Jump to content


Photo
- - - - -

imgur images wont load


  • This topic is locked This topic is locked
10 replies to this topic

#1 mengskx

mengskx

    Enthusiast

  • Members
  • PipPipPipPip
  • 175 posts

Posted 31 October 2012 - 10:43 PM

This is the only site that my images wont load on. I will be browsing Reddit and imgur will work for a little bit then all the sudden the images wont load and all that shows up is the title of the picture.

OTL logfile created on: 11/1/2012 12:04:34 AM - Run 7
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Mengsk\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 67.00% Memory free
7.00 Gb Paging File | 5.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 458.28 Gb Total Space | 131.90 Gb Free Space | 28.78% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 226.89 Gb Free Space | 48.71% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MENGSK-PC
Current User Name: Mengsk
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2012/10/26 21:50:25 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/10/26 21:50:21 | 000,016,864 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2012/10/09 10:53:36 | 004,441,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Mengsk\AppData\Local\Akamai\netsession_win.exe
PRC - [2012/10/08 18:36:05 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
PRC - [2012/08/13 03:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe
PRC - [2012/07/31 03:37:02 | 002,596,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012/07/26 03:23:08 | 000,758,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2012/06/13 03:48:24 | 001,255,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2012/06/01 01:46:16 | 000,932,528 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012/03/19 05:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/11/25 17:32:36 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2011/08/19 04:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2010/10/16 01:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/09/01 23:26:24 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Mengsk\Desktop\OTL.exe
PRC - [2010/05/07 19:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/07/07 15:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2009/07/07 15:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/06 13:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) -- C:\Windows\System32\atashost.exe
PRC - [2008/09/29 13:19:22 | 000,415,744 | ---- | M] () -- C:\Program Files\Atomic Alarm Clock\timeserv.exe
PRC - [2008/09/24 05:05:05 | 000,527,360 | ---- | M] () -- C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
PRC - [2007/02/14 17:23:18 | 000,538,096 | ---- | M] ( ) -- C:\Windows\System32\dlcccoms.exe
PRC - [2005/05/17 17:21:12 | 000,147,456 | ---- | M] () -- C:\Program Files\Razer\razerhid.exe
PRC - [2005/01/18 00:06:12 | 000,143,360 | ---- | M] (Razer Inc.) -- C:\Program Files\Razer\razerofa.exe


========== Modules (SafeList) ==========

MOD - [2010/09/01 23:26:24 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Mengsk\Desktop\OTL.exe
MOD - [2010/08/31 10:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2008/01/20 21:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - [2012/10/30 10:45:32 | 004,539,200 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_b5e8a4c.dll -- (Akamai)
SRV - [2012/10/26 21:50:25 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/08 18:36:06 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/08/13 03:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/11/25 17:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011/08/19 04:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/02/22 08:33:09 | 000,797,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2010/10/16 01:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/05/07 19:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/01/21 17:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/01/09 20:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009/11/20 13:55:15 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/07/07 15:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2009/03/06 13:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) [Auto | Running] -- C:\Windows\System32\atashost.exe -- (atashost)
SRV - [2008/09/29 13:19:22 | 000,415,744 | ---- | M] () [Auto | Running] -- C:\Program Files\Atomic Alarm Clock\timeserv.exe -- (AtomicAlarmClock)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/02/14 17:23:18 | 000,538,096 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlcccoms.exe -- (dlcc_device)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ProtoWall.sys -- (ProtoWall)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerGuardian2\pgfilter.sys -- (pgfilter)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012/08/24 15:43:18 | 000,301,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/07/26 03:21:30 | 000,237,408 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/04/19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/01/31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/12/23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/12/23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011/12/23 13:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2011/12/01 12:40:16 | 000,056,496 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\NBVol.sys -- (NBVol)
DRV - [2011/12/01 12:40:16 | 000,012,464 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\NBVolUp.sys -- (NBVolUp)
DRV - [2011/08/19 04:26:50 | 004,334,624 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech HD Webcam C270(UVC)
DRV - [2011/08/19 04:26:46 | 000,315,808 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2010/07/10 06:37:00 | 011,008,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/05/14 17:02:14 | 000,114,784 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2010/05/07 19:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/07/07 15:48:44 | 000,027,696 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\purendis.sys -- (purendis)
DRV - [2009/07/07 15:48:44 | 000,026,672 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\pnarp.sys -- (pnarp)
DRV - [2009/06/30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009/04/10 23:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2009/04/08 15:29:52 | 000,056,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\xusb21.sys -- (xusb21)
DRV - [2008/12/18 07:23:49 | 000,103,360 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2008/11/02 03:44:10 | 000,056,572 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2008/07/21 07:11:58 | 000,024,392 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2008/01/25 19:02:04 | 000,140,832 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2008/01/25 19:02:04 | 000,132,128 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2008/01/20 21:23:49 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\umpass.sys -- (UMPass)
DRV - [2008/01/20 21:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 21:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 21:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 21:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 21:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 21:23:26 | 000,052,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msdv.sys -- (MSDV)
DRV - [2008/01/20 21:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 21:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 21:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 21:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 21:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2008/01/20 21:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 21:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 21:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 21:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 21:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 21:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 21:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 21:23:23 | 000,045,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\61883.sys -- (61883)
DRV - [2008/01/20 21:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 21:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 21:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 21:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 21:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel®
DRV - [2008/01/20 21:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 21:23:20 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avc.sys -- (Avc)
DRV - [2008/01/20 21:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 21:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 21:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/07/14 20:37:04 | 000,027,992 | ---- | M] (EnTech Taiwan) [Kernel | System | Running] -- C:\Windows\System32\drivers\pstrip.sys -- (PStrip)
DRV - [2007/06/15 10:52:18 | 000,143,256 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mv61xx.sys -- (mv61xx)
DRV - [2007/05/24 09:15:00 | 000,246,784 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2007/04/25 11:17:36 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2007/04/11 23:18:34 | 000,048,000 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID)
DRV - [2006/12/28 18:51:56 | 000,110,592 | ---- | M] (ATI Technologies Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ahcix86s.sys -- (ahcix86s)
DRV - [2006/12/12 11:16:06 | 000,022,528 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emAudio.sys -- (emAudio)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 00:50:52 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2006/10/30 18:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2006/10/19 00:44:48 | 000,007,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2006/09/24 08:28:46 | 000,005,248 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan)
DRV - [2006/08/28 16:12:04 | 000,013,312 | ---- | M] () [Kernel | System | Running] -- C:\Windows\system32\drivers\MTictwl.sys -- (NCPro)
DRV - [2006/08/28 16:12:04 | 000,013,312 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MTictwl.sys -- (MagicTune)
DRV - [2006/02/07 18:52:58 | 000,006,912 | ---- | M] (JMicron ) [Kernel | Boot | Stopped] -- C:\Windows\system32\drivers\jgogo.sys -- (JGOGO)
DRV - [2005/12/21 09:14:52 | 000,100,957 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emDevice.sys -- (DCamUSBEMPIA)
DRV - [2005/12/21 09:14:52 | 000,005,245 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emFilter.sys -- (FiltUSBEMPIA)
DRV - [2005/12/21 09:14:52 | 000,004,493 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emScan.sys -- (ScanUSBEMPIA)
DRV - [2005/09/23 23:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2002/07/17 16:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ASPI32.SYS -- (ASPI)
DRV - [1996/04/03 14:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.alienware.com/mothership
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alienware...D35383437363541
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [String data over 1000 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.alienware...D35383437363541
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = CF A7 84 15 40 A2 7C 49 B3 3F E3 BE 8C B0 BE 2D [binary data]
IE - HKCU\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.bing.com/"
FF - prefs.js..extensions.enabledItems: {dd3d7613-0246-469d-bc65-2a3cc1668adc}:0.7.1.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.2
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1209
FF - prefs.js..keyword.URL: "http://www.startnow....6.0-x86-SP2&q="


FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/09/10 09:17:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramDataMozilla\Extensions\[email protected] [2011/06/04 23:34:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files\Siber Systems\AI RoboForm\Firefox [2012/08/20 23:41:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/08/28 09:35:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/26 21:50:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/10/26 21:50:11 | 000,000,000 | ---D | M]

[2009/04/29 22:07:49 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Extensions
[2012/10/26 16:56:21 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\extensions
[2010/08/22 21:58:46 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/11/23 23:14:29 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\extensions\{5ff0a980-630a-4c57-b889-5a113eb80ee3}
[2012/08/27 13:40:12 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
[2011/11/08 12:23:16 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\extensions\{daff3c88-c737-4383-bca6-4e561c141686}
[2011/01/01 21:30:51 | 000,000,000 | ---D | M] (BlockSite) -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
[2011/03/24 22:48:39 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2011/11/08 16:42:02 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\extensions\{f3ee66d0-3b73-493b-94ff-9e6f86336c8f}
[2011/05/08 23:54:52 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\extensions\[email protected]
[2011/06/04 23:34:23 | 000,002,265 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\bing-zugo.xml
[2009/08/21 16:06:56 | 000,002,164 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\bing.xml
[2012/10/27 19:54:55 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-1.xml
[2010/02/09 22:02:27 | 000,000,961 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-2.xml
[2010/03/12 02:40:30 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-3.xml
[2010/03/23 17:07:23 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-4.xml
[2010/04/03 00:29:34 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-5.xml
[2010/06/23 12:48:20 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-6.xml
[2010/06/27 02:16:42 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-7.xml
[2010/07/21 16:17:26 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-8.xml
[2010/07/24 23:29:47 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-9.xml
[2010/01/04 03:03:29 | 000,000,955 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin.xml
[2012/10/26 21:50:10 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2012/10/26 21:50:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012/10/26 21:50:10 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/10/26 21:50:26 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2012/08/28 22:24:58 | 000,002,465 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2011/05/06 23:37:38 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml.old
[2012/10/12 05:27:33 | 000,002,058 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2011/10/12 03:21:55 | 000,001,798 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 125.252.224.90
O1 - Hosts: 127.0.0.1 125.252.224.91
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Window Shopper) - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files\Superfish\Window Shopper\SuperfishIEAddon.dll (Superfish)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (IE Developer Toolbar BHO) - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentControl_v2 Toolbar) - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DLCCCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\DLCCtime.DLL ()
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [razer] C:\Program Files\Razer\razerhid.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [USB2Check] C:\Windows\System32\PCLECoInst.DLL (Pinnacle Systems)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Mengsk\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe (PeerBlock, LLC)
O4 - HKCU..\Run: [RoboForm] C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKCU..\Run: [SkinClock] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe ()
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Mengsk\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Window Shopper - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - C:\Program Files\Superfish\Window Shopper\SuperfishIEAddon.dll (Superfish)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 75.75.75.75 75.75.76.76
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\AW-CO9-43.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\AW-CO9-43.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG2012\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/10/26 21:50:09 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/10/19 22:07:10 | 000,000,000 | ---D | C] -- C:\Users\Mengsk\Documents\StarCraft II Beta
[2012/10/19 20:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\StarCraft II 2012 Beta
[2012/10/19 20:45:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2012/10/14 11:13:16 | 000,000,000 | ---D | C] -- C:\Users\Mengsk\CD
[2012/10/10 14:23:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012/10/10 14:23:55 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/10/10 14:23:55 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/10/03 11:32:11 | 000,000,000 | ---D | C] -- C:\Users\Mengsk\Adele
[2008/12/31 00:43:53 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Mengsk\AppData\Roaming\pcouffin.sys
[2006/12/20 18:08:24 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlccpmui.dll
[2006/12/20 18:06:58 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlccserv.dll
[2006/12/20 18:01:04 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlcccomm.dll
[2006/12/20 17:59:24 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlcclmpm.dll
[2006/12/20 17:58:02 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlcciesc.dll
[2006/12/20 17:55:40 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlccpplc.dll
[2006/12/20 17:54:54 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlcccomc.dll
[2006/12/20 17:54:20 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlccprox.dll
[2006/12/20 17:47:32 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlccinpa.dll
[2006/12/20 17:46:50 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\dlccusb1.dll
[2006/12/20 17:42:36 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlcchbn3.dll
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/11/01 00:04:31 | 005,505,024 | -HS- | M] () -- C:\Users\Mengsk\NTUSER.DAT
[2012/10/31 23:58:00 | 000,000,270 | ---- | M] () -- C:\Windows\tasks\Check Updates for Windows Live Toolbar.job
[2012/10/31 23:55:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/31 23:36:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/10/31 23:13:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3144074192-4086266024-1217872548-1000UA.job
[2012/10/31 22:55:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/31 22:50:56 | 000,707,392 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2012/10/31 22:50:56 | 000,607,210 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/10/31 22:50:56 | 000,104,850 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/10/31 22:45:13 | 000,000,745 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\AtomicAlarmClock.ini
[2012/10/31 22:44:19 | 000,124,901 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/10/31 22:44:19 | 000,124,901 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/10/31 22:43:55 | 000,005,952 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/31 22:43:55 | 000,005,952 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/31 22:43:54 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2012/10/31 22:43:54 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012/10/31 22:43:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/31 22:43:48 | 3488,931,840 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/31 22:41:18 | 000,524,288 | -HS- | M] () -- C:\Users\Mengsk\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2012/10/31 22:41:18 | 000,065,536 | -HS- | M] () -- C:\Users\Mengsk\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2012/10/31 22:40:37 | 003,833,987 | -H-- | M] () -- C:\Users\Mengsk\AppData\Local\IconCache.db
[2012/10/31 20:48:09 | 000,001,456 | ---- | M] () -- C:\Users\Mengsk\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012/10/31 14:26:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012/10/31 13:13:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3144074192-4086266024-1217872548-1000Core.job
[2012/10/31 08:14:39 | 099,046,039 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/10/23 14:45:30 | 000,245,248 | ---- | M] () -- C:\Users\Mengsk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/10/23 12:01:56 | 047,798,966 | ---- | M] () -- C:\Users\Mengsk\05 Section 43.flac
[2012/10/23 12:01:56 | 041,783,448 | ---- | M] () -- C:\Users\Mengsk\11 Grace.flac
[2012/10/23 12:01:56 | 030,051,150 | ---- | M] () -- C:\Users\Mengsk\03 Death Sound.flac
[2012/10/23 12:01:56 | 029,181,456 | ---- | M] () -- C:\Users\Mengsk\09 Bass Strings.flac
[2012/10/23 12:01:56 | 028,278,282 | ---- | M] () -- C:\Users\Mengsk\02 Not So Sweet Martha Lorraine.flac
[2012/10/23 12:01:56 | 018,757,037 | ---- | M] () -- C:\Users\Mengsk\10 The Masked Marauder.flac
[2012/10/23 12:01:56 | 016,100,158 | ---- | M] () -- C:\Users\Mengsk\04 Porpoise Mouth.flac
[2012/10/23 12:01:56 | 015,647,623 | ---- | M] () -- C:\Users\Mengsk\01 Flying High.flac
[2012/10/23 12:01:56 | 015,188,297 | ---- | M] () -- C:\Users\Mengsk\08 Love.flac
[2012/10/23 12:01:56 | 015,117,975 | ---- | M] () -- C:\Users\Mengsk\07 Sad And Lonely Times.flac
[2012/10/23 12:01:56 | 013,494,573 | ---- | M] () -- C:\Users\Mengsk\06 Super Bird.flac
[2012/10/23 12:01:56 | 000,038,351 | ---- | M] () -- C:\Users\Mengsk\~uTorrentPartFile_103A54E3.dat
[2012/10/23 11:57:56 | 000,857,979 | ---- | M] () -- C:\Users\Mengsk\Electric Music.jpg
[2012/10/23 11:38:00 | 006,968,216 | ---- | M] () -- C:\Users\Mengsk\05 Jesus Saves.mp3
[2012/10/23 11:37:58 | 005,727,944 | ---- | M] () -- C:\Users\Mengsk\06 Criminally Insane.mp3
[2012/10/23 11:37:58 | 005,273,804 | ---- | M] () -- C:\Users\Mengsk\07 Reborn.mp3
[2012/10/23 11:37:57 | 011,672,480 | ---- | M] () -- C:\Users\Mengsk\01 angel of death.mp3
[2012/10/23 11:37:50 | 006,589,244 | ---- | M] () -- C:\Users\Mengsk\09 Postmortem.mp3
[2012/10/23 11:37:49 | 005,732,120 | ---- | M] () -- C:\Users\Mengsk\08 Epidemic.mp3
[2012/10/23 11:37:48 | 011,901,116 | ---- | M] () -- C:\Users\Mengsk\10 Raining Blood.mp3
[2012/10/23 11:37:46 | 004,028,312 | ---- | M] () -- C:\Users\Mengsk\03 Necrophobic.mp3
[2012/10/23 11:37:44 | 006,832,496 | ---- | M] () -- C:\Users\Mengsk\04 Altar of Sacrifice.mp3
[2012/10/23 11:37:43 | 004,915,712 | ---- | M] () -- C:\Users\Mengsk\02 Piece by Piece.mp3
[2012/10/23 11:37:32 | 000,747,466 | ---- | M] () -- C:\Users\Mengsk\Reign In Blood.jpg
[2012/10/19 20:47:00 | 000,000,995 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II Beta.lnk
[2012/10/18 04:44:14 | 000,797,896 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012/10/10 20:14:40 | 000,002,009 | ---- | M] () -- C:\Users\Mengsk\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/10/08 18:36:05 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/10/08 18:36:05 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/10/03 11:30:56 | 001,307,313 | ---- | M] () -- C:\Users\Mengsk\Digital Booklet - 21.pdf
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/10/23 11:57:56 | 000,038,351 | ---- | C] () -- C:\Users\Mengsk\~uTorrentPartFile_103A54E3.dat
[2012/10/23 11:36:16 | 000,857,979 | ---- | C] () -- C:\Users\Mengsk\Electric Music.jpg
[2012/10/23 11:35:56 | 000,747,466 | ---- | C] () -- C:\Users\Mengsk\Reign In Blood.jpg
[2012/10/23 11:35:35 | 006,589,244 | ---- | C] () -- C:\Users\Mengsk\09 Postmortem.mp3
[2012/10/23 11:35:34 | 005,273,804 | ---- | C] () -- C:\Users\Mengsk\07 Reborn.mp3
[2012/10/23 11:35:32 | 006,968,216 | ---- | C] () -- C:\Users\Mengsk\05 Jesus Saves.mp3
[2012/10/23 11:35:31 | 011,901,116 | ---- | C] () -- C:\Users\Mengsk\10 Raining Blood.mp3
[2012/10/23 11:35:31 | 006,832,496 | ---- | C] () -- C:\Users\Mengsk\04 Altar of Sacrifice.mp3
[2012/10/23 11:35:30 | 005,727,944 | ---- | C] () -- C:\Users\Mengsk\06 Criminally Insane.mp3
[2012/10/23 11:35:29 | 004,028,312 | ---- | C] () -- C:\Users\Mengsk\03 Necrophobic.mp3
[2012/10/23 11:35:28 | 005,732,120 | ---- | C] () -- C:\Users\Mengsk\08 Epidemic.mp3
[2012/10/23 11:35:27 | 011,672,480 | ---- | C] () -- C:\Users\Mengsk\01 angel of death.mp3
[2012/10/23 11:35:27 | 004,915,712 | ---- | C] () -- C:\Users\Mengsk\02 Piece by Piece.mp3
[2012/10/23 11:34:48 | 018,757,037 | ---- | C] () -- C:\Users\Mengsk\10 The Masked Marauder.flac
[2012/10/23 11:34:46 | 015,188,297 | ---- | C] () -- C:\Users\Mengsk\08 Love.flac
[2012/10/23 11:34:37 | 013,494,573 | ---- | C] () -- C:\Users\Mengsk\06 Super Bird.flac
[2012/10/23 11:34:12 | 015,117,975 | ---- | C] () -- C:\Users\Mengsk\07 Sad And Lonely Times.flac
[2012/10/23 11:33:52 | 016,100,158 | ---- | C] () -- C:\Users\Mengsk\04 Porpoise Mouth.flac
[2012/10/23 11:33:42 | 041,783,448 | ---- | C] () -- C:\Users\Mengsk\11 Grace.flac
[2012/10/23 11:33:38 | 030,051,150 | ---- | C] () -- C:\Users\Mengsk\03 Death Sound.flac
[2012/10/23 11:33:36 | 015,647,623 | ---- | C] () -- C:\Users\Mengsk\01 Flying High.flac
[2012/10/23 11:33:28 | 028,278,282 | ---- | C] () -- C:\Users\Mengsk\02 Not So Sweet Martha Lorraine.flac
[2012/10/23 11:33:24 | 029,181,456 | ---- | C] () -- C:\Users\Mengsk\09 Bass Strings.flac
[2012/10/23 11:33:23 | 047,798,966 | ---- | C] () -- C:\Users\Mengsk\05 Section 43.flac
[2012/10/19 20:45:29 | 000,000,995 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II Beta.lnk
[2012/10/03 11:29:50 | 001,307,313 | ---- | C] () -- C:\Users\Mengsk\Digital Booklet - 21.pdf
[2012/08/29 13:43:04 | 000,027,520 | ---- | C] () -- C:\Users\Mengsk\AppData\Local\dt.dat
[2011/12/09 03:25:24 | 000,001,456 | ---- | C] () -- C:\Users\Mengsk\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011/08/19 04:26:20 | 010,898,456 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2011/08/19 04:26:20 | 000,336,408 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2011/07/26 01:48:54 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2011/06/10 20:32:54 | 000,000,585 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\alarms.ini
[2011/06/05 21:16:09 | 000,000,745 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\AtomicAlarmClock.ini
[2011/04/18 03:11:54 | 000,000,328 | ---- | C] () -- C:\ProgramData\41344776
[2011/03/10 02:16:10 | 000,124,901 | ---- | C] () -- C:\ProgramData\nvModes.001
[2011/03/10 02:16:09 | 000,124,901 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2011/02/02 20:58:28 | 000,245,248 | ---- | C] () -- C:\Users\Mengsk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/31 02:00:40 | 000,000,000 | ---- | C] () -- C:\Users\Mengsk\AppData\Local\prvlcl.dat
[2010/11/05 02:19:04 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/10/11 21:37:14 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/07/22 14:56:56 | 000,000,565 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\myMPQ.ini
[2010/05/07 19:46:36 | 000,014,168 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2010/05/07 19:43:30 | 000,025,824 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2009/12/30 13:35:18 | 008,892,928 | ---- | C] () -- C:\ProgramData\atscie.msi
[2009/12/06 21:20:33 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2009/09/17 06:39:59 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/01/12 01:23:00 | 000,001,041 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\vso_ts_preview.xml
[2008/12/31 00:43:53 | 000,007,887 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\pcouffin.cat
[2008/12/31 00:43:53 | 000,001,144 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\pcouffin.inf
[2008/12/31 00:43:53 | 000,000,034 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\pcouffin.log
[2008/12/28 12:29:45 | 000,815,104 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008/12/28 12:29:45 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008/12/28 02:36:54 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2008/11/21 16:47:52 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/11/21 16:45:16 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2008/11/21 16:45:16 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest
[2008/11/21 16:44:16 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2008/08/12 21:31:10 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008/08/12 21:31:10 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2008/07/18 20:18:12 | 000,013,312 | ---- | C] () -- C:\Windows\System32\drivers\MTictwl.sys
[2008/07/15 07:42:52 | 000,000,274 | ---- | C] () -- C:\Windows\AWACT.dll
[2007/09/07 09:34:50 | 000,000,395 | ---- | C] () -- C:\ProgramData\pstrip.ini
[2007/02/07 13:57:16 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlcccoin.dll
[2007/01/26 08:11:42 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dlccinsr.dll
[2007/01/26 08:11:20 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dlcccur.dll
[2007/01/26 08:09:58 | 000,135,168 | ---- | C] () -- C:\Windows\System32\dlccjswr.dll
[2007/01/26 07:59:04 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlccinsb.dll
[2007/01/26 07:58:30 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dlcccub.dll
[2007/01/26 07:57:38 | 000,073,728 | ---- | C] () -- C:\Windows\System32\dlcccu.dll
[2007/01/26 07:57:18 | 000,159,744 | ---- | C] () -- C:\Windows\System32\dlccins.dll
[2007/01/26 07:53:46 | 000,434,176 | ---- | C] () -- C:\Windows\System32\dlccutil.dll
[2007/01/26 02:04:12 | 000,138,752 | ---- | C] () -- C:\Windows\System32\mase32.dll
[2007/01/26 02:04:12 | 000,027,648 | ---- | C] () -- C:\Windows\System32\ma32.dll
[2007/01/22 03:24:50 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dlcccfg.dll
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/10/19 00:44:48 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2005/08/18 07:26:46 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlccvs.dll
[2005/04/01 12:44:16 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlcccnv4.dll
[1996/04/03 14:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 3552 bytes -> C:\Windows\alienware logo_slvr.jpg:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:288A91F8
< End of report >

#2 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 01 November 2012 - 02:40 PM

This is the only site that my images wont load on



Every other site is ok, but this site the images DO NOT load?

Can I see the other log from OTL.exe, it's created first time run, it 's called Extras.txt
You should have a copy of it on desktop
If you don't have that log, please do the following

Under all options, select NONE, if applicable
Except under 'Extra Registry' select "Use Safelist"

Then click on RUN SCAN, when done, close OTL.txt that opens, post the contents of Extras.txt on desktop

Do you want to post your own logs from FRST?
Follow the instructions posted Click Here


#3 mengskx

mengskx

    Enthusiast

  • Members
  • PipPipPipPip
  • 175 posts

Posted 01 November 2012 - 11:07 PM

Also the site gophoto.it the original image wont load but I can click under the effects thumbnails and those load. Both of these sites work only sometimes. I've tried different browsers but same result.

OTL Extras logfile created on: 11/2/2012 12:23:19 AM - Run 8
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Mengsk\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 55.00% Memory free
7.00 Gb Paging File | 5.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 458.28 Gb Total Space | 132.73 Gb Free Space | 28.96% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 226.89 Gb Free Space | 48.71% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MENGSK-PC
Current User Name: Mengsk
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.js [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.txt [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{028C7EAA-3E54-44AB-A60F-B6CA9CB9D6C0}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{0C00BF8F-DC9D-4374-803C-C19DECFE4D1C}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{174A4950-ED71-4D06-B81B-D61282EA769F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{187747C1-D849-4521-A2CC-0734949BF0C4}" = lport=139 | protocol=6 | dir=in | app=system |
"{1F5631CC-831E-4F7E-AA13-953EAD794D2D}" = lport=137 | protocol=17 | dir=in | app=system |
"{25B44BB7-0EA1-4F59-9287-82EDE3390BA8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3B5FD846-890B-4473-AC55-D0962F3060AF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3E35DEFF-A75B-41E7-98E8-3D9076B14E01}" = lport=3390 | protocol=6 | dir=in | app=system |
"{3ECF40F5-E8DC-4EE6-8A3D-711A9C3169C8}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{4AB783FB-D142-4128-80EE-474C1883ADCA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4FC6D67B-B449-461A-85AA-C97BAB910C68}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{50759338-1F5F-4BF8-A311-EE40687493A1}" = rport=445 | protocol=6 | dir=out | app=system |
"{5311B277-9E59-424D-BD37-4F1E6657A38E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{53E3FED5-F0B2-46E4-A14F-78A7B5712929}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{5A011F8D-2107-4A77-AD5C-9C07BE999FC1}" = rport=5357 | protocol=6 | dir=out | app=system |
"{6471ED7E-2EF6-4252-9D6B-474111E8DD71}" = lport=10244 | protocol=6 | dir=in | app=system |
"{69BFC1CC-ECCD-4D9D-B59C-0127C0C90E69}" = rport=139 | protocol=6 | dir=out | app=system |
"{6D51026F-5EEC-40C3-BAC5-76851D5B8A22}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7C75E82A-9657-4B82-B7E5-6D5DBB9F47CE}" = lport=138 | protocol=17 | dir=in | app=system |
"{8276C576-600E-4C5A-9BCD-CE33E1675F8C}" = rport=10244 | protocol=6 | dir=out | app=system |
"{870F3A2F-E4C8-44FA-9695-F0FE4F90E18B}" = rport=137 | protocol=17 | dir=out | app=system |
"{8835C20A-CF3E-4338-A3FD-4E97703F760D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8CB1CBC4-5FEA-4728-8BBB-BFA5CE57E7AA}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{97C3B761-6032-4A20-8B58-F89831400A35}" = lport=3390 | protocol=6 | dir=in | app=system |
"{9B613075-C7F2-42B3-8966-FAD20D66D927}" = rport=5358 | protocol=6 | dir=out | app=system |
"{9BCCFE5C-7E36-4257-A1CC-021A24816C4B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B529E360-09F3-47D1-B2DC-5E8131D74C59}" = rport=138 | protocol=17 | dir=out | app=system |
"{B84BADAB-261F-4E72-8263-A4BEA686F72C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{B96AC28A-8665-4891-879F-6E9E8E1DC0DB}" = lport=445 | protocol=6 | dir=in | app=system |
"{B9A0A002-D131-4D29-BC16-204D3CE32286}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{BD8C4D72-0F92-43D1-9E62-47FE64A686B3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C1A33DC3-69CA-4334-B836-D6BCE25495A3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C1F91D88-7216-4FC3-AF22-B83175A76E84}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D75B5FEC-3030-49DD-8E44-BC9997BF52C2}" = lport=5357 | protocol=6 | dir=in | app=system |
"{D8C96848-E657-4410-9B0B-5E8840E38E28}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{E13FDF02-3115-480A-A492-876123E3DA72}" = lport=10244 | protocol=6 | dir=in | app=system |
"{E355404D-5487-4C9F-98FE-2998A12E75AA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E3BCB264-09DA-4B59-88A7-C9932CE1DB51}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{E831C670-2520-492B-B325-D85303B8FD60}" = lport=5358 | protocol=6 | dir=in | app=system |
"{E8E0306B-7B7D-449F-B235-4972140D15DD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{EBECEB1E-85CD-4421-9DFA-B14F269B8A42}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F5F18E9F-E8B1-4D9D-AA7A-873C404D6462}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{F9EB5AF7-D885-4D89-A906-0B660F92FD52}" = rport=10244 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{034B8306-952C-4CC3-8ECB-C30A8A79A562}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"{07617474-0E33-4DAA-B0BA-44ACECA65D4D}" = protocol=1 | dir=in | [email protected],-28543 |
"{0D783094-BF92-4697-8CDF-A46691C80FB8}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 12\programs\rm.exe |
"{1014B6D7-CFBA-4F80-92FD-EF3D076228B1}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{1257D893-D5A6-44B4-8209-BEF1DAF0578E}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 12\programs\umi.exe |
"{186D96B8-C660-4BAA-A268-07527293BE91}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{20301CCB-0492-416C-8B13-FA2C370E58CE}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe |
"{207DAE7E-C38D-45B1-BB05-697E90584B8F}" = protocol=17 | dir=in | app=c:\users\mengsk\downloads\facemoods.exe |
"{211D972F-40E7-49DD-A1D1-AB92F0061A7A}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{242B8415-DB90-426F-9197-F8F3D4878432}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{25E78BA8-5244-4AE3-A24B-FF7CA573F351}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{26013B08-3174-4222-9E55-244AD8F14404}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{2FE89778-82BD-43B8-8F88-729C038F9219}" = protocol=17 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
"{312C5A0F-CE01-411A-8ADF-84A24C4A7D36}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"{33309C51-09F4-4055-995C-1280890CC251}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{36C7A0BF-FA7E-4C41-9D02-099A2FF5D39C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{38B033FA-D999-4209-AC05-9723C9A21A0D}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{44D6E451-4F22-486E-A2B8-957B6F795B34}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 12\programs\umi.exe |
"{49B31070-FD8E-49C5-8F58-6CA494BDB50C}" = protocol=58 | dir=out | [email protected],-28546 |
"{4ABFC161-2465-4DC4-B850-77B0779DDFC0}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
"{4B4A4B19-945E-458D-9B0D-A00FDED28923}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{4B54F7A1-C061-419A-8DFE-D0699936E7FA}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{4B5FBADB-5894-413D-B58B-D089DCA6958E}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{4B9A2258-7D5D-44E8-8CAC-7F60E3F4CAFD}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{52D10AEA-2CC7-45A7-8CD6-1BFE2FC21B89}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{53B904FC-1FD2-4C66-A900-6B184710D157}" = protocol=6 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{579B4BD5-0D21-44BF-8F1D-D645B8F1FC7B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{597495EF-E6E0-4B50-9FF8-6E684A24B1B4}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"{5C77A543-96FD-4D62-BF98-CE0F5AFD2DC7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{5CBFB8DF-2FEB-4B50-9464-3F2EA67406DA}" = protocol=17 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{5D5EE141-A598-450B-8D2E-7854F6B2D46F}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{5DC42F76-8E4A-451C-BBE1-C9870996221B}" = protocol=17 | dir=in | app=c:\windows\system32\dlcccoms.exe |
"{625F1BF3-1AF4-4833-8D4F-421A832AA7DE}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{64D20FCE-47EC-4BDF-ABE6-5DFE437ADB11}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{6AE256DA-0963-4B4F-BA88-45F25CE1DE7E}" = protocol=17 | dir=in | app=c:\program files\smartftp client\smartftp.exe |
"{6BB90F75-B752-46CD-86C2-8A76E70F393B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{6E783452-B018-4655-AA05-B3D1957F61F2}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{71C39F30-6963-488C-8DC5-C3915C48FB71}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{741896E1-2485-440C-BE52-564CA5015BC5}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{79DA934B-B6D2-4434-8F91-F7FA940ED8CC}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{7A02D244-ADD8-44E0-8500-3B326B9FF1A1}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{7C4CE559-FB03-46EF-9C20-B211B6980A52}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{7F4F00A6-E3A2-470D-8C55-8297CA1EC046}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{8234BB47-6BDA-46D2-9B51-B15EDDFCF42D}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{8380183F-E7D5-4B00-903D-8BC49712FC00}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{8454FF48-DCCF-4E8E-8C8D-3F93CF58BA74}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{879D2D89-405D-4C5B-9753-32B852D9592A}" = protocol=6 | dir=in | app=c:\windows\system32\dlcccoms.exe |
"{88EB0761-9FA9-4553-8376-68D94FBD1693}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{88F5D75B-30E4-44E4-8C12-CEA9E324F4F9}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{8CE0D3AE-9754-4698-A4CC-F2B83CD24DAA}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{8D7EB537-1C60-47A4-9695-89A3E27721DB}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 12\programs\studio.exe |
"{8E81CC54-D4D9-49A0-850D-641BA30083F8}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{9245A49D-078D-49FF-B845-23574C930553}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{94E0DA2F-2E6A-46AA-89F5-35EB734C988C}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{98174B7A-9CC0-4712-959D-1595B9044E09}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{9920DC61-3CE3-4167-9FC2-1618A316C87C}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{9B7F20C8-4DE2-4944-B129-241C821117B0}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii public test.exe |
"{9D8CA449-380E-4414-B7AB-407EA849BC48}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{A1FD576B-10B1-4AE9-BE82-7EA71F819670}" = protocol=1 | dir=out | [email protected],-28544 |
"{A517C2AA-1530-497A-B61D-6409B4DC6BFF}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{A6C5A870-9DF7-44BE-BB87-632E9F073913}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{AEE5886E-64B8-41F7-9CC4-EC8C95FAA664}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AF45C63A-0B67-4549-B5A4-78520D25481F}" = protocol=58 | dir=in | [email protected],-28545 |
"{B1D75981-FD3B-40D2-ABC6-FE7834E671D9}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{B3DE9ADB-5778-461E-BB7E-A8E51F74BB1B}" = protocol=6 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
"{B8BCF47F-34DE-45B3-9E1B-88BFC6820BC9}" = protocol=6 | dir=in | app=c:\program files\smartftp client\smartftp.exe |
"{BA60557C-BF17-444B-9EA9-142595417E86}" = protocol=6 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{BA7A7808-8438-4EF7-8BDE-2A1400E6799A}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{BE428994-FAC4-4774-A35C-0D8BCFA59E02}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{BFAFE3C1-EC4F-4ECD-9343-83DECB5B3CAE}" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\starcraft ii.exe |
"{C1846BC2-13C0-4839-A985-A7229423BC17}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{C6E1975B-DAFA-49F0-8ECB-55E1325E6380}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{CB77648A-4CCF-4487-A92A-6724B89DF4F9}" = protocol=6 | dir=in | app=c:\users\mengsk\downloads\facemoods.exe |
"{CCD16C8A-6B35-49D9-906A-ECCF26A61E87}" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\starcraft ii.exe |
"{D02E56E4-099F-41EA-94D6-CD7A52CA8651}" = protocol=17 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{D2420C09-46D2-4B1E-9027-796F9B09C9A0}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{D5B05F0E-2492-4CB8-820A-1299F165D4E9}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"{DA2D390B-3B3D-4387-A589-2C9D7E4168FE}" = protocol=6 | dir=out | app=system |
"{DD8A0D88-37E3-402D-84A3-1AD26EB60BB2}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 12\programs\studio.exe |
"{E048A4E6-E044-4FF6-88FF-E677C8AE0839}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 12\programs\rm.exe |
"{E316CE3F-9C04-4CE1-8199-EDE780246424}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{E3E9F205-CBD9-4904-95AC-410752109B5F}" = protocol=17 | dir=in | app=c:\program files\starcraft ii 2012 beta\starcraft ii beta.exe |
"{EA5D14B9-2692-45F1-966E-050D94378D30}" = protocol=6 | dir=in | app=c:\program files\starcraft ii 2012 beta\starcraft ii beta.exe |
"{EF2B5163-2177-461A-AA86-031CEEFABE1C}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{EFB34C1A-31CC-43E4-A0AE-5BC63A7D951F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F0DF6B3E-9AEB-46ED-8490-F54D60877B2A}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{F38A5205-585D-4C43-BFFA-4FB4E7E96323}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii public test.exe |
"{F3B6093E-D804-4563-8FB7-24E8D9B9D7FC}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe |
"{F58CBE8F-AD95-4041-AB49-000E189E462A}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{F6BFB38E-FFE3-4650-80CD-FB4AA5E2E5CE}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{F79F3C81-28E1-45B3-ADEE-E950B1C79699}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{F938CDCA-20F2-46A1-8FA9-030F94DB6D55}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{FD9E5B1E-51EB-4E0D-8136-0A72854CD672}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FD9EE8FD-7BB5-4D0C-BAD9-604C38B7B6DE}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"TCP Query User{032DAB0D-1E39-440E-90C0-92785F010E8C}C:\program files\1clickdownload\1clickdownloader.exe" = protocol=6 | dir=in | app=c:\program files\1clickdownload\1clickdownloader.exe |
"TCP Query User{064EF267-3136-415C-960E-BAFEDF676271}C:\program files\java\jdk1.6.0_16\jre\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.6.0_16\jre\bin\java.exe |
"TCP Query User{0761BE82-3F7C-4F13-9381-5C4E209F8367}C:\program files\starcraft ii 2012 beta\versions\base22334\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii 2012 beta\versions\base22334\sc2.exe |
"TCP Query User{1D9838FC-B13C-4D4A-B8B7-F2D0C8A8F59C}C:\program files\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{1FDC5C44-6022-4114-A381-7DC2D8C5EBC7}C:\program files\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe |
"TCP Query User{2AA6ADFB-5268-4AEA-84FA-6A191E0B44CC}C:\program files\logitech\vid hd\vid.exe" = protocol=6 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
"TCP Query User{334E3532-797B-48AC-A163-662A035FE755}C:\program files\starcraft ii\versions\base22612\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base22612\sc2.exe |
"TCP Query User{33784C9A-7332-43CB-8F19-3B01C752BFBF}C:\program files\starcraft ii\versions\base23260\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base23260\sc2.exe |
"TCP Query User{3A7C6D29-F23B-4391-9EBC-E4E9DC808C1A}C:\program files\starcraft ii\starcraft ii.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"TCP Query User{4FEA6999-9C6A-4436-9839-199FE36455B9}C:\program files\starcraft ii\versions\base21029\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base21029\sc2.exe |
"TCP Query User{52AEF29F-3AB2-48F9-8A32-356A8D9B6337}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{53C81A9F-50C3-4D9F-AE86-3900B7E29AFC}C:\users\mengsk\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\mengsk\program files\dna\btdna.exe |
"TCP Query User{7CBBE520-DDFB-4702-8958-FBE563CABB35}C:\program files\soulseekns\slsk.exe" = protocol=6 | dir=in | app=c:\program files\soulseekns\slsk.exe |
"TCP Query User{80886110-6F42-427C-B9CC-95DC8F2A5D0A}C:\program files\soulseek\slsk.exe" = protocol=6 | dir=in | app=c:\program files\soulseek\slsk.exe |
"TCP Query User{8C9BA1C2-22F7-4994-953D-BBF22A3B313D}C:\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\starcraft\starcraft.exe |
"TCP Query User{8C9F67D8-7882-4FE2-B18B-6E03279575E3}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{9811B358-B0E0-4AF5-A53A-38030D1DB8C2}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{A974E93A-C1C0-4D26-B702-807813687EB4}C:\users\mengsk\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\mengsk\appdata\roaming\spotify\spotify.exe |
"TCP Query User{B80B7559-C317-451D-B0A6-1D5562661E8F}C:\users\mengsk\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\mengsk\appdata\local\akamai\netsession_win.exe |
"TCP Query User{C682707C-89EF-47AB-9E44-B10E69C6DB12}C:\program files\starcraft ii 2012 beta\versions\base23925\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii 2012 beta\versions\base23925\sc2.exe |
"TCP Query User{C98179B9-13FD-4B52-8927-130E2E0A451F}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{CA74B59E-713F-4A60-B018-16E4AC043942}C:\program files\starcraft ii 2012 beta\versions\base23271\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii 2012 beta\versions\base23271\sc2.exe |
"TCP Query User{E1D4C993-E52A-4870-A60B-EAB2B6873C71}C:\program files\starcraft ii\versions\base19679\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base19679\sc2.exe |
"UDP Query User{011DDC7E-BD3F-4E97-8960-68E8B0D67BAF}C:\program files\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe |
"UDP Query User{0F4D25E1-45ED-482D-832C-3E9174709FF9}C:\program files\1clickdownload\1clickdownloader.exe" = protocol=17 | dir=in | app=c:\program files\1clickdownload\1clickdownloader.exe |
"UDP Query User{12D562A7-1975-4C8E-9374-34C45615B273}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{23C3285D-91C2-4132-B44C-32FC58F307E0}C:\program files\starcraft ii 2012 beta\versions\base22334\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii 2012 beta\versions\base22334\sc2.exe |
"UDP Query User{30011E89-D4EC-48B9-B687-BD9C2C1B7AD3}C:\program files\starcraft ii\versions\base22612\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base22612\sc2.exe |
"UDP Query User{3DF59503-8A8E-4EF6-9026-4004500FCF6A}C:\program files\soulseek\slsk.exe" = protocol=17 | dir=in | app=c:\program files\soulseek\slsk.exe |
"UDP Query User{419B4EC6-3191-482C-BDF0-A0FFDF500437}C:\program files\starcraft ii\versions\base21029\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base21029\sc2.exe |
"UDP Query User{4E61F94A-4674-44F6-80EB-EF1585BF9E3A}C:\program files\starcraft ii\starcraft ii.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"UDP Query User{4FC26744-4D71-4248-B1C7-6D81B3237FB1}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{6199F4DA-E204-474B-BB7F-933070DF3267}C:\users\mengsk\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\mengsk\program files\dna\btdna.exe |
"UDP Query User{887566A6-60F8-4AF6-B848-9E9776558BFD}C:\program files\starcraft ii 2012 beta\versions\base23925\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii 2012 beta\versions\base23925\sc2.exe |
"UDP Query User{91353562-B616-4CAC-9865-4D40061AA7AB}C:\program files\logitech\vid hd\vid.exe" = protocol=17 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
"UDP Query User{9A8383F4-9D19-49C2-A390-A3E21BA15FFD}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"UDP Query User{ADA3D200-4D9E-4D83-A503-E2DB9AB46501}C:\users\mengsk\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\mengsk\appdata\roaming\spotify\spotify.exe |
"UDP Query User{B3530EF1-8EFA-4837-9EFF-D28E8CE08E60}C:\program files\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{B3540065-F5E4-48EB-8C52-EF29F30E63F8}C:\users\mengsk\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\mengsk\appdata\local\akamai\netsession_win.exe |
"UDP Query User{BF387D79-51A1-4B63-9682-E323A58C975A}C:\program files\soulseekns\slsk.exe" = protocol=17 | dir=in | app=c:\program files\soulseekns\slsk.exe |
"UDP Query User{C04EB569-99A3-4A0B-9B0E-4EA93A78221C}C:\program files\java\jdk1.6.0_16\jre\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.6.0_16\jre\bin\java.exe |
"UDP Query User{CF142B95-E556-4812-BF82-F8B0E3D9F83A}C:\program files\starcraft ii 2012 beta\versions\base23271\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii 2012 beta\versions\base23271\sc2.exe |
"UDP Query User{DD659BB1-E809-42AF-A1E3-3597E8609643}C:\program files\starcraft ii\versions\base23260\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base23260\sc2.exe |
"UDP Query User{E41659A6-A042-489C-91F9-B2EC61CB672D}C:\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\starcraft\starcraft.exe |
"UDP Query User{F013851D-99EF-421D-9552-DAFE5FD54BD0}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{F3575FF7-4534-47A4-8693-C4293F581409}C:\program files\starcraft ii\versions\base19679\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base19679\sc2.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{0467A27E-6F81-4809-97BC-B886A6C08350}" = Xtranormal State - Showpak-FM-Preview
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{06055B48-E374-430A-AC2A-B335A4A5F1C5}" = Xtranormal State - Voicepack-USEnglish-Heather22k
"{0713D1F9-DD77-42C1-8C7D-54D479E2E743}" = Nero SoundTrax 11
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0D7A4289-99CF-4B8D-B812-86BE50A54552}" = Nero Video 11
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{11A8AACE-401B-4D6D-BB7D-12D974A79EFF}" = Xtranormal State - Showpak-RBT
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{1696C54E-599A-4BA2-9941-BB70C4727887}" = Xtranormal State - Voicepack-English-UK-Daniel
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{18039280-98B7-4C5E-AAC0-10EBC9731033}" = Nero 7 Essentials
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{2BB34316-5C68-45C0-9656-64DF7F34F6BA}" = Map Button (Windows Live Toolbar)
"{2CA7225D-CB12-462A-9DD1-50319E158BA5}" = Nero 11 PiP Effects Basic
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{38580E5E-AF78-4536-AD1E-6A62661372C5}" = AVG 2012
"{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM)
"{39BB1890-4858-4830-8AF0-F116A207610E}" = Xtranormal State - Showpak-THN
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{408F40F6-97F7-4F72-B618-CD7317438920}" = Xtranormal State - Showpak-COL
"{43602F34-1AA3-44FB-AEB2-D08C2C73743F}" = Paint.NET v3.36
"{467A3BF8-4C87-4E68-835C-CE5318C157C2}" = Xtranormal State - Voicepack-English-US-Tom
"{485ACF57-F364-440A-8496-E1E81C8FA1AA}" = Adobe Premiere Pro CS3 Third Party Content
"{49C984E3-7D13-4DF5-8B9A-97A4866AA73C}" = Xtranormal State
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}" = Adobe Encore CS3
"{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM)
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM)
"{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3
"{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5EB90C06-964F-4195-B83E-BD7E55C88415}" = Pinnacle Video Driver
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM)
"{6F23C1A3-9F62-470C-BD12-B83F04E67865}" = SmartFTP Client
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7066F2DB-5032-4B6F-A8E7-A6F946043438}" = Adobe Setup
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.5.3.139
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites for Windows Live Toolbar
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7AC0886A-CE48-4EB6-9CC3-4C56D427F2E1}" = Cisco Network Magic
"{7B59BE72-68EF-400B-B08A-2860283A4FE3}" = Smart Menus (Windows Live Toolbar)
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7E4413BB-CE31-4E01-A1C0-E37BDD0187CE}" = Nero 11
"{7FCC4EDC-6EE2-4309-ABD7-85F2667A7B90}" = WebEx Support Manager for Internet Explorer
"{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}" = Nero WaveEditor 11
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{838A22DF-81CA-4452-9BDD-A1745224D960}" = Xtranormal State - Voicepack-English-UK-Serena
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{85EB510F-C24B-4A51-86EA-B2E12BBB3707}" = Xtranormal State - Showpak-Beiges
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A64032F-FF5E-4AC9-ADF7-84E548B7C2B4}" = Highlight Viewer (Windows Live Toolbar)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{912536C4-273C-416F-B42C-BBC5B72114D7}" = Xtranormal State - Voicepack-English-US-Samantha
"{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback
"{924EB80F-C2BB-4B9F-8412-88BBA937393F}" = MobileMe Control Panel
"{926C96FB-9D0A-4504-8000-C6D3A4A3118E}" = Java DB 10.4.2.1
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D3758E2-1A30-4122-A569-7E93B1AC64E8}" = Xtranormal State - Showpak-SBG
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A1570454-ED12-4050-A7AC-9282C7AFB23C}" = Window Shopper
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}" = Nero BackItUp 11
"{ABDB8612-E6AA-4B60-9C45-754AC98DF758}" = Xtranormal State - Voicepack-British-Lucy22k
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.2
"{AD73EA4D-9E94-400F-8DEB-1125D1200CB8}" = Xtranormal State - Showpak-STA1
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B5C314F7-928B-44E3-A8A3-169648B1077D}" = Xtranormal State - SoundPack-Starter Kit
"{B69C390B-826F-473C-86EB-7AD4950818C3}" = AVG 2012
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}" = Adobe Encore CS3 Codecs
"{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM)
"{BB81360F-041C-4CF7-B15E-71380D154244}" = Adobe Setup
"{BE814218-3919-4EA3-868A-2F60BC135CB4}" = Nero Kwik Media
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{C1212AE3-DBB9-4365-8473-F8ABC7B06BBB}" = Pinnacle Instant DVD Recorder
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C6876FE6-A314-4628-B0D7-F3EE5E35C4B4}" = Windows Live Toolbar
"{CCE210DF-7EEF-4A76-A63C-3EB091FDB992}" = welcome
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D041EB9E-890A-4098-8F94-51DA194AC72A}" = Pinnacle Studio 12
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM)
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{D5A32BDB-81BC-4D25-89DF-65C5A0DD8FE0}" = Xtranormal State - Showpak-SUT
"{D6B490CE-202D-4256-9C05-7BFB59904856}" = Xtranormal State - Voicepack-USEnglish-Ryan22k
"{D6D5CFB3-7095-4073-B6B7-B7E909838C57}" = Razer
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E0B28469-6E5E-4759-9602-F8AB6812EC4B}" = Xtranormal State - Voicepack-British-Graham22k
"{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11
"{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}" = Nero 11 Effects Basic
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{E7081891-BC7F-43F9-9CE6-B5DD2F497156}" = Internet Explorer Developer Toolbar
"{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM)
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EE614F8D-267D-49CC-805B-FC08D94EDFE5}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F3743A2C-5D5F-4456-8F98-5DF36A954C50}" = Nero 11 Image Samples
"{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}" = Nero 11 Disc Menus Basic
"{F69FB940-5031-4FE8-AFAD-085802D0BF63}" = Nero Recode 11
"{F8EF9B71-53E7-41F5-8E54-47B4C979CB38}" = Nero Backup Drivers
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM)
"{FC2C7405-BC58-4E11-8F51-29671BEAC06B}" = Natural Color Pro
"{FC467B61-F890-4E29-8585-365DAB66F13E}" = Pure Networks Platform
"{FC66E05E-8D39-47A6-8D07-759F33727EB0}" = Opera 10.00
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1ClickDownloader" = 1ClickDownloader
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AI RoboForm" = RoboForm 7-4-2 (All Users)
"Akamai" = Akamai NetSession Interface
"AlienRespawn20_AD" = AlienRespawn v2.0
"AnyDVD" = AnyDVD
"Atomic Alarm Clock_is1" = Atomic Alarm Clock 5.85
"AudioConverter Studio_is1" = AudioConverter Studio 6.0
"AVG" = AVG 2012
"AviSynth" = AviSynth 2.5
"AVS Screen Capture_is1" = AVS Screen Capture version 2.0.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor_is1" = AVS Video Editor 6
"AVS Video Recorder_is1" = AVS Video Recorder 2.4
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"BeyondCompare3_is1" = Beyond Compare Version 3.1.9
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cheat Engine 5.5_is1" = Cheat Engine 5.5
"CleanUp!" = CleanUp!
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"dBpoweramp [Arrange Audio] Codec" = dBpoweramp [Arrange Audio] Codec
"dBpoweramp [Audio Info] Codec" = dBpoweramp [Audio Info] Codec
"dBpoweramp [Channel Split] Codec" = dBpoweramp [Channel Split] Codec
"dBpoweramp [ID Tag Update] Codec" = dBpoweramp [ID Tag Update] Codec
"dBpoweramp [Length Split] Codec" = dBpoweramp [Length Split] Codec
"dBpoweramp [Multi Encoder] Codec" = dBpoweramp [Multi Encoder] Codec
"dBpoweramp [ReplayGain] Codec" = dBpoweramp [ReplayGain] Codec
"dBpoweramp [Tag From Filename] Codec" = dBpoweramp [Tag From Filename] Codec
"dBpoweramp DSP Effects" = dBpoweramp DSP Effects
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab 8_is1" = DVDFab 8.0.0.5 (25/08/2010)
"DVDx_is1" = DVDx
"EditPlus 3" = EditPlus 3
"ffdshow_is1" = ffdshow [rev 2033] [2008-07-05]
"FileZilla Client" = FileZilla Client 3.2.2.1
"Fraps" = Fraps (remove only)
"Free 3GP Video Converter_is1" = Free 3GP Video Converter version 4.0.3.804
"Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16
"FreeStar Free Video Converter" = FreeStar Free Video Converter 9.0.1 build 5
"Google Updater" = Google Updater
"HijackThis" = HijackThis 2.0.2
"ImgBurn" = ImgBurn
"Internet Scrabble Club_is1" = WordBiz version 1.8
"Logitech Vid" = Logitech Vid HD
"Magic DVD Ripper_is1" = Magic DVD Ripper V6.1.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 16.0.2 (x86 en-US)" = Mozilla Firefox 16.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Network MagicUninstall" = Network Magic
"Notepad++" = Notepad++
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Polipo" = Polipo 1.0.4
"PowerISO" = PowerISO
"PowerStrip 3 (remove only)" = PowerStrip 3 (remove only)
"Registry Mechanic_is1" = Registry Mechanic 8.0
"Soulseek" = SoulSeek Client 156c
"Soulseek2" = SoulSeek 157 NS 13e
"SpeedFan" = SpeedFan (remove only)
"Starcraft" = Starcraft
"StarCraft II" = StarCraft II
"StarCraft II Beta" = StarCraft II Beta
"Tor" = Tor 0.2.1.22
"uTorrent" = µTorrent
"uTorrentControl_v2 Toolbar" = uTorrentControl_v2 Toolbar
"Vidalia" = Vidalia 0.2.6
"VLC media player" = VLC media player 0.9.8a
"WinAVI Video Capture_is1" = WinAVI Video Capture 2.0
"Windows Live Toolbar" = Windows Live Toolbar
"WinGimp-2.0_is1" = Gimp 2.6.2 Debug
"WinRAR archiver" = WinRAR archiver
"Xvid_is1" = Xvid 1.2.1 final uninstall

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"BitTorrent" = BitTorrent
"Google Chrome" = Google Chrome
"Move Media Player" = Move Media Player
"Pic2Ico" = Picture To Icon (remove only)
"Spotify" = Spotify
"UB" = UB

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/14/2012 4:33:41 AM | Computer Name = Mengsk-PC | Source = Bonjour Service | ID = 100
Description = 416: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 3/14/2012 4:40:17 AM | Computer Name = Mengsk-PC | Source = WinMgmt | ID = 10
Description =

Error - 3/15/2012 4:17:26 AM | Computer Name = Mengsk-PC | Source = Bonjour Service | ID = 100
Description = 404: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 3/15/2012 4:17:26 AM | Computer Name = Mengsk-PC | Source = Bonjour Service | ID = 100
Description = 412: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 3/15/2012 4:17:26 AM | Computer Name = Mengsk-PC | Source = Bonjour Service | ID = 100
Description = 416: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 3/15/2012 4:22:17 AM | Computer Name = Mengsk-PC | Source = WinMgmt | ID = 10
Description =

Error - 3/31/2012 1:00:31 PM | Computer Name = Mengsk-PC | Source = Bonjour Service | ID = 100
Description = 400: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 3/31/2012 1:00:31 PM | Computer Name = Mengsk-PC | Source = Bonjour Service | ID = 100
Description = 404: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 3/31/2012 1:00:31 PM | Computer Name = Mengsk-PC | Source = Bonjour Service | ID = 100
Description = 416: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 4/8/2012 9:41:56 PM | Computer Name = Mengsk-PC | Source = Application Error | ID = 1000
Description = Faulting application MillionYoung_-_Sunndreamm_EP_(2009)_and_Be_So_True_EP_(2010).exe,
version 0.0.0.0, time stamp 0x4b1ae3c1, faulting module ntdll.dll, version 6.0.6002.18541,
time stamp 0x4ec3e3d5, exception code 0xc0000005, fault offset 0x00067410, process
id 0x1084, application start time 0x01cd15f1b3d450b0.

[ Media Center Events ]
Error - 1/12/2009 2:24:08 AM | Computer Name = Mengsk-PC | Source = McrMgr | ID = 109
Description =

Error - 3/20/2009 6:21:12 AM | Computer Name = Mengsk-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 4/3/2009 9:34:09 PM | Computer Name = Mengsk-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 4/8/2009 9:45:25 PM | Computer Name = Mengsk-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 6/5/2009 9:38:34 PM | Computer Name = Mengsk-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 6/5/2009 11:47:56 PM | Computer Name = Mengsk-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 8/5/2009 9:42:13 PM | Computer Name = Mengsk-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 10/19/2009 9:37:11 PM | Computer Name = Mengsk-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 10/26/2009 9:39:09 PM | Computer Name = Mengsk-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 1/12/2010 12:46:13 AM | Computer Name = Mengsk-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 10/11/2012 1:21:21 PM | Computer Name = Mengsk-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 10/11/2012 8:50:10 PM | Computer Name = Mengsk-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 10/12/2012 1:20:39 AM | Computer Name = Mengsk-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.103 for the Network Card with network
address 00221505799B has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 10/18/2012 2:19:03 AM | Computer Name = Mengsk-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 10/18/2012 7:37:21 PM | Computer Name = Mengsk-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 10/19/2012 9:42:05 PM | Computer Name = Mengsk-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.105 for the Network Card with network
address 00221505799B has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 10/19/2012 9:42:41 PM | Computer Name = Mengsk-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 10/27/2012 12:51:42 AM | Computer Name = Mengsk-PC | Source = cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 10/30/2012 11:47:09 AM | Computer Name = Mengsk-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 10/31/2012 11:44:35 PM | Computer Name = Mengsk-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >

#4 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 02 November 2012 - 08:07 AM

You have CCleaner installed, can you open it and run the cleaner please..
Afterwards, you have Malwarebytes Antimalware installed, Can you open it.
Check for updates... After updating
Run a quick scan... Remove anything it finds and post back the log

Do you want to post your own logs from FRST?
Follow the instructions posted Click Here


#5 mengskx

mengskx

    Enthusiast

  • Members
  • PipPipPipPip
  • 175 posts

Posted 02 November 2012 - 03:59 PM

Cleaned about 23 gig I think. Malewarebytes found nothing.

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.02.11

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 7.0.6002.18005
Mengsk :: MENGSK-PC [administrator]

11/2/2012 5:13:31 PM
mbam-log-2012-11-02 (17-13-31).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 238757
Time elapsed: 8 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#6 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 03 November 2012 - 10:50 AM

How are things running now?
Download DDS and save it to your desktop from here
Disable any script blocker, and then right click on dds.scr and choose to "Run as Admin"
When done, DDS will open two (2) logs:
DDS.txt
Attach.txt

Save both reports to your desktop. Post them back to this topic.
Attach.txt will recommend to zip up and upload... You can simply copy/paste the contents back here
as you did with DDS.txt

Do you want to post your own logs from FRST?
Follow the instructions posted Click Here


#7 mengskx

mengskx

    Enthusiast

  • Members
  • PipPipPipPip
  • 175 posts

Posted 03 November 2012 - 04:12 PM

Everything is running fine at the moment, but I haven't used the computer enough to confirm it definitely.


DDS (Ver_10-03-17.01) - NTFSx86
Run by Mengsk at 17:34:01.29 on Sat 11/03/2012
Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 10.7.2
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3326.1733 [GMT -5:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k Akamai
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\atashost.exe
C:\Program Files\Atomic Alarm Clock\timeserv.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\dlcccoms.exe
C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Razer\razerhid.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
C:\Users\Mengsk\AppData\Local\Akamai\netsession_win.exe
C:\Users\Mengsk\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\SEC\Natural Color Pro\NCProTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Razer\razerofa.exe
C:\Users\Mengsk\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Mengsk\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://search.iminent.com/?appId=8FA58B52-F1AD-489B-9E59-AF0EF8EB5100
uDefault_Page_URL = hxxp://www.alienware.com/Mothership?Comp=%ALIENFACTORY_Company%&SysCode=%ALIENFACTORY_SystemCode%&ai=636E3D34363638393826706F3D35383437363541
mStart Page = hxxp://www.alienware.com/mothership
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
mSearchAssistant =
uURLSearchHooks: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - c:\program files\utorrentcontrol_v2\prxtbuTor.dll
mURLSearchHooks: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - c:\program files\utorrentcontrol_v2\prxtbuTor.dll
mURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - c:\program files\avg\avg2012\avgdtiex.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: RoboForm BHO: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
BHO: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - c:\program files\utorrentcontrol_v2\prxtbuTor.dll
BHO: Window Shopper: {74f475fa-6c75-43bd-aab9-ecda6184f600} - c:\program files\superfish\window shopper\SuperfishIEAddon.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
BHO: 1 (0x1) - No File
BHO: IE Developer Toolbar BHO: {cc7e636d-39aa-49b6-b511-65413da137a1} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll
TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - c:\program files\utorrentcontrol_v2\prxtbuTor.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No File
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Google Update] "c:\users\mengsk\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [SkinClock] c:\program files\atomic alarm clock\AtomicAlarmClock.exe
uRun: [Akamai NetSession Interface] "c:\users\mengsk\appdata\local\akamai\netsession_win.exe"
uRun: [883973842] rundll32.exe "c:\users\mengsk\appdata\local\temp\nslc41.tmp\qx77qvv.f5w",DllRegisterServer
uRun: [PeerBlock] c:\program files\peerblock\peerblock.exe
uRun: [Spotify Web Helper] "c:\users\mengsk\appdata\roaming\spotify\data\SpotifyWebHelper.exe"
uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe"
mRun: [razer] c:\program files\razer\razerhid.exe
mRun: [USB2Check] RUNDLL32.EXE "c:\windows\system32\PCLECoInst.dll",CheckUSBController
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [DLCCCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCCtime.dll,[email protected]
mRun: [nmctxth] "c:\program files\common files\pure networks shared\platform\nmctxth.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [NBAgent] "c:\program files\nero\nero 11\nero backitup\NBAgent.exe" /WinStart
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\ncprot~1.lnk - c:\program files\sec\natural color pro\NCProTray.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: RoboForm Toolbar - file://c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - {CC962137-2E78-4F94-975E-FC0C07DBD78F} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - c:\program files\superfish\window shopper\SuperfishIEAddon.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\users\mengsk\appdata\roaming\mozilla\firefox\profiles\nkn6p427.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.bing.com/
FF - prefs.js: keyword.URL - hxxp://www.startnow.com/s/?src=addrbar&provider=Bing&provider_code=Z057&partner_id=333&product_id=519&affiliate_id=&channel=DPGL15&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110605&user_guid=2BF1F04879014F378FCB3C319611A6BF&machine_id=e4a1724e4c5c7173d43a1ccd39ceb3b8&browser=FF&os=win&os_version=6.0-x86-SP2&q=
FF - plugin: c:\progra~1\common~1\nero\browse~1\npBrowserPlugin.dll
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll
FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\opera\program\plugins\npdivx32.dll
FF - plugin: c:\users\mengsk\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\users\mengsk\appdata\roaming\move networks\plugins\npqmp071502000008.dll
FF - plugin: c:\users\mengsk\appdata\roaming\move networks\plugins\npqmp071505000011.dll
FF - plugin: c:\users\mengsk\appdata\roaming\mozilla\firefox\profiles\nkn6p427.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\plugins\np-mswmp.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

---- FIREFOX POLICIES ----

FF - user.js: extensions.autoDisableScopes - 14


============= SERVICES / DRIVERS ===============

R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952]
R0 mv61xx;mv61xx;c:\windows\system32\drivers\mv61xx.sys [2008-4-10 143256]
R0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\drivers\NBVol.sys [2011-12-18 56496]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\drivers\NBVolUp.sys [2011-12-18 12464]
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-1-2 28552]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-7-26 237408]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-8-24 301920]
R1 PStrip;PStrip;c:\windows\system32\drivers\pstrip.sys [2007-7-14 27992]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2008-1-20 21504]
R2 atashost;WebEx Service Host for Support Center;c:\windows\system32\atashost.exe [2009-12-30 20376]
R2 AtomicAlarmClock;Atomic Alarm Clock Time;c:\program files\atomic alarm clock\timeserv.exe [2011-6-5 415744]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-8-13 5167736]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2011-11-25 687400]
R2 UMVPFSrv;UMVPFSrv;c:\program files\common files\logishrd\lvmvfm\UMVPFSrv.exe [2011-8-19 450848]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate1c912f4171e9450;Google Update Service (gupdate1c912f4171e9450);c:\program files\google\update\GoogleUpdate.exe [2008-9-9 133104]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-12 250808]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [2010-7-23 84832]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2008-9-9 133104]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2010-1-21 30963576]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-2 115168]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

============== File Associations ===============

.txt=

=============== Created Last 30 ================

2012-10-23 16:57:56 38351 ----a-w- c:\users\mengsk\~uTorrentPartFile_103A54E3.dat
2012-10-23 16:36:16 857979 ----a-w- c:\users\mengsk\Electric Music.jpg
2012-10-23 16:35:56 747466 ----a-w- c:\users\mengsk\Reign In Blood.jpg
2012-10-23 16:35:35 6589244 ----a-w- c:\users\mengsk\09 Postmortem.mp3
2012-10-23 16:35:34 5273804 ----a-w- c:\users\mengsk\07 Reborn.mp3
2012-10-23 16:35:32 6968216 ----a-w- c:\users\mengsk\05 Jesus Saves.mp3
2012-10-23 16:35:31 6832496 ----a-w- c:\users\mengsk\04 Altar of Sacrifice.mp3
2012-10-23 16:35:31 11901116 ----a-w- c:\users\mengsk\10 Raining Blood.mp3
2012-10-23 16:35:30 5727944 ----a-w- c:\users\mengsk\06 Criminally Insane.mp3
2012-10-23 16:35:29 4028312 ----a-w- c:\users\mengsk\03 Necrophobic.mp3
2012-10-23 16:35:28 5732120 ----a-w- c:\users\mengsk\08 Epidemic.mp3
2012-10-23 16:35:27 4915712 ----a-w- c:\users\mengsk\02 Piece by Piece.mp3
2012-10-23 16:35:27 11672480 ----a-w- c:\users\mengsk\01 angel of death.mp3
2012-10-23 16:34:48 18757037 ----a-w- c:\users\mengsk\10 The Masked Marauder.flac
2012-10-23 16:34:46 15188297 ----a-w- c:\users\mengsk\08 Love.flac
2012-10-23 16:34:37 13494573 ----a-w- c:\users\mengsk\06 Super Bird.flac
2012-10-23 16:34:12 15117975 ----a-w- c:\users\mengsk\07 Sad And Lonely Times.flac
2012-10-23 16:33:52 16100158 ----a-w- c:\users\mengsk\04 Porpoise Mouth.flac
2012-10-23 16:33:42 41783448 ----a-w- c:\users\mengsk\11 Grace.flac
2012-10-23 16:33:38 30051150 ----a-w- c:\users\mengsk\03 Death Sound.flac
2012-10-23 16:33:36 15647623 ----a-w- c:\users\mengsk\01 Flying High.flac
2012-10-23 16:33:28 28278282 ----a-w- c:\users\mengsk\02 Not So Sweet Martha Lorraine.flac
2012-10-23 16:33:24 29181456 ----a-w- c:\users\mengsk\09 Bass Strings.flac
2012-10-23 16:33:23 47798966 ----a-w- c:\users\mengsk\05 Section 43.flac
2012-10-20 01:45:29 0 d-----w- c:\programdata\Blizzard Entertainment
2012-10-20 01:45:29 0 d-----w- c:\program files\StarCraft II 2012 Beta
2012-10-14 16:13:16 0 d-----w- c:\users\mengsk\CD
2012-10-10 19:24:01 985088 ----a-w- c:\windows\system32\crypt32.dll
2012-10-10 19:24:01 98304 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-10 19:24:01 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-10 19:23:59 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-10-10 19:23:58 2048 ----a-w- c:\windows\system32\tzres.dll
2012-10-10 19:23:55 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-10-10 19:23:55 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe

==================== Find3M ====================

2012-11-01 03:44:19 124901 ----a-w- c:\programdata\nvModes.dat
2012-10-08 23:36:05 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-30 00:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-24 01:20:51 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-09-24 01:20:44 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-09-24 01:20:43 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-24 15:53:28 834048 ----a-w- c:\windows\system32\wininet.dll
2012-02-07 23:43:09 51200 ----a-w- c:\windows\inf\infpub.dat
2012-02-07 23:43:08 143360 ----a-w- c:\windows\inf\infstrng.dat
2012-02-07 23:43:04 143360 ----a-w- c:\windows\inf\infstor.dat
2011-07-13 10:19:17 665600 ----a-w- c:\windows\inf\drvindex.dat
2008-01-21 02:43:21 174 --sha-w- c:\program files\desktop.ini
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-04-27 11:09:48 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\temp\cookies\index.dat
2009-04-27 11:09:48 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\temp\history\history.ie5\index.dat
2009-04-27 11:09:48 32768 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\temp\temporary internet files\content.ie5\index.dat

============= FINISH: 17:35:40.04 ===============

#8 mengskx

mengskx

    Enthusiast

  • Members
  • PipPipPipPip
  • 175 posts

Posted 03 November 2012 - 04:15 PM

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 7/15/2008 6:53:10 PM
System Uptime: 10/31/2012 10:43:01 PM (67 hours ago)

Motherboard: ASUSTeK Computer INC. | | M3A32-MVP DELUXE
Processor: AMD Phenom™ II X4 955 Processor | CPU 1 | 3209/200mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 458 GiB total, 165.389 GiB free.
D: is FIXED (NTFS) - 466 GiB total, 227.569 GiB free.
E: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1907: 10/22/2012 1:37:38 AM - Scheduled Checkpoint
RP1908: 10/23/2012 2:25:38 AM - Scheduled Checkpoint
RP1909: 10/24/2012 2:20:38 AM - Scheduled Checkpoint
RP1910: 10/25/2012 1:58:13 AM - Scheduled Checkpoint
RP1911: 10/26/2012 2:43:26 AM - Scheduled Checkpoint
RP1912: 10/27/2012 2:56:05 AM - Scheduled Checkpoint
RP1913: 10/28/2012 1:13:15 AM - Scheduled Checkpoint
RP1914: 10/29/2012 1:07:56 AM - Scheduled Checkpoint
RP1915: 10/30/2012 1:29:58 AM - Scheduled Checkpoint
RP1916: 10/31/2012 1:41:30 AM - Scheduled Checkpoint
RP1917: 11/1/2012 1:11:30 AM - Scheduled Checkpoint
RP1918: 11/2/2012 12:00:03 AM - Scheduled Checkpoint
RP1919: 11/3/2012 12:17:50 AM - Scheduled Checkpoint

==== Installed Programs ======================

µTorrent
1ClickDownloader
Acrobat.com
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps CS4
Adobe Community Help
Adobe Default Language CS4
Adobe Device Central CS3
Adobe Encore CS3
Adobe Encore CS3 Codecs
Adobe ExtendScript Toolkit 2
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe Media Player
Adobe PDF Library Files CS4
Adobe Photoshop CS5
Adobe Premiere Pro CS3
Adobe Premiere Pro CS3 Functional Content
Adobe Premiere Pro CS3 Third Party Content
Adobe Reader 9.5.2
Adobe Setup
Adobe Type Support CS4
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe XMP DVA Panels CS3
Adobe XMP Panels CS3
AdobeColorCommonSetRGB
Akamai NetSession Interface
AlienRespawn v2.0
AnyDVD
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atomic Alarm Clock 5.85
AudioConverter Studio 6.0
AutoUpdate
AVG 2012
AviSynth 2.5
AVS Screen Capture version 2.0.1
AVS Update Manager 1.0
AVS Video Converter 6
AVS Video Editor 6
AVS Video Recorder 2.4
AVS4YOU Software Navigator 1.4
Beyond Compare Version 3.1.9
BitTorrent
Bonjour
CameraHelperMsi
CCleaner
Cheat Engine 5.5
Cisco Network Magic
CleanUp!
ConvertXtoDVD 3.5.3.139
dBpoweramp [Arrange Audio] Codec
dBpoweramp [Audio Info] Codec
dBpoweramp [Channel Split] Codec
dBpoweramp [ID Tag Update] Codec
dBpoweramp [Length Split] Codec
dBpoweramp [Multi Encoder] Codec
dBpoweramp [ReplayGain] Codec
dBpoweramp [Tag From Filename] Codec
dBpoweramp DSP Effects
dBpoweramp Music Converter
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DivX Codec
DivX Converter
DivX Player
DivX Web Player
DVD Decrypter (Remove Only)
DVD Shrink 3.2
DVDFab 8.0.0.5 (25/08/2010)
DVDx
EditPlus 3
erLT
ffdshow [rev 2033] [2008-07-05]
FileZilla Client 3.2.2.1
Fraps (remove only)
Free 3GP Video Converter version 4.0.3.804
Free WMA to MP3 Converter 1.16
FreeStar Free Video Converter 9.0.1 build 5
Gimp 2.6.2 Debug
Google Chrome
Google Earth
Google Earth Plug-in
Google Update Helper
Google Updater
High-Definition Video Playback
Highlight Viewer (Windows Live Toolbar)
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
ImgBurn
Internet Explorer Developer Toolbar
iTunes
Java 7 Update 7
Java Auto Updater
Java DB 10.4.2.1
Logitech Vid HD
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Magic DVD Ripper V6.1.0
Malwarebytes Anti-Malware version 1.65.1.1000
Map Button (Windows Live Toolbar)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
MobileMe Control Panel
Move Media Player
Mozilla Firefox 16.0.2 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Natural Color Pro
Nero 11
Nero 11 Disc Menus Basic
Nero 11 Effects Basic
Nero 11 Image Samples
Nero 11 Kwik Themes Basic
Nero 11 PiP Effects Basic
Nero 7 Essentials
Nero Audio Pack 1
Nero BackItUp 11
Nero BackItUp 11 Help (CHM)
Nero Backup Drivers
Nero Burning ROM 11
Nero Burning ROM 11 Help (CHM)
Nero ControlCenter 11
Nero ControlCenter 11 Help (CHM)
Nero Core Components 11
Nero CoverDesigner 11
Nero CoverDesigner 11 Help (CHM)
Nero Express 11
Nero Express 11 Help (CHM)
Nero Kwik Media
Nero Kwik Media Help (CHM)
Nero Recode 11
Nero Recode 11 Help (CHM)
Nero RescueAgent 11
Nero RescueAgent 11 Help (CHM)
Nero SoundTrax 11
Nero SoundTrax 11 Help (CHM)
Nero Update
Nero Video 11
Nero Video 11 Help (CHM)
Nero WaveEditor 11
Nero WaveEditor 11 Help (CHM)
nero.prerequisites.msi
Network Magic
Notepad++
NVIDIA Display Control Panel
NVIDIA Drivers
OGA Notifier 2.0.0048.0
OpenOffice.org 3.1
Opera 10.00
Paint.NET v3.36
Panda ActiveScan 2.0
PDF Settings CS5
PeerBlock 1.1 (r518)
Picture To Icon (remove only)
Pinnacle Instant DVD Recorder
Pinnacle Studio 12
Pinnacle Video Driver
Polipo 1.0.4
PowerDVD
PowerISO
PowerStrip 3 (remove only)
Pure Networks Platform
PVSonyDll
QuickTime
Razer
Registry Mechanic 8.0
RoboForm 7-4-2 (All Users)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Skype Click to Call
Skype™ 5.10
Smart Menus (Windows Live Toolbar)
SmartFTP Client
SoulSeek 157 NS 13e
SoulSeek Client 156c
SpeedFan (remove only)
Spotify
Starcraft
StarCraft II
StarCraft II Beta
System Requirements Lab
Tor 0.2.1.22
UB
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553092)
uTorrentControl_v2 Toolbar
Ventrilo Client
Vidalia 0.2.6
VLC media player 0.9.8a
WebEx Support Manager for Internet Explorer
welcome
WinAVI Video Capture 2.0
Window Shopper
Windows Live Favorites for Windows Live Toolbar
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Media Player Firefox Plugin
WinRAR archiver
WordBiz version 1.8
Xtranormal State
Xtranormal State - Showpak-Beiges
Xtranormal State - Showpak-COL
Xtranormal State - Showpak-FM-Preview
Xtranormal State - Showpak-RBT
Xtranormal State - Showpak-SBG
Xtranormal State - Showpak-STA1
Xtranormal State - Showpak-SUT
Xtranormal State - Showpak-THN
Xtranormal State - SoundPack-Starter Kit
Xtranormal State - Voicepack-British-Graham22k
Xtranormal State - Voicepack-British-Lucy22k
Xtranormal State - Voicepack-English-UK-Daniel
Xtranormal State - Voicepack-English-UK-Serena
Xtranormal State - Voicepack-English-US-Samantha
Xtranormal State - Voicepack-English-US-Tom
Xtranormal State - Voicepack-USEnglish-Heather22k
Xtranormal State - Voicepack-USEnglish-Ryan22k
Xvid 1.2.1 final uninstall

==== Event Viewer Messages From Past Week ========

10/31/2012 10:44:35 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: i8042prt
10/30/2012 10:47:09 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Akamai service.

==== End Of File ===========================

#9 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 03 November 2012 - 06:15 PM

Everything is running fine at the moment, but I haven't used the computer enough to confirm it definitely.


Can you let me know how everything is after you have time to confirm please

Do you want to post your own logs from FRST?
Follow the instructions posted Click Here


#10 mengskx

mengskx

    Enthusiast

  • Members
  • PipPipPipPip
  • 175 posts

Posted 09 November 2012 - 10:52 AM

Its been several days and no problems, it was almost immediately before so I think I'm good. Thanks a lot.

#11 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 10 November 2012 - 05:44 AM

You can delete DDR.scr from desktop. To properly remove OTL.exe
Right click on it and "Run as Admin"
Click on the CLEANUP button

Reboot when prompted
I'll lock this topic within 24 hrs if everything is still fine

Do you want to post your own logs from FRST?
Follow the instructions posted Click Here