a virus block my internet access [Closed]
#1
Posted 24 November 2013 - 01:13 AM
#2
Posted 24 November 2013 - 06:27 AM
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Users\king\Downloads\Programs
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.80 Gb Total Physical Memory | 1.80 Gb Available Physical Memory | 47.26% Memory free
7.60 Gb Paging File | 5.05 Gb Available in Paging File | 66.42% Paging File free
Paging file location(s): d:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 14.47 Gb Total Space | 0.96 Gb Free Space | 6.63% Space Free | Partition Type: NTFS
Drive D: | 451.00 Gb Total Space | 4.50 Gb Free Space | 1.00% Space Free | Partition Type: NTFS
Drive E: | 99.02 Mb Total Space | 60.77 Mb Free Space | 61.37% Space Free | Partition Type: FAT32
Computer Name: KINGOFKINGS-PC | User Name: King of Kings | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/11/24 06:51:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Users\king\Downloads\Programs\OTL.exe
PRC - [2013/11/18 23:06:54 | 000,385,808 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
PRC - [2013/11/11 15:37:52 | 002,349,392 | ---- | M] (LogMeIn Inc.) -- D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2013/08/25 22:07:05 | 003,595,856 | ---- | M] (Tonec Inc.) -- D:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2013/08/23 20:00:55 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013/07/12 13:49:47 | 000,846,288 | ---- | M] (Google Inc.) -- D:\Program Files\GoogleChromePortable\App\Chrome-bin\chrome.exe
PRC - [2013/05/25 20:55:18 | 001,045,072 | ---- | M] (BitTorrent Inc.) -- C:\Users\King of Kings\AppData\Roaming\uTorrent\uTorrent.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/12/12 08:44:48 | 000,268,248 | ---- | M] (Tonec Inc.) -- D:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
PRC - [2012/11/07 21:53:50 | 000,361,000 | ---- | M] (PortableApps.com) -- D:\Program Files\GoogleChromePortable\GoogleChromePortable.exe
PRC - [2010/12/13 14:48:18 | 000,318,520 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2010/07/23 14:44:54 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/07/23 14:44:48 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
========== Modules (No Company Name) ==========
MOD - [2013/11/24 07:07:36 | 000,016,384 | ---- | M] () -- C:\Users\King of Kings\AppData\Local\Temp\nsvE763.tmp\registry.dll
MOD - [2013/10/23 05:14:04 | 000,996,984 | ---- | M] () -- C:\Program Files\Common Files\SpeedBit\SBUpdate\sbci32.dll
MOD - [2013/07/12 13:49:44 | 000,396,240 | ---- | M] () -- D:\Program Files\GoogleChromePortable\App\Chrome-bin\28.0.1500.72\ppgooglenaclpluginchrome.dll
MOD - [2013/07/12 13:49:43 | 013,599,184 | ---- | M] () -- D:\Program Files\GoogleChromePortable\App\Chrome-bin\28.0.1500.72\PepperFlash\pepflashplayer.dll
MOD - [2013/07/12 13:49:42 | 004,052,944 | ---- | M] () -- D:\Program Files\GoogleChromePortable\App\Chrome-bin\28.0.1500.72\pdf.dll
MOD - [2013/07/12 13:48:52 | 000,601,552 | ---- | M] () -- D:\Program Files\GoogleChromePortable\App\Chrome-bin\28.0.1500.72\libglesv2.dll
MOD - [2013/07/12 13:48:51 | 000,123,344 | ---- | M] () -- D:\Program Files\GoogleChromePortable\App\Chrome-bin\28.0.1500.72\libegl.dll
MOD - [2013/07/12 13:48:49 | 001,597,392 | ---- | M] () -- D:\Program Files\GoogleChromePortable\App\Chrome-bin\28.0.1500.72\ffmpegsumo.dll
MOD - [2013/04/21 23:44:32 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/04/21 23:44:04 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
========== Services (SafeList) ==========
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV:64bit: - [2013/10/23 05:14:16 | 002,490,488 | ---- | M] (Speedbit Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe -- (SBUpd)
SRV:64bit: - [2010/12/13 17:04:46 | 000,275,968 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/11/18 23:06:54 | 000,385,808 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2013/11/18 23:06:28 | 000,398,096 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2013/11/11 15:37:48 | 002,756,944 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2013/10/10 17:54:28 | 000,144,152 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- D:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV - [2013/09/06 15:55:40 | 000,565,672 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/08/23 20:00:55 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013/04/19 17:14:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/04/24 16:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2010/07/23 14:44:54 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/07/23 14:44:48 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/10/23 05:14:18 | 000,041,368 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\SpeedBit\SBUpdate\sbw.sys -- (SBUpdd)
DRV:64bit: - [2013/07/27 00:09:47 | 000,303,616 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2013/07/27 00:09:45 | 000,035,328 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2013/06/27 04:57:42 | 000,172,920 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2013/06/20 18:16:31 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/02/19 16:44:08 | 012,312,928 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/12/13 15:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/12/06 11:42:12 | 002,350,176 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2012/08/21 15:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/12/21 12:18:34 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011/06/10 08:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/13 22:47:55 | 000,031,216 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/12/16 21:28:38 | 001,403,440 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/12/13 17:04:48 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/12/08 13:55:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/07/01 12:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV:64bit: - [2009/09/17 16:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/13 20:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 20:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV - [2013/11/18 23:06:44 | 000,077,584 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)
DRV - [2013/10/18 16:53:14 | 000,552,888 | ---- | M] (PassMark Software) [Kernel | On_Demand | Stopped] -- D:\Program Files\OSFMount\OSFMount.sys -- (OSFMount)
DRV - [2013/03/14 14:36:18 | 000,017,160 | ---- | M] (XFire) [File_System | On_Demand | Stopped] -- D:\Program Files\Xfire\XFDriver64.sys -- (XFDriver64)
DRV - [2011/07/22 11:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV - [2011/07/12 16:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008/07/26 23:30:36 | 000,014,544 | ---- | M] (OpenLibSys.org) [Kernel | On_Demand | Stopped] -- D:\Users\king\Desktop\ThrottleStop_500\WinRing0x64.sys -- (WinRing0_1_2_0)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.babyl...13_wc1&tsp=4971
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4B 78 10 47 B3 59 CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://isearch.babyl...13_wc1&tsp=4971
IE - HKCU\..\SearchScopes\{11019E69-B000-49BB-8F0C-1C5B115480D2}: "URL" = http://search.us.com...k={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: D:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: D:\Intel\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\King of Kings\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\King of Kings\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\King of Kings\AppData\Roaming\IDM\idmmzcc5 [2013/07/24 13:24:07 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = D:\Program Files\GoogleChromePortable\App\Chrome-bin\28.0.1500.72\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = D:\Program Files\GoogleChromePortable\App\Chrome-bin\28.0.1500.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = D:\Program Files\GoogleChromePortable\App\Chrome-bin\28.0.1500.72\pdf.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\King of Kings\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\King of Kings\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Java Platform SE 7 U25 (Enabled) = D:\Intel\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = D:\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = D:\Office14\NPSPWRAP.DLL
CHR - plugin: iTunes Application Detector (Enabled) = D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - Extension: Google Docs = C:\Users\King of Kings\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\King of Kings\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\King of Kings\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\King of Kings\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: IDM Integration = C:\Users\King of Kings\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.17.4_0\
CHR - Extension: New Tab Launch = C:\Users\King of Kings\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbhplonhjleiopohgmppianogioknked\1.0_0\
CHR - Extension: Gmail = C:\Users\King of Kings\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2013/08/26 23:18:14 | 000,003,749 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 bir3yka.narod2.ru
O1 - Hosts: 127.0.0.1 bidtraffic.ru
O1 - Hosts: 127.0.0.1 web35.ukraine.com.ua
O1 - Hosts: 127.0.0.1 e1dc-unassigned.eserver-ru.com
O1 - Hosts: 127.0.0.1 wrz.yandex.ru
O1 - Hosts: 127.0.0.1 host42.rax.ru
O1 - Hosts: 127.0.0.1 cpe-178-74-224-156.enet.vn.ua
O1 - Hosts: 127.0.0.1 ip-72-167-54-200.ip.secureserver.net
O1 - Hosts: 127.0.0.1 ip-whois.net
O1 - Hosts: 127.0.0.1 bir3yk.net
O1 - Hosts: 127.0.0.1 tor-moz.narod.ru
O1 - Hosts: 127.0.0.1 tor-moz.narod2.ru
O1 - Hosts: 127.0.0.1 narod2.yandex.ru
O1 - Hosts: 127.0.0.1 counter.yadro.ru
O1 - Hosts: 127.0.0.1 utindexb.dyndns.info
O1 - Hosts: 127.0.0.1 777seo.com
O1 - Hosts: 127.0.0.1 hd-teenlove.com
O1 - Hosts: 127.0.0.1 000webhost.com
O1 - Hosts: 127.0.0.1 status1.site90.com
O1 - Hosts: 127.0.0.1 bir3yka.narod2.ru
O1 - Hosts: 127.0.0.1 bidtraffic.ru
O1 - Hosts: 127.0.0.1 web35.ukraine.com.ua
O1 - Hosts: 127.0.0.1 e1dc-unassigned.eserver-ru.com
O1 - Hosts: 127.0.0.1 wrz.yandex.ru
O1 - Hosts: 127.0.0.1 host42.rax.ru
O1 - Hosts: 73 more lines...
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Intel\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Intel\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKCU..\Run: [IDMan] D:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
O4 - HKCU..\Run: [uTorrent] C:\Users\King of Kings\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Download all links with IDM - D:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download with IDM - D:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - D:\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Download all links with IDM - D:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - D:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - D:\Office14\EXCEL.EXE (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.4.4 173.255.240.156
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8AA80436-F182-4DA9-BD8F-D82A0337633C}: DhcpNameServer = 8.8.4.4 173.255.240.156
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{971B1B8E-375F-4687-9881-5257BC3CA8D4}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4b665ac3-c554-11e2-bae4-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4b665ac3-c554-11e2-bae4-806e6f6e6963}\Shell\AutoRun\command - "" = F:\NightRacer.EXE
O33 - MountPoints2\{7e4188b0-d805-11e2-9bd2-984be1c76b2c}\Shell - "" = AutoRun
O33 - MountPoints2\{7e4188b0-d805-11e2-9bd2-984be1c76b2c}\Shell\AutoRun\command - "" = G:\setup.exe
O33 - MountPoints2\{c67fa34f-3068-11e3-9325-984be1c76b2c}\Shell - "" = AutoRun
O33 - MountPoints2\{c67fa34f-3068-11e3-9325-984be1c76b2c}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/11/24 02:51:52 | 000,036,344 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Windows\SysNative\drivers\PROCEXP152.SYS
[2013/11/24 02:40:34 | 000,000,000 | ---D | C] -- C:\Users\King of Kings\AppData\Roaming\SUPERAntiSpyware.com
[2013/11/24 02:40:18 | 000,000,000 | ---D | C] -- C:\Users\King of Kings\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2013/11/24 02:40:13 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2013/11/24 02:38:19 | 000,000,000 | ---D | C] -- C:\Users\King of Kings\AppData\Roaming\Malwarebytes
[2013/11/24 02:38:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/11/24 02:38:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/11/24 02:38:07 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/11/24 02:37:38 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013/11/24 01:29:49 | 002,799,296 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\King of Kings\Desktop\procexp.exe
[2013/11/24 01:26:37 | 000,000,000 | ---D | C] -- C:\avast! sandbox
[2013/11/23 22:53:14 | 000,000,000 | ---D | C] -- C:\My Shared Folder
[2013/11/23 22:45:12 | 000,000,000 | ---D | C] -- C:\Users\King of Kings\Desktop\My Shared Folder
[2013/11/23 22:16:04 | 000,000,000 | ---D | C] -- C:\Users\King of Kings\AppData\Local\ElevatedDiagnostics
[2013/11/23 17:19:09 | 000,000,000 | ---D | C] -- C:\Users\King of Kings\Documents\FLiNGTrainer
[2013/11/23 16:32:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AbbasStudio
[2013/11/23 14:17:54 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacksSetup
[2013/11/23 14:17:03 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacks
[2013/11/23 14:17:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BlueStacks
[2013/11/23 13:52:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OSFMount
[2013/11/23 13:46:09 | 000,000,000 | ---D | C] -- C:\Users\King of Kings\Desktop\DATA.IMG Maker
[2013/11/23 13:28:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedBit Video Accelerator
[2013/11/23 13:28:46 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedBit
[2013/11/23 13:28:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeedBit
[2013/11/23 12:46:25 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Speedbit
[2013/11/23 12:46:22 | 000,172,032 | ---- | C] (Jin Hui E-mail: [email protected] Web: http://www.jcomsoft.com) -- C:\Windows\SysWow64\AniGIF.ocx
[2013/11/23 12:45:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SpeedBit
[2013/11/23 12:34:10 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2013/11/23 12:34:03 | 000,000,000 | ---D | C] -- C:\Users\King of Kings\AppData\Local\Temp
[2013/11/23 07:31:07 | 000,000,000 | ---D | C] -- C:\Users\King of Kings\AppData\Local\LogMeIn
[2013/11/23 07:31:07 | 000,000,000 | ---D | C] -- C:\ProgramData\LogMeIn
[2013/11/23 07:13:24 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys
[2013/11/23 07:12:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2013/11/22 22:53:26 | 000,000,000 | ---D | C] -- C:\Users\King of Kings\AppData\Roaming\AVAST Software
[2013/11/22 22:51:22 | 000,334,648 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013/11/22 22:50:59 | 000,447,888 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdisFlt.sys
[2013/11/22 22:49:17 | 000,409,832 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\nagqdxhq.sys
[2013/11/22 22:49:14 | 000,409,832 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\opzqlsgr.sys
[2013/11/22 22:29:36 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/11/20 10:16:38 | 000,000,000 | ---D | C] -- C:\Users\King of Kings\Desktop\GameBoy Advance Mulitiplayer - Copy
[2013/11/09 16:14:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\They Bleed Pixels
[2013/11/09 13:08:09 | 000,000,000 | ---D | C] -- C:\Users\King of Kings\AppData\Roaming\Rogue Legacy
[2013/11/09 13:08:08 | 000,000,000 | ---D | C] -- C:\Users\King of Kings\Documents\SavedGames
[2013/11/09 13:07:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
[2013/11/09 13:06:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
[2013/11/09 11:02:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChessBase
[2013/11/09 11:02:31 | 000,000,000 | ---D | C] -- C:\Users\King of Kings\AppData\Roaming\ChessBase
[2013/11/09 11:02:27 | 000,000,000 | ---D | C] -- C:\Users\King of Kings\Documents\ChessBase
[2013/10/31 18:08:32 | 000,000,000 | ---D | C] -- C:\Users\King of Kings\AppData\Roaming\fp
[2013/10/31 17:29:49 | 000,000,000 | ---D | C] -- C:\Users\King of Kings\AppData\Local\FreePascal
[2013/10/31 17:29:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Pascal
[2013/10/27 14:01:34 | 000,000,000 | ---D | C] -- C:\Users\King of Kings\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No Time To Explain
[2013/10/27 13:32:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
[2013/10/27 13:32:20 | 000,000,000 | ---D | C] -- C:\Fraps
[2013/10/26 08:56:42 | 000,000,000 | ---D | C] -- C:\Users\King of Kings\AppData\Roaming\SmartDraw
[2013/10/26 08:56:34 | 000,000,000 | ---D | C] -- C:\Users\King of Kings\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartDraw 2010
[2013/10/26 08:50:33 | 000,000,000 | ---D | C] -- C:\Users\King of Kings\AppData\Local\Downloaded Installations
[3 C:\Users\King of Kings\Desktop\*.tmp files -> C:\Users\King of Kings\Desktop\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\King of Kings\*.tmp files -> C:\Users\King of Kings\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/11/24 07:11:26 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/24 07:11:26 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/24 07:06:08 | 000,000,526 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task f070151f-94cf-43fc-b27f-c64bfd743096.job
[2013/11/24 07:06:08 | 000,000,526 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 5c2d6b7e-c450-4ccd-ba32-58d9703fd9d4.job
[2013/11/24 07:05:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/24 07:05:51 | 2041,503,744 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/24 05:31:15 | 000,000,960 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3990267690-1175417575-454330908-1000UA.job
[2013/11/24 02:51:53 | 000,036,344 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Windows\SysNative\drivers\PROCEXP152.SYS
[2013/11/24 02:40:20 | 000,000,898 | ---- | M] () -- C:\Users\King of Kings\Desktop\SUPERAntiSpyware Professional.lnk
[2013/11/24 02:38:10 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/24 02:37:32 | 000,266,214 | ---- | M] () -- C:\Users\King of Kings\Desktop\Untitled.png
[2013/11/23 16:32:49 | 000,002,725 | ---- | M] () -- C:\Users\Public\Desktop\Aurora.lnk
[2013/11/23 14:18:14 | 000,001,824 | ---- | M] () -- C:\Users\Public\Desktop\Apps.lnk
[2013/11/23 14:18:00 | 000,001,867 | ---- | M] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk
[2013/11/23 13:52:36 | 000,000,722 | ---- | M] () -- C:\Users\King of Kings\Desktop\OSFMount.lnk
[2013/11/23 13:28:58 | 000,002,161 | ---- | M] () -- C:\Users\King of Kings\Desktop\SpeedBit Video Accelerator.lnk
[2013/11/23 12:46:22 | 000,172,032 | ---- | M] (Jin Hui E-mail: [email protected] Web: http://www.jcomsoft.com) -- C:\Windows\SysWow64\AniGIF.ocx
[2013/11/23 07:12:41 | 000,000,781 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2013/11/22 22:51:20 | 000,334,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013/11/22 22:50:59 | 000,447,888 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdisFlt.sys
[2013/11/22 22:49:17 | 000,409,832 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\nagqdxhq.sys
[2013/11/22 22:49:14 | 000,409,832 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\opzqlsgr.sys
[2013/11/22 11:31:00 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3990267690-1175417575-454330908-1000Core.job
[2013/11/22 09:23:17 | 000,017,678 | ---- | M] () -- C:\Users\King of Kings\Desktop\hqdefault.jpg
[2013/11/17 07:50:24 | 000,000,602 | ---- | M] () -- C:\Users\King of Kings\Desktop\BF2.exe - Shortcut.lnk
[2013/11/16 13:49:51 | 000,926,346 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/11/16 13:49:51 | 000,774,390 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/11/16 13:49:51 | 000,152,502 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/11/11 05:31:58 | 014,342,838 | ---- | M] () -- C:\Users\King of Kings\Desktop\30 Minutes of Circle Theorem REVISION (GCSE maths tutorial and examples).3gp
[2013/11/09 16:14:29 | 000,000,924 | ---- | M] () -- C:\Users\Public\Desktop\Cat-A-Cat GAMES.lnk
[2013/11/09 16:14:29 | 000,000,893 | ---- | M] () -- C:\Users\Public\Desktop\They Bleed Pixels.lnk
[2013/11/09 13:06:14 | 000,000,771 | ---- | M] () -- C:\Users\Public\Desktop\Rogue Legacy.lnk
[2013/11/09 11:02:34 | 000,001,049 | ---- | M] () -- C:\Users\Public\Desktop\Fritz7.lnk
[2013/11/02 23:17:08 | 000,000,952 | ---- | M] () -- C:\Users\King of Kings\Desktop\pcsx2-r5628.exe - Shortcut.lnk
[2013/10/31 17:29:45 | 000,000,868 | ---- | M] () -- C:\Users\King of Kings\Desktop\Free Pascal IDE.lnk
[2013/10/27 14:01:35 | 000,001,074 | ---- | M] () -- C:\Users\King of Kings\Desktop\No Time To Explain.lnk
[2013/10/27 13:32:20 | 000,000,562 | ---- | M] () -- C:\Users\Public\Desktop\Fraps.lnk
[2013/10/26 08:56:34 | 000,000,577 | ---- | M] () -- C:\Users\King of Kings\Desktop\SmartDraw 2010.lnk
[3 C:\Users\King of Kings\Desktop\*.tmp files -> C:\Users\King of Kings\Desktop\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\King of Kings\*.tmp files -> C:\Users\King of Kings\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/11/24 02:40:44 | 000,000,526 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 5c2d6b7e-c450-4ccd-ba32-58d9703fd9d4.job
[2013/11/24 02:40:43 | 000,000,526 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task f070151f-94cf-43fc-b27f-c64bfd743096.job
[2013/11/24 02:40:20 | 000,000,898 | ---- | C] () -- C:\Users\King of Kings\Desktop\SUPERAntiSpyware Professional.lnk
[2013/11/24 02:38:10 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/23 16:32:49 | 000,002,725 | ---- | C] () -- C:\Users\Public\Desktop\Aurora.lnk
[2013/11/23 14:18:14 | 000,001,824 | ---- | C] () -- C:\Users\Public\Desktop\Apps.lnk
[2013/11/23 14:18:00 | 000,001,867 | ---- | C] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk
[2013/11/23 13:52:36 | 000,000,722 | ---- | C] () -- C:\Users\King of Kings\Desktop\OSFMount.lnk
[2013/11/23 12:46:27 | 000,002,161 | ---- | C] () -- C:\Users\King of Kings\Desktop\SpeedBit Video Accelerator.lnk
[2013/11/23 07:12:41 | 000,000,781 | ---- | C] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2013/11/22 09:23:17 | 000,017,678 | ---- | C] () -- C:\Users\King of Kings\Desktop\hqdefault.jpg
[2013/11/17 07:50:24 | 000,000,602 | ---- | C] () -- C:\Users\King of Kings\Desktop\BF2.exe - Shortcut.lnk
[2013/11/12 12:39:23 | 014,342,838 | ---- | C] () -- C:\Users\King of Kings\Desktop\30 Minutes of Circle Theorem REVISION (GCSE maths tutorial and examples).3gp
[2013/11/09 16:14:29 | 000,000,924 | ---- | C] () -- C:\Users\Public\Desktop\Cat-A-Cat GAMES.lnk
[2013/11/09 16:14:29 | 000,000,893 | ---- | C] () -- C:\Users\Public\Desktop\They Bleed Pixels.lnk
[2013/11/09 13:06:14 | 000,000,771 | ---- | C] () -- C:\Users\Public\Desktop\Rogue Legacy.lnk
[2013/11/09 11:02:34 | 000,001,049 | ---- | C] () -- C:\Users\Public\Desktop\Fritz7.lnk
[2013/11/02 23:17:08 | 000,000,952 | ---- | C] () -- C:\Users\King of Kings\Desktop\pcsx2-r5628.exe - Shortcut.lnk
[2013/10/31 17:29:45 | 000,000,868 | ---- | C] () -- C:\Users\King of Kings\Desktop\Free Pascal IDE.lnk
[2013/10/27 14:01:35 | 000,001,074 | ---- | C] () -- C:\Users\King of Kings\Desktop\No Time To Explain.lnk
[2013/10/27 13:32:20 | 000,000,562 | ---- | C] () -- C:\Users\Public\Desktop\Fraps.lnk
[2013/10/26 08:56:34 | 000,000,577 | ---- | C] () -- C:\Users\King of Kings\Desktop\SmartDraw 2010.lnk
[2013/10/19 13:08:26 | 000,081,338 | ---- | C] () -- C:\ProgramData\1382204981.bdinstall.bin
[2013/10/19 12:49:41 | 000,023,008 | ---- | C] () -- C:\ProgramData\1382204979.bdinstall.bin
[2013/08/26 21:41:22 | 000,201,341 | ---- | C] () -- C:\ProgramData\1377570846.bdinstall.bin
[2013/08/16 19:49:55 | 000,000,017 | ---- | C] () -- C:\Users\King of Kings\AppData\Local\resmon.resmoncfg
[2013/07/23 18:20:54 | 013,913,600 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2013/07/20 20:05:12 | 000,281,768 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/07/20 20:04:54 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013/07/19 08:46:09 | 000,917,376 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/06/23 21:22:13 | 000,000,056 | ---- | C] () -- C:\Windows\SpeederXP.INI
[2013/05/29 20:47:22 | 000,792,416 | ---- | C] () -- C:\Windows\SysWow64\DiagFunc.dll
[2013/05/29 20:47:22 | 000,000,451 | ---- | C] () -- C:\Windows\SysWow64\DiagFunc.ini
[2013/05/29 20:47:22 | 000,000,072 | ---- | C] () -- C:\Windows\SysWow64\RaCertMgr.ini
[2013/05/29 17:47:23 | 000,524,288 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013/05/29 17:47:23 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013/05/29 12:34:41 | 000,004,608 | ---- | C] () -- C:\Users\King of Kings\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/05/25 12:57:30 | 000,014,051 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2013/04/03 09:10:52 | 000,091,264 | ---- | C] () -- C:\Windows\SysWow64\EasyHook32.dll
[2011/12/21 12:18:12 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2011/12/21 12:18:06 | 000,105,608 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
========== ZeroAccess Check ==========
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009/07/13 20:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009/07/13 20:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 20:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Alternate Data Streams ==========
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:FB1B13D8
< End of report >
#3
Posted 26 November 2013 - 01:02 PM
Looks like the TCP/IP stack have been corrupted.
OTL and all of our diagnostic tools are designed to be run from the desktop of the drive containing the Windows operating system. In your case the C: drive. So you need to move the OTL.exe file from the D:\Users\king\Downloads\Programs folder and put it on the desktop of the C: drive.
But our immediate problem is that amount of free space on the C: drive is dangerously low. This is from the OTL log file:
We are gonna need to clear some space on the C: drive. The scans and fixes may not function properly when the free space is this low.%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 14.47 Gb Total Space | 0.96 Gb Free Space | 6.63% Space Free | Partition Type: NTFS
Drive D: | 451.00 Gb Total Space | 4.50 Gb Free Space | 1.00% Space Free | Partition Type: NTFS
Drive E: | 99.02 Mb Total Space | 60.77 Mb Free Space | 61.37% Space Free | Partition Type: FAT32
Hard-Drive Free Space Advice:
6.63% Space Free
This is considered dangerously low. A Hard-Drive requires a bare minimum of 15% available free space to be able to function correctly, but at least 25% is better in my humble opinion.
I advise you to uninstall some software you do not need and / or move any documents/files/pictures etc to a form of removable media. This is just my advice as the lack of current Hard-Drive space will be impacting on overall system performance. Plus eventually any type of system maintenance will prove to be problematic.
Once you have freed up the necessary space on the C: drive and moved the OTL.exe file to the desktop of the C: drive, please run a fresh OTL scan. Please change the following settings on the OTL GUI console before running the scan:
1. Click the boxes at the top of the console next to Scan All Users and Include 64bit Scans
2. In the Extra Registry section and click the radio button beside Include SafeList. This will produce an additional log. The Extras.txt log. Please post the new OTL.txt log and the Extras.txt log in your next reply.
#4
Posted 30 November 2013 - 01:28 PM
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users