Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

I need help!

Started by SoullessZ , Aug 04 2012 10:52 AM

  • This topic is locked This topic is locked

#31
SoullessZ
Posted 15 August 2012 - 03:20 PM

SoullessZ

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
I did everything you told me to do on OTL.
I got no extra.txt


OTL logfile created on: 8/15/2012 10:14:27 PM - Run 4
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Neox\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19272)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 0.98 Gb Available Physical Memory | 30.24% Memory free
6.73 Gb Paging File | 3.67 Gb Available in Paging File | 54.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 79.50 Gb Free Space | 34.14% Space Free | Partition Type: NTFS
Drive D: | 124.45 Gb Total Space | 56.18 Gb Free Space | 45.14% Space Free | Partition Type: NTFS
Drive E: | 19.53 Gb Total Space | 3.99 Gb Free Space | 20.44% Space Free | Partition Type: NTFS
Drive F: | 5.07 Gb Total Space | 0.91 Gb Free Space | 17.90% Space Free | Partition Type: NTFS

Computer Name: NEOX-PC | User Name: Neox | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found
PRC - C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
PRC - D:\Program Files\StarCraft II\Versions\Base22612\SC2.exe (Blizzard Entertainment, Inc.)
PRC - C:\Users\Neox\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\LOLReplay\LOLRecorder.exe (LOL Replay)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Users\Neox\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\Codebox\BitMeter\BitMeter2.exe ( )
PRC - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\NETGEAR\WG111v3\WG111v3.exe ()
PRC - C:\Program Files\NETGEAR\WG111v2\WG111v2.exe ()
PRC - C:\Program Files\RocketDock\RocketDock.exe ()


========== Modules (No Company Name) ==========

MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll ()
MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll ()
MOD - C:\Users\Neox\AppData\Local\Google\Chrome\Application\21.0.1180.79\ppgooglenaclpluginchrome.dll ()
MOD - C:\Users\Neox\AppData\Local\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll ()
MOD - C:\Users\Neox\AppData\Local\Google\Chrome\Application\21.0.1180.79\pdf.dll ()
MOD - C:\Users\Neox\AppData\Local\Google\Chrome\Application\21.0.1180.79\libglesv2.dll ()
MOD - C:\Users\Neox\AppData\Local\Google\Chrome\Application\21.0.1180.79\libegl.dll ()
MOD - C:\Users\Neox\AppData\Local\Google\Chrome\Application\21.0.1180.79\avutil-51.dll ()
MOD - C:\Users\Neox\AppData\Local\Google\Chrome\Application\21.0.1180.79\avformat-54.dll ()
MOD - C:\Users\Neox\AppData\Local\Google\Chrome\Application\21.0.1180.79\avcodec-54.dll ()
MOD - C:\Program Files\LOLReplay\Compression.dll ()
MOD - C:\Program Files\LOLReplay\LOLUtils.dll ()
MOD - C:\Program Files\Notepad++\NppShell_05.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7343fbab1ba137db2f8b284047ef3f3c\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7b6293b0c23321c255c2530aea8e32bb\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\6546e0f4253ce30900e5ff902672a8bc\System.ServiceModel.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1619144e1a9eaca847e53b952b21820b\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\521fb04fdfbb0039a34cc91111d11804\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\1dac5ff29f483e19c77b23b00ba533f9\System.ServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\0f2b877ed16daa577f95be735a63d19c\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c8c3ab08933fef9fb6657da871395c46\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\54426ee1881b42af5b090e223f43823c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll ()
MOD - C:\Program Files\NCH Software\ExpressZip\ezcm.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL ()
MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll ()
MOD - C:\Windows\System32\atitmpxx.dll ()
MOD - C:\Program Files\SplitMediaLabs\XSplit\avformat-53.dll ()
MOD - C:\Program Files\SplitMediaLabs\XSplit\avutil-51.dll ()
MOD - C:\Program Files\SplitMediaLabs\XSplit\avcodec-53.dll ()
MOD - C:\Program Files\SplitMediaLabs\XSplit\swscale-0.dll ()
MOD - C:\Program Files\NETGEAR\WG111v3\WG111v3.exe ()
MOD - C:\Program Files\NETGEAR\WG111v2\WG111v2.exe ()
MOD - C:\Program Files\RocketDock\RocketDock.exe ()
MOD - C:\Program Files\RocketDock\RocketDock.dll ()


========== Win32 Services (SafeList) ==========

SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Akamai) -- C:/Program Files/Common Files/Akamai/netsession_win_6c825ce.dll ()
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (XDva391) -- C:\Windows\system32\XDva391.sys File not found
DRV - (XDva390) -- C:\Windows\system32\XDva390.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (nltdi) -- C:\Windows\system32\drivers\nltdi.sys File not found
DRV - (Nbdrv) -- system32\DRIVERS\nbdrv.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (EagleXNt) -- C:\Windows\system32\drivers\EagleXNt.sys File not found
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (AtiHDAudioService) -- C:\Windows\System32\drivers\AtihdLH3.sys (Advanced Micro Devices)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (RTL8187B) -- C:\Windows\System32\drivers\wg111v3.sys (NETGEAR Inc. )
DRV - (RTL8187) -- C:\Windows\System32\drivers\wg111v2.sys (NETGEAR Inc.)
DRV - (RtlProt) -- C:\Windows\System32\drivers\RtlProt.sys (Windows ® Codename Longhorn DDK provider)
DRV - (SCMNdisP) -- C:\Windows\System32\drivers\SCMNdisP.sys (Windows ® Codename Longhorn DDK provider)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4133368832-3342889942-1754129440-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-4133368832-3342889942-1754129440-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?r...GB&dcc=GB&opt=0
IE - HKU\S-1-5-21-4133368832-3342889942-1754129440-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-4133368832-3342889942-1754129440-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6E 5A 97 A2 C5 E5 CC 01 [binary data]
IE - HKU\S-1-5-21-4133368832-3342889942-1754129440-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4133368832-3342889942-1754129440-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4133368832-3342889942-1754129440-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\S-1-5-21-4133368832-3342889942-1754129440-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4133368832-3342889942-1754129440-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@gametap.com/npdd,version=1.0: C:\Program Files\Downloader\npdd.dll (Metaboli)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Neox\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Neox\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Neox\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/08/05 14:38:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/07/28 19:26:25 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/08/05 14:38:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/07/28 19:26:25 | 000,000,000 | ---D | M]

[2012/04/21 21:34:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Neox\AppData\Roaming\Mozilla\Extensions
[2012/08/08 16:04:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Neox\AppData\Roaming\Mozilla\Firefox\Profiles\93hkvla5.default\extensions
[2012/04/21 21:36:23 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Neox\AppData\Roaming\Mozilla\Firefox\Profiles\93hkvla5.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/08/05 14:45:38 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Neox\AppData\Roaming\Mozilla\Firefox\Profiles\93hkvla5.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012/06/25 20:00:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/06/25 20:00:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/08/05 14:41:13 | 000,276,167 | ---- | M] () (No name found) -- C:\USERS\NEOX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\93HKVLA5.DEFAULT\EXTENSIONS\{64161300-E22B-11DB-8314-0800200C9A66}.XPI
[2012/08/05 14:38:43 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/03/13 05:38:32 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/03/13 05:38:32 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage:
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Neox\AppData\Local\Google\Chrome\Application\21.0.1180.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Neox\AppData\Local\Google\Chrome\Application\21.0.1180.79\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Neox\AppData\Local\Google\Chrome\Application\21.0.1180.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Neox\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll
CHR - plugin: Java™ Platform SE 6 U33 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.330.3 (Enabled) = C:\Windows\system32\npdeployJava1.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: QUAKE LIVE (Enabled) = C:\ProgramData\id Software\QuakeLive\npquakezero.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Neox\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Neox\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Neox\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Neox\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Kagamine Rin & Len Theme = C:\Users\Neox\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajbmlfcphelnfmnfmknjhhnajbihaaa\2_0\
CHR - Extension: AdBlock = C:\Users\Neox\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.41_0\
CHR - Extension: Speed Dial 2 = C:\Users\Neox\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik\1.6.0.9_0\
CHR - Extension: Gmail = C:\Users\Neox\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/08/13 11:51:53 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-4133368832-3342889942-1754129440-1000..\Run: [Akamai NetSession Interface] C:\Users\Neox\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\S-1-5-21-4133368832-3342889942-1754129440-1000..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-4133368832-3342889942-1754129440-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-4133368832-3342889942-1754129440-1000..\Run: [WLAN Optimizer] C:\Users\Neox\Desktop\All Folders\Virus scanners\wopt021\WLAN Optimizer.exe File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.syste...yri_4.5.1.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{15E874B8-9A27-4D92-8424-88E7DA202274}: NameServer = 192.168.0.1,192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Users\Neox\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Neox\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/12/19 23:53:56 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011/11/17 17:30:14 | 000,000,044 | ---- | M] () - D:\AutoRun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/14 15:08:11 | 000,000,000 | ---D | C] -- C:\Users\Neox\AppData\Roaming\StepMania 5
[2012/08/14 14:54:02 | 000,000,000 | ---D | C] -- C:\Users\Neox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StepMania 5
[2012/08/14 14:54:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StepMania 5
[2012/08/14 14:53:33 | 000,000,000 | ---D | C] -- C:\Program Files\StepMania 5
[2012/08/13 11:51:19 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/08/08 16:04:58 | 000,000,000 | ---D | C] -- C:\Users\Neox\AppData\Local\groove-dl
[2012/08/08 15:57:59 | 000,000,000 | ---D | C] -- C:\Users\Neox\AppData\Roaming\ProgSense
[2012/08/08 15:57:39 | 000,000,000 | ---D | C] -- C:\Users\Neox\AppData\Roaming\OpenCandy
[2012/08/08 15:56:56 | 000,000,000 | ---D | C] -- C:\Users\Neox\AppData\Roaming\Orbit
[2012/08/08 12:27:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grinding Gear Games
[2012/08/08 12:27:18 | 000,000,000 | ---D | C] -- C:\Program Files\Grinding Gear Games
[2012/08/07 15:44:32 | 000,000,000 | ---D | C] -- C:\Users\Neox\AppData\Roaming\JGsoft
[2012/08/07 15:39:56 | 000,000,000 | ---D | C] -- C:\Users\Neox\AppData\Roaming\Notepad++
[2012/08/07 15:39:56 | 000,000,000 | ---D | C] -- C:\Program Files\Notepad++
[2012/08/07 15:14:48 | 000,000,000 | ---D | C] -- C:\Ubisoft
[2012/08/01 11:34:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2012/08/01 11:34:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2012/08/01 11:33:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2012/08/01 11:19:54 | 000,000,000 | ---D | C] -- C:\Users\Neox\AppData\Local\Aeria Games
[2012/08/01 11:19:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Aeria Games
[2012/07/31 15:25:55 | 000,000,000 | -HSD | C] -- C:\Windows\System32\AI_RecycleBin
[2012/07/31 15:23:41 | 000,000,000 | ---D | C] -- C:\AeriaGames
[2012/07/30 18:06:11 | 000,000,000 | ---D | C] -- C:\Users\Neox\AppData\Local\APN
[2012/07/30 18:03:50 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012/07/29 22:00:13 | 000,000,000 | ---D | C] -- C:\Users\Neox\Desktop\Music
[2012/07/27 12:33:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\beanfun! US
[2012/07/27 12:33:13 | 000,000,000 | ---D | C] -- C:\Program Files\beanfun!
[2012/07/27 12:12:00 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/07/27 01:44:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/07/27 01:44:21 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/07/27 01:42:40 | 000,000,000 | ---D | C] -- C:\Users\Neox\AppData\Roaming\Locktime
[2012/07/27 01:42:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Locktime
[2012/07/27 01:42:05 | 000,000,000 | ---D | C] -- C:\Program Files\NetLimiter 2 Monitor
[2012/07/25 16:09:10 | 000,000,000 | ---D | C] -- C:\Users\Neox\AppData\Roaming\Downloaded Installations
[2012/07/24 14:11:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/07/24 14:10:10 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/07/24 14:10:08 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/07/24 14:10:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/07/21 22:46:29 | 000,000,000 | ---D | C] -- C:\Users\Neox\AppData\Roaming\CrystalIdea Software
[2012/07/21 22:45:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/07/21 22:45:44 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/07/21 14:21:42 | 000,000,000 | ---D | C] -- C:\Users\Neox\AppData\Local\Xor-Net
[2012/07/20 13:45:27 | 000,000,000 | ---D | C] -- C:\Users\Neox\AppData\Roaming\WhatPulse
[2012/07/20 13:45:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhatPulse
[2012/07/19 17:54:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Xunlei
[2012/07/19 17:52:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Thunder Network
[2012/07/19 17:52:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Thunder Network
[2012/07/19 17:52:20 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Thunder Network
[2012/07/19 17:52:09 | 000,000,000 | ---D | C] -- C:\Program Files\Thunder Network
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/15 22:06:04 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4133368832-3342889942-1754129440-1000UA.job
[2012/08/15 21:53:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/15 21:44:23 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/15 21:44:23 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/15 16:00:04 | 000,657,354 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/08/15 16:00:04 | 000,125,636 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/08/15 13:06:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4133368832-3342889942-1754129440-1000Core.job
[2012/08/15 11:44:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/15 11:44:17 | 3488,931,840 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/14 13:42:25 | 207,121,315 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/08/13 11:51:53 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012/08/09 21:51:50 | 000,000,632 | ---- | M] () -- C:\Users\Neox\Desktop\AvA.lnk
[2012/08/08 16:03:55 | 000,000,304 | ---- | M] () -- C:\user.js
[2012/08/08 12:27:19 | 000,002,010 | ---- | M] () -- C:\Users\Public\Desktop\Path of Exile.lnk
[2012/08/07 15:39:37 | 000,000,395 | ---- | M] () -- C:\Users\Neox\Desktop\Downloads.lnk
[2012/08/03 23:06:05 | 000,000,750 | ---- | M] () -- C:\Users\Neox\Desktop\StarCraft II.lnk
[2012/08/03 15:53:25 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/08/03 15:53:25 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/07/20 20:20:58 | 000,000,845 | ---- | M] () -- C:\Users\Neox\Desktop\LeagueOfLegends.lnk
[2012/07/20 00:52:58 | 001,676,288 | ---- | M] () -- C:\ava_us_steam_launcher_installer_20120719.exe
[2012/07/19 21:29:13 | 000,140,480 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012/07/19 21:29:02 | 000,298,016 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2012/07/19 21:23:59 | 000,138,056 | ---- | M] () -- C:\Users\Neox\AppData\Roaming\PnkBstrK.sys
[2012/07/19 21:23:49 | 000,189,248 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
[2012/07/19 20:42:50 | 003,130,440 | ---- | M] () -- C:\Windows\System32\pbsvc_blr.exe
[2012/07/19 17:52:59 | 000,000,020 | ---- | M] () -- C:\Windows\System32\pub_store.dat
[2012/07/19 17:06:59 | 000,000,062 | ---- | M] () -- C:\Windows\wininit.ini
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/09 21:51:50 | 000,000,632 | ---- | C] () -- C:\Users\Neox\Desktop\AvA.lnk
[2012/08/08 16:05:02 | 000,000,888 | ---- | C] () -- C:\Users\Neox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\groove-dl.lnk
[2012/08/08 16:03:52 | 000,000,304 | ---- | C] () -- C:\user.js
[2012/08/08 12:27:19 | 000,002,010 | ---- | C] () -- C:\Users\Public\Desktop\Path of Exile.lnk
[2012/08/07 15:39:37 | 000,000,395 | ---- | C] () -- C:\Users\Neox\Desktop\Downloads.lnk
[2012/08/04 01:32:24 | 207,121,315 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/08/03 23:06:05 | 000,000,750 | ---- | C] () -- C:\Users\Neox\Desktop\StarCraft II.lnk
[2012/07/20 20:20:58 | 000,000,845 | ---- | C] () -- C:\Users\Neox\Desktop\LeagueOfLegends.lnk
[2012/07/20 00:52:58 | 001,676,288 | ---- | C] () -- C:\ava_us_steam_launcher_installer_20120719.exe
[2012/07/19 21:29:01 | 000,298,016 | ---- | C] () -- C:\Windows\System32\PnkBstrB.xtr
[2012/07/19 21:24:00 | 000,140,480 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012/07/19 21:23:59 | 000,138,056 | ---- | C] () -- C:\Users\Neox\AppData\Roaming\PnkBstrK.sys
[2012/07/19 21:23:44 | 000,298,016 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2012/07/19 21:23:44 | 000,189,248 | ---- | C] () -- C:\Windows\System32\PnkBstrB.ex0
[2012/07/19 21:23:41 | 003,130,440 | ---- | C] () -- C:\Windows\System32\pbsvc_blr.exe
[2012/07/19 21:23:41 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2012/07/19 17:52:59 | 000,000,020 | ---- | C] () -- C:\Windows\System32\pub_store.dat
[2012/07/19 17:06:59 | 000,000,062 | ---- | C] () -- C:\Windows\wininit.ini
[2011/12/26 05:03:31 | 000,006,656 | ---- | C] () -- C:\Users\Neox\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/23 08:14:15 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011/12/21 04:30:48 | 000,104,496 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011/12/18 21:18:28 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/12/18 21:18:28 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/12/18 00:48:22 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/12/17 13:15:32 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/12/17 10:07:19 | 000,001,356 | ---- | C] () -- C:\Users\Neox\AppData\Local\d3d9caps.dat
[2011/11/10 07:39:44 | 000,059,904 | ---- | C] () -- C:\Windows\System32\OpenVideo.dll
[2011/11/10 07:39:32 | 000,054,784 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
[2011/11/10 03:11:06 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2011/10/21 20:30:14 | 000,243,168 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/09/19 08:07:46 | 000,015,360 | ---- | C] () -- C:\Windows\System32\bdmjpeg.dll
[2011/09/19 08:07:32 | 000,058,368 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll
[2011/09/13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat

< End of report >
  • 0

Advertisements

#32
Dakeyras
Posted 15 August 2012 - 03:58 PM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

I did everything you told me to do on OTL.

Not quite I'm afraid, if I may draw your attention to a portion from the latest OTL log header you posted:-

OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Neox\Downloads

You have not updated OTL and quite likely you did not run the scan the way I advised. So I will post the instructions again below and please re-read all carefully and then follow them as outlined, thank you...

Re-scan with OTL:

OTL has been recently updated, so please delete your current version. It can be located here:-

C:\Users\Neox\Downloads\OTL.exe

and all logs created(so that would be OTL.txt & Extra.txt) if still present.

Then download a new copy of OTL and save it to your Desktop.

Alternate downloads are here and here.

  • Right-click on OTL.exe and select Run as Administrator to start OTL.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.


  • 0

#33
SoullessZ
Posted 15 August 2012 - 05:40 PM

SoullessZ

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Doing it now..

Edited by SoullessZ, 15 August 2012 - 05:41 PM.

  • 0

#34
SoullessZ
Posted 15 August 2012 - 05:49 PM

SoullessZ

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
OTL TXT


OTL logfile created on: 8/16/2012 12:40:35 AM - Run 5
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Neox\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19272)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 0.55 Gb Available Physical Memory | 16.86% Memory free
6.73 Gb Paging File | 2.92 Gb Available in Paging File | 43.38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 79.71 Gb Free Space | 34.23% Space Free | Partition Type: NTFS
Drive D: | 124.45 Gb Total Space | 56.18 Gb Free Space | 45.14% Space Free | Partition Type: NTFS
Drive E: | 19.53 Gb Total Space | 3.99 Gb Free Space | 20.44% Space Free | Partition Type: NTFS
Drive F: | 5.07 Gb Total Space | 0.91 Gb Free Space | 17.90% Space Free | Partition Type: NTFS

Computer Name: NEOX-PC | User Name: Neox | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Neox\Downloads\OTL (1).exe (OldTimer Tools)
PRC - C:\Program Files\Grinding Gear Games\Path of Exile\Client.exe ()
PRC - C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
PRC - C:\Program Files\LOLReplay\LOLRecorder.exe (LOL Replay)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Users\Neox\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\Codebox\BitMeter\BitMeter2.exe ( )
PRC - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\NETGEAR\WG111v3\WG111v3.exe ()
PRC - C:\Program Files\NETGEAR\WG111v2\WG111v2.exe ()
PRC - C:\Program Files\RocketDock\RocketDock.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Program Files\Grinding Gear Games\Path of Exile\Client.exe ()
MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll ()
MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll ()
MOD - C:\Users\Neox\AppData\Local\Google\Chrome\Application\21.0.1180.79\ppgooglenaclpluginchrome.dll ()
MOD - C:\Users\Neox\AppData\Local\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll ()
MOD - C:\Users\Neox\AppData\Local\Google\Chrome\Application\21.0.1180.79\pdf.dll ()
MOD - C:\Users\Neox\AppData\Local\Google\Chrome\Application\21.0.1180.79\libglesv2.dll ()
MOD - C:\Users\Neox\AppData\Local\Google\Chrome\Application\21.0.1180.79\libegl.dll ()
MOD - C:\Users\Neox\AppData\Local\Google\Chrome\Application\21.0.1180.79\avutil-51.dll ()
MOD - C:\Users\Neox\AppData\Local\Google\Chrome\Application\21.0.1180.79\avformat-54.dll ()
MOD - C:\Users\Neox\AppData\Local\Google\Chrome\Application\21.0.1180.79\avcodec-54.dll ()
MOD - C:\Program Files\Grinding Gear Games\Path of Exile\vorbisfile.dll ()
MOD - C:\Program Files\Grinding Gear Games\Path of Exile\vorbis.dll ()
MOD - C:\Program Files\Grinding Gear Games\Path of Exile\ogg.dll ()
MOD - C:\Program Files\LOLReplay\Compression.dll ()
MOD - C:\Program Files\LOLReplay\LOLUtils.dll ()
MOD - C:\Program Files\Notepad++\NppShell_05.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7343fbab1ba137db2f8b284047ef3f3c\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7b6293b0c23321c255c2530aea8e32bb\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\6546e0f4253ce30900e5ff902672a8bc\System.ServiceModel.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1619144e1a9eaca847e53b952b21820b\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\521fb04fdfbb0039a34cc91111d11804\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\1dac5ff29f483e19c77b23b00ba533f9\System.ServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\0f2b877ed16daa577f95be735a63d19c\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c8c3ab08933fef9fb6657da871395c46\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\54426ee1881b42af5b090e223f43823c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll ()
MOD - C:\Program Files\NCH Software\ExpressZip\ezcm.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL ()
MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll ()
MOD - C:\Windows\System32\atitmpxx.dll ()
MOD - C:\Program Files\SplitMediaLabs\XSplit\avformat-53.dll ()
MOD - C:\Program Files\SplitMediaLabs\XSplit\avutil-51.dll ()
MOD - C:\Program Files\SplitMediaLabs\XSplit\avcodec-53.dll ()
MOD - C:\Program Files\SplitMediaLabs\XSplit\swscale-0.dll ()
MOD - C:\Program Files\NETGEAR\WG111v3\WG111v3.exe ()
MOD - C:\Program Files\NETGEAR\WG111v2\WG111v2.exe ()
MOD - C:\Program Files\RocketDock\RocketDock.exe ()
MOD - C:\Program Files\RocketDock\RocketDock.dll ()


========== Win32 Services (SafeList) ==========

SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Akamai) -- C:/Program Files/Common Files/Akamai/netsession_win_6c825ce.dll ()
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (XDva391) -- C:\Windows\system32\XDva391.sys File not found
DRV - (XDva390) -- C:\Windows\system32\XDva390.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (nltdi) -- C:\Windows\system32\drivers\nltdi.sys File not found
DRV - (Nbdrv) -- system32\DRIVERS\nbdrv.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (EagleXNt) -- C:\Windows\system32\drivers\EagleXNt.sys File not found
DRV - (MpKsl0e4b4c81) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E33D3219-E3F0-4E58-960C-10D006677267}\MpKsl0e4b4c81.sys (Microsoft Corporation)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (AtiHDAudioService) -- C:\Windows\System32\drivers\AtihdLH3.sys (Advanced Micro Devices)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (RTL8187B) -- C:\Windows\System32\drivers\wg111v3.sys (NETGEAR Inc. )
DRV - (RTL8187) -- C:\Windows\System32\drivers\wg111v2.sys (NETGEAR Inc.)
DRV - (RtlProt) -- C:\Windows\System32\drivers\RtlProt.sys (Windows ® Codename Longhorn DDK provider)
DRV - (SCMNdisP) -- C:\Windows\System32\drivers\SCMNdisP.sys (Windows ® Codename Longhorn DDK provider)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4133368832-3342889942-1754129440-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-4133368832-3342889942-1754129440-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?r...GB&dcc=GB&opt=0
IE - HKU\S-1-5-21-4133368832-3342889942-1754129440-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-4133368832-3342889942-1754129440-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6E 5A 97 A2 C5 E5 CC 01 [binary data]
IE - HKU\S-1-5-21-4133368832-3342889942-1754129440-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4133368832-3342889942-1754129440-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4133368832-3342889942-1754129440-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\S-1-5-21-4133368832-3342889942-1754129440-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4133368832-3342889942-1754129440-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@gametap.com/npdd,version=1.0: C:\Program Files\Downloader\npdd.dll (Metaboli)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Neox\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Neox\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Neox\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/08/05 14:38:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/07/28 19:26:25 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/08/05 14:38:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/07/28 19:26:25 | 000,000,000 | ---D | M]

[2012/04/21 21:34:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Neox\AppData\Roaming\Mozilla\Extensions
[2012/08/08 16:04:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Neox\AppData\Roaming\Mozilla\Firefox\Profiles\93hkvla5.default\extensions
[2012/04/21 21:36:23 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Neox\AppData\Roaming\Mozilla\Firefox\Profiles\93hkvla5.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/08/05 14:45:38 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Neox\AppData\Roaming\Mozilla\Firefox\Profiles\93hkvla5.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012/06/25 20:00:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/06/25 20:00:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/08/05 14:41:13 | 000,276,167 | ---- | M] () (No name found) -- C:\USERS\NEOX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\93HKVLA5.DEFAULT\EXTENSIONS\{64161300-E22B-11DB-8314-0800200C9A66}.XPI
[2012/08/05 14:38:43 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/03/13 05:38:32 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/03/13 05:38:32 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage:
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Neox\AppData\Local\Google\Chrome\Application\21.0.1180.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Neox\AppData\Local\Google\Chrome\Application\21.0.1180.79\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Neox\AppData\Local\Google\Chrome\Application\21.0.1180.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Neox\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll
CHR - plugin: Java™ Platform SE 6 U33 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.330.3 (Enabled) = C:\Windows\system32\npdeployJava1.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: QUAKE LIVE (Enabled) = C:\ProgramData\id Software\QuakeLive\npquakezero.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Neox\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Neox\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Neox\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Neox\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Kagamine Rin & Len Theme = C:\Users\Neox\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajbmlfcphelnfmnfmknjhhnajbihaaa\2_0\
CHR - Extension: AdBlock = C:\Users\Neox\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.41_0\
CHR - Extension: Speed Dial 2 = C:\Users\Neox\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik\1.6.0.9_0\
CHR - Extension: Gmail = C:\Users\Neox\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/08/13 11:51:53 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-4133368832-3342889942-1754129440-1000..\Run: [Akamai NetSession Interface] C:\Users\Neox\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\S-1-5-21-4133368832-3342889942-1754129440-1000..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-4133368832-3342889942-1754129440-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-4133368832-3342889942-1754129440-1000..\Run: [WLAN Optimizer] C:\Users\Neox\Desktop\All Folders\Virus scanners\wopt021\WLAN Optimizer.exe File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.syste...yri_4.5.1.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{15E874B8-9A27-4D92-8424-88E7DA202274}: NameServer = 192.168.0.1,192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Users\Neox\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Neox\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/12/19 23:53:56 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011/11/17 17:30:14 | 000,000,044 | ---- | M] () - D:\AutoRun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/14 15:08:11 | 000,000,000 | ---D | C] -- C:\Users\Neox\AppData\Roaming\StepMania 5
[2012/08/14 14:54:02 | 000,000,000 | ---D | C] -- C:\Users\Neox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StepMania 5
[2012/08/14 14:54:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StepMania 5
[2012/08/14 14:53:33 | 000,000,000 | ---D | C] -- C:\Program Files\StepMania 5
[2012/08/13 11:51:19 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/08/08 16:04:58 | 000,000,000 | ---D | C] -- C:\Users\Neox\AppData\Local\groove-dl
[2012/08/08 15:57:59 | 000,000,000 | ---D | C] -- C:\Users\Neox\AppData\Roaming\ProgSense
[2012/08/08 15:57:39 | 000,000,000 | ---D | C] -- C:\Users\Neox\AppData\Roaming\OpenCandy
[2012/08/08 15:56:56 | 000,000,000 | ---D | C] -- C:\Users\Neox\AppData\Roaming\Orbit
[2012/08/08 12:27:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grinding Gear Games
[2012/08/08 12:27:18 | 000,000,000 | ---D | C] -- C:\Program Files\Grinding Gear Games
[2012/08/07 15:44:32 | 000,000,000 | ---D | C] -- C:\Users\Neox\AppData\Roaming\JGsoft
[2012/08/07 15:39:56 | 000,000,000 | ---D | C] -- C:\Users\Neox\AppData\Roaming\Notepad++
[2012/08/07 15:39:56 | 000,000,000 | ---D | C] -- C:\Program Files\Notepad++
[2012/08/07 15:14:48 | 000,000,000 | ---D | C] -- C:\Ubisoft
[2012/08/01 11:34:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2012/08/01 11:34:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2012/08/01 11:33:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2012/08/01 11:19:54 | 000,000,000 | ---D | C] -- C:\Users\Neox\AppData\Local\Aeria Games
[2012/08/01 11:19:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Aeria Games
[2012/07/31 15:25:55 | 000,000,000 | -HSD | C] -- C:\Windows\System32\AI_RecycleBin
[2012/07/31 15:23:41 | 000,000,000 | ---D | C] -- C:\AeriaGames
[2012/07/30 18:06:11 | 000,000,000 | ---D | C] -- C:\Users\Neox\AppData\Local\APN
[2012/07/30 18:03:50 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012/07/29 22:00:13 | 000,000,000 | ---D | C] -- C:\Users\Neox\Desktop\Music
[2012/07/27 12:33:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\beanfun! US
[2012/07/27 12:33:13 | 000,000,000 | ---D | C] -- C:\Program Files\beanfun!
[2012/07/27 12:12:00 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/07/27 01:44:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/07/27 01:44:21 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/07/27 01:42:40 | 000,000,000 | ---D | C] -- C:\Users\Neox\AppData\Roaming\Locktime
[2012/07/27 01:42:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Locktime
[2012/07/27 01:42:05 | 000,000,000 | ---D | C] -- C:\Program Files\NetLimiter 2 Monitor
[2012/07/25 16:09:10 | 000,000,000 | ---D | C] -- C:\Users\Neox\AppData\Roaming\Downloaded Installations
[2012/07/24 14:11:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/07/24 14:10:10 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/07/24 14:10:08 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/07/24 14:10:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/07/21 22:46:29 | 000,000,000 | ---D | C] -- C:\Users\Neox\AppData\Roaming\CrystalIdea Software
[2012/07/21 22:45:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/07/21 22:45:44 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/07/21 14:21:42 | 000,000,000 | ---D | C] -- C:\Users\Neox\AppData\Local\Xor-Net
[2012/07/20 13:45:27 | 000,000,000 | ---D | C] -- C:\Users\Neox\AppData\Roaming\WhatPulse
[2012/07/20 13:45:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhatPulse
[2012/07/19 17:54:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Xunlei
[2012/07/19 17:52:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Thunder Network
[2012/07/19 17:52:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Thunder Network
[2012/07/19 17:52:20 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Thunder Network
[2012/07/19 17:52:09 | 000,000,000 | ---D | C] -- C:\Program Files\Thunder Network
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/16 00:28:01 | 000,058,314 | ---- | M] () -- C:\Users\Neox\Desktop\OTLSCAN.png
[2012/08/16 00:06:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4133368832-3342889942-1754129440-1000UA.job
[2012/08/15 23:53:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/15 23:44:23 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/15 23:44:23 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/15 16:00:04 | 000,657,354 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/08/15 16:00:04 | 000,125,636 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/08/15 13:06:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4133368832-3342889942-1754129440-1000Core.job
[2012/08/15 11:44:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/15 11:44:17 | 3488,931,840 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/14 13:42:25 | 207,121,315 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/08/13 11:51:53 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012/08/09 21:51:50 | 000,000,632 | ---- | M] () -- C:\Users\Neox\Desktop\AvA.lnk
[2012/08/08 16:03:55 | 000,000,304 | ---- | M] () -- C:\user.js
[2012/08/08 12:27:19 | 000,002,010 | ---- | M] () -- C:\Users\Public\Desktop\Path of Exile.lnk
[2012/08/07 15:39:37 | 000,000,395 | ---- | M] () -- C:\Users\Neox\Desktop\Downloads.lnk
[2012/08/03 23:06:05 | 000,000,750 | ---- | M] () -- C:\Users\Neox\Desktop\StarCraft II.lnk
[2012/08/03 15:53:25 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/08/03 15:53:25 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/07/20 20:20:58 | 000,000,845 | ---- | M] () -- C:\Users\Neox\Desktop\LeagueOfLegends.lnk
[2012/07/20 00:52:58 | 001,676,288 | ---- | M] () -- C:\ava_us_steam_launcher_installer_20120719.exe
[2012/07/19 21:29:13 | 000,140,480 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012/07/19 21:29:02 | 000,298,016 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2012/07/19 21:23:59 | 000,138,056 | ---- | M] () -- C:\Users\Neox\AppData\Roaming\PnkBstrK.sys
[2012/07/19 21:23:49 | 000,189,248 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
[2012/07/19 20:42:50 | 003,130,440 | ---- | M] () -- C:\Windows\System32\pbsvc_blr.exe
[2012/07/19 17:52:59 | 000,000,020 | ---- | M] () -- C:\Windows\System32\pub_store.dat
[2012/07/19 17:06:59 | 000,000,062 | ---- | M] () -- C:\Windows\wininit.ini
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/16 00:27:58 | 000,058,314 | ---- | C] () -- C:\Users\Neox\Desktop\OTLSCAN.png
[2012/08/09 21:51:50 | 000,000,632 | ---- | C] () -- C:\Users\Neox\Desktop\AvA.lnk
[2012/08/08 16:05:02 | 000,000,888 | ---- | C] () -- C:\Users\Neox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\groove-dl.lnk
[2012/08/08 16:03:52 | 000,000,304 | ---- | C] () -- C:\user.js
[2012/08/08 12:27:19 | 000,002,010 | ---- | C] () -- C:\Users\Public\Desktop\Path of Exile.lnk
[2012/08/07 15:39:37 | 000,000,395 | ---- | C] () -- C:\Users\Neox\Desktop\Downloads.lnk
[2012/08/04 01:32:24 | 207,121,315 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/08/03 23:06:05 | 000,000,750 | ---- | C] () -- C:\Users\Neox\Desktop\StarCraft II.lnk
[2012/07/20 20:20:58 | 000,000,845 | ---- | C] () -- C:\Users\Neox\Desktop\LeagueOfLegends.lnk
[2012/07/20 00:52:58 | 001,676,288 | ---- | C] () -- C:\ava_us_steam_launcher_installer_20120719.exe
[2012/07/19 21:29:01 | 000,298,016 | ---- | C] () -- C:\Windows\System32\PnkBstrB.xtr
[2012/07/19 21:24:00 | 000,140,480 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012/07/19 21:23:59 | 000,138,056 | ---- | C] () -- C:\Users\Neox\AppData\Roaming\PnkBstrK.sys
[2012/07/19 21:23:44 | 000,298,016 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2012/07/19 21:23:44 | 000,189,248 | ---- | C] () -- C:\Windows\System32\PnkBstrB.ex0
[2012/07/19 21:23:41 | 003,130,440 | ---- | C] () -- C:\Windows\System32\pbsvc_blr.exe
[2012/07/19 21:23:41 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2012/07/19 17:52:59 | 000,000,020 | ---- | C] () -- C:\Windows\System32\pub_store.dat
[2012/07/19 17:06:59 | 000,000,062 | ---- | C] () -- C:\Windows\wininit.ini
[2011/12/26 05:03:31 | 000,006,656 | ---- | C] () -- C:\Users\Neox\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/23 08:14:15 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011/12/21 04:30:48 | 000,104,496 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011/12/18 21:18:28 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/12/18 21:18:28 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/12/18 00:48:22 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/12/17 13:15:32 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/12/17 10:07:19 | 000,001,356 | ---- | C] () -- C:\Users\Neox\AppData\Local\d3d9caps.dat
[2011/11/10 07:39:44 | 000,059,904 | ---- | C] () -- C:\Windows\System32\OpenVideo.dll
[2011/11/10 07:39:32 | 000,054,784 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
[2011/11/10 03:11:06 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2011/10/21 20:30:14 | 000,243,168 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/09/19 08:07:46 | 000,015,360 | ---- | C] () -- C:\Windows\System32\bdmjpeg.dll
[2011/09/19 08:07:32 | 000,058,368 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll
[2011/09/13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat

< End of report >
  • 0

#35
SoullessZ
Posted 15 August 2012 - 05:49 PM

SoullessZ

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
EXTRA TXT


OTL Extras logfile created on: 8/16/2012 12:40:35 AM - Run 5
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Neox\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19272)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 0.55 Gb Available Physical Memory | 16.86% Memory free
6.73 Gb Paging File | 2.92 Gb Available in Paging File | 43.38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 79.71 Gb Free Space | 34.23% Space Free | Partition Type: NTFS
Drive D: | 124.45 Gb Total Space | 56.18 Gb Free Space | 45.14% Space Free | Partition Type: NTFS
Drive E: | 19.53 Gb Total Space | 3.99 Gb Free Space | 20.44% Space Free | Partition Type: NTFS
Drive F: | 5.07 Gb Total Space | 0.91 Gb Free Space | 17.90% Space Free | Partition Type: NTFS

Computer Name: NEOX-PC | User Name: Neox | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08CD0A73-F3B5-4DE7-ABAB-ACABAEB1D292}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{2D75433C-6A22-4A81-B81D-28AF7A5A3CAE}" = rport=137 | protocol=17 | dir=out | app=system |
"{48132FED-8B68-4BAE-8580-E047ED88FB07}" = lport=445 | protocol=6 | dir=in | app=system |
"{4D346723-8057-4D63-9E98-C34384744054}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4FEC67F3-79FD-4C12-B0D8-86C11C400F54}" = lport=138 | protocol=17 | dir=in | app=system |
"{683E3888-A0EE-4F7D-9DDB-20B22B9DB264}" = lport=137 | protocol=17 | dir=in | app=system |
"{8D9E5C28-6E10-4051-A0D1-F23046DF0B22}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{9ACFA7EA-A32B-48DD-B474-C781BFAF6134}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{A8B04432-EA5C-495D-A7D3-C4F1DE3C3EAA}" = rport=138 | protocol=17 | dir=out | app=system |
"{C9AC067E-C989-402F-A762-6EADEED92E0F}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{CC14EA1F-CA30-4C8A-8227-F23C663DA489}" = rport=139 | protocol=6 | dir=out | app=system |
"{DD7B44F8-6609-4481-8FF4-11B40FDC1CF9}" = rport=445 | protocol=6 | dir=out | app=system |
"{E44FABE1-D8FC-469C-A979-76F9CECDEB03}" = lport=139 | protocol=6 | dir=in | app=system |
"{E4C546B9-6542-4BEA-BBDE-06E3A59E09F4}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0477BE99-9E08-4998-8CC6-76E19C398409}" = protocol=17 | dir=in | app=d:\program files\starcraft ii\starcraft ii public test.exe |
"{059F1C2A-9DE6-4050-A2A9-066DDCF60AAF}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{0A2C8DE4-564F-4D21-9745-B07AD349DED4}" = protocol=17 | dir=in | app=d:\reactor\ijjioptimizer.exe |
"{0BEA7716-8E65-426D-9CA9-9D5486141073}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{0D33325B-F38F-46FA-A027-C9658C8DD40B}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{0D8799C8-BC57-4C79-9047-A1D020EFE436}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{129BCDB6-1CAD-4D6C-BDB3-E9B7953EB479}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\ava\reactor.exe |
"{14EF093F-F025-4A86-8534-2B5E14473E1D}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{161283CD-100E-4F44-A4D7-B81AB732B234}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{211AB2A7-2B0B-46FF-BF4D-875F0F6EF594}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{2EACCA60-CBB8-4AEB-8912-47A2566A3550}" = protocol=1 | dir=out | [email protected],-28544 |
"{3994B3B8-D555-4DB1-8CC0-091C598F7B2F}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{4271F8F1-2F80-4E9F-B60C-1529372648FC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4692B743-B2EB-4D57-A1DC-B5ECC0BE92E7}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{4C14E71F-E871-4957-A0AA-D85D426268F5}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{54813D77-3AC6-45AA-9660-8F8E810CB219}" = protocol=6 | dir=in | app=d:\reactor\ijjioptimizer.exe |
"{5A4AFB71-667E-4F36-A180-197DE320EBC1}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{5C5BC588-50F3-4AF8-AB3E-774B0AB8694C}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{5C5CAABF-E5B7-4207-98F3-81AA6631FC66}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\stalker shadow of chernobyl\bin\xr_3da.exe |
"{617942FA-D52F-4E6E-95B5-0CD6AD310147}" = protocol=1 | dir=in | [email protected],-28543 |
"{63BB54FE-F0A5-4699-BEDF-B6DF562925F4}" = protocol=17 | dir=in | app=d:\program files\steam\steam.exe |
"{64F1A9AD-BA12-47AC-9004-49327A2C19E6}" = protocol=58 | dir=in | [email protected],-28545 |
"{6DBE6EFA-B4B1-4EE7-9DE8-A278F390F85E}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{701B7B92-89A4-4489-85A6-86335497437C}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{7C26120B-0775-4153-BF1C-55A49B748273}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{88C6789A-E380-4608-8FE4-4F99027B14A5}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{8FF9D8FE-42B4-4C27-9E2D-AA7292EC56C1}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{9261677B-D4A4-4212-9C0D-2E2D3BE15289}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{93E74C26-4C89-4472-B901-04EA2E642F3E}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{97B38919-7F75-4FFF-8E0A-D3855A7EBF46}" = protocol=58 | dir=out | [email protected],-28546 |
"{9E1197E9-3B79-47A0-8490-78E5AE46A74B}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{A47CF152-76CA-4A4F-BF8A-A8E9A9BB13BD}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{AA5B57B4-BAA9-4964-9356-84710B619955}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\ava\reactor.exe |
"{AAFC1432-4D86-4086-BFEE-5CD0F3807E43}" = protocol=6 | dir=in | app=c:\users\neox\appdata\local\akamai\netsession_win.exe |
"{AE299A8A-CB37-4041-83EA-A7A67F32C201}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{B7E78B69-0E61-4212-8CB4-83C4F70D5639}" = protocol=6 | dir=in | app=d:\program files\steam\steam.exe |
"{C1F931C2-A6DE-49FC-9B55-26794D96587A}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{C22C9FC1-4E25-4660-92CC-0257E1662189}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{C2B7B501-7E48-4F4D-BAC5-05C6020CBCB0}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{C372D28B-C347-4B55-B161-B49A8DA0C419}" = protocol=6 | dir=in | app=d:\reactor\ijjioptimizer.exe |
"{C393CFD1-901B-4CE9-BCDD-2D006DC31680}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{C623E7A7-E235-4AD4-B98E-FD8EAA6D8E0D}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{CBC8A322-2E67-4F94-8E00-5F7E26293586}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{CD78883F-C246-4BF8-99C0-35AF201A81B9}" = protocol=17 | dir=in | app=c:\users\neox\appdata\local\akamai\netsession_win.exe |
"{CDC64D65-D2A2-4A7E-838F-E067DFBFADD1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D35B20D6-AD72-4D29-937A-F0A669C8E9FF}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\renegade ops\renegadeops.exe |
"{D6A3B633-BB14-4C8E-864A-B8208AFE79A0}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\dota 2 beta\dota.exe |
"{DA5A4275-A393-4D52-92F9-FF8F4D8952AE}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{DCC26848-C344-4228-BB69-2C94FC048E79}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{E73C97C0-7A90-4F33-901A-A6C9DAE1A6DF}" = protocol=17 | dir=in | app=d:\reactor\ijjioptimizer.exe |
"{E97BC09F-F843-4225-BDE0-CB9F4A68146E}" = protocol=6 | dir=in | app=d:\program files\starcraft ii\starcraft ii public test.exe |
"{F0F842E0-A273-4AE6-9C42-03265B926517}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F20C9A08-BA50-427C-950D-94C879C67451}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\renegade ops\renegadeops.exe |
"{FB499118-5040-4B8F-9479-1BECE1855AA0}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\stalker shadow of chernobyl\bin\xr_3da.exe |
"{FF2F5186-9D5D-4A74-9659-657584406F73}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"TCP Query User{05E8A8BA-F0DC-4909-992A-25E235D94A27}C:\program files\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\program files\lolreplay\lolreplay.exe |
"TCP Query User{113E267E-37D7-46EE-97DA-C58745B119B2}C:\program files\gretech\gomtvstreamer\gomtvstreamerlive.exe" = protocol=6 | dir=in | app=c:\program files\gretech\gomtvstreamer\gomtvstreamerlive.exe |
"TCP Query User{427EC347-A496-4DE8-89C0-EA2A49957D3F}C:\users\neox\appdata\local\apps\2.0\e3gdeg1g.9h8\xa649byo.vvp\laun...app_59711684aa47878d_0001.001b_bcc4041724b93450\launcher.exe" = protocol=6 | dir=in | app=c:\users\neox\appdata\local\apps\2.0\e3gdeg1g.9h8\xa649byo.vvp\laun...app_59711684aa47878d_0001.001b_bcc4041724b93450\launcher.exe |
"TCP Query User{4504210E-5AF6-4896-8FAB-F95BEDCE79A4}D:\program files\steam\steamapps\common\ava\binaries\ava.exe" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\ava\binaries\ava.exe |
"TCP Query User{5670C20B-6482-4A09-842E-0EAC1F2FC1DF}C:\program files\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"TCP Query User{6A2936DB-F596-4BD9-89CB-B216C5C06228}D:\program files\starcraft ii\versions\base19679\sc2.exe" = protocol=6 | dir=in | app=d:\program files\starcraft ii\versions\base19679\sc2.exe |
"TCP Query User{6AC11988-25B4-4968-844B-C88A4A83AC01}D:\program files\starcraft ii\versions\base21029\sc2.exe" = protocol=6 | dir=in | app=d:\program files\starcraft ii\versions\base21029\sc2.exe |
"TCP Query User{6BFBA600-430B-4416-B7D5-9B4F894C87AF}C:\users\neox\desktop\teamspeak3-server_win32-3.0.6.1\teamspeak3-server_win32\ts3server_win32.exe" = protocol=6 | dir=in | app=c:\users\neox\desktop\teamspeak3-server_win32-3.0.6.1\teamspeak3-server_win32\ts3server_win32.exe |
"TCP Query User{749F2381-EF35-4151-886C-B5A5134ADE8E}D:\program files\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=d:\program files\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{79617510-6A5C-4AF8-831C-88D44360DCF5}D:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=d:\program files\skype\phone\skype.exe |
"TCP Query User{8A9B72C6-4209-48DA-9CEC-DA3BDEAF9F0B}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"TCP Query User{8F6E8A75-AFC3-4020-84C3-C229C8128071}C:\users\neox\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\neox\appdata\local\akamai\netsession_win.exe |
"TCP Query User{8FC65243-D683-4810-B658-FF3E0CFE87AB}D:\program files\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=6 | dir=in | app=d:\program files\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe |
"TCP Query User{98339230-F2B4-457E-A79D-2DCCCA463DA9}C:\program files\steam\steamapps\krazeh884\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\krazeh884\team fortress 2\hl2.exe |
"TCP Query User{AE078A11-90D2-4985-A5D4-07C34161F894}D:\program files\starcraft ii\versions\base22612\sc2.exe" = protocol=6 | dir=in | app=d:\program files\starcraft ii\versions\base22612\sc2.exe |
"TCP Query User{C1006A1B-9D07-45CF-8B57-C31EC7BC9A78}D:\program files\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=d:\program files\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{C526D674-EAF7-4964-B526-8DB0CC64E273}D:\program files\starcraft ii\versions\base21029\sc2.exe" = protocol=6 | dir=in | app=d:\program files\starcraft ii\versions\base21029\sc2.exe |
"TCP Query User{CBCD124B-38AD-49F2-9A82-14230B9BE960}D:\program files\starcraft ii\starcraft ii.exe" = protocol=6 | dir=in | app=d:\program files\starcraft ii\starcraft ii.exe |
"TCP Query User{D0999796-5381-4928-8D4C-9EBD6B7B2227}C:\program files\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\program files\lolreplay\lolreplay.exe |
"TCP Query User{D6AA996B-9436-4A58-904F-494B1EA2040E}C:\program files\stepmania 5\program\stepmania-sse2.exe" = protocol=6 | dir=in | app=c:\program files\stepmania 5\program\stepmania-sse2.exe |
"TCP Query User{E0D56438-E542-4F21-9430-AC7CF04BEEE5}C:\program files\gretech\gomtvstreamer\gomtvstreamerlive.exe" = protocol=6 | dir=in | app=c:\program files\gretech\gomtvstreamer\gomtvstreamerlive.exe |
"TCP Query User{E8422018-50A2-4EC4-A7E7-235064CF605A}C:\users\neox\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\neox\appdata\roaming\spotify\spotify.exe |
"TCP Query User{FA63FF60-CDA7-498D-A2C5-C8C55127D907}D:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=d:\program files\skype\phone\skype.exe |
"TCP Query User{FD9BE435-8361-4F9B-AC1E-E35A86280BB5}D:\program files\starcraft ii\starcraft ii.exe" = protocol=6 | dir=in | app=d:\program files\starcraft ii\starcraft ii.exe |
"TCP Query User{FDD044FF-486F-450A-A503-C61908B12167}D:\reactor\reactor.exe" = protocol=6 | dir=in | app=d:\reactor\reactor.exe |
"UDP Query User{059C366B-737B-4D20-9657-EA1BA77BA849}D:\program files\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=17 | dir=in | app=d:\program files\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe |
"UDP Query User{08716FDB-3A36-402A-81FF-B6E37174A867}D:\program files\starcraft ii\starcraft ii.exe" = protocol=17 | dir=in | app=d:\program files\starcraft ii\starcraft ii.exe |
"UDP Query User{184AD877-E7E3-4951-BA6D-137CA7AECD8E}C:\program files\gretech\gomtvstreamer\gomtvstreamerlive.exe" = protocol=17 | dir=in | app=c:\program files\gretech\gomtvstreamer\gomtvstreamerlive.exe |
"UDP Query User{37F51D5B-8DEA-4DE7-B95A-FF5C39C82AFA}C:\users\neox\desktop\teamspeak3-server_win32-3.0.6.1\teamspeak3-server_win32\ts3server_win32.exe" = protocol=17 | dir=in | app=c:\users\neox\desktop\teamspeak3-server_win32-3.0.6.1\teamspeak3-server_win32\ts3server_win32.exe |
"UDP Query User{4189C20E-30B6-463C-9A2C-A788A0307394}D:\program files\starcraft ii\versions\base22612\sc2.exe" = protocol=17 | dir=in | app=d:\program files\starcraft ii\versions\base22612\sc2.exe |
"UDP Query User{4DA98FA8-23A7-4B19-8BA3-D630108CF72A}C:\users\neox\appdata\local\apps\2.0\e3gdeg1g.9h8\xa649byo.vvp\laun...app_59711684aa47878d_0001.001b_bcc4041724b93450\launcher.exe" = protocol=17 | dir=in | app=c:\users\neox\appdata\local\apps\2.0\e3gdeg1g.9h8\xa649byo.vvp\laun...app_59711684aa47878d_0001.001b_bcc4041724b93450\launcher.exe |
"UDP Query User{563420DC-D9E5-404F-98C2-5DDB4BEA8E52}D:\program files\starcraft ii\starcraft ii.exe" = protocol=17 | dir=in | app=d:\program files\starcraft ii\starcraft ii.exe |
"UDP Query User{669A981F-2A4B-47D8-912C-E4A67EEB68DF}C:\program files\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"UDP Query User{6D9CB599-DF70-447F-B926-94AA2DF3B844}D:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=d:\program files\skype\phone\skype.exe |
"UDP Query User{6EEFF979-7476-4F55-8E28-5ECC8696513F}D:\program files\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=d:\program files\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{6FE72B09-11C1-4A9A-8FB5-6F586B7F812E}C:\program files\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\program files\lolreplay\lolreplay.exe |
"UDP Query User{8DA31AC2-4E07-4877-BF17-1D4462779CED}C:\program files\steam\steamapps\krazeh884\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\krazeh884\team fortress 2\hl2.exe |
"UDP Query User{9B0570E4-D816-4E00-8811-7CE1047505F9}D:\program files\starcraft ii\versions\base21029\sc2.exe" = protocol=17 | dir=in | app=d:\program files\starcraft ii\versions\base21029\sc2.exe |
"UDP Query User{9EAE5FB1-3482-40A5-BFE5-5F5DDC7EA943}D:\program files\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=d:\program files\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{A0E934A1-3F54-46C9-A989-237C76EC1FF1}C:\users\neox\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\neox\appdata\local\akamai\netsession_win.exe |
"UDP Query User{B0090F98-5683-4162-A1DB-2CF46E7EA8BA}D:\program files\starcraft ii\versions\base19679\sc2.exe" = protocol=17 | dir=in | app=d:\program files\starcraft ii\versions\base19679\sc2.exe |
"UDP Query User{B0D36E04-6906-4BCA-8F9B-904E1727E509}D:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=d:\program files\skype\phone\skype.exe |
"UDP Query User{C87C1D94-4315-4787-8CBD-523C613D2958}D:\program files\starcraft ii\versions\base21029\sc2.exe" = protocol=17 | dir=in | app=d:\program files\starcraft ii\versions\base21029\sc2.exe |
"UDP Query User{C90CF58D-4979-47E8-815A-65B514C58309}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{D478953E-42AD-463C-9475-858244DAE578}C:\program files\stepmania 5\program\stepmania-sse2.exe" = protocol=17 | dir=in | app=c:\program files\stepmania 5\program\stepmania-sse2.exe |
"UDP Query User{DCABE67E-62DB-444B-9572-75F0380F0BA2}D:\program files\steam\steamapps\common\ava\binaries\ava.exe" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\ava\binaries\ava.exe |
"UDP Query User{DD798560-7C3B-4918-A31C-F758EF584C42}C:\program files\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\program files\lolreplay\lolreplay.exe |
"UDP Query User{F52CD4FE-FCD6-4C67-BE5B-37BCD70AA3A6}D:\reactor\reactor.exe" = protocol=17 | dir=in | app=d:\reactor\reactor.exe |
"UDP Query User{F557B2E3-2240-4763-B4FC-5B702B9E67EC}C:\users\neox\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\neox\appdata\roaming\spotify\spotify.exe |
"UDP Query User{F9E4F1BD-4312-4A4D-B58D-1899ACBD5E7E}C:\program files\gretech\gomtvstreamer\gomtvstreamerlive.exe" = protocol=17 | dir=in | app=c:\program files\gretech\gomtvstreamer\gomtvstreamerlive.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05CAF469-9765-8FBF-10AD-FD621091824A}" = CCC Help English
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java™ 6 Update 33
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{4102037D-E8E0-48E0-B203-E521D194FB71}" = NETGEAR WG111v2 wireless USB 2.0 adapter
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E1D0591-14F7-736E-143A-62DC3E552A1A}" = Catalyst Control Center InstallProxy
"{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10
"{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes
"{6F64A42C-6D93-6788-EB4F-07CC066DE194}" = Catalyst Control Center Graphics Previews Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76D1FBEB-FBBF-0D1E-BB0A-CAA0D19E2C7F}" = ccc-utility
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{82AF3E91-57E1-4754-84D0-40A46E2479AB}" = OpenOffice.org 3.3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D8B8115-40C1-A707-B7DA-599514076A81}" = Catalyst Control Center
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C684A01-7F9C-40E7-AF94-BFE24BC89C97}" = XSplit
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A942958E-AF92-7901-861B-7F373A1B6ABA}" = AMD Catalyst Install Manager
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BF6379E6-9936-46B0-B6AC-C56EE3987D2E}" = inSSIDer
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C6F39786-216E-480B-8369-0DBE21E5EDDA}" = Path of Exile
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Akamai" = Akamai NetSession Interface Service
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"BitMeter" = BitMeter
"CCleaner" = CCleaner
"Downloader" = Downloader
"ExpressBurn" = Express Burn Disc Burning Software
"ExpressZip" = Express Zip File Compression Software
"Fraps" = Fraps
"GOM Player" = GOM Player
"GomTVStreamer" = GOMTV Streamer
"ImgBurn" = ImgBurn
"InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter
"LOLReplay" = LOLReplay
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"mIRC" = mIRC
"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OpenAL" = OpenAL
"PunkBusterSvc" = PunkBuster Services
"RocketDock_is1" = RocketDock 1.3.5
"StarCraft II" = StarCraft II
"Steam App 102700" = Alliance of Valiant Arms
"Steam App 42680" = Call of Duty: Modern Warfare 3
"Steam App 570" = Dota 2
"Steam App 99300" = Renegade Ops
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.10 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4133368832-3342889942-1754129440-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 8/12/2012 1:27:01 PM | Computer Name = Neox-PC | Source = Application Error | ID = 1000
Description = Faulting application Client.exe, version 0.0.0.0, time stamp 0x50243fd0,
faulting module Client.exe, version 0.0.0.0, time stamp 0x50243fd0, exception code
0xc0000005, fault offset 0x002b2cce, process id 0x1760, application start time 0x01cd78a166c9b313.

Error - 8/12/2012 5:50:27 PM | Computer Name = Neox-PC | Source = WinMgmt | ID = 10
Description =

Error - 8/13/2012 6:30:24 AM | Computer Name = Neox-PC | Source = WinMgmt | ID = 10
Description =

Error - 8/13/2012 5:27:40 PM | Computer Name = Neox-PC | Source = Application Error | ID = 1000
Description = Faulting application Client.exe, version 0.0.0.0, time stamp 0x50289d14,
faulting module kernel32.dll, version 6.0.6002.18449, time stamp 0x4da47967, exception
code 0xe0000001, fault offset 0x0003fc56, process id 0x16b4, application start time
0x01cd7981046af269.

Error - 8/13/2012 5:47:58 PM | Computer Name = Neox-PC | Source = Application Error | ID = 1000
Description = Faulting application Client.exe, version 0.0.0.0, time stamp 0x50289d14,
faulting module Client.exe, version 0.0.0.0, time stamp 0x50289d14, exception code
0xc0000005, fault offset 0x002785e8, process id 0x1748, application start time 0x01cd799a7e206670.

Error - 8/13/2012 5:48:00 PM | Computer Name = Neox-PC | Source = Application Error | ID = 1000
Description = Faulting application Client.exe, version 0.0.0.0, time stamp 0x50289d14,
faulting module Client.exe, version 0.0.0.0, time stamp 0x50289d14, exception code
0xc0000005, fault offset 0x002a129b, process id 0x1748, application start time 0x01cd799a7e206670.

Error - 8/14/2012 6:36:27 AM | Computer Name = Neox-PC | Source = WinMgmt | ID = 10
Description =

Error - 8/14/2012 8:44:11 AM | Computer Name = Neox-PC | Source = WinMgmt | ID = 10
Description =

Error - 8/14/2012 7:57:28 PM | Computer Name = Neox-PC | Source = Application Error | ID = 1000
Description = Faulting application Client.exe, version 0.0.0.0, time stamp 0x50289d14,
faulting module kernel32.dll, version 6.0.6002.18449, time stamp 0x4da47967, exception
code 0xe0000001, fault offset 0x0003fc56, process id 0x10b4, application start time
0x01cd7a707147a263.

Error - 8/15/2012 6:46:02 AM | Computer Name = Neox-PC | Source = WinMgmt | ID = 10
Description =

Error - 8/15/2012 9:36:48 AM | Computer Name = Neox-PC | Source = Application Error | ID = 1000
Description = Faulting application Client.exe, version 0.0.0.0, time stamp 0x502b1edb,
faulting module kernel32.dll, version 6.0.6002.18449, time stamp 0x4da47967, exception
code 0xe0000001, fault offset 0x0003fc56, process id 0xbdc, application start time
0x01cd7ae7c18e126e.

[ System Events ]
Error - 8/11/2012 3:03:39 PM | Computer Name = Neox-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 8/13/2012 10:18:38 AM | Computer Name = Neox-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/13/2012 2:01:05 PM | Computer Name = Neox-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/14/2012 8:42:32 AM | Computer Name = Neox-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 1:40:48 PM on 8/14/2012 was unexpected.

Error - 8/14/2012 8:52:11 AM | Computer Name = Neox-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/14/2012 1:31:46 PM | Computer Name = Neox-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/15/2012 2:40:22 PM | Computer Name = Neox-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/15/2012 5:26:21 PM | Computer Name = Neox-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/15/2012 5:28:42 PM | Computer Name = Neox-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/15/2012 5:32:26 PM | Computer Name = Neox-PC | Source = Service Control Manager | ID = 7000
Description =


< End of report >
  • 0

#36
Dakeyras
Posted 16 August 2012 - 03:25 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

Looks like you have not deleted the prior version of OTL.exe:-

C:\Users\Neox\Downloads\OTL (1).exe

So please do so and move OTL (1).exe to the Desktop. If unsure how to move OTL (1).exe, not a problem and merely inform myself OK.

Next:

Going back to the update you posted for myself:-

My computer is still over downloading when opening youtube video's or websites... It's like opening google and my DL pops to 600..
Also in the past when watching streams I usually DL at a low amount... Which didn't lag me nor anyone else. But now it downloads more when doing small things which lags myself abit more and others...
If that makes sense.

It does indeed make sense and the software I am advising be removed/uninstalled below are the likely suspects...

PunkBuster Services...My colleague godawgs mentioned about this in post #16 and I concur with his assessment. So download and run the removal tool for it in the aforementioned post.

So after you have downloaded the removal tool for PunkBuster Services run it as follows...

  • Right-click on pbsvc.exe and select select Run as Administrator.
  • Ensure Un-install/Remove PunkBuster Service is selected.
  • Click on Next >> Yes >> Finish.
  • Reboot(restart) your machine if not prompted to do so.
Next:

Now please go to Start(Vista Orb) >> Control Panel >> Programs and Features and remove the following (if present):

Akamai NetSession Interface Service <-- This software apart from being dubious is actually always connected whether or not you are actively using it or not, hence it is a bandwidth hog . Plus installs all kinds of Adware, bloatware for example.

Downloader <-- The vendor has a unsavoury reputation to say the least, plus also during the installation process this dire software installs all kinds of Adware, bloatware for example.

Java™ 6 Update 33 <-- We will update this in due course.

Pando Media Booster <-- Another dire application that does not perform as stated and can be a bandwidth hog also.

To do so click once on each of the above to highlight, then click on Uninstall/Change and follow the prompts.

Note: Take extra care in answering questions posed by any Uninstaller. Some questions may be worded to deceive you into keeping the program.

Next:

Let myself know when completed the all of above. If any problems encountered and we will go from there, thank you.
  • 0

#37
SoullessZ
Posted 16 August 2012 - 06:05 AM

SoullessZ

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Doesn't disabling punk buster make me unable to play games?

and java


Everything else I did

Well after doing what you said..

I'm now suddenly uploading at 26.... Without doing anything. .What the heck
  • 0

#38
Dakeyras
Posted 16 August 2012 - 09:36 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

Everything else I did

Good.

Doesn't disabling punk buster make me unable to play games?

and java

A vaild point but a small price to pay for the duration of the actual Malware Removal process I think.

Once I give the all clear you can use the very same tool for removing PunkBuster Services(pbsvc.exe) to re-install again if you so wish. Though my friendly advice would be to seriously consider not doing so but that is at your own discretion, the computer is your property at the end of day and what you choose to install or not is at your own discretion OK.

As for Java, we will be updating that as I mentioned prior but leaving a out of date version installed is deemed security risk. Reason being it can be used by malware as a means to infect a computer and or re-infect for example.

So to recap, please download and run the removal tool for PunkBuster Services per the instructions in my prior post and uninstall Java™ 6 Update 33.

Once done so carry out/complete the below and we will go from there.

Backup the Registry:

Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

  • Please go here and download ERUNT.
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Right-click on erunt-setup.exe and select Run as Administrator to Install ERUNT by following the prompts.
  • Use the default install settings but say no to the portion that asks you to add ERUNT to the Start-Up folder.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup. Note: the default location is C:\WINDOWS\ERDNT which is acceptable.
  • Make sure that at least the first two check boxes are selected.
  • Click on OK
  • Then click on YES to create the folder.
Note: If it is necessary to restore the registry, open the backup folder and start ERDNT.exe

Reset Vista SP2 Firewall:

Click on Start(Vista Orb) >> Run... and cut/paste in the following and click on OK

firewall.cpl
Or Start(Vista Orb) >> Control Panel >> Windows Firewall

Click on the Change Settings >> Advanced >> Restore Defaults >> At the prompt click on Yes >> OK

Scan with AdwCleaner:

Please download AdwCleaner from here and save to your desktop.

Alternate download is here.

  • Right-click on adwcleaner.exe and select Run as Administrator to launch the application.
  • Now click on the Search tab.
  • Please post the contents of the log-file created in your next post.
Note: The log can also be located at C: >> AdwCleaner[XX].txt >> XX <-- denotes the number of times the application has been ran, so in this should be R1.
  • 0

#39
SoullessZ
Posted 16 August 2012 - 11:22 AM

SoullessZ

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
You are just breaking my internet more.. I'm lagging more than before
Punkbuster was on my computer AGES ago. It's obviously not that.

Why did you give me some clueless guy?

You've caused like an extra 2 problems. Which is really stressing me out because my time is being wasted by following your actions without explanations.

Edited by wannabe1, 16 August 2012 - 11:47 AM.
Remove Offensive Language...Need a dictionary?

  • 0

#40
SoullessZ
Posted 16 August 2012 - 01:24 PM

SoullessZ

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
And what does "Need a dictionary mean?" How about you learn English "Wannabe1" Great name. I wanted to mention.

Who is this wannabe noob editing my post

Edited by SoullessZ, 16 August 2012 - 01:24 PM.

  • 0

Advertisements

#41
Dakeyras
Posted 16 August 2012 - 01:27 PM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
If you are under the impression I am unaware of your unsolicited rudeness(use of profane language) and threatening behaviour towards myself....you are sadly mistaken and this is not something I will tolerate period!

Furthermore I am not the problem and or your own ability too follow advice. With this in mind I am withdrawing my free assistance and I highly doubt anyone else would be willing to provide any further assistance.

I suggest you seek a solution to your problem elsewhere/take your machine to a reputable IT Repair Centre.
  • 0

#42
wannabe1
Posted 16 August 2012 - 01:37 PM

wannabe1

    Tech Staff

  • Technician
  • 16,645 posts
I concur with Dakeyras. You need to seek help elsewhere.

This topic is closed.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP