Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

hardly connect to servers,but can surf the internet easily

Started by waipun , Jul 19 2013 01:56 AM

  • Please log in to reply

#1
waipun
Posted 19 July 2013 - 01:56 AM

waipun

    New Member

  • Member
  • Pip
  • 6 posts
Hello

I was having this problem since I changed my ISP and they gave me the new router
Before I change the ISP,I had no problem searching gaming servers or connecting to online platform
After changing the ISP,I caould only search few gaming servers,but now,I nearly can't find any server in server browser,and always having problem to connect to online platform/application (steam,EA,Crisis 3 multiplayer,LOL,mumble).

In games like tf2,I can hardly search any server,when I try to join a friend's game,it seems can't detect the server with the ip,it just say "no repsond"and i can't ping it

(Steam aren't always down for me,but I always can't connect to the others)

Besides Windows 8,I have Ubuntu installed on my computer,I tried to run steam in ubuntu and everything seems fine (I can't be sure because I didn't run that for long)

Tried a lot of things like sfc /scannow,net tit reset,reseting router,port forwarding,scanning for virus...
Tried to close the window firewall and anti virus,and putting steam and games into trust list,it didn't work too

Oh,about the port forwarding,steam needs the port 27015,and I forwarded it,but I checked it with some tools and shown that port is closed/time out,tried to test it while closing the firewall but its still not open

any help with be appreciated,sorry for bad english
waipun

Edited by waipun, 19 July 2013 - 05:21 AM.

  • 0

Advertisements

#2
waipun
Posted 19 July 2013 - 02:11 AM

waipun

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
you might need this




OTL logfile created on: 19/7/2013 15:59:01 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\waipun\Desktop\helps
Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000c04 | Country: 香港特別行政區 | Language: ZHH | Date Format: d/M/yyyy

3.25 Gb Total Physical Memory | 1.77 Gb Available Physical Memory | 54.52% Memory free
5.75 Gb Paging File | 3.71 Gb Available in Paging File | 64.48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 146.48 Gb Total Space | 52.84 Gb Free Space | 36.07% Space Free | Partition Type: NTFS
Drive D: | 341.80 Gb Total Space | 123.91 Gb Free Space | 36.25% Space Free | Partition Type: NTFS
Drive E: | 292.97 Gb Total Space | 292.82 Gb Free Space | 99.95% Space Free | Partition Type: NTFS
Drive F: | 150.25 Gb Total Space | 131.50 Gb Free Space | 87.52% Space Free | Partition Type: NTFS

Computer Name: HOME-PC | User Name: waipun | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/07/19 15:58:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\waipun\Desktop\helps\OTL.exe
PRC - [2013/07/18 17:30:02 | 002,098,848 | ---- | M] (Kingsoft Corporation) -- c:\Program Files\kingsoft\kingsoft antivirus\kxetray.exe
PRC - [2013/07/18 17:29:46 | 000,168,784 | ---- | M] (Kingsoft Corporation) -- c:\Program Files\kingsoft\kingsoft antivirus\kxescore.exe
PRC - [2013/07/11 11:35:42 | 001,861,512 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
PRC - [2013/07/10 21:37:10 | 000,527,000 | ---- | M] (Kingsoft Corporation) -- C:\Program Files\kingsoft\shoujizhushou\sjk_daemon.exe
PRC - [2013/07/10 21:37:09 | 021,573,784 | ---- | M] (Kingsoft Corporation) -- C:\Program Files\kingsoft\shoujizhushou\shoujizhushou.exe
PRC - [2013/07/10 09:56:22 | 000,559,016 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
PRC - [2013/07/10 09:56:20 | 001,672,616 | ---- | M] (Valve Corporation) -- D:\Program Files\Steam\Steam.exe
PRC - [2013/07/03 11:46:18 | 000,920,472 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/06/28 14:02:04 | 001,440,080 | ---- | M] (LogMeIn Inc.) -- C:\Users\waipun\Desktop\hamachi\hamachi-2.exe
PRC - [2013/05/21 03:53:21 | 000,107,520 | ---- | M] () -- C:\Users\samson\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
PRC - [2013/05/10 22:09:04 | 000,456,544 | ---- | M] (Kingsoft Corporation) -- C:\Users\waipun\AppData\Local\liebao\LBBrowser\knbcenter.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Users\waipun\Desktop\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/02 16:24:03 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhostex.exe
PRC - [2012/12/20 03:56:24 | 000,482,304 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2012/12/20 03:55:48 | 000,219,136 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2012/12/19 15:30:54 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2012/10/11 13:56:41 | 002,115,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2012/07/26 11:20:44 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dasHost.exe


========== Modules (No Company Name) ==========

MOD - [2013/07/11 11:35:42 | 016,166,280 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_8_800_94.dll
MOD - [2013/07/10 19:16:53 | 000,191,280 | ---- | M] () -- C:\Program Files\Garena Plus\bbtalk\ggspawn.dll
MOD - [2013/07/10 09:56:22 | 001,121,704 | ---- | M] () -- D:\Program Files\Steam\bin\chromehtml.dll
MOD - [2013/07/10 05:45:48 | 020,625,832 | ---- | M] () -- D:\Program Files\Steam\bin\libcef.dll
MOD - [2013/07/03 11:46:18 | 003,285,912 | ---- | M] () -- D:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/07/02 00:20:48 | 000,652,800 | ---- | M] () -- D:\Program Files\Steam\SDL2.dll
MOD - [2013/06/15 07:49:12 | 001,100,800 | ---- | M] () -- D:\Program Files\Steam\bin\avcodec-53.dll
MOD - [2013/06/15 07:49:12 | 000,192,000 | ---- | M] () -- D:\Program Files\Steam\bin\avformat-53.dll
MOD - [2013/06/15 07:49:12 | 000,124,416 | ---- | M] () -- D:\Program Files\Steam\bin\avutil-51.dll
MOD - [2013/04/21 22:05:24 | 000,158,368 | ---- | M] () -- c:\Program Files\kingsoft\shoujizhushou\zlib1.dll
MOD - [2012/11/13 21:53:04 | 000,121,472 | ---- | M] () -- C:\Program Files\Razer\Razer Game Booster\GBV3ContextMenu.dll


========== Services (SafeList) ==========

SRV - [2013/07/18 17:29:46 | 000,168,784 | ---- | M] (Kingsoft Corporation) [Auto | Running] -- c:\program files\kingsoft\kingsoft antivirus\kxescore.exe -- (kxescore)
SRV - [2013/07/11 11:35:42 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/10 09:56:22 | 000,559,016 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/06/28 14:02:04 | 001,440,080 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Users\waipun\Desktop\hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2013/05/21 03:53:21 | 000,107,520 | ---- | M] () [Auto | Running] -- C:\Users\samson\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe -- (DefaultTabUpdate)
SRV - [2013/05/10 22:09:04 | 000,456,544 | ---- | M] (Kingsoft Corporation) [Auto | Running] -- C:\Users\waipun\AppData\Local\liebao\LBBrowser\knbcenter.exe -- (knbcenter)
SRV - [2013/05/04 12:57:04 | 000,371,200 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofmsvc.dll -- (netprofm)
SRV - [2013/05/04 12:56:05 | 000,143,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\bisrv.dll -- (BrokerInfrastructure)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Users\waipun\Desktop\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Users\waipun\Desktop\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/02 16:23:17 | 000,114,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\TimeBrokerServer.dll -- (TimeBroker)
SRV - [2013/03/02 16:23:15 | 000,117,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV - [2013/02/09 02:29:56 | 000,295,664 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2013/01/29 08:02:40 | 000,013,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2013/01/10 07:26:37 | 001,532,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wlidsvc.dll -- (wlidsvc)
SRV - [2013/01/10 07:26:01 | 000,349,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsm.dll -- (LSM)
SRV - [2012/12/20 03:55:48 | 000,219,136 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012/12/19 15:30:54 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2012/12/17 15:46:50 | 000,137,488 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2012/11/06 12:54:13 | 002,205,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\spool\drivers\w32x86\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/11/06 12:18:36 | 000,136,704 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV - [2012/09/20 14:32:32 | 002,151,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WSService.dll -- (WSService)
SRV - [2012/09/20 13:53:51 | 000,095,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\fhsvc.dll -- (fhsvc)
SRV - [2012/07/26 11:20:19 | 000,051,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wiarpc.dll -- (WiaRpc)
SRV - [2012/07/26 11:20:13 | 000,226,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wcmsvc.dll -- (Wcmsvc)
SRV - [2012/07/26 11:20:11 | 000,192,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\vaultsvc.dll -- (VaultSvc)
SRV - [2012/07/26 11:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2012/07/26 11:20:04 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\svsvc.dll -- (svsvc)
SRV - [2012/07/26 11:19:54 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2012/07/26 11:19:40 | 002,028,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2012/07/26 11:19:21 | 000,138,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NcaSvc.dll -- (NcaSvc)
SRV - [2012/07/26 11:19:21 | 000,062,976 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2012/07/26 11:18:47 | 000,043,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\keyiso.dll -- (KeyIso)
SRV - [2012/07/26 11:18:24 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\efssvc.dll -- (EFS)
SRV - [2012/07/26 11:18:18 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\DeviceSetupManager.dll -- (DsmSvc)
SRV - [2012/07/26 11:18:13 | 000,261,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\das.dll -- (DeviceAssociationService)
SRV - [2012/07/26 11:17:58 | 000,109,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV - [2012/07/26 08:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicvss)
SRV - [2012/07/26 08:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmictimesync)
SRV - [2012/07/26 08:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicshutdown)
SRV - [2012/07/26 08:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicrdv)
SRV - [2012/07/26 08:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmickvpexchange)
SRV - [2012/07/26 08:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicheartbeat)
SRV - [2012/07/25 19:04:02 | 000,094,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe -- (Te.Service)
SRV - [2012/07/25 18:20:50 | 000,133,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Kits\8.0\App Certification Kit\fussvc.exe -- (fussvc)
SRV - [2010/06/26 01:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\TEMP\cpuz136\cpuz136_x32.sys -- (cpuz136)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\TEMP\cpuz135\cpuz135_x32.sys -- (cpuz135)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\samson\AppData\Local\Temp\ALSysIO.sys -- (ALSysIO)
DRV - [2013/07/18 17:24:17 | 000,191,288 | ---- | M] (Kingsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\Drivers\kisknl.sys -- (kisknl)
DRV - [2013/07/18 17:23:47 | 000,101,176 | ---- | M] (Kingsoft Corporation) [Kernel | System | Running] -- c:\Program Files\kingsoft\kingsoft antivirus\security\kxescan\kdhacker.sys -- (KDHacker)
DRV - [2013/06/13 00:00:13 | 000,104,248 | ---- | M] (Kingsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\knbdrv.sys -- (KNBDrv)
DRV - [2013/05/18 19:38:37 | 000,022,112 | -HS- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Garena Plus\Room\safedrv.sys -- (GGSAFERDriver)
DRV - [2013/05/04 13:20:57 | 000,362,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV - [2013/05/04 13:20:54 | 000,238,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\spaceport.sys -- (spaceport)
DRV - [2013/05/04 13:20:54 | 000,180,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\UCX01000.SYS -- (UCX01000)
DRV - [2013/04/24 19:48:51 | 000,084,328 | ---- | M] (Kingsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\ksapi.sys -- (ksapi)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\Drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/03/02 17:54:25 | 000,121,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\tpm.sys -- (TPM)
DRV - [2013/03/02 17:06:16 | 000,057,576 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\pdc.sys -- (pdc)
DRV - [2013/03/02 16:52:49 | 000,268,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV - [2013/03/02 16:52:47 | 000,066,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\storahci.sys -- (storahci)
DRV - [2013/02/02 15:31:49 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV - [2013/01/29 08:02:46 | 000,029,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\WdBoot.sys -- (WdBoot)
DRV - [2013/01/29 07:07:34 | 000,193,936 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\Drivers\WdFilter.sys -- (WdFilter)
DRV - [2013/01/28 16:54:30 | 000,025,088 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2013/01/21 21:14:03 | 000,023,456 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\DrvAgent32.sys -- (DrvAgent32)
DRV - [2013/01/10 09:07:00 | 000,024,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV - [2013/01/03 16:18:04 | 000,040,200 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2013/01/03 16:18:00 | 000,044,680 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2012/12/27 17:01:36 | 000,633,056 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\Rt630x86.sys -- (RTL8168)
DRV - [2012/12/21 14:46:28 | 000,093,432 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\AtihdW83.sys -- (AtiHDAudioService)
DRV - [2012/12/20 04:47:46 | 009,647,104 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\atikmdag.sys -- (amdkmdag)
DRV - [2012/12/20 03:32:06 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\atikmpag.sys -- (amdkmdap)
DRV - [2012/12/12 22:23:38 | 000,027,240 | ---- | M] (Kingsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\kavbootc.sys -- (kavbootc)
DRV - [2012/11/27 11:53:14 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BthhfHid.sys -- (bthhfhid)
DRV - [2012/11/20 12:56:58 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\hidi2c.sys -- (hidi2c)
DRV - [2012/11/13 21:53:00 | 000,014,416 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys -- (WinRing0_1_2_0)
DRV - [2012/11/06 11:52:56 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\fxppm.sys -- (FxPPM)
DRV - [2012/10/12 15:12:33 | 000,023,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/10/11 13:45:31 | 000,050,920 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\Drivers\dam.sys -- (dam)
DRV - [2012/10/11 13:28:23 | 000,046,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\sdstor.sys -- (sdstor)
DRV - [2012/09/20 15:09:32 | 000,031,464 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\cnghwassist.sys -- (cnghwassist)
DRV - [2012/09/20 14:34:07 | 000,097,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV - [2012/07/26 12:17:18 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\condrv.sys -- (condrv)
DRV - [2012/07/26 11:48:44 | 000,058,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\acpiex.sys -- (acpiex)
DRV - [2012/07/26 11:42:33 | 000,068,848 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV - [2012/07/26 11:42:32 | 000,099,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV - [2012/07/26 11:42:32 | 000,070,384 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\EhStorClass.sys -- (EhStorClass)
DRV - [2012/07/26 11:42:31 | 000,085,232 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\3ware.sys -- (3ware)
DRV - [2012/07/26 11:42:19 | 000,285,424 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV - [2012/07/26 11:42:19 | 000,080,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VerifierExt.sys -- (VerifierExt)
DRV - [2012/07/26 11:42:18 | 000,076,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\uaspstor.sys -- (UASPStor)
DRV - [2012/07/26 11:42:15 | 000,059,120 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\mvumis.sys -- (mvumis)
DRV - [2012/07/26 11:40:36 | 000,038,640 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV - [2012/07/26 11:40:10 | 000,256,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\clfs.sys -- (CLFS)
DRV - [2012/07/26 11:39:55 | 000,029,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\terminpt.sys -- (terminpt)
DRV - [2012/07/26 11:33:00 | 000,130,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\vmbus.sys -- (vmbus)
DRV - [2012/07/26 11:33:00 | 000,042,344 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\vmstorfl.sys -- (storflt)
DRV - [2012/07/26 11:33:00 | 000,032,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\storvsc.sys -- (storvsc)
DRV - [2012/07/26 10:36:54 | 000,042,496 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV - [2012/07/26 10:36:49 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\mshidumdf.sys -- (mshidumdf)
DRV - [2012/07/26 10:36:36 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\HyperVideo.sys -- (HyperVideo)
DRV - [2012/07/26 10:36:35 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\BasicRender.sys -- (BasicRender)
DRV - [2012/07/26 10:35:30 | 000,006,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\vms3cap.sys -- (s3cap)
DRV - [2012/07/26 10:35:28 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\npsvctrig.sys -- (npsvctrig)
DRV - [2012/07/26 10:35:10 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\kdnic.sys -- (kdnic)
DRV - [2012/07/26 10:35:06 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\acpitime.sys -- (acpitime)
DRV - [2012/07/26 10:35:04 | 000,009,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\vmgencounter.sys -- (gencounter)
DRV - [2012/07/26 10:34:43 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\acpipagr.sys -- (acpipagr)
DRV - [2012/07/26 10:34:42 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV - [2012/07/26 10:34:22 | 000,018,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2012/07/26 10:34:04 | 000,010,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\hyperkbd.sys -- (hyperkbd)
DRV - [2012/07/26 10:33:53 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SerCx.sys -- (SerCx)
DRV - [2012/07/26 10:33:50 | 000,046,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SpbCx.sys -- (SpbCx)
DRV - [2012/07/26 10:33:37 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\winusb.sys -- (WinUSB)
DRV - [2012/07/26 10:33:29 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2012/07/26 10:33:16 | 000,044,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV - [2012/07/26 10:32:54 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012/07/26 10:32:53 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\dmvsc.sys -- (dmvsc)
DRV - [2012/07/26 10:32:02 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\wpcfltr.sys -- (wpcfltr)
DRV - [2012/07/26 10:31:11 | 000,110,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV - [2012/07/26 10:30:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\mslldp.sys -- (MsLldp)
DRV - [2012/07/26 10:30:39 | 000,084,480 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\Drivers\Ndu.sys -- (Ndu)
DRV - [2012/07/16 21:06:32 | 000,055,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\VSPerfDrv110.sys -- (VSPerfDrv110)
DRV - [2012/07/03 04:00:14 | 000,044,712 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\usbfilter.sys -- (usbfilter)
DRV - [2012/04/09 09:13:58 | 000,048,256 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys -- (AODDriver4.2.0)
DRV - [2012/04/09 09:13:58 | 000,048,256 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys -- (AODDriver4.2)
DRV - [2011/12/18 19:43:28 | 000,011,904 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\amdide.sys -- (amdide)
DRV - [2011/12/16 01:29:42 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\tap0901.sys -- (tap0901)
DRV - [2011/04/18 21:48:08 | 000,020,464 | ---- | M] (IPVE) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\IPvEx86.sys -- (IPvE)
DRV - [2011/03/19 00:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\System32\speedfan.sys -- (speedfan)
DRV - [2010/06/26 01:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\npf.sys -- (NPF)
DRV - [2009/03/18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\hamachi.sys -- (hamachi)
DRV - [1996/04/04 03:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.duba.com/?f=dbsj
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.duba.com/?f=dbsj
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://hk.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = zh-Hant-HK,zh-Hant;q=0.8,en-US;q=0.5,en;q=0.3
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 21 83 A8 31 C4 D6 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {44177982-996D-4b79-B29F-5B60E13A5169}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www1.delta-se...120695&tsp=4947
IE - HKCU\..\SearchScopes\{44177982-996D-4b79-B29F-5B60E13A5169}: "URL" = http://www.baidu.com...g&ch=2&ie=utf-8
IE - HKCU\..\SearchScopes\{88A199E4-7E87-4DC5-8442-1DB8DB95D313}: "URL" = http://www.mysearchr...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: fmconverter%40gmail.com:1.0.0
FF - prefs.js..extensions.enabledAddons: %7BF003DA68-8256-4b37-A6C4-350FA04494DF%7D:6.5
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.10
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@kingsfot.com/npkws: c:\program files\kingsoft\kingsoft antivirus\npkws.dll (Kingsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@t.garena.com/garenatalk: C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: D:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012/12/29 01:39:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013/03/15 18:01:14 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2013/07/03 11:46:14 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins

[2012/12/10 18:49:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\waipun\AppData\Roaming\mozilla\Extensions
[2013/07/19 00:53:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\waipun\AppData\Roaming\mozilla\Firefox\Profiles\44savx2q.default\extensions
[2013/07/19 00:53:49 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Users\waipun\AppData\Roaming\mozilla\Firefox\Profiles\44savx2q.default\extensions\[email protected]
[2013/03/23 17:51:24 | 000,221,336 | ---- | M] () (No name found) -- C:\Users\waipun\AppData\Roaming\mozilla\firefox\profiles\44savx2q.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2013/05/09 17:44:12 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\waipun\AppData\Roaming\mozilla\firefox\profiles\44savx2q.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/07/12 21:18:19 | 000,275,262 | ---- | M] () (No name found) -- C:\Users\waipun\AppData\Roaming\mozilla\firefox\profiles\44savx2q.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013/07/19 00:53:19 | 000,006,507 | ---- | M] () -- C:\Users\waipun\AppData\Roaming\mozilla\firefox\profiles\44savx2q.default\searchplugins\babylon.xml
[2013/07/19 00:53:52 | 000,001,294 | ---- | M] () -- C:\Users\waipun\AppData\Roaming\mozilla\firefox\profiles\44savx2q.default\searchplugins\delta.xml
[2013/03/15 18:01:14 | 000,000,000 | ---D | M] (Logitech SetPoint) -- C:\PROGRAM FILES\LOGITECH\SETPOINTP\LOGISMOOTHFIREFOXEXT
[2012/12/29 01:39:10 | 000,000,000 | ---D | M] (Freemake Video Converter Plugin) -- D:\PROGRAM FILES\FREEMAKE\FREEMAKE VIDEO CONVERTER\BROWSERPLUGIN\FIREFOX

O1 HOSTS File: ([2012/07/26 12:17:20 | 000,000,824 | ---- | M]) - C:\Windows\System32\Drivers\etc\hosts
O2 - BHO: (mixidj Helper Object) - {4D6A9BBF-402C-4301-B1EF-28D04F71D761} - C:\Program Files\mixidj\mixidj\1.8.18.8\bh\mixidj.dll (MixiDJ)
O2 - BHO: (tuvaro Helper Object) - {5CB02877-EFBC-4317-B608-9E24B11BAB40} - C:\Program Files\tuvaro\tuvaro\1.8.17.3\bh\tuvaro.dll (Montera Technologeis LTD)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (SelectionLinks) - {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - C:\Program Files\OApps\SelectionLinks.dll (SelectionLinks)
O2 - BHO: (DefaultTab Browser Helper) - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\samson\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (Search Results LLC.)
O2 - BHO: (Microsoft Web Test Recorder 10.0 Helper) - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Tuvaro Toolbar) - {6F001652-AF51-45C6-B029-86E0265A1851} - C:\Program Files\tuvaro\tuvaro\1.8.17.3\tuvaroTlbr.dll (Montera Technologeis LTD)
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)
O3 - HKLM\..\Toolbar: (MixiDJ Toolbar) - {CA9B9C89-4662-4ADC-9C23-A452BECD5D19} - C:\Program Files\mixidj\mixidj\1.8.18.8\mixidjTlbr.dll (MixiDJ)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [kxesc] c:\program files\kingsoft\kingsoft antivirus\kxetray.exe (Kingsoft Corporation)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Users\waipun\Desktop\hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [EADM] D:\Program Files\Origin\Origin.exe (Electronic Arts)
O4 - HKCU..\Run: [GarenaPlus] C:\Program Files\Garena Plus\GarenaMessenger.exe ()
O4 - HKCU..\Run: [Steam] D:\Program Files\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} https://mybank.icbc....afeControls.cab (AxSubmitControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.8.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3A3A300E-2CAC-4305-83CA-7C5353F5C7DA}: DhcpNameServer = 192.168.8.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/08/02 20:47:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/07/19 15:58:26 | 000,000,000 | ---D | C] -- C:\Users\waipun\Desktop\helps
[2013/07/19 00:54:22 | 000,017,280 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\WINDOWS\System32\roboot.exe
[2013/07/19 00:54:18 | 000,000,000 | ---D | C] -- C:\Users\waipun\AppData\Roaming\systweak
[2013/07/19 00:53:52 | 000,000,000 | ---D | C] -- C:\Users\waipun\AppData\Roaming\BabSolution
[2013/07/19 00:53:49 | 000,000,000 | ---D | C] -- C:\Program Files\Delta
[2013/07/19 00:52:43 | 000,000,000 | ---D | C] -- C:\Users\waipun\AppData\Roaming\Babylon
[2013/07/11 11:35:11 | 000,000,000 | ---D | C] -- C:\Users\waipun\AppData\Local\Adobe
[2013/07/11 11:32:35 | 000,000,000 | ---D | C] -- C:\Users\waipun\AppData\Roaming\shoujizhushou
[2013/07/04 15:14:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2013/07/04 15:14:07 | 000,000,000 | ---D | C] -- C:\Users\waipun\Desktop\hamachi
[2013/07/01 23:26:43 | 000,000,000 | ---D | C] -- C:\ProgramData\PPSendWord
[2013/06/26 15:08:54 | 000,000,000 | ---D | C] -- C:\Users\waipun\AppData\Roaming\xim
[2013/06/23 20:06:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Level One Power Packet Utility
[2013/06/23 19:53:50 | 000,000,000 | ---D | C] -- C:\ProgramData\PPU
[2013/06/23 19:53:27 | 000,000,000 | ---D | C] -- C:\Program Files\Level One
[2013/06/23 19:52:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
[2013/06/23 19:52:25 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2013/06/20 22:53:29 | 000,000,000 | ---D | C] -- C:\Users\waipun\AppData\Roaming\Mumble
[2013/06/20 22:52:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble
[2013/06/20 22:52:02 | 000,000,000 | ---D | C] -- C:\Program Files\Mumble

========== Files - Modified Within 30 Days ==========

[2013/07/19 15:34:00 | 000,000,526 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/07/19 15:11:00 | 000,000,546 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/19 14:26:21 | 000,139,048 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2013/07/19 14:26:12 | 000,282,296 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2013/07/19 14:09:51 | 000,282,296 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.ex0
[2013/07/19 13:24:29 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/07/19 13:22:49 | 000,000,542 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/19 13:22:23 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/07/19 13:22:14 | 2789,408,768 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/18 17:24:17 | 000,191,288 | ---- | M] (Kingsoft Corporation) -- C:\WINDOWS\System32\drivers\kisknl.sys
[2013/07/18 17:23:49 | 000,152,888 | ---- | M] (Kingsoft Corporation) -- C:\WINDOWS\System32\drivers\kdhacker64.sys
[2013/07/18 17:23:47 | 000,101,176 | ---- | M] (Kingsoft Corporation) -- C:\WINDOWS\System32\drivers\kdhacker.sys
[2013/07/17 18:19:43 | 000,342,728 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/07/11 15:40:06 | 000,000,213 | ---- | M] () -- C:\Users\waipun\Desktop\Half-Life 2.url
[2013/07/04 15:14:08 | 000,001,023 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2013/07/02 00:11:35 | 000,000,101 | ---- | M] () -- C:\ProgramData\SWAPPINFO.ini
[2013/07/01 23:23:38 | 000,759,704 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/07/01 23:23:38 | 000,201,312 | ---- | M] () -- C:\WINDOWS\System32\prfh0404.dat
[2013/07/01 23:23:38 | 000,152,088 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/07/01 23:23:38 | 000,076,008 | ---- | M] () -- C:\WINDOWS\System32\prfc0404.dat
[2013/06/28 16:33:10 | 000,000,661 | ---- | M] () -- C:\Users\waipun\Desktop\srcds.exe.lnk
[2013/06/21 13:30:22 | 000,002,369 | ---- | M] () -- C:\Users\waipun\Desktop\waipun.p12
[2013/06/20 22:59:38 | 000,000,990 | ---- | M] () -- C:\Users\waipun\Desktop\Mumble.lnk
[2013/06/20 22:57:11 | 000,002,377 | ---- | M] () -- C:\Users\waipun\Documents\MumbleAutomaticCertificateBackup.p12

========== Files Created - No Company Name ==========

[2013/07/17 18:19:37 | 000,342,728 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/07/11 15:40:05 | 000,000,213 | ---- | C] () -- C:\Users\waipun\Desktop\Half-Life 2.url
[2013/07/04 15:14:08 | 000,001,023 | ---- | C] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2013/06/26 19:53:32 | 000,000,661 | ---- | C] () -- C:\Users\waipun\Desktop\srcds.exe.lnk
[2013/06/21 13:30:20 | 000,002,369 | ---- | C] () -- C:\Users\waipun\Desktop\waipun.p12
[2013/06/20 22:59:38 | 000,000,990 | ---- | C] () -- C:\Users\waipun\Desktop\Mumble.lnk
[2013/06/20 22:57:11 | 000,002,377 | ---- | C] () -- C:\Users\waipun\Documents\MumbleAutomaticCertificateBackup.p12
[2013/06/20 10:07:56 | 000,000,526 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/05/21 16:46:38 | 000,000,836 | RHS- | C] () -- C:\Users\waipun\ntuser.pol
[2013/03/29 21:18:06 | 000,369,117 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2013/03/12 03:06:40 | 000,000,101 | ---- | C] () -- C:\ProgramData\SWAPPINFO.ini
[2013/01/23 18:49:06 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\drivers\DTSU2P.DAT
[2013/01/23 18:49:06 | 000,000,867 | ---- | C] () -- C:\WINDOWS\System32\drivers\DTSU2PParamEQ.DAT
[2013/01/23 18:49:06 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2013/01/10 11:40:44 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\OEMLicense.dll
[2013/01/08 18:56:09 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2012/12/19 15:45:04 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\clinfo.exe
[2012/12/10 20:56:01 | 000,139,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2012/12/10 20:05:22 | 000,282,296 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2012/12/10 20:05:20 | 000,076,888 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2012/12/10 18:37:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2012/11/29 23:40:02 | 000,662,786 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2012/11/20 15:35:38 | 000,307,920 | ---- | C] () -- C:\WINDOWS\System32\InputControl.dll
[2012/11/20 15:35:38 | 000,276,688 | ---- | C] () -- C:\WINDOWS\System32\SubmitControl.dll
[2012/09/28 09:21:22 | 000,204,952 | ---- | C] () -- C:\WINDOWS\System32\ativvsvl.dat
[2012/09/28 09:21:22 | 000,157,144 | ---- | C] () -- C:\WINDOWS\System32\ativvsva.dat
[2012/09/20 03:09:40 | 000,076,660 | ---- | C] () -- C:\WINDOWS\System32\ativce02.dat
[2012/09/04 23:20:18 | 000,228,528 | ---- | C] () -- C:\WINDOWS\System32\ativvaxy_cik_nd.dat
[2012/09/04 23:20:18 | 000,228,528 | ---- | C] () -- C:\WINDOWS\System32\ativvaxy_cik.dat
[2012/07/26 16:27:26 | 000,201,312 | ---- | C] () -- C:\WINDOWS\System32\prfh0404.dat
[2012/07/26 16:27:26 | 000,119,666 | ---- | C] () -- C:\WINDOWS\System32\prfi0404.dat
[2012/07/26 16:27:26 | 000,076,008 | ---- | C] () -- C:\WINDOWS\System32\prfc0404.dat
[2012/07/26 16:27:26 | 000,033,362 | ---- | C] () -- C:\WINDOWS\System32\prfd0404.dat
[2012/07/26 14:55:27 | 000,759,704 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2012/07/26 14:55:27 | 000,296,742 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2012/07/26 14:55:27 | 000,152,088 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2012/07/26 14:55:27 | 000,033,362 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2012/07/26 14:53:47 | 000,215,943 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2012/07/26 14:53:46 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[2012/07/26 14:03:55 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/07/26 09:20:38 | 000,071,680 | ---- | C] () -- C:\WINDOWS\System32\BthpanContextHandler.dll
[2012/07/26 09:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\BWContextHandler.dll
[2012/07/26 04:41:36 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2012/07/26 04:24:47 | 000,526,068 | ---- | C] () -- C:\WINDOWS\System32\staticurllist.bin
[2012/07/14 10:00:46 | 000,043,882 | ---- | C] () -- C:\WINDOWS\System32\srms.dat
[2012/06/03 04:25:24 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\settings.dat
[2012/06/02 22:31:24 | 001,520,828 | ---- | C] () -- C:\WINDOWS\System32\WpcNBModel.bin
[2012/06/02 22:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2012/05/02 13:58:10 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\kdbsdk32.dll
[2011/11/07 09:52:00 | 000,053,152 | ---- | C] () -- C:\WINDOWS\System32\USBCoInstaller.dll
[2011/09/13 06:06:16 | 000,003,917 | ---- | C] () -- C:\WINDOWS\System32\atipblag.dat

========== ZeroAccess Check ==========

[2012/12/28 16:35:16 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/03/06 13:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 11:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2012/07/26 11:20:13 | 000,354,304 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/07/06 13:36:22 | 000,000,000 | ---D | M] -- C:\Users\waipun\AppData\Roaming\.minecraft
[2013/07/19 00:53:54 | 000,000,000 | ---D | M] -- C:\Users\waipun\AppData\Roaming\BabSolution
[2013/07/19 00:52:43 | 000,000,000 | ---D | M] -- C:\Users\waipun\AppData\Roaming\Babylon
[2013/01/22 18:51:54 | 000,000,000 | ---D | M] -- C:\Users\waipun\AppData\Roaming\Easeware
[2013/05/13 20:24:47 | 000,000,000 | ---D | M] -- C:\Users\waipun\AppData\Roaming\Garena
[2013/07/19 13:26:40 | 000,000,000 | ---D | M] -- C:\Users\waipun\AppData\Roaming\GarenaPlus
[2013/03/10 02:42:43 | 000,000,000 | ---D | M] -- C:\Users\waipun\AppData\Roaming\Hornil
[2013/03/30 15:21:46 | 000,000,000 | ---D | M] -- C:\Users\waipun\AppData\Roaming\kingsoft
[2013/01/23 18:51:02 | 000,000,000 | ---D | M] -- C:\Users\waipun\AppData\Roaming\Leadertech
[2013/04/29 19:13:41 | 000,000,000 | ---D | M] -- C:\Users\waipun\AppData\Roaming\LolClient
[2012/12/10 18:59:16 | 000,000,000 | ---D | M] -- C:\Users\waipun\AppData\Roaming\Maxthon3
[2013/07/19 12:33:54 | 000,000,000 | ---D | M] -- C:\Users\waipun\AppData\Roaming\Mumble
[2013/02/23 02:37:07 | 000,000,000 | ---D | M] -- C:\Users\waipun\AppData\Roaming\NetBeans
[2013/02/23 02:41:24 | 000,000,000 | ---D | M] -- C:\Users\waipun\AppData\Roaming\NuGet
[2012/12/27 00:17:14 | 000,000,000 | ---D | M] -- C:\Users\waipun\AppData\Roaming\OpenOffice.org
[2013/06/16 00:14:19 | 000,000,000 | ---D | M] -- C:\Users\waipun\AppData\Roaming\Origin
[2012/12/24 22:44:01 | 000,000,000 | ---D | M] -- C:\Users\waipun\AppData\Roaming\Publish Providers
[2013/07/12 21:59:21 | 000,000,000 | ---D | M] -- C:\Users\waipun\AppData\Roaming\shoujizhushou
[2012/12/24 22:43:59 | 000,000,000 | ---D | M] -- C:\Users\waipun\AppData\Roaming\Sony
[2012/12/10 19:37:19 | 000,000,000 | ---D | M] -- C:\Users\waipun\AppData\Roaming\SystemRequirementsLab
[2013/07/19 00:55:58 | 000,000,000 | ---D | M] -- C:\Users\waipun\AppData\Roaming\systweak
[2013/03/29 20:38:35 | 000,000,000 | ---D | M] -- C:\Users\waipun\AppData\Roaming\TeamViewer
[2013/07/17 15:39:33 | 000,000,000 | ---D | M] -- C:\Users\waipun\AppData\Roaming\uTorrent
[2013/01/28 16:54:38 | 000,000,000 | ---D | M] -- C:\Users\waipun\AppData\Roaming\Wandoujia2
[2013/06/26 15:08:54 | 000,000,000 | ---D | M] -- C:\Users\waipun\AppData\Roaming\xim

========== Purity Check ==========



========== Files - Unicode (All) ==========
(C:\Users\waipun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\?豹??器) -- C:\Users\waipun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\猎豹浏览器

========== Alternate Data Streams ==========

@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:BC359956

< End of report >

Edited by waipun, 19 July 2013 - 04:57 AM.

  • 0

#3
waipun
Posted 19 July 2013 - 04:44 AM

waipun

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
don't know is it gonna help but i found something
when i pull out the power cable and plug it back it,the first 30 minute everything is ok,pinging the server,connecting,its all ok,but after 30 minute,everything become bad again
  • 0

#4
waipun
Posted 23 July 2013 - 02:46 AM

waipun

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
lol i have no idea why did i posted in malware forum
i am posting this in networking right now,please close the thread
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP