Page 3 of 3 FirstFirst
1
2
3
  1. #41
    Quote Originally Posted by wildrooster27 View Post
    how do I check if wow is running in 64 bit??
    Open the Launcher -> Options->Game Preferences-> Uncheck "Launch 32-bit client"

    While in there, also try swapping graphics API to DX9 and see if it has an effect.
    Last edited by Goldfingaz; 2013-02-15 at 04:04 AM.

  2. #42
    Stood in the Fire slasher0161's Avatar
    Join Date
    May 2010
    Location
    North QLD, Australia
    Posts
    425
    Has anyone considered here the same thing I thought of, "Everything maxed but view distance", lower shadow details and see what happens they rape machines for minimal at best graphical improvement (If your worried about them your likely to have a rig equally as enthusiast level that can take it).

  3. #43
    The Patient wildrooster27's Avatar
    Join Date
    Jun 2009
    Location
    Bonney Lake, WA
    Posts
    316
    Quote Originally Posted by wildrooster27 View Post
    I used 2 cans of air on my latop, there isnt a spec of dust left in nor on it. Shadows went from high to low and SSAO is off. Still same issue..

    All settings on high (minus the 2 above) and I am getting 20ish FPS.
    Same settings cept set View distance to low and I get 60+.
    I set view distance to fair and its like 24FPS.

    I am very mad. All I did was upgrade from Cata to MOP. *Angry Fist*

    EDIT:
    What is the best spyware scanner/cleaner to use now-a-days?
    I changed some settings but still same problem.
    "I don't agree with you on that, I'm going to have to check Google." -Martin, Role Models.

  4. #44
    Brewmaster Bristae's Avatar
    Join Date
    Aug 2011
    Location
    Ridgecrest, CA
    Posts
    1,261
    I had a family member have the SAME exact issue happen with her computer and WoW installation. I checked EVERYTHING. Ended up using ComboFix and found she had accidently picked up a rootkit somewhere and that what was causing her issues. Combofix killed and removed the rootkit and she was fine again.

    Give that a shot.
    Fanboy (Fanboi):
    1. A term used towards someone when a person disagrees with the said someone on a subject, person, place, thing, company, or product line and they are not smart enough to debate their counterpoints or facts, so they resort to childish name calling in hopes of shaming others into silence and thus them winning through dominance.* 2. A term used as a taunt/peer pressure technique to shape popular opinion through shame and humiliation.

  5. #45
    Pandaren Monk schwank05's Avatar
    Join Date
    Feb 2012
    Location
    Sanborn, MN
    Posts
    1,751
    I am guessing it is one of 2 things either you were logged on during non peak hours last night and your server is a its peak when you logged on today. Or one of your add-ons is messing it all up. It could also be your MOP install, I have had to delete Wow and totally re-install a few times before.

  6. #46
    The Patient wildrooster27's Avatar
    Join Date
    Jun 2009
    Location
    Bonney Lake, WA
    Posts
    316
    Quote Originally Posted by schwank05 View Post
    I am guessing it is one of 2 things either you were logged on during non peak hours last night and your server is a its peak when you logged on today. Or one of your add-ons is messing it all up. It could also be your MOP install, I have had to delete Wow and totally re-install a few times before.
    YOu must not of read all my posts, no addons and I did that reinstall already

    ---------- Post added 2013-02-19 at 07:30 PM ----------

    Quote Originally Posted by Bristae View Post
    I had a family member have the SAME exact issue happen with her computer and WoW installation. I checked EVERYTHING. Ended up using ComboFix and found she had accidently picked up a rootkit somewhere and that what was causing her issues. Combofix killed and removed the rootkit and she was fine again.

    Give that a shot.
    I downloaded that program. I ran it and this came up... any idea how to read this:

    ComboFix 13-02-18.02 - Rooster 013-Feb-19 8:59.1.8 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8181.5769 [GMT -8:00]
    Running from: c:\users\Rooster\Downloads\ComboFix.exe
    AV: Symantec Endpoint Protection *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
    FW: Symantec Endpoint Protection *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
    SP: Symantec Endpoint Protection *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Created a new restore point
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    C:\install.exe
    c:\windows\security\Database\tmp.edb
    .
    .
    ((((((((((((((((((((((((( Files Created from 2013-01-19 to 2013-02-19 )))))))))))))))))))))))))))))))
    .
    .
    2013-02-19 17:10 . 2013-02-19 17:10 -------- d-----w- c:\users\Default\AppData\Local\temp
    2013-02-15 03:20 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
    2013-02-15 03:20 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
    2013-02-15 03:20 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
    2013-02-15 03:20 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
    2013-02-15 03:13 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
    2013-02-15 03:13 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
    2013-02-15 03:00 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
    2013-02-15 03:00 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
    2013-02-15 03:00 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
    2013-02-15 03:00 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
    2013-02-15 02:58 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
    2013-02-15 02:58 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
    2013-02-15 02:57 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
    2013-02-15 02:57 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
    2013-02-15 02:57 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
    2013-02-15 02:57 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
    2013-02-15 02:57 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
    2013-02-15 02:52 . 2013-01-09 01:07 816640 ----a-w- c:\windows\system32\jscript.dll
    2013-02-15 02:52 . 2013-01-09 01:07 599040 ----a-w- c:\windows\system32\vbscript.dll
    2013-02-15 02:52 . 2013-01-09 01:05 2147840 ----a-w- c:\windows\system32\iertutil.dll
    2013-02-15 02:52 . 2013-01-08 22:04 387584 ----a-w- c:\program files (x86)\Internet Explorer\jsdbgui.dll
    2013-02-15 02:52 . 2013-01-09 01:13 499200 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll
    2013-02-15 02:52 . 2013-01-08 22:05 678912 ----a-w- c:\program files (x86)\Internet Explorer\iedvtool.dll
    2013-02-15 02:52 . 2013-01-09 01:14 887808 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
    2013-02-15 02:52 . 2013-01-09 01:48 17812992 ----a-w- c:\windows\system32\mshtml.dll
    2013-02-15 02:52 . 2013-01-09 01:22 10925568 ----a-w- c:\windows\system32\ieframe.dll
    2013-02-15 02:35 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
    2013-02-15 02:35 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
    2013-02-15 02:35 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
    2013-02-15 02:35 . 2012-11-09 05:45 750592 ----a-w- c:\windows\system32\win32spl.dll
    2013-02-15 02:35 . 2012-11-09 04:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
    2013-02-15 02:34 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
    2013-02-15 02:34 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
    2013-02-15 02:34 . 2012-10-09 17:40 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
    2013-02-15 02:34 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
    2013-02-15 02:31 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
    2013-02-15 02:31 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
    2013-02-15 02:31 . 2012-11-20 05:48 307200 ----a-w- c:\windows\system32\ncrypt.dll
    2013-02-15 02:31 . 2012-11-20 04:51 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
    2013-02-15 02:31 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
    2013-02-15 02:31 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
    2013-02-15 02:31 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
    2013-02-15 02:31 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
    2013-02-15 02:31 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
    2013-02-15 02:31 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
    2013-02-15 02:27 . 2012-11-30 05:41 424448 ----a-w- c:\windows\system32\KernelBase.dll
    2013-02-15 02:26 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
    2013-02-15 02:26 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
    2013-02-15 02:26 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
    2013-02-15 01:50 . 2013-02-15 02:16 -------- d-----w- c:\users\Rooster\AppData\Roaming\Sammsoft
    2013-02-15 01:30 . 2013-02-15 02:13 -------- d-----w- c:\program files (x86)\ARO 2012
    2013-02-14 15:21 . 2013-02-19 06:49 -------- d-----w- c:\program files (x86)\World of Warcraft
    2013-02-14 05:45 . 2013-02-14 17:13 -------- d-----w- c:\program files\CPUID
    2013-02-13 20:59 . 2013-02-13 20:59 -------- d-----w- c:\users\Rooster\AppData\Local\SwvUpdater
    2013-02-13 20:59 . 2013-02-13 20:59 -------- d-----w- c:\program files (x86)\Conduit
    2013-02-13 20:59 . 2013-02-13 21:06 -------- d-----w- c:\users\Rooster\AppData\Local\Conduit
    2013-02-13 20:58 . 2013-02-13 20:58 -------- d-----w- c:\users\Rooster\AppData\Local\CRE
    2013-02-13 20:52 . 2013-02-13 20:52 -------- d-----w- c:\programdata\ATI
    2013-02-13 20:33 . 2013-02-13 20:33 -------- d-----w- c:\programdata\AMD
    2013-02-13 20:33 . 2013-02-13 20:33 -------- d-----w- c:\program files (x86)\AMD AVT
    2013-02-13 20:33 . 2013-02-13 20:33 -------- d-----w- c:\program files (x86)\AMD APP
    2013-02-13 20:33 . 2013-02-13 20:33 -------- d-----w- c:\program files\Common Files\ATI Technologies
    2013-02-13 20:33 . 2013-02-13 20:33 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
    2013-02-13 20:24 . 2013-02-13 20:26 -------- d-----w- C:\AMD
    2013-01-30 17:51 . 2013-01-12 11:30 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
    2013-01-28 16:50 . 2013-01-28 16:50 -------- d-----w- c:\program files (x86)\Common Files\Skype
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2013-02-12 17:04 . 2012-05-26 06:39 697712 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2013-02-12 17:04 . 2011-08-23 11:19 74096 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-02-05 06:49 . 2010-08-17 14:11 70004024 ----a-w- c:\windows\system32\MRT.exe
    2013-01-04 04:43 . 2013-02-15 02:31 44032 ----a-w- c:\windows\apppatch\acwow64.dll
    2012-12-19 23:45 . 2012-12-19 23:45 222720 ----a-w- c:\windows\system32\clinfo.exe
    2012-12-19 23:44 . 2012-12-19 23:44 76288 ----a-w- c:\windows\system32\OpenVideo64.dll
    2012-12-19 23:44 . 2012-12-19 23:44 65536 ----a-w- c:\windows\SysWow64\OpenVideo.dll
    2012-12-19 23:44 . 2012-12-19 23:44 64000 ----a-w- c:\windows\system32\OVDecode64.dll
    2012-12-19 23:44 . 2012-12-19 23:44 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
    2012-12-19 23:44 . 2012-12-19 23:44 34518016 ----a-w- c:\windows\system32\amdocl64.dll
    2012-12-19 23:38 . 2012-12-19 23:38 28732928 ----a-w- c:\windows\SysWow64\amdocl.dll
    2012-12-19 23:34 . 2012-12-19 23:34 54784 ----a-w- c:\windows\system32\OpenCL.dll
    2012-12-19 23:34 . 2012-12-19 23:34 50176 ----a-w- c:\windows\SysWow64\OpenCL.dll
    2012-12-19 20:50 . 2010-06-24 16:32 5630200 ----a-w- c:\windows\SysWow64\atiumdag.dll
    2012-12-19 20:48 . 2012-12-19 20:48 11278336 ----a-w- c:\windows\system32\drivers\atikmdag.sys
    2012-12-19 20:29 . 2012-12-19 20:29 23461376 ----a-w- c:\windows\system32\atio6axx.dll
    2012-12-19 20:22 . 2012-12-19 20:22 70144 ----a-w- c:\windows\system32\coinst_9.012.dll
    2012-12-19 20:19 . 2012-12-19 20:19 163840 ----a-w- c:\windows\system32\atiapfxx.exe
    2012-12-19 20:18 . 2012-12-19 20:18 51200 ----a-w- c:\windows\system32\aticalrt64.dll
    2012-12-19 20:18 . 2012-12-19 20:18 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
    2012-12-19 20:17 . 2012-12-19 20:17 44544 ----a-w- c:\windows\system32\aticalcl64.dll
    2012-12-19 20:17 . 2012-12-19 20:17 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
    2012-12-19 20:17 . 2012-12-19 20:17 16082944 ----a-w- c:\windows\system32\aticaldd64.dll
    2012-12-19 20:13 . 2012-12-19 20:13 13703168 ----a-w- c:\windows\SysWow64\aticaldd.dll
    2012-12-19 20:12 . 2012-12-19 20:12 18982400 ----a-w- c:\windows\SysWow64\atioglxx.dll
    2012-12-19 20:09 . 2010-10-29 05:22 960512 ----a-w- c:\windows\SysWow64\aticfx32.dll
    2012-12-19 20:08 . 2010-10-29 05:22 1151488 ----a-w- c:\windows\system32\aticfx64.dll
    2012-12-19 20:06 . 2010-10-29 05:22 6681088 ----a-w- c:\windows\SysWow64\atidxx32.dll
    2012-12-19 19:59 . 2010-06-24 16:32 5087744 ----a-w- c:\windows\system32\atiumd6a.dll
    2012-12-19 19:57 . 2012-12-19 19:57 442368 ----a-w- c:\windows\system32\atidemgy.dll
    2012-12-19 19:56 . 2012-12-19 19:56 550912 ----a-w- c:\windows\system32\atieclxx.exe
    2012-12-19 19:56 . 2012-12-19 19:56 240640 ----a-w- c:\windows\system32\atiesrxx.exe
    2012-12-19 19:54 . 2012-12-19 19:54 120320 ----a-w- c:\windows\system32\atitmm64.dll
    2012-12-19 19:54 . 2012-12-19 19:54 21504 ----a-w- c:\windows\system32\atimuixx.dll
    2012-12-19 19:54 . 2012-12-19 19:54 59392 ----a-w- c:\windows\system32\atiedu64.dll
    2012-12-19 19:54 . 2012-12-19 19:54 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
    2012-12-19 19:49 . 2010-06-24 16:32 7370752 ----a-w- c:\windows\system32\atidxx64.dll
    2012-12-19 19:44 . 2010-06-24 16:32 4162048 ----a-w- c:\windows\SysWow64\atiumdva.dll
    2012-12-19 19:44 . 2010-06-24 16:32 6786560 ----a-w- c:\windows\system32\atiumd64.dll
    2012-12-19 19:33 . 2012-12-19 19:33 56320 ----a-w- c:\windows\system32\atimpc64.dll
    2012-12-19 19:33 . 2012-12-19 19:33 56320 ----a-w- c:\windows\system32\amdpcom64.dll
    2012-12-19 19:33 . 2012-12-19 19:33 619008 ----a-w- c:\windows\system32\atiadlxx.dll
    2012-12-19 19:33 . 2012-12-19 19:33 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll
    2012-12-19 19:33 . 2012-12-19 19:33 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll
    2012-12-19 19:33 . 2012-12-19 19:33 421888 ----a-w- c:\windows\SysWow64\atiadlxy.dll
    2012-12-19 19:33 . 2012-12-19 19:33 17920 ----a-w- c:\windows\system32\atig6pxx.dll
    2012-12-19 19:33 . 2012-12-19 19:33 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
    2012-12-19 19:33 . 2012-12-19 19:33 14848 ----a-w- c:\windows\system32\atiglpxx.dll
    2012-12-19 19:33 . 2012-12-19 19:33 41984 ----a-w- c:\windows\system32\atig6txx.dll
    2012-12-19 19:33 . 2012-12-19 19:33 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
    2012-12-19 19:32 . 2012-12-19 19:32 552960 ----a-w- c:\windows\system32\drivers\atikmpag.sys
    2012-12-19 19:31 . 2010-10-29 05:22 130048 ----a-w- c:\windows\system32\atiuxp64.dll
    2012-12-19 19:31 . 2010-10-29 05:22 109568 ----a-w- c:\windows\SysWow64\atiuxpag.dll
    2012-12-19 19:31 . 2010-10-29 05:22 104448 ----a-w- c:\windows\system32\atiu9p64.dll
    2012-12-19 19:30 . 2010-10-29 05:22 83968 ----a-w- c:\windows\SysWow64\atiu9pag.dll
    2012-12-19 19:30 . 2012-12-19 19:30 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
    2012-12-11 19:19 . 2012-12-11 19:19 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
    2012-12-11 19:19 . 2010-07-30 00:04 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
    "Facebook Update"="c:\users\Rooster\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-09-13 138096]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "OSD_LAUNCH"="c:\program files (x86)\OSD\Launch.exe" [2010-01-05 32768]
    "FATrayAlert"="c:\program files\Alienware\Command Center\AlienSense\FATrayMon.exe" [2010-04-04 95560]
    "BDRegion"="c:\program files (x86)\Cyberlink\Shared Files\brs.exe" [2009-04-28 75048]
    "UCam_Menu"="c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-02-18 218408]
    "ccApp"="c:\program files (x86)\Common Files\Symantec Shared\ccApp.exe" [2010-01-25 115560]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
    "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-12-19 41208]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
    "RemoteControl8"="c:\program files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" [2009-04-16 91432]
    "PDVD8LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD8\Language\Language.exe" [2009-04-16 50472]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
    "Launcher"="c:\program files (x86)\AlienRespawn\Components\Scheduler\Launcher.exe" [2011-01-13 165184]
    .
    c:\users\Rooster\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    CurseClientStartup.ccip [2013-2-14 0]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-8-17 1080096]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\FastAccess]
    2010-04-04 18:43 144712 ----a-w- c:\program files\Alienware\Command Center\AlienSense\FALogNot.dll
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Notification Packages REG_MULTI_SZ scecli FAPassSync
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001
    .
    R2 AlienFusionService;Alienware Fusion Service;c:\program files\Alienware\Command Center\AlienFusionService.exe [2010-05-21 14648]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 HappyOSD;HappyOSD;c:\program files (x86)\OSD\OSD_Service.exe [2010-01-04 16384]
    R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-01-31 3289208]
    R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
    R3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
    R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
    R3 FACAP;facap, FastAccess Video Capture;c:\windows\system32\DRIVERS\facap.sys [2008-09-25 238848]
    R3 GKUPRO2D;GKUPRO2D;c:\windows\system32\Drivers\GKUPRO2D.sys [2005-02-18 120704]
    R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
    R3 IAMTVE;Driver for Intel(R) Active Management Technology - KCS;c:\windows\system32\DRIVERS\IAMTVE.sys [2007-04-11 43416]
    R3 IAMTXPE;Driver for Intel(R) Active Management Technology - KCS;c:\windows\system32\DRIVERS\IAMTXPE.sys [2007-04-11 51096]
    R3 ioatdma1;ioatdma1;c:\windows\System32\Drivers\qd162x64.sys [2009-07-13 40144]
    R3 ioatdma2;Intel(R) QuickData Technology device ver.2;c:\windows\System32\Drivers\qd262x64.sys [2009-07-13 42192]
    R3 iSSetup;iSSetup;c:\windows\system32\DRIVERS\iSSetup.sys [2009-10-13 178400]
    R3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtl8187.sys [2010-01-07 448512]
    R3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187.sys [2010-01-07 448512]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2010-09-28 51712]
    R3 VaneFltr;Lachesis Mouse Driver;c:\windows\system32\drivers\Lachesis.sys [2007-08-17 30336]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-03 1255736]
    R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464]
    S0 ioatdma;Intel(R) QuickData Technology device;c:\windows\System32\Drivers\ioatdma.sys [2009-07-13 46792]
    S2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};Power Control [2010/07/29 19:28];c:\program files (x86)\CyberLink\PowerDVD8\000.fcl [2009-04-16 04:28 146928]
    S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_056607ee0 106e5e8\AESTSr64.exe [2009-03-02 89600]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-12-19 240640]
    S2 FAService;FAService;c:\program files\Alienware\Command Center\AlienSense\FAService.exe [2010-04-04 2409800]
    S2 SftService;SoftThinks Agent Service;c:\program files (x86)\AlienRespawn\sftservice.EXE [2011-01-13 705856]
    S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Acceler.sys [2009-12-02 25136]
    S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
    S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-05-18 47616]
    S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys [2009-12-10 294064]
    S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-15 138912]
    S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
    S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\OSD\WinRing0x64.sys [2008-07-26 14544]
    .
    .
    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - WINRING0_1_2_0
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2013-02-19 c:\windows\Tasks\AmiUpdXp.job
    - c:\users\Rooster\AppData\Local\SwvUpdater\Updater.exe [2013-02-13 20:56]
    .
    2013-02-19 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-473968919-1270870001-2859423357-1000Core.job
    - c:\users\Rooster\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-12 06:25]
    .
    2013-02-19 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-473968919-1270870001-2859423357-1000UA.job
    - c:\users\Rooster\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-12 06:25]
    .
    2013-02-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-473968919-1270870001-2859423357-1000Core.job
    - c:\users\Rooster\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-29 17:45]
    .
    2013-02-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-473968919-1270870001-2859423357-1000UA.job
    - c:\users\Rooster\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-29 17:45]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-09-15 487424]
    "IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-10-13 186904]
    "AlienFX Controller"="c:\program files\Alienware\Command Center\AlienwareAlienFXController.exe" [2010-05-21 63304]
    "Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2009-12-16 5470208]
    "itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1873256]
    "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://search.conduit.com?SearchSource=10&CUI=UN67118102816610489&ctid=CT3281023
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyServer = 74.77.51.169:1139
    uInternet Settings,ProxyOverride = *.local;<local>
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    Trusted Zone: clonewarsadventures.com
    Trusted Zone: dell.com
    Trusted Zone: freerealms.com
    Trusted Zone: soe.com
    Trusted Zone: sony.com
    TCP: DhcpNameServer = 192.168.2.1
    FF - ProfilePath - c:\users\Rooster\AppData\Roaming\Mozilla\Firefox\Profiles\0z2ygryq.default\
    FF - prefs.js: browser.search.selectedEngine - WhiteSmoke B Customized Web Search
    FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
    FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3281023&SearchSource=2&CUI=UN13784956511813423&UM=UM_ID&q=
    FF - prefs.js: network.proxy.type - 0
    FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Toolbar-Locked - (no file)
    Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
    Wow6432Node-HKCU-Run-Akamai NetSession Interface - c:\users\Rooster\AppData\Local\Akamai\netsession_win.exe
    Wow6432Node-HKLM-Run-FAStartup - (no file)
    SafeBoot-Symantec Antvirus
    BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - (no file)
    Toolbar-Locked - (no file)
    HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
    AddRemove-Fallout Tactics - c:\program files (x86)\GOG.com\Fallout Tactics\unins000.exe
    AddRemove-{8C3727F2-8E37-49E4-820C-03B1677F53B6} - c:\program files (x86)\GOG.com\Stronghold Crusader\unins000.exe
    .
    .
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
    "ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD8\000.fcl"
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\S-1-5-21-473968919-1270870001-2859423357-1000\Software\SecuROM\License information*]
    "datasecu"=hex:a8,b6,f0,80,bc,c5,ce,b2,d2,58,a0,80,85,9e,66,85,2f,0a,cf,79,c1,
    dc,2b,eb,d1,4f,aa,c3,4f,25,27,c9,2b,cf,0d,1b,49,d3,4a,27,5a,d2,c6,63,41,17,\
    "rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2013-02-19 09:13:19
    ComboFix-quarantined-files.txt 2013-02-19 17:13
    .
    Pre-Run: 44,046,790,656 bytes free
    Post-Run: 43,935,305,728 bytes free
    .
    - - End Of File - - 8BAAE980D5C0029224A0E1A2885C0BDB
    "I don't agree with you on that, I'm going to have to check Google." -Martin, Role Models.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •