Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

tiny start up issue on laptop


  • Please log in to reply

#1
Wolffie

Wolffie

    Member

  • Member
  • PipPip
  • 56 posts
i`m pretty sure its not malware related but someone typed something into cmd to make me connect on startup on his passworded wireless network
i`m guessing that might cause the delay i get on startup
it takes like a full minute of not doing anything before tuneup utilities icon shows up in the taskbar and thats when i know i can start doing whatever
it doesn`t freeze it just pretends to be busy


i did disable wireless networks and they stay that way when i start up but i dunno

also i figure a little check-up won`t hurt so
anyway here`s the log:


OTL logfile created on: 5/14/2013 12:30:21 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = F:\Daunlaud
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.50 Gb Total Physical Memory | 1.53 Gb Available Physical Memory | 61.12% Memory free
4.34 Gb Paging File | 3.33 Gb Available in Paging File | 76.61% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 20.51 Gb Total Space | 1.61 Gb Free Space | 7.84% Space Free | Partition Type: NTFS
Drive E: | 48.83 Gb Total Space | 3.69 Gb Free Space | 7.55% Space Free | Partition Type: NTFS
Drive F: | 163.54 Gb Total Space | 5.47 Gb Free Space | 3.34% Space Free | Partition Type: NTFS

Computer Name: HORTENSIA | User Name: Wolf | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - F:\Daunlaud\OTL.exe (OldTimer Tools)
PRC - C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Documents and Settings\Wolf\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
PRC - C:\Program Files\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
PRC - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
PRC - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
PRC - C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Technology Solutions)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)


========== Modules (No Company Name) ==========

MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
MOD - C:\Documents and Settings\Wolf\Local Settings\Application Data\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll ()
MOD - C:\Documents and Settings\Wolf\Local Settings\Application Data\Google\Chrome\Application\26.0.1410.64\pdf.dll ()
MOD - C:\Documents and Settings\Wolf\Local Settings\Application Data\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\d7ee03714420b252415b952d40ef59e4\System.ServiceProcess.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\HD-Agent\e76615f57bd8b424e317ff9ae4f548d1\HD-Agent.ni.exe ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ba12e418b906593b7c9c18f971f36bf9\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\HD-LogRotatorService\2bd0eecf09e16a4ed0e3928f03b51d69\HD-LogRotatorService.ni.exe ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\JSON\5d421a9dbbfe902089116c437769ebee\JSON.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll ()
MOD - C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav ()
MOD - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
MOD - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
MOD - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll ()
MOD - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll ()


========== Services (SafeList) ==========

SRV - (BsHelpCS) -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe File not found
SRV - (BlueSoleilCS) -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Skype C2C Service) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (BstHdLogRotatorSvc) -- C:\Program Files\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
SRV - (BstHdAndroidSvc) -- C:\Program Files\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.)
SRV - (cmdAgent) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (AxAutoMntSrv) -- E:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (TuneUp.Defrag) -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
SRV - (nSvcIp) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV - (ForceWare Intelligent Application Manager (IAM) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV - (StarWindServiceAE) -- E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
SRV - (TestHandler) -- C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Technology Solutions)


========== Driver Services (SafeList) ==========

DRV - (ZTEusbser6k) -- system32\DRIVERS\ZTEusbser6k.sys File not found
DRV - (ZTEusbnmea) -- system32\DRIVERS\ZTEusbnmea.sys File not found
DRV - (ZTEusbmdm6k) -- system32\DRIVERS\ZTEusbmdm6k.sys File not found
DRV - (WDICA) -- File not found
DRV - (VcommMgr) -- System32\Drivers\VcommMgr.sys File not found
DRV - (VComm) -- system32\DRIVERS\VComm.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (massfilter) -- system32\drivers\massfilter.sys File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (GGSAFERDriver) -- C:\Program Files\Garena Messenger\Room\safedrv.sys File not found
DRV - (Changer) -- File not found
DRV - (Btcsrusb) -- System32\Drivers\btcusb.sys File not found
DRV - (BT) -- system32\DRIVERS\btnetdrv.sys File not found
DRV - (avab13qn) -- File not found
DRV - (a70u1otk) -- File not found
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (BstHdDrv) -- C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys (BlueStack Systems)
DRV - (WinRing0_1_2_0) -- E:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys (OpenLibSys.org)
DRV - (Inspect) -- C:\WINDOWS\system32\drivers\inspect.sys (COMODO)
DRV - (cmdHlp) -- C:\WINDOWS\system32\drivers\cmdhlp.sys (COMODO)
DRV - (cmdGuard) -- C:\WINDOWS\system32\drivers\cmdGuard.sys (COMODO)
DRV - (cmderd) -- C:\WINDOWS\system32\drivers\cmderd.sys (COMODO)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (andnetndis) -- C:\WINDOWS\system32\drivers\lgandnetndis.sys (LG Electronics Inc.)
DRV - (ANDNetModem) -- C:\WINDOWS\system32\drivers\lgandnetmodem.sys (LG Electronics Inc.)
DRV - (AndNetDiag) -- C:\WINDOWS\system32\drivers\lgandnetdiag.sys (LG Electronics Inc.)
DRV - (AR5416) -- C:\WINDOWS\system32\drivers\athw.sys (Atheros Communications, Inc.)
DRV - (nvsmu) -- C:\WINDOWS\system32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (btnetBUs) -- C:\WINDOWS\system32\drivers\btnetBus.sys ()
DRV - (IvtBtBUs) -- C:\WINDOWS\system32\drivers\IvtBtBus.sys (IVT Corporation.)
DRV - (BtHidBus) -- C:\WINDOWS\system32\drivers\BtHidBus.sys (IVT Corporation.)
DRV - (FSCSLII) -- C:\WINDOWS\system32\drivers\FSCSLII.sys (Fujitsu)
DRV - (smserial) -- C:\WINDOWS\system32\drivers\smserial.sys (Motorola Inc.)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\Freecorder 6\tbhelper.dll ()
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B5355be22-20f5-11dc-8314-0800200c9a66%7D:3.04
FF - prefs.js..extensions.enabledAddons: %7B20a82645-c095-46ed-80e3-08825760534b%7D:0.0.0
FF - prefs.js..extensions.enabledAddons: stealthyextension%40gmail.com:2.5
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.1
FF - prefs.js..extensions.enabledItems: {5355be22-20f5-11dc-8314-0800200c9a66}:3.04
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..extensions.enabledItems: [email protected]:1.2.1
FF - prefs.js..network.proxy.ftp: "91.214.228.129"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.http: "91.214.228.129"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, stealthy.co"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "91.214.228.129"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.ssl: "91.214.228.129"
FF - prefs.js..network.proxy.ssl_port: 8080
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\Documents and Settings\All Users\Application Data\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Wolf\Local Settings\Application Data\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Wolf\Local Settings\Application Data\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Wolf\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Documents and Settings\Wolf\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: E:\Program Files\Mozilla Firefox\components [2013/04/15 01:13:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: E:\Program Files\Mozilla Firefox\plugins [2013/04/15 01:12:43 | 000,000,000 | ---D | M]

[2010/10/18 01:10:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Wolf\Application Data\Mozilla\Extensions
[2013/05/11 01:39:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Wolf\Application Data\Mozilla\Firefox\Profiles\m9pk9fgi.default\extensions
[2012/10/08 22:10:24 | 000,000,000 | ---D | M] (Freecorder 6) -- C:\Documents and Settings\Wolf\Application Data\Mozilla\Firefox\Profiles\m9pk9fgi.default\extensions\{132E58DE-22BF-44CA-A061-7FCE1E8BA1EC}
[2011/12/31 00:58:32 | 000,000,000 | ---D | M] ("BTP Toolbar") -- C:\Documents and Settings\Wolf\Application Data\Mozilla\Firefox\Profiles\m9pk9fgi.default\extensions\{5355be22-20f5-11dc-8314-0800200c9a66}
[2013/03/03 14:17:21 | 000,185,839 | ---- | M] () (No name found) -- C:\Documents and Settings\Wolf\Application Data\Mozilla\Firefox\Profiles\m9pk9fgi.default\extensions\[email protected]
[2013/05/11 01:39:34 | 000,870,680 | ---- | M] () (No name found) -- C:\Documents and Settings\Wolf\Application Data\Mozilla\Firefox\Profiles\m9pk9fgi.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2010/12/05 18:06:34 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Wolf\Local Settings\Application Data\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Wolf\Local Settings\Application Data\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Wolf\Local Settings\Application Data\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Adobe Acrobat (Disabled) = E:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = E:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QUAKE LIVE (Enabled) = C:\Documents and Settings\All Users\Application Data\id Software\QuakeLive\npquakezero.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Wolf\Local Settings\Application Data\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\Wolf\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Documents and Settings\Wolf\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
CHR - plugin: Java™ Platform SE 7 U9 (Disabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll
CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Disabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - Extension: Entanglement = C:\Documents and Settings\Wolf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: Audiotool = C:\Documents and Settings\Wolf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bkgoccjhfjgjedhkiefaclppgbmoobnk\1.1_0\
CHR - Extension: AdBlock = C:\Documents and Settings\Wolf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.63_0\
CHR - Extension: Fluttershy = C:\Documents and Settings\Wolf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ineklahlkhnjdbfcefoffcabemckiljl\1_0\
CHR - Extension: Poppit = C:\Documents and Settings\Wolf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: Bastion = C:\Documents and Settings\Wolf\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\oohphhdkahjlioohbalmicpokoefkgid\0.0.0.4_0\

O1 HOSTS File: ([2004/08/04 15:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (TBSB00808 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Freecorder 6\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Freecorder 6) - {6B34ACCF-1B63-4E1A-8633-461917C75544} - C:\Program Files\Freecorder 6\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Freecorder 6) - {6B34ACCF-1B63-4E1A-8633-461917C75544} - C:\Program Files\Freecorder 6\tbcore3.dll ()
O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 78.96.7.88 95.77.94.88
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8636065A-70E7-4692-87A5-AF33ADD15FD1}: DhcpNameServer = 78.96.7.88 95.77.94.88
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Wolf\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Wolf\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/10/15 21:58:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/05/11 19:06:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Wolf\Recent
[2013/05/09 11:03:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Cheat Engine 6.2
[2013/05/09 11:03:43 | 000,000,000 | ---D | C] -- C:\Program Files\Cheat Engine 6.2
[2013/05/07 15:52:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Wolf\Desktop\RK_Quarantine
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/05/14 00:37:59 | 001,474,832 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2013/05/13 23:42:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/05/13 23:41:00 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1897051121-725345543-1003UA.job
[2013/05/13 20:08:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/05/13 01:21:04 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Wolf\Desktop\Chrono Shutdown.ini
[2013/05/12 17:41:01 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1897051121-725345543-1003Core.job
[2013/05/11 22:05:49 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Wolf\PUTTY.RND
[2013/05/11 19:01:19 | 000,070,738 | ---- | M] () -- C:\Documents and Settings\Wolf\My Documents\cc_20130511_190110.reg
[2013/05/10 12:02:01 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/05/09 19:37:44 | 000,000,794 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/05/09 11:03:48 | 000,000,770 | ---- | M] () -- C:\Documents and Settings\Wolf\Desktop\Cheat Engine.lnk
[2013/05/04 19:03:11 | 000,108,544 | ---- | M] () -- C:\Documents and Settings\Wolf\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/04/27 17:37:49 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/04/16 19:43:58 | 000,000,228 | ---- | M] () -- C:\Documents and Settings\Wolf\Desktop\u.ini
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/05/11 19:01:13 | 000,070,738 | ---- | C] () -- C:\Documents and Settings\Wolf\My Documents\cc_20130511_190110.reg
[2013/05/09 11:03:48 | 000,000,770 | ---- | C] () -- C:\Documents and Settings\Wolf\Desktop\Cheat Engine.lnk
[2013/04/17 22:16:05 | 000,065,704 | ---- | C] () -- C:\Documents and Settings\Wolf\Desktop\Sucker Punch (2011) DVDRip XviD-MAXSPEED.English.srt
[2013/04/05 22:39:45 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Wolf\PUTTY.RND
[2013/03/23 22:22:54 | 002,816,504 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2013/03/21 07:10:18 | 000,042,880 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2013/01/31 16:16:39 | 000,065,788 | ---- | C] () -- C:\WINDOWS\War3Unin.dat
[2013/01/31 02:18:04 | 000,424,299 | ---- | C] () -- C:\Program Files\Yahoo Messenger.exe
[2012/07/15 07:28:46 | 000,711,240 | ---- | C] () -- C:\WINDOWS\is-AH6NP.exe
[2012/06/24 18:05:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll
[2012/06/24 18:05:32 | 000,002,413 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini
[2012/02/15 17:27:44 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/12/23 20:46:11 | 000,025,548 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2011/12/05 22:42:58 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2011/10/10 20:48:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Pool.INI
[2010/10/16 14:51:03 | 000,108,544 | ---- | C] () -- C:\Documents and Settings\Wolf\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2010/10/15 22:33:41 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2011/11/01 23:35:20 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 15:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 03:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/01/22 23:53:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BlueStacks
[2013/01/22 23:55:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BlueStacksSetup
[2010/10/15 23:46:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010/10/19 11:47:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DFX
[2011/12/23 20:38:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverGenius
[2011/10/02 12:25:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EA
[2011/10/16 12:24:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fujitsu
[2010/12/18 02:23:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GarenaMessenger
[2012/03/15 20:12:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\id Software
[2011/05/30 00:18:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2012/11/27 23:55:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2012/06/24 18:06:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LGMOBILEAX
[2011/05/01 16:49:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
[2012/01/13 15:19:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Oberon Media
[2011/05/01 17:01:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2012/11/27 23:55:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Razer
[2010/12/01 23:47:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2012/01/09 11:12:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{27B0A538-DF16-44D6-820D-D0B042C42C20}
[2010/10/19 19:00:50 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2013/05/11 19:06:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wolf\Application Data\DAEMON Tools Lite
[2011/10/02 12:25:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wolf\Application Data\EA
[2011/12/05 22:43:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wolf\Application Data\FreeAudioPack
[2012/10/08 22:13:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wolf\Application Data\Freecorder 6 Audio
[2012/10/08 22:14:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wolf\Application Data\Freecorder 6 Video
[2011/10/01 15:02:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wolf\Application Data\funkitron
[2010/12/06 14:55:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wolf\Application Data\Hardcore
[2013/05/12 17:25:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wolf\Application Data\HLSW
[2012/03/15 20:12:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wolf\Application Data\id Software
[2012/04/25 00:17:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wolf\Application Data\ImgBurn
[2010/12/06 14:54:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wolf\Application Data\Juce VST Host
[2013/04/09 20:19:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wolf\Application Data\LG Electronics
[2010/12/04 15:28:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wolf\Application Data\LolClient
[2012/05/24 13:22:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wolf\Application Data\LolClient2
[2010/10/19 14:39:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wolf\Application Data\Outertech
[2011/05/01 17:01:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wolf\Application Data\PC Suite
[2012/10/08 22:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wolf\Application Data\Toolbar4
[2012/12/19 23:41:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wolf\Application Data\Transformice
[2012/08/19 20:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wolf\Application Data\Transformice Standalone
[2011/09/10 20:34:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wolf\Application Data\TS3Client
[2010/12/01 23:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wolf\Application Data\TuneUp Software
[2011/02/20 20:39:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wolf\Application Data\Unity
[2013/05/11 19:06:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Wolf\Application Data\uTorrent

========== Purity Check ==========



< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP