:02:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\john\Desktop\OTL.exe
[2014/08/01 18:05:54 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/07/31 21:09:30 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014/07/31 21:09:30 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014/07/31 21:09:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014/07/31 21:08:13 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014/07/31 20:50:30 | 000,000,000 | ---D | C] -- C:\Users\john\Desktop\JavaRa-2.6
[2014/07/31 20:34:04 | 005,566,616 | R--- | C] (Swearware) -- C:\Users\john\Desktop\ComboFix.exe
[2014/07/31 20:15:19 | 029,611,712 | ---- | C] (Microsoft Corporation) -- C:\Users\john\Desktop\Windows-KB890830-x64-V5.14.exe
[2014/07/31 19:53:36 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/07/31 19:53:36 | 000,058,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/07/31 19:53:36 | 000,044,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2014/07/31 19:53:10 | 000,700,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/07/31 19:53:10 | 000,581,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2014/07/31 19:53:10 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/07/31 19:53:10 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2014/07/31 19:53:10 | 000,038,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014/07/31 19:53:10 | 000,036,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2014/07/31 19:52:41 | 000,198,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/07/31 19:52:41 | 000,179,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2014/07/31 19:52:41 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/07/31 19:52:41 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2014/07/30 21:27:37 | 000,609,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2014/07/30 21:23:02 | 031,512,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014/07/30 21:23:02 | 024,196,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014/07/30 21:23:02 | 018,626,304 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2014/07/30 21:23:02 | 016,122,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014/07/30 21:23:02 | 013,922,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014/07/30 21:23:02 | 011,283,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014/07/30 21:23:02 | 000,846,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2014/07/30 21:23:02 | 000,354,016 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2014/07/30 21:23:02 | 000,305,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2014/07/30 21:23:01 | 000,391,640 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
[2014/07/30 21:23:01 | 000,348,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2014/07/30 21:23:01 | 000,166,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2014/07/30 21:23:01 | 000,146,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2014/07/30 21:23:00 | 017,555,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014/07/30 21:23:00 | 001,890,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6434052.dll
[2014/07/30 21:23:00 | 001,539,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6434052.dll
[2014/07/30 21:23:00 | 000,944,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014/07/30 21:23:00 | 000,907,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014/07/30 21:23:00 | 000,903,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014/07/30 21:23:00 | 000,869,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014/07/30 21:23:00 | 000,502,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2014/07/30 21:23:00 | 000,418,760 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2014/07/30 21:22:59 | 013,835,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014/07/30 21:22:59 | 004,247,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014/07/30 21:22:59 | 003,989,960 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014/07/30 21:22:58 | 022,994,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014/07/30 21:22:58 | 015,294,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014/07/30 21:22:58 | 011,222,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014/07/30 17:47:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OMC ModPack Client
[2014/07/22 22:35:58 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Users\john\Desktop\TFC(1).exe
[2014/07/22 22:20:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014/07/20 13:26:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Overwolf
[2014/07/20 13:25:42 | 000,000,000 | ---D | C] -- C:\Users\john\AppData\Local\Overwolf
[2014/07/20 12:09:08 | 000,000,000 | ---D | C] -- C:\Users\john\Documents\OMC ModPack
[2014/07/14 17:48:59 | 000,000,000 | ---D | C] -- C:\Users\john\AppData\Roaming\TS3Client
[2014/07/14 17:48:56 | 000,000,000 | ---D | C] -- C:\Users\john\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2014/07/14 17:48:53 | 000,000,000 | ---D | C] -- C:\Users\john\AppData\Local\TeamSpeak 3 Client
[2014/07/09 04:59:34 | 000,622,552 | ---- | C] (SpeedyFox) -- C:\Users\john\Desktop\speedyfox(1).exe
[2014/07/09 00:40:18 | 000,519,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/07/09 00:40:18 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/07/09 00:40:13 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2014/07/09 00:40:13 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2014/07/09 00:40:12 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/07/09 00:40:12 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/07/09 00:40:05 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2014/07/09 00:39:58 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/07/09 00:39:58 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/07/09 00:39:57 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/07/09 00:39:57 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/07/09 00:39:57 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/07/09 00:39:57 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/07/09 00:39:57 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/07/09 00:39:56 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/07/09 00:39:55 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/07/09 00:39:55 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/07/09 00:39:54 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/07/09 00:39:54 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/07/09 00:39:54 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/07/09 00:39:54 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/07/09 00:39:54 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/07/09 00:39:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/07/09 00:39:53 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/07/09 00:39:53 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/07/09 00:39:52 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/07/09 00:39:52 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/07/09 00:39:51 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/07/09 00:39:51 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/07/09 00:39:51 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/07/09 00:39:51 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/07/09 00:39:51 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/07/09 00:39:50 | 005,721,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/07/09 00:39:50 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/07/09 00:39:50 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/07/09 00:39:50 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/07/09 00:39:50 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/07/09 00:39:49 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/07/09 00:39:49 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/07/09 00:39:49 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/07/09 00:39:48 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/07/09 00:39:48 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/07/09 00:39:41 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/07/05 12:45:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
========== Files - Modified Within 30 Days ==========
[2014/08/01 20:03:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/08/01 20:02:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\john\Desktop\OTL.exe
[2014/08/01 19:17:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/08/01 19:16:32 | 000,013,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/08/01 19:16:32 | 000,013,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/08/01 19:09:08 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/08/01 19:08:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/08/01 19:08:39 | 536,219,647 | -HS- | M] () -- C:\hiberfil.sys
[2014/08/01 17:38:18 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/08/01 16:19:34 | 005,566,616 | R--- | M] (Swearware) -- C:\Users\john\Desktop\ComboFix.exe
[2014/07/31 20:39:45 | 000,380,416 | ---- | M] () -- C:\Users\john\Desktop\geij20be.exe
[2014/07/31 20:21:44 | 002,925,760 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\john\Desktop\procexp.exe
[2014/07/31 20:15:33 | 029,611,712 | ---- | M] (Microsoft Corporation) -- C:\Users\john\Desktop\Windows-KB890830-x64-V5.14.exe
[2014/07/31 20:06:22 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/31 17:36:36 | 000,089,304 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/07/30 21:31:30 | 000,030,374 | ---- | M] () -- C:\Users\john\Documents\cc_20140730_213127.reg
[2014/07/30 20:07:08 | 000,001,624 | ---- | M] () -- C:\Users\Public\Desktop\Uninstall OMC ModPack 0.9.2.lnk
[2014/07/30 20:07:07 | 000,001,127 | ---- | M] () -- C:\Users\Public\Desktop\OMC ModPack Update- ReConfigure.lnk
[2014/07/30 20:07:07 | 000,000,774 | ---- | M] () -- C:\Users\Public\Desktop\World of Tanks 0.9.2.lnk
[2014/07/30 20:07:07 | 000,000,769 | ---- | M] () -- C:\Users\Public\Desktop\World of Tanks Launcher 0.9.2.lnk
[2014/07/25 08:50:29 | 001,291,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2014/07/25 08:50:29 | 001,126,480 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2014/07/25 08:50:11 | 001,715,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2014/07/25 08:50:11 | 001,283,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2014/07/24 05:22:04 | 000,111,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2014/07/24 05:22:01 | 000,321,448 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2014/07/24 05:22:01 | 000,191,400 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2014/07/24 05:22:01 | 000,190,888 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2014/07/24 05:20:44 | 000,000,829 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2014/07/22 22:36:03 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\john\Desktop\TFC(1).exe
[2014/07/22 22:34:40 | 000,003,540 | ---- | M] () -- C:\Users\john\Documents\cc_20140722_223437.reg
[2014/07/22 22:27:58 | 000,305,488 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/07/22 22:20:38 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/07/14 17:48:57 | 000,001,203 | ---- | M] () -- C:\Users\john\Desktop\TeamSpeak 3 Client.lnk
[2014/07/09 04:59:37 | 000,622,552 | ---- | M] (SpeedyFox) -- C:\Users\john\Desktop\speedyfox(1).exe
[2014/07/09 04:03:25 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/07/09 04:03:25 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/07/05 12:45:29 | 000,001,379 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
========== Files Created - No Company Name ==========
[2014/07/31 21:09:30 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014/07/31 21:09:30 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014/07/31 21:09:30 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014/07/31 21:09:30 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014/07/31 21:09:30 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014/07/31 20:39:38 | 000,380,416 | ---- | C] () -- C:\Users\john\Desktop\geij20be.exe
[2014/07/30 21:31:28 | 000,030,374 | ---- | C] () -- C:\Users\john\Documents\cc_20140730_213127.reg
[2014/07/30 21:23:01 | 000,026,353 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2014/07/30 17:57:01 | 000,001,624 | ---- | C] () -- C:\Users\Public\Desktop\Uninstall OMC ModPack 0.9.2.lnk
[2014/07/30 17:57:01 | 000,000,774 | ---- | C] () -- C:\Users\Public\Desktop\World of Tanks 0.9.2.lnk
[2014/07/30 17:57:01 | 000,000,769 | ---- | C] () -- C:\Users\Public\Desktop\World of Tanks Launcher 0.9.2.lnk
[2014/07/22 22:34:39 | 000,003,540 | ---- | C] () -- C:\Users\john\Documents\cc_20140722_223437.reg
[2014/07/22 22:20:38 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/07/22 22:20:37 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/07/22 13:12:15 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/07/22 13:12:13 | 000,000,890 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/07/20 12:43:11 | 000,001,127 | ---- | C] () -- C:\Users\Public\Desktop\OMC ModPack Update- ReConfigure.lnk
[2014/07/14 17:48:57 | 000,001,203 | ---- | C] () -- C:\Users\john\Desktop\TeamSpeak 3 Client.lnk
[2014/07/05 12:45:29 | 000,001,391 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2014/07/05 12:45:29 | 000,001,379 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/10/19 15:59:51 | 000,000,022 | ---- | C] () -- C:\Windows\GPU-Z.INI
[2013/07/14 21:29:11 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2013/07/14 21:29:10 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2012/02/23 20:02:27 | 000,001,112 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/10/27 18:19:04 | 000,000,000 | ---- | C] () -- C:\Users\john\AppData\Roaming\.googlewebacchosts
[2011/06/19 20:31:01 | 000,000,092 | ---- | C] () -- C:\Users\john\AppData\Local\fusioncache.dat
[2011/06/18 20:26:18 | 000,005,078 | ---- | C] () -- C:\ProgramData\bltofzsb.qlf
[2011/06/17 19:56:57 | 000,000,036 | ---- | C] () -- C:\Users\john\AppData\Local\housecall.guid.cache
[2010/12/01 21:23:58 | 000,005,120 | ---- | C] () -- C:\Users\john\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/27 11:01:33 | 000,007,629 | ---- | C] () -- C:\Users\john\AppData\Local\Resmon.ResmonCfg
========== ZeroAccess Check ==========
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 21:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 21:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report >
#3
Posted 02 August 2014 - 03:09 AM
been several hours now,and it seems to have stopped.now that it quit, and i can type freely,i can give some more info.have noticed when it acts up,the borders on what ever window is open blink bright to dim,none of the scans ive ran have shown nothing.it only does this when i reboot computer.it started wensday evening.was logging into my game,at world of tanks,when the computer just shut off for no reason.restarted it,and it wouldnt boot,the puter turned on,as well as the monitor,but didnt do anything.tried several times with the same thing happening.finally shut power off on back of puter and let it sit a few minutes,then it rebooted and worked fine,so i thought.started my game again,and as its loading it would minimize to the task bar,click itand it would open for a few seconds and then minimize again.thats when i decided to look at the task manager and saw all those multiple conhost.exe blinking on and of every few seconds.there would be 2-3 at a time.currently there is only one.also noticed there are 11 svchost.exe running.dont know if thats normal either.so i dont know if i got some weird bug,or an os problem.any help you could give would be appriciated,and thanks in advance.
#4
Posted 04 August 2014 - 07:48 PM
found the problem and fixed it
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users