OTL logfile created on: 12/8/2012 12:50:50 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\a\Desktop\antywir 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.86 Gb Total Physical Memory | 2.26 Gb Available Physical Memory | 58.59% Memory free 7.71 Gb Paging File | 6.04 Gb Available in Paging File | 78.31% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 74.52 Gb Total Space | 46.69 Gb Free Space | 62.66% Space Free | Partition Type: NTFS Drive D: | 202.08 Gb Total Space | 201.98 Gb Free Space | 99.95% Space Free | Partition Type: NTFS Drive E: | 594.99 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Drive F: | 7.53 Gb Total Space | 5.02 Gb Free Space | 66.71% Space Free | Partition Type: NTFS Computer Name: A-PC | User Name: a | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012/12/08 12:47:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\a\Desktop\antywir\OTL.exe PRC - [2010/11/10 21:18:49 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe PRC - [2010/07/02 21:36:26 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe PRC - [2010/06/25 01:50:50 | 006,806,144 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe PRC - [2010/06/09 17:55:54 | 001,080,448 | ---- | M] (asus) -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe PRC - [2010/05/03 22:45:50 | 000,182,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe PRC - [2010/05/03 22:41:46 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe PRC - [2009/12/15 18:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe PRC - [2009/11/02 22:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe PRC - [2009/10/01 03:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2009/10/01 03:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2009/08/12 20:32:56 | 000,365,936 | ---- | M] (Boingo Wireless, Inc.) -- C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe PRC - [2009/07/31 18:38:26 | 000,428,600 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe PRC - [2009/07/31 18:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe PRC - [2009/06/24 20:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe PRC - [2009/06/19 18:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe PRC - [2009/06/19 18:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe PRC - [2009/06/16 01:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe PRC - [2008/12/23 01:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe PRC - [2008/03/31 10:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe PRC - [2007/11/30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2010/11/10 21:15:10 | 000,997,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\758e0ce53c80a7ad7cf76a4910d27762\System.Management.ni.dll MOD - [2010/11/10 20:53:46 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\598a9987f519acb9efe5372a2c556af6\PresentationFramework.Aero.ni.dll MOD - [2010/11/10 20:53:07 | 014,318,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\b090f03193ffab4bc38d14316331ac67\PresentationFramework.ni.dll MOD - [2010/11/10 20:52:48 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\46a97b15da5b620fbb606cb05b6573a3\System.Windows.Forms.ni.dll MOD - [2010/11/10 20:52:40 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\fdeec42fa02f3d789c42be2e33b130eb\System.Drawing.ni.dll MOD - [2010/11/10 20:52:32 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\b7075f4be49affb3dfc655917113dd02\PresentationCore.ni.dll MOD - [2010/11/10 20:52:15 | 003,313,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cd18fe55c106a2776b08ce297afe7f46\WindowsBase.ni.dll MOD - [2010/11/10 20:52:05 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\3060dfcdecbeb8ee65077fb29b217c3d\System.Xml.ni.dll MOD - [2010/11/10 20:51:59 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\f2060a0cf20f2536277761f4e517e906\System.Configuration.ni.dll MOD - [2010/11/10 20:51:57 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\500ddd904b1099f95552a81b54223b7f\System.ni.dll MOD - [2010/11/10 20:51:32 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f58ab951b57c8526430486dcf7ee38fd\mscorlib.ni.dll MOD - [2010/07/02 21:36:26 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe MOD - [2010/02/23 23:14:22 | 000,071,680 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\Brightness.dll MOD - [2010/02/23 23:14:18 | 000,041,472 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\HelpFunc.dll MOD - [2010/02/23 23:14:10 | 000,050,688 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\P4GControl.dll MOD - [2010/02/23 23:12:22 | 000,186,880 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\Resolution.dll MOD - [2010/02/23 23:11:46 | 000,076,288 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\Volume.dll MOD - [2009/11/02 22:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll MOD - [2009/11/02 22:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll MOD - [2007/11/30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2010/06/22 19:20:42 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent) SRV:[b]64bit:[/b] - [2010/01/22 01:01:11 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2009/07/14 01:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2010/11/10 20:56:53 | 000,332,272 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\ProgramData\Partner\Partner.exe -- (Partner Service) SRV - [2009/12/15 18:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2009/10/01 03:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2009/10/01 03:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2009/06/16 01:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService) SRV - [2009/06/10 21:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008/03/31 10:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2010/11/10 21:18:46 | 000,035,384 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\AsDsm.sys -- (AsDsm) DRV:[b]64bit:[/b] - [2010/11/10 21:13:07 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2010/06/08 02:33:13 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2010/04/13 10:15:03 | 000,135,560 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:[b]64bit:[/b] - [2010/03/02 08:45:23 | 001,594,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b]64bit:[/b] - [2010/02/25 03:26:57 | 000,115,312 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\JME.sys -- (JME) DRV:[b]64bit:[/b] - [2010/01/22 01:13:23 | 006,233,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2010/01/22 00:07:55 | 000,161,280 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2009/10/30 02:50:03 | 000,704,512 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService) DRV:[b]64bit:[/b] - [2009/09/30 01:34:31 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:[b]64bit:[/b] - [2009/09/17 20:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) DRV:[b]64bit:[/b] - [2009/08/20 02:41:37 | 001,800,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) DRV:[b]64bit:[/b] - [2009/08/18 08:23:31 | 000,143,472 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR) DRV:[b]64bit:[/b] - [2009/07/20 09:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr) DRV:[b]64bit:[/b] - [2009/07/14 01:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2009/07/14 01:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2009/07/14 01:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009/07/14 01:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009/07/14 01:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009/07/14 01:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2009/07/14 01:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009/06/18 20:18:10 | 000,015,928 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\lullaby.sys -- (lullaby) DRV:[b]64bit:[/b] - [2009/06/10 20:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH) DRV:[b]64bit:[/b] - [2009/06/10 20:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009/06/10 20:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009/06/10 20:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009/06/10 20:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009/05/13 17:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor) DRV:[b]64bit:[/b] - [2008/12/08 17:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:[b]64bit:[/b] - [2008/05/24 01:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV - [2009/07/14 01:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009/07/03 01:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-812998181-200016699-3053964449-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com IE - HKU\S-1-5-21-812998181-200016699-3053964449-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com IE - HKU\S-1-5-21-812998181-200016699-3053964449-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\2.0.31005.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) O1 HOSTS File: ([2009/06/10 21:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) O2:[b]64bit:[/b] - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll (Google Inc.) O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:[b]64bit:[/b] - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe () O4:[b]64bit:[/b] - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.) O4:[b]64bit:[/b] - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found O4:[b]64bit:[/b] - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe () O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [Boingo Wi-Fi] C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk () O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe () O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4C62EB50-D274-4376-BA24-6C8EFD05D629}: DhcpNameServer = 192.168.1.1 O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012/11/07 00:00:00 | 000,000,128 | R--- | M] () - E:\autorun.inf -- [ CDFS ] O32 - AutoRun File - [2012/11/28 18:01:47 | 000,000,043 | ---- | M] () - F:\autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012/12/08 12:49:04 | 000,000,000 | ---D | C] -- C:\Users\a\Desktop\antywir [2012/12/08 12:21:38 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\log [2012/12/07 20:28:25 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2012/12/07 12:42:06 | 000,000,000 | ---D | C] -- C:\Users\a\Documents\ASUS WebStorage [2012/12/07 12:42:06 | 000,000,000 | ---D | C] -- C:\Users\a\AppData\Roaming\Asus WebStorage [2012/12/07 12:41:54 | 000,000,000 | ---D | C] -- C:\Users\a\AppData\Local\SRS Labs [2012/12/07 12:41:54 | 000,000,000 | ---D | C] -- C:\Users\a\AppData\Roaming\ATI [2012/12/07 12:41:54 | 000,000,000 | ---D | C] -- C:\Users\a\AppData\Local\ATI [2012/12/07 12:40:42 | 000,000,000 | R--D | C] -- C:\Users\a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012/12/07 12:40:42 | 000,000,000 | R--D | C] -- C:\Users\a\Searches [2012/12/07 12:40:42 | 000,000,000 | R--D | C] -- C:\Users\a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012/12/07 12:40:42 | 000,000,000 | -H-D | C] -- C:\Users\a\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned [2012/12/07 12:40:31 | 000,000,000 | ---D | C] -- C:\Users\a\AppData\Roaming\Identities [2012/12/07 12:40:11 | 000,000,000 | R--D | C] -- C:\Users\a\Contacts [2012/12/07 12:39:53 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\eBay [2012/12/07 12:37:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2012/12/07 12:37:21 | 000,061,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys [2012/12/07 12:37:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2012/12/07 12:37:20 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live [2012/12/07 12:36:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework [2012/12/07 12:36:14 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll [2012/12/07 12:36:14 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll [2012/12/07 12:36:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition [2012/12/07 12:35:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft [2012/12/07 12:35:11 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2012/12/07 12:34:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive [2012/12/07 12:34:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live [2012/12/07 12:34:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live [2012/12/07 12:34:25 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012/12/07 12:32:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live [2012/12/07 12:32:47 | 000,000,000 | ---D | C] -- C:\Users\a\AppData\Local\Power2Go [2012/12/07 12:32:42 | 000,000,000 | ---D | C] -- C:\Users\a\AppData\Local\VirtualStore [2012/12/07 12:31:57 | 000,000,000 | -H-D | C] -- C:\ASUS.DAT [2012/12/07 12:31:26 | 000,000,000 | --SD | C] -- C:\Users\a\AppData\Roaming\Microsoft [2012/12/07 12:31:26 | 000,000,000 | R--D | C] -- C:\Users\a\Videos [2012/12/07 12:31:26 | 000,000,000 | R--D | C] -- C:\Users\a\Saved Games [2012/12/07 12:31:26 | 000,000,000 | R--D | C] -- C:\Users\a\Pictures [2012/12/07 12:31:26 | 000,000,000 | R--D | C] -- C:\Users\a\Music [2012/12/07 12:31:26 | 000,000,000 | R--D | C] -- C:\Users\a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012/12/07 12:31:26 | 000,000,000 | R--D | C] -- C:\Users\a\Links [2012/12/07 12:31:26 | 000,000,000 | R--D | C] -- C:\Users\a\Favorites [2012/12/07 12:31:26 | 000,000,000 | R--D | C] -- C:\Users\a\Downloads [2012/12/07 12:31:26 | 000,000,000 | R--D | C] -- C:\Users\a\Documents [2012/12/07 12:31:26 | 000,000,000 | R--D | C] -- C:\Users\a\Desktop [2012/12/07 12:31:26 | 000,000,000 | R--D | C] -- C:\Users\a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012/12/07 12:31:26 | 000,000,000 | -HSD | C] -- C:\Users\a\AppData\Local\Temporary Internet Files [2012/12/07 12:31:26 | 000,000,000 | -HSD | C] -- C:\Users\a\Templates [2012/12/07 12:31:26 | 000,000,000 | -HSD | C] -- C:\Users\a\Start Menu [2012/12/07 12:31:26 | 000,000,000 | -HSD | C] -- C:\Users\a\SendTo [2012/12/07 12:31:26 | 000,000,000 | -HSD | C] -- C:\Users\a\Recent [2012/12/07 12:31:26 | 000,000,000 | -HSD | C] -- C:\Users\a\PrintHood [2012/12/07 12:31:26 | 000,000,000 | -HSD | C] -- C:\Users\a\NetHood [2012/12/07 12:31:26 | 000,000,000 | -HSD | C] -- C:\Users\a\Documents\My Videos [2012/12/07 12:31:26 | 000,000,000 | -HSD | C] -- C:\Users\a\Documents\My Pictures [2012/12/07 12:31:26 | 000,000,000 | -HSD | C] -- C:\Users\a\Documents\My Music [2012/12/07 12:31:26 | 000,000,000 | -HSD | C] -- C:\Users\a\My Documents [2012/12/07 12:31:26 | 000,000,000 | -HSD | C] -- C:\Users\a\Local Settings [2012/12/07 12:31:26 | 000,000,000 | -HSD | C] -- C:\Users\a\AppData\Local\History [2012/12/07 12:31:26 | 000,000,000 | -HSD | C] -- C:\Users\a\Cookies [2012/12/07 12:31:26 | 000,000,000 | -HSD | C] -- C:\Users\a\Application Data [2012/12/07 12:31:26 | 000,000,000 | -HSD | C] -- C:\Users\a\AppData\Local\Application Data [2012/12/07 12:31:26 | 000,000,000 | -H-D | C] -- C:\Users\a\AppData [2012/12/07 12:31:26 | 000,000,000 | ---D | C] -- C:\Users\a\AppData\Local\Temp [2012/12/07 12:31:26 | 000,000,000 | ---D | C] -- C:\Users\a\AppData\Local\Microsoft [2012/12/07 12:31:26 | 000,000,000 | ---D | C] -- C:\Users\a\AppData\Roaming\Media Center Programs [2012/12/07 12:31:26 | 000,000,000 | ---D | C] -- C:\Users\a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite [2012/12/07 12:31:20 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2012/12/07 12:31:20 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2012/12/07 12:31:20 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2012/12/07 12:31:00 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2012/12/07 12:31:00 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2012/12/07 12:31:00 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2012/12/07 12:30:51 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2012/12/07 12:30:51 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2008/08/12 05:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012/12/08 12:51:09 | 007,024,528 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/12/08 12:51:09 | 000,693,124 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2012/12/08 12:51:09 | 000,692,170 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat [2012/12/08 12:51:09 | 000,689,526 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat [2012/12/08 12:51:09 | 000,688,180 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat [2012/12/08 12:51:09 | 000,678,254 | ---- | M] () -- C:\Windows\SysNative\prfh0816.dat [2012/12/08 12:51:09 | 000,641,706 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012/12/08 12:51:09 | 000,615,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/12/08 12:51:09 | 000,549,322 | ---- | M] () -- C:\Windows\SysNative\perfh008.dat [2012/12/08 12:51:09 | 000,386,918 | ---- | M] () -- C:\Windows\SysNative\prfh0404.dat [2012/12/08 12:51:09 | 000,354,844 | ---- | M] () -- C:\Windows\SysNative\perfh00D.dat [2012/12/08 12:51:09 | 000,133,838 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat [2012/12/08 12:51:09 | 000,130,720 | ---- | M] () -- C:\Windows\SysNative\prfc0816.dat [2012/12/08 12:51:09 | 000,129,742 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat [2012/12/08 12:51:09 | 000,127,204 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2012/12/08 12:51:09 | 000,126,062 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012/12/08 12:51:09 | 000,124,140 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat [2012/12/08 12:51:09 | 000,103,702 | ---- | M] () -- C:\Windows\SysNative\prfc0404.dat [2012/12/08 12:51:09 | 000,103,702 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/12/08 12:51:09 | 000,086,054 | ---- | M] () -- C:\Windows\SysNative\perfc008.dat [2012/12/08 12:51:09 | 000,066,408 | ---- | M] () -- C:\Windows\SysNative\perfc00D.dat [2012/12/08 12:40:47 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/12/08 12:40:47 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/12/08 12:39:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/12/08 12:39:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/12/08 12:33:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/12/08 12:33:24 | 3105,259,520 | -HS- | M] () -- C:\hiberfil.sys [2012/12/08 12:28:32 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfud.bin [2012/12/08 12:28:24 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfss.bin [2012/12/08 12:24:45 | 000,001,115 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini [2012/12/08 12:24:05 | 000,000,080 | ---- | M] () -- C:\Windows\SysNative\Defrag.ini [2012/12/07 20:29:36 | 000,039,252 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2012/12/07 20:29:36 | 000,039,252 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2012/12/07 12:32:40 | 000,001,618 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012/12/07 20:28:18 | 3105,259,520 | -HS- | C] () -- C:\hiberfil.sys [2012/12/07 12:41:39 | 000,001,411 | ---- | C] () -- C:\Users\a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2012/12/07 12:40:56 | 000,001,445 | ---- | C] () -- C:\Users\a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012/12/07 12:39:53 | 000,000,392 | ---- | C] () -- C:\Users\Public\Desktop\eBay.lnk [2012/12/07 12:31:26 | 000,002,176 | ---- | C] () -- C:\Users\a\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2012/12/07 12:31:26 | 000,000,290 | ---- | C] () -- C:\Users\a\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk [2012/12/07 12:31:26 | 000,000,272 | ---- | C] () -- C:\Users\a\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk [2010/11/10 20:59:45 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe [2009/04/08 18:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll [2008/05/22 16:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg [color=#E56717]========== ZeroAccess Check ==========[/color] [2009/07/14 04:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2010/11/10 21:31:37 | 014,162,944 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2010/11/10 21:31:37 | 012,867,584 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 01:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 01:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 01:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2012/12/08 12:49:00 | 000,000,000 | ---D | M] -- C:\Users\a\AppData\Roaming\Asus WebStorage [color=#E56717]========== Purity Check ==========[/color] < End of report >