Jump to content


Photo
- - - - -

Rundll32 error keeps popping up


  • This topic is locked This topic is locked
4 replies to this topic

#1 mengskx

mengskx

    Enthusiast

  • Members
  • PipPipPipPip
  • 175 posts

Posted 17 January 2013 - 04:36 PM

I just ran malware and removed several things but still this error shows up. These are the 2 boxes I get when I restart my computer: http://imgur.com/RNqE5


  • WawnOwent likes this

#2 mengskx

mengskx

    Enthusiast

  • Members
  • PipPipPipPip
  • 175 posts

Posted 17 January 2013 - 10:40 PM

OTL logfile created on: 1/17/2013 10:36:38 PM - Run 9
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Users\Mengsk\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 58.00% Memory free
7.00 Gb Paging File | 5.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 458.28 Gb Total Space | 149.33 Gb Free Space | 32.58% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 226.05 Gb Free Space | 48.53% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: MENGSK-PC
Current User Name: Mengsk
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
========== Processes (SafeList) ==========
 
PRC - [2013/01/10 17:58:22 | 000,917,552 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/01/10 17:58:21 | 000,017,456 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2013/01/08 18:36:23 | 001,808,392 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
PRC - [2012/12/11 03:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
PRC - [2012/11/15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
PRC - [2012/10/30 04:59:56 | 000,726,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
PRC - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2012/10/22 13:04:32 | 001,116,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
PRC - [2012/10/22 13:03:52 | 000,796,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe
PRC - [2012/10/22 13:03:46 | 000,440,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
PRC - [2012/10/10 21:15:04 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/10/09 09:53:36 | 004,441,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Mengsk\AppData\Local\Akamai\netsession_win.exe
PRC - [2012/10/02 13:29:14 | 000,864,616 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012/10/02 13:28:55 | 001,820,520 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/11/25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2011/08/19 03:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/09/01 22:26:24 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Mengsk\Desktop\OTL.exe
PRC - [2010/05/07 18:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/07/07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2009/07/07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
PRC - [2009/04/11 00:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/06 12:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) -- C:\Windows\System32\atashost.exe
PRC - [2008/09/29 12:19:22 | 000,415,744 | ---- | M] () -- C:\Program Files\Atomic Alarm Clock\timeserv.exe
PRC - [2008/09/24 04:05:05 | 000,527,360 | ---- | M] () -- C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
PRC - [2007/02/14 16:23:18 | 000,538,096 | ---- | M] ( ) -- C:\Windows\System32\dlcccoms.exe
PRC - [2005/05/17 16:21:12 | 000,147,456 | ---- | M] () -- C:\Program Files\Razer\razerhid.exe
PRC - [2005/01/17 23:06:12 | 000,143,360 | ---- | M] (Razer Inc.) -- C:\Program Files\Razer\razerofa.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010/09/01 22:26:24 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Mengsk\Desktop\OTL.exe
MOD - [2010/08/31 09:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2008/01/20 20:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2013/01/10 17:58:22 | 000,115,760 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/01/08 18:36:23 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/11/15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/11/11 05:54:38 | 004,539,712 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_ce5ba24.dll -- (Akamai)
SRV - [2012/11/09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012/10/10 21:15:04 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/10/05 09:08:42 | 000,109,064 | ---- | M] (Wajam) [On_Demand | Stopped] -- C:\Program Files\Wajam\Updater\WajamUpdater.exe -- (WajamUpdater)
SRV - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/11/25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011/08/19 03:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/02/22 07:33:09 | 000,797,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/05/07 18:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/01/21 16:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/01/09 19:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009/11/20 12:55:15 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/07/07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2009/03/06 12:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) [Auto | Running] -- C:\Windows\System32\atashost.exe -- (atashost)
SRV - [2008/09/29 12:19:22 | 000,415,744 | ---- | M] () [Auto | Running] -- C:\Program Files\Atomic Alarm Clock\timeserv.exe -- (AtomicAlarmClock)
SRV - [2008/01/20 20:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/02/14 16:23:18 | 000,538,096 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlcccoms.exe -- (dlcc_device)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ProtoWall.sys -- (ProtoWall)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerGuardian2\pgfilter.sys -- (pgfilter)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012/11/15 23:33:26 | 000,094,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgmfx86.sys -- (Avgmfx86)
DRV - [2012/10/22 13:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012/10/15 03:48:52 | 000,055,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/10/10 21:14:28 | 010,837,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012/10/02 03:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/09/21 03:46:06 | 000,164,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/09/21 03:46:00 | 000,177,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\avglogx.sys -- (Avglogx)
DRV - [2012/09/21 03:45:54 | 000,019,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2012/09/14 03:05:20 | 000,035,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/12/01 11:40:16 | 000,056,496 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\NBVol.sys -- (NBVol)
DRV - [2011/12/01 11:40:16 | 000,012,464 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\NBVolUp.sys -- (NBVolUp)
DRV - [2011/08/19 03:26:50 | 004,334,624 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech HD Webcam C270(UVC)
DRV - [2011/08/19 03:26:46 | 000,315,808 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2010/05/14 16:02:14 | 000,114,784 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2010/05/07 18:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/07/07 14:48:44 | 000,027,696 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\purendis.sys -- (purendis)
DRV - [2009/07/07 14:48:44 | 000,026,672 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\pnarp.sys -- (pnarp)
DRV - [2009/06/30 09:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009/04/10 22:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2009/04/08 14:29:52 | 000,056,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\xusb21.sys -- (xusb21)
DRV - [2008/12/18 06:23:49 | 000,103,360 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2008/11/02 02:44:10 | 000,056,572 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2008/07/21 06:11:58 | 000,024,392 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2008/01/25 18:02:04 | 000,140,832 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2008/01/25 18:02:04 | 000,132,128 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2008/01/20 20:23:49 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\umpass.sys -- (UMPass)
DRV - [2008/01/20 20:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 20:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 20:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 20:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 20:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 20:23:26 | 000,052,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msdv.sys -- (MSDV)
DRV - [2008/01/20 20:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 20:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 20:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 20:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 20:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2008/01/20 20:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 20:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 20:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 20:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 20:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 20:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 20:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 20:23:23 | 000,045,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\61883.sys -- (61883)
DRV - [2008/01/20 20:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 20:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 20:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 20:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 20:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel®
DRV - [2008/01/20 20:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 20:23:20 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avc.sys -- (Avc)
DRV - [2008/01/20 20:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 20:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 20:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/07/14 19:37:04 | 000,027,992 | ---- | M] (EnTech Taiwan) [Kernel | System | Running] -- C:\Windows\System32\drivers\pstrip.sys -- (PStrip)
DRV - [2007/06/15 09:52:18 | 000,143,256 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mv61xx.sys -- (mv61xx)
DRV - [2007/05/24 08:15:00 | 000,246,784 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2007/04/25 10:17:36 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2007/04/11 22:18:34 | 000,048,000 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID)
DRV - [2006/12/28 17:51:56 | 000,110,592 | ---- | M] (ATI Technologies Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ahcix86s.sys -- (ahcix86s)
DRV - [2006/12/12 10:16:06 | 000,022,528 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emAudio.sys -- (emAudio)
DRV - [2006/11/02 03:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 03:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 03:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 03:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 03:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 03:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 03:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 03:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 03:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 03:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 03:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 02:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 02:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 02:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 02:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 02:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 02:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 01:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/02 01:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/01 23:50:52 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2006/10/30 17:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2006/10/18 23:44:48 | 000,007,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2006/09/24 07:28:46 | 000,005,248 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan)
DRV - [2006/08/28 15:12:04 | 000,013,312 | ---- | M] () [Kernel | System | Running] -- C:\Windows\system32\drivers\MTictwl.sys -- (NCPro)
DRV - [2006/08/28 15:12:04 | 000,013,312 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MTictwl.sys -- (MagicTune)
DRV - [2006/02/07 17:52:58 | 000,006,912 | ---- | M] (JMicron ) [Kernel | Boot | Stopped] -- C:\Windows\system32\drivers\jgogo.sys -- (JGOGO)
DRV - [2005/12/21 08:14:52 | 000,100,957 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emDevice.sys -- (DCamUSBEMPIA)
DRV - [2005/12/21 08:14:52 | 000,005,245 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emFilter.sys -- (FiltUSBEMPIA)
DRV - [2005/12/21 08:14:52 | 000,004,493 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emScan.sys -- (ScanUSBEMPIA)
DRV - [2005/09/23 22:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2002/07/17 15:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ASPI32.SYS -- (ASPI)
DRV - [1996/04/03 13:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.alienware.com/mothership
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alienware...D35383437363541
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [String data over 1000 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.alienware...D35383437363541
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = CF A7 84 15 40 A2 7C 49 B3 3F E3 BE 8C B0 BE 2D  [binary data]
IE - HKCU\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>
 
========== FireFox ==========
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramDataMozilla\Extensions\[email protected] [2011/06/04 22:34:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files\Siber Systems\AI RoboForm\Firefox [2012/08/20 22:41:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Mozilla Firefox\extensions\[email protected] [2013/01/16 12:03:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/10 17:58:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/01/16 01:58:29 | 000,000,000 | ---D | M]
 
[2009/04/29 21:07:49 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Extensions
[2013/01/16 14:08:53 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\qpjdcmoy.default-1357689702659\extensions
[2013/01/16 12:03:26 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2013/01/10 17:58:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2013/01/10 17:58:15 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/01/16 12:03:26 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2013/01/10 17:58:22 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2012/08/28 21:24:58 | 000,002,465 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2011/05/06 22:37:38 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml.old
[2012/10/12 04:27:33 | 000,002,058 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\twitter.xml
 
O1 HOSTS File: ([2011/10/12 02:21:55 | 000,001,798 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1                activate.adobe.com
O1 - Hosts: 127.0.0.1                practivate.adobe.com
O1 - Hosts: 127.0.0.1                ereg.adobe.com
O1 - Hosts: 127.0.0.1                activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1                wip3.adobe.com
O1 - Hosts: 127.0.0.1                3dns-3.adobe.com
O1 - Hosts: 127.0.0.1                3dns-2.adobe.com
O1 - Hosts: 127.0.0.1                adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1                adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1                adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1                ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1                activate-sea.adobe.com
O1 - Hosts: 127.0.0.1                wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1                activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1                               adobe.activate.com
O1 - Hosts: 127.0.0.1                               adobeereg.com                        
O1 - Hosts: 127.0.0.1                               www.adobeereg.com                    
O1 - Hosts: 127.0.0.1                               wwis-dubc1-vip60.adobe.com           
O1 - Hosts: 127.0.0.1                               125.252.224.90                       
O1 - Hosts: 127.0.0.1                               125.252.224.91
O1 - Hosts: 127.0.0.1                               hl2rcv.adobe.com
O2 - BHO: (Coupon Companion Plugin) - {11111111-1111-1111-1111-110211181104} - C:\Program Files\Coupon Companion Plugin\Coupon Companion Plugin.dll (215 Apps)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll File not found
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Window Shopper) - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files\Superfish\Window Shopper\SuperfishIEAddon.dll (Superfish)
O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files\Wajam\IE\priam_bho.dll (Wajam)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (IE Developer Toolbar BHO) - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentControl_v2 Toolbar) - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DLCCCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\DLCCtime.DLL ()
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [razer] C:\Program Files\Razer\razerhid.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [USB2Check] C:\Windows\System32\PCLECoInst.DLL (Pinnacle Systems)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Mengsk\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe (PeerBlock, LLC)
O4 - HKCU..\Run: [SkinClock] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation)
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Window Shopper - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - C:\Program Files\Superfish\Window Shopper\SuperfishIEAddon.dll (Superfish)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}  (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 75.75.75.75 75.75.76.76
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/01/16 12:11:04 | 000,000,000 | ---D | C] -- C:\Users\Mengsk\AppData\Local\iLivid
[2013/01/16 12:03:36 | 000,000,000 | ---D | C] -- C:\Users\Mengsk\AppData\Local\Coupon Companion Plugin
[2013/01/16 12:03:30 | 000,000,000 | ---D | C] -- C:\Users\Mengsk\AppData\Local\Updater21804
[2013/01/16 12:03:22 | 000,000,000 | ---D | C] -- C:\Program Files\InfoAtoms
[2013/01/16 12:03:22 | 000,000,000 | ---D | C] -- C:\Program Files\Coupon Companion Plugin
[2013/01/10 17:58:15 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/01/08 21:15:16 | 002,048,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/01/08 21:14:41 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012/12/30 17:17:28 | 000,000,000 | ---D | C] -- C:\Users\Mengsk\AppData\Local\Wajam
[2012/12/30 17:17:28 | 000,000,000 | ---D | C] -- C:\Program Files\OApps
[2012/12/30 17:17:23 | 000,000,000 | ---D | C] -- C:\Program Files\Wajam
[2012/12/25 23:09:32 | 000,000,000 | ---D | C] -- C:\Users\Mengsk\AppData\Local\Daring_Development_Inc
[2012/12/25 23:07:15 | 000,000,000 | ---D | C] -- C:\Program Files\Daring Development
[2012/12/25 13:27:20 | 000,000,000 | ---D | C] -- C:\Users\Mengsk\Eastbound and Down Season 3 (Complete) [Luke1382]
[2012/12/21 03:00:21 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012/12/21 03:00:21 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2008/12/30 23:43:53 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Mengsk\AppData\Roaming\pcouffin.sys
[2006/12/20 17:08:24 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlccpmui.dll
[2006/12/20 17:06:58 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlccserv.dll
[2006/12/20 17:01:04 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlcccomm.dll
[2006/12/20 16:59:24 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlcclmpm.dll
[2006/12/20 16:58:02 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlcciesc.dll
[2006/12/20 16:55:40 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlccpplc.dll
[2006/12/20 16:54:54 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlcccomc.dll
[2006/12/20 16:54:20 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlccprox.dll
[2006/12/20 16:47:32 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlccinpa.dll
[2006/12/20 16:46:50 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\dlccusb1.dll
[2006/12/20 16:42:36 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlcchbn3.dll
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/01/17 22:38:56 | 006,291,456 | -HS- | M] () -- C:\Users\Mengsk\NTUSER.DAT
[2013/01/17 22:36:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/17 22:26:39 | 000,005,952 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/17 22:26:39 | 000,005,952 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/17 22:13:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3144074192-4086266024-1217872548-1000UA.job
[2013/01/17 21:58:00 | 000,000,270 | ---- | M] () -- C:\Windows\tasks\Check Updates for Windows Live Toolbar.job
[2013/01/17 21:55:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/17 16:33:34 | 000,707,520 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2013/01/17 16:33:34 | 000,607,406 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/01/17 16:33:34 | 000,105,046 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/01/17 16:30:00 | 000,001,456 | ---- | M] () -- C:\Users\Mengsk\AppData\Local\Adobe Save for Web 12.0 Prefs
[2013/01/17 16:27:22 | 000,000,745 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\AtomicAlarmClock.ini
[2013/01/17 16:26:41 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/17 16:26:40 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2013/01/17 16:26:39 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2013/01/17 16:26:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/17 16:26:33 | 3488,931,840 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/17 16:24:30 | 000,524,288 | -HS- | M] () -- C:\Users\Mengsk\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2013/01/17 16:24:30 | 000,065,536 | -HS- | M] () -- C:\Users\Mengsk\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2013/01/17 16:24:27 | 000,543,204 | -H-- | M] () -- C:\Users\Mengsk\AppData\Local\IconCache.db
[2013/01/17 14:26:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2013/01/17 13:13:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3144074192-4086266024-1217872548-1000Core.job
[2013/01/17 12:33:16 | 2663,538,036 | ---- | M] () -- C:\Users\Mengsk\du.mkv
[2013/01/16 01:58:29 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2013/01/11 08:42:19 | 000,000,842 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013/01/11 07:15:15 | 000,002,049 | ---- | M] () -- C:\Users\Mengsk\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/01/09 03:28:31 | 004,014,432 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/01/08 18:36:23 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/01/08 18:36:23 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/01/08 17:36:31 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/05 00:38:43 | 002,693,480 | ---- | M] () -- C:\Users\Mengsk\Digital Booklet - good kid, m.A.A.d.pdf
[2013/01/01 02:59:42 | 000,069,120 | ---- | M] () -- C:\Users\Mengsk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/12/27 12:15:26 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2012/12/26 23:17:36 | 016,167,452 | ---- | M] () -- C:\Users\Mengsk\Desktop\Deadlift475.mpg
[2012/12/23 21:07:19 | 000,026,397 | ---- | M] () -- C:\Users\Mengsk\Desktop\Justin Movie Filmography.odt
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/01/17 12:03:48 | 2663,538,036 | ---- | C] () -- C:\Users\Mengsk\du.mkv
[2013/01/16 01:58:29 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2013/01/05 00:38:38 | 002,693,480 | ---- | C] () -- C:\Users\Mengsk\Digital Booklet - good kid, m.A.A.d.pdf
[2012/12/26 23:17:18 | 016,167,452 | ---- | C] () -- C:\Users\Mengsk\Desktop\Deadlift475.mpg
[2012/08/29 12:43:04 | 000,027,520 | ---- | C] () -- C:\Users\Mengsk\AppData\Local\dt.dat
[2011/12/09 02:25:24 | 000,001,456 | ---- | C] () -- C:\Users\Mengsk\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011/08/19 03:26:20 | 010,898,456 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2011/08/19 03:26:20 | 000,336,408 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2011/07/26 00:48:54 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2011/06/10 19:32:54 | 000,000,585 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\alarms.ini
[2011/06/05 20:16:09 | 000,000,745 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\AtomicAlarmClock.ini
[2011/04/18 02:11:54 | 000,000,328 | ---- | C] () -- C:\ProgramData\41344776
[2011/02/02 19:58:28 | 000,069,120 | ---- | C] () -- C:\Users\Mengsk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/31 01:00:40 | 000,000,000 | ---- | C] () -- C:\Users\Mengsk\AppData\Local\prvlcl.dat
[2010/11/05 01:19:04 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/10/11 20:37:14 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/07/22 13:56:56 | 000,000,565 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\myMPQ.ini
[2010/05/07 18:46:36 | 000,014,168 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2010/05/07 18:43:30 | 000,025,824 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2009/12/30 12:35:18 | 008,892,928 | ---- | C] () -- C:\ProgramData\atscie.msi
[2009/12/06 20:20:33 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2009/09/17 05:39:59 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/01/12 00:23:00 | 000,001,041 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\vso_ts_preview.xml
[2008/12/30 23:43:53 | 000,007,887 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\pcouffin.cat
[2008/12/30 23:43:53 | 000,001,144 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\pcouffin.inf
[2008/12/30 23:43:53 | 000,000,034 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\pcouffin.log
[2008/12/28 11:29:45 | 000,815,104 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008/12/28 11:29:45 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008/12/28 01:36:54 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2008/11/21 15:47:52 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/11/21 15:45:16 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2008/11/21 15:45:16 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest
[2008/11/21 15:44:16 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2008/08/12 20:31:10 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008/08/12 20:31:10 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2008/07/18 19:18:12 | 000,013,312 | ---- | C] () -- C:\Windows\System32\drivers\MTictwl.sys
[2008/07/15 06:42:52 | 000,000,274 | ---- | C] () -- C:\Windows\AWACT.dll
[2007/09/07 08:34:50 | 000,000,395 | ---- | C] () -- C:\ProgramData\pstrip.ini
[2007/02/07 12:57:16 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlcccoin.dll
[2007/01/26 07:11:42 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dlccinsr.dll
[2007/01/26 07:11:20 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dlcccur.dll
[2007/01/26 07:09:58 | 000,135,168 | ---- | C] () -- C:\Windows\System32\dlccjswr.dll
[2007/01/26 06:59:04 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlccinsb.dll
[2007/01/26 06:58:30 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dlcccub.dll
[2007/01/26 06:57:38 | 000,073,728 | ---- | C] () -- C:\Windows\System32\dlcccu.dll
[2007/01/26 06:57:18 | 000,159,744 | ---- | C] () -- C:\Windows\System32\dlccins.dll
[2007/01/26 06:53:46 | 000,434,176 | ---- | C] () -- C:\Windows\System32\dlccutil.dll
[2007/01/26 01:04:12 | 000,138,752 | ---- | C] () -- C:\Windows\System32\mase32.dll
[2007/01/26 01:04:12 | 000,027,648 | ---- | C] () -- C:\Windows\System32\ma32.dll
[2007/01/22 02:24:50 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dlcccfg.dll
[2006/11/02 06:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 01:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/10/18 23:44:48 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2005/08/18 06:26:46 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlccvs.dll
[2005/04/01 11:44:16 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlcccnv4.dll
[1996/04/03 13:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 3552 bytes -> C:\Windows\alienware logo_slvr.jpg:Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:288A91F8
< End of report >
 



#3 mengskx

mengskx

    Enthusiast

  • Members
  • PipPipPipPip
  • 175 posts

Posted 17 January 2013 - 10:46 PM

OTL Extras logfile created on: 1/17/2013 10:43:07 PM - Run 9
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Users\Mengsk\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 56.00% Memory free
7.00 Gb Paging File | 5.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 458.28 Gb Total Space | 149.33 Gb Free Space | 32.58% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 226.05 Gb Free Space | 48.53% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: MENGSK-PC
Current User Name: Mengsk
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.js [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.txt [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{028C7EAA-3E54-44AB-A60F-B6CA9CB9D6C0}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{0C00BF8F-DC9D-4374-803C-C19DECFE4D1C}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{174A4950-ED71-4D06-B81B-D61282EA769F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{187747C1-D849-4521-A2CC-0734949BF0C4}" = lport=139 | protocol=6 | dir=in | app=system |
"{1F5631CC-831E-4F7E-AA13-953EAD794D2D}" = lport=137 | protocol=17 | dir=in | app=system |
"{25B44BB7-0EA1-4F59-9287-82EDE3390BA8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3B5FD846-890B-4473-AC55-D0962F3060AF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3E35DEFF-A75B-41E7-98E8-3D9076B14E01}" = lport=3390 | protocol=6 | dir=in | app=system |
"{3ECF40F5-E8DC-4EE6-8A3D-711A9C3169C8}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{4AB783FB-D142-4128-80EE-474C1883ADCA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4FC6D67B-B449-461A-85AA-C97BAB910C68}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{50759338-1F5F-4BF8-A311-EE40687493A1}" = rport=445 | protocol=6 | dir=out | app=system |
"{5311B277-9E59-424D-BD37-4F1E6657A38E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{53E3FED5-F0B2-46E4-A14F-78A7B5712929}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{5A011F8D-2107-4A77-AD5C-9C07BE999FC1}" = rport=5357 | protocol=6 | dir=out | app=system |
"{6471ED7E-2EF6-4252-9D6B-474111E8DD71}" = lport=10244 | protocol=6 | dir=in | app=system |
"{69BFC1CC-ECCD-4D9D-B59C-0127C0C90E69}" = rport=139 | protocol=6 | dir=out | app=system |
"{6D51026F-5EEC-40C3-BAC5-76851D5B8A22}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7C75E82A-9657-4B82-B7E5-6D5DBB9F47CE}" = lport=138 | protocol=17 | dir=in | app=system |
"{8276C576-600E-4C5A-9BCD-CE33E1675F8C}" = rport=10244 | protocol=6 | dir=out | app=system |
"{870F3A2F-E4C8-44FA-9695-F0FE4F90E18B}" = rport=137 | protocol=17 | dir=out | app=system |
"{8835C20A-CF3E-4338-A3FD-4E97703F760D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8CB1CBC4-5FEA-4728-8BBB-BFA5CE57E7AA}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{97C3B761-6032-4A20-8B58-F89831400A35}" = lport=3390 | protocol=6 | dir=in | app=system |
"{9B613075-C7F2-42B3-8966-FAD20D66D927}" = rport=5358 | protocol=6 | dir=out | app=system |
"{9BCCFE5C-7E36-4257-A1CC-021A24816C4B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B529E360-09F3-47D1-B2DC-5E8131D74C59}" = rport=138 | protocol=17 | dir=out | app=system |
"{B84BADAB-261F-4E72-8263-A4BEA686F72C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{B96AC28A-8665-4891-879F-6E9E8E1DC0DB}" = lport=445 | protocol=6 | dir=in | app=system |
"{B9A0A002-D131-4D29-BC16-204D3CE32286}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{BD8C4D72-0F92-43D1-9E62-47FE64A686B3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C1A33DC3-69CA-4334-B836-D6BCE25495A3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C1F91D88-7216-4FC3-AF22-B83175A76E84}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D75B5FEC-3030-49DD-8E44-BC9997BF52C2}" = lport=5357 | protocol=6 | dir=in | app=system |
"{D8C96848-E657-4410-9B0B-5E8840E38E28}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{E13FDF02-3115-480A-A492-876123E3DA72}" = lport=10244 | protocol=6 | dir=in | app=system |
"{E355404D-5487-4C9F-98FE-2998A12E75AA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E3BCB264-09DA-4B59-88A7-C9932CE1DB51}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{E831C670-2520-492B-B325-D85303B8FD60}" = lport=5358 | protocol=6 | dir=in | app=system |
"{E8E0306B-7B7D-449F-B235-4972140D15DD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{EBECEB1E-85CD-4421-9DFA-B14F269B8A42}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F5F18E9F-E8B1-4D9D-AA7A-873C404D6462}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{F9EB5AF7-D885-4D89-A906-0B660F92FD52}" = rport=10244 | protocol=6 | dir=out | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{034B8306-952C-4CC3-8ECB-C30A8A79A562}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"{07617474-0E33-4DAA-B0BA-44ACECA65D4D}" = protocol=1 | dir=in | [email protected],-28543 |
"{0D783094-BF92-4697-8CDF-A46691C80FB8}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 12\programs\rm.exe |
"{1014B6D7-CFBA-4F80-92FD-EF3D076228B1}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{1257D893-D5A6-44B4-8209-BEF1DAF0578E}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 12\programs\umi.exe |
"{1AA27631-9AD7-4999-A056-20FD66046B55}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |
"{1E6EEF0E-BD08-4C82-AD62-E1E0ED80172A}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |
"{20301CCB-0492-416C-8B13-FA2C370E58CE}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe |
"{207DAE7E-C38D-45B1-BB05-697E90584B8F}" = protocol=17 | dir=in | app=c:\users\mengsk\downloads\facemoods.exe |
"{211D972F-40E7-49DD-A1D1-AB92F0061A7A}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{26013B08-3174-4222-9E55-244AD8F14404}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{2FE89778-82BD-43B8-8F88-729C038F9219}" = protocol=17 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
"{312C5A0F-CE01-411A-8ADF-84A24C4A7D36}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"{33309C51-09F4-4055-995C-1280890CC251}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{35212E9D-DF18-47E9-ADB2-732C08E48966}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |
"{36C7A0BF-FA7E-4C41-9D02-099A2FF5D39C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{38B033FA-D999-4209-AC05-9723C9A21A0D}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{3CDF5083-BC21-4DED-B659-F9B4F7531306}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"{44D6E451-4F22-486E-A2B8-957B6F795B34}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 12\programs\umi.exe |
"{49B31070-FD8E-49C5-8F58-6CA494BDB50C}" = protocol=58 | dir=out | [email protected],-28546 |
"{4ABFC161-2465-4DC4-B850-77B0779DDFC0}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
"{4B4A4B19-945E-458D-9B0D-A00FDED28923}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{4B54F7A1-C061-419A-8DFE-D0699936E7FA}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{4B5FBADB-5894-413D-B58B-D089DCA6958E}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{4B9A2258-7D5D-44E8-8CAC-7F60E3F4CAFD}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{52D10AEA-2CC7-45A7-8CD6-1BFE2FC21B89}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{579B4BD5-0D21-44BF-8F1D-D645B8F1FC7B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{597495EF-E6E0-4B50-9FF8-6E684A24B1B4}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"{5AF628D0-D156-460E-8DE4-1E08948EB33E}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |
"{5C77A543-96FD-4D62-BF98-CE0F5AFD2DC7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{5D5EE141-A598-450B-8D2E-7854F6B2D46F}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{5DC42F76-8E4A-451C-BBE1-C9870996221B}" = protocol=17 | dir=in | app=c:\windows\system32\dlcccoms.exe |
"{64D20FCE-47EC-4BDF-ABE6-5DFE437ADB11}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{67CDB9B3-9224-4E51-9824-BADC418BB7CA}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{6AE256DA-0963-4B4F-BA88-45F25CE1DE7E}" = protocol=17 | dir=in | app=c:\program files\smartftp client\smartftp.exe |
"{6BB90F75-B752-46CD-86C2-8A76E70F393B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{6E783452-B018-4655-AA05-B3D1957F61F2}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{71C39F30-6963-488C-8DC5-C3915C48FB71}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{741896E1-2485-440C-BE52-564CA5015BC5}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{79DA934B-B6D2-4434-8F91-F7FA940ED8CC}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{79EE1780-8260-49A1-B4A0-9731BA6F09E8}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{7A02D244-ADD8-44E0-8500-3B326B9FF1A1}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{7C4CE559-FB03-46EF-9C20-B211B6980A52}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{7F4F00A6-E3A2-470D-8C55-8297CA1EC046}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{8234BB47-6BDA-46D2-9B51-B15EDDFCF42D}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{8380183F-E7D5-4B00-903D-8BC49712FC00}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{8454FF48-DCCF-4E8E-8C8D-3F93CF58BA74}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{879D2D89-405D-4C5B-9753-32B852D9592A}" = protocol=6 | dir=in | app=c:\windows\system32\dlcccoms.exe |
"{88EB0761-9FA9-4553-8376-68D94FBD1693}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{88F5D75B-30E4-44E4-8C12-CEA9E324F4F9}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{8CE0D3AE-9754-4698-A4CC-F2B83CD24DAA}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{8D7EB537-1C60-47A4-9695-89A3E27721DB}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 12\programs\studio.exe |
"{8E81CC54-D4D9-49A0-850D-641BA30083F8}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{9245A49D-078D-49FF-B845-23574C930553}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{94E0DA2F-2E6A-46AA-89F5-35EB734C988C}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{98174B7A-9CC0-4712-959D-1595B9044E09}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{9B7F20C8-4DE2-4944-B129-241C821117B0}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii public test.exe |
"{9BDF03FF-9091-4CC8-9719-28A53D5E2D74}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |
"{9D8CA449-380E-4414-B7AB-407EA849BC48}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{A1FD576B-10B1-4AE9-BE82-7EA71F819670}" = protocol=1 | dir=out | [email protected],-28544 |
"{A517C2AA-1530-497A-B61D-6409B4DC6BFF}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{A5589972-8D71-4D5A-9C5E-714A1075AFBE}" = protocol=17 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{A6C5A870-9DF7-44BE-BB87-632E9F073913}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{AEE5886E-64B8-41F7-9CC4-EC8C95FAA664}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AF45C63A-0B67-4549-B5A4-78520D25481F}" = protocol=58 | dir=in | [email protected],-28545 |
"{B1D75981-FD3B-40D2-ABC6-FE7834E671D9}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{B3DE9ADB-5778-461E-BB7E-A8E51F74BB1B}" = protocol=6 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
"{B8BCF47F-34DE-45B3-9E1B-88BFC6820BC9}" = protocol=6 | dir=in | app=c:\program files\smartftp client\smartftp.exe |
"{BA60557C-BF17-444B-9EA9-142595417E86}" = protocol=6 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{BA7A7808-8438-4EF7-8BDE-2A1400E6799A}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{BE428994-FAC4-4774-A35C-0D8BCFA59E02}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{BFAFE3C1-EC4F-4ECD-9343-83DECB5B3CAE}" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\starcraft ii.exe |
"{C1846BC2-13C0-4839-A985-A7229423BC17}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{C6E1975B-DAFA-49F0-8ECB-55E1325E6380}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{CB77648A-4CCF-4487-A92A-6724B89DF4F9}" = protocol=6 | dir=in | app=c:\users\mengsk\downloads\facemoods.exe |
"{CCD16C8A-6B35-49D9-906A-ECCF26A61E87}" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\starcraft ii.exe |
"{D02E56E4-099F-41EA-94D6-CD7A52CA8651}" = protocol=17 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{D2420C09-46D2-4B1E-9027-796F9B09C9A0}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{D5B05F0E-2492-4CB8-820A-1299F165D4E9}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"{D739FE15-97FB-4E69-9CC5-DF678D8ACCB6}" = protocol=6 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{D825BBAA-3A12-4176-90BF-2814A92B9D90}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"{DA2D390B-3B3D-4387-A589-2C9D7E4168FE}" = protocol=6 | dir=out | app=system |
"{DD8A0D88-37E3-402D-84A3-1AD26EB60BB2}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 12\programs\studio.exe |
"{E048A4E6-E044-4FF6-88FF-E677C8AE0839}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 12\programs\rm.exe |
"{E316CE3F-9C04-4CE1-8199-EDE780246424}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{E3E9F205-CBD9-4904-95AC-410752109B5F}" = protocol=17 | dir=in | app=c:\program files\starcraft ii 2012 beta\starcraft ii beta.exe |
"{EA5D14B9-2692-45F1-966E-050D94378D30}" = protocol=6 | dir=in | app=c:\program files\starcraft ii 2012 beta\starcraft ii beta.exe |
"{EBA532BF-2105-435D-AC1D-DFB458BBC8F3}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |
"{EF2B5163-2177-461A-AA86-031CEEFABE1C}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{EFB34C1A-31CC-43E4-A0AE-5BC63A7D951F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F38A5205-585D-4C43-BFFA-4FB4E7E96323}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii public test.exe |
"{F3B6093E-D804-4563-8FB7-24E8D9B9D7FC}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe |
"{F58CBE8F-AD95-4041-AB49-000E189E462A}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{F6BFB38E-FFE3-4650-80CD-FB4AA5E2E5CE}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{F79F3C81-28E1-45B3-ADEE-E950B1C79699}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{F938CDCA-20F2-46A1-8FA9-030F94DB6D55}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{FD9E5B1E-51EB-4E0D-8136-0A72854CD672}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FD9EE8FD-7BB5-4D0C-BAD9-604C38B7B6DE}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"TCP Query User{032DAB0D-1E39-440E-90C0-92785F010E8C}C:\program files\1clickdownload\1clickdownloader.exe" = protocol=6 | dir=in | app=c:\program files\1clickdownload\1clickdownloader.exe |
"TCP Query User{064EF267-3136-415C-960E-BAFEDF676271}C:\program files\java\jdk1.6.0_16\jre\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.6.0_16\jre\bin\java.exe |
"TCP Query User{0761BE82-3F7C-4F13-9381-5C4E209F8367}C:\program files\starcraft ii 2012 beta\versions\base22334\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii 2012 beta\versions\base22334\sc2.exe |
"TCP Query User{1D9838FC-B13C-4D4A-B8B7-F2D0C8A8F59C}C:\program files\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{1FDC5C44-6022-4114-A381-7DC2D8C5EBC7}C:\program files\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe |
"TCP Query User{2AA6ADFB-5268-4AEA-84FA-6A191E0B44CC}C:\program files\logitech\vid hd\vid.exe" = protocol=6 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
"TCP Query User{334E3532-797B-48AC-A163-662A035FE755}C:\program files\starcraft ii\versions\base22612\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base22612\sc2.exe |
"TCP Query User{33784C9A-7332-43CB-8F19-3B01C752BFBF}C:\program files\starcraft ii\versions\base23260\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base23260\sc2.exe |
"TCP Query User{3A7C6D29-F23B-4391-9EBC-E4E9DC808C1A}C:\program files\starcraft ii\starcraft ii.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"TCP Query User{4FEA6999-9C6A-4436-9839-199FE36455B9}C:\program files\starcraft ii\versions\base21029\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base21029\sc2.exe |
"TCP Query User{52AEF29F-3AB2-48F9-8A32-356A8D9B6337}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{53C81A9F-50C3-4D9F-AE86-3900B7E29AFC}C:\users\mengsk\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\mengsk\program files\dna\btdna.exe |
"TCP Query User{7CBBE520-DDFB-4702-8958-FBE563CABB35}C:\program files\soulseekns\slsk.exe" = protocol=6 | dir=in | app=c:\program files\soulseekns\slsk.exe |
"TCP Query User{80886110-6F42-427C-B9CC-95DC8F2A5D0A}C:\program files\soulseek\slsk.exe" = protocol=6 | dir=in | app=c:\program files\soulseek\slsk.exe |
"TCP Query User{8C9BA1C2-22F7-4994-953D-BBF22A3B313D}C:\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\starcraft\starcraft.exe |
"TCP Query User{8C9F67D8-7882-4FE2-B18B-6E03279575E3}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{9811B358-B0E0-4AF5-A53A-38030D1DB8C2}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{A974E93A-C1C0-4D26-B702-807813687EB4}C:\users\mengsk\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\mengsk\appdata\roaming\spotify\spotify.exe |
"TCP Query User{B80B7559-C317-451D-B0A6-1D5562661E8F}C:\users\mengsk\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\mengsk\appdata\local\akamai\netsession_win.exe |
"TCP Query User{C682707C-89EF-47AB-9E44-B10E69C6DB12}C:\program files\starcraft ii 2012 beta\versions\base23925\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii 2012 beta\versions\base23925\sc2.exe |
"TCP Query User{C98179B9-13FD-4B52-8927-130E2E0A451F}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{CA74B59E-713F-4A60-B018-16E4AC043942}C:\program files\starcraft ii 2012 beta\versions\base23271\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii 2012 beta\versions\base23271\sc2.exe |
"TCP Query User{E1D4C993-E52A-4870-A60B-EAB2B6873C71}C:\program files\starcraft ii\versions\base19679\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base19679\sc2.exe |
"TCP Query User{F5FF34FD-1A4D-4017-815D-D772FB5D0A48}C:\program files\starcraft ii 2012 beta\versions\base24247\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii 2012 beta\versions\base24247\sc2.exe |
"UDP Query User{011DDC7E-BD3F-4E97-8960-68E8B0D67BAF}C:\program files\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe |
"UDP Query User{0F4D25E1-45ED-482D-832C-3E9174709FF9}C:\program files\1clickdownload\1clickdownloader.exe" = protocol=17 | dir=in | app=c:\program files\1clickdownload\1clickdownloader.exe |
"UDP Query User{12D562A7-1975-4C8E-9374-34C45615B273}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{23C3285D-91C2-4132-B44C-32FC58F307E0}C:\program files\starcraft ii 2012 beta\versions\base22334\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii 2012 beta\versions\base22334\sc2.exe |
"UDP Query User{30011E89-D4EC-48B9-B687-BD9C2C1B7AD3}C:\program files\starcraft ii\versions\base22612\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base22612\sc2.exe |
"UDP Query User{3DF59503-8A8E-4EF6-9026-4004500FCF6A}C:\program files\soulseek\slsk.exe" = protocol=17 | dir=in | app=c:\program files\soulseek\slsk.exe |
"UDP Query User{419B4EC6-3191-482C-BDF0-A0FFDF500437}C:\program files\starcraft ii\versions\base21029\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base21029\sc2.exe |
"UDP Query User{4E61F94A-4674-44F6-80EB-EF1585BF9E3A}C:\program files\starcraft ii\starcraft ii.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"UDP Query User{4E812A9D-B0C7-4362-AED6-BC5100EC5E83}C:\program files\starcraft ii 2012 beta\versions\base24247\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii 2012 beta\versions\base24247\sc2.exe |
"UDP Query User{4FC26744-4D71-4248-B1C7-6D81B3237FB1}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{6199F4DA-E204-474B-BB7F-933070DF3267}C:\users\mengsk\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\mengsk\program files\dna\btdna.exe |
"UDP Query User{887566A6-60F8-4AF6-B848-9E9776558BFD}C:\program files\starcraft ii 2012 beta\versions\base23925\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii 2012 beta\versions\base23925\sc2.exe |
"UDP Query User{91353562-B616-4CAC-9865-4D40061AA7AB}C:\program files\logitech\vid hd\vid.exe" = protocol=17 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
"UDP Query User{9A8383F4-9D19-49C2-A390-A3E21BA15FFD}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"UDP Query User{ADA3D200-4D9E-4D83-A503-E2DB9AB46501}C:\users\mengsk\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\mengsk\appdata\roaming\spotify\spotify.exe |
"UDP Query User{B3530EF1-8EFA-4837-9EFF-D28E8CE08E60}C:\program files\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{B3540065-F5E4-48EB-8C52-EF29F30E63F8}C:\users\mengsk\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\mengsk\appdata\local\akamai\netsession_win.exe |
"UDP Query User{BF387D79-51A1-4B63-9682-E323A58C975A}C:\program files\soulseekns\slsk.exe" = protocol=17 | dir=in | app=c:\program files\soulseekns\slsk.exe |
"UDP Query User{C04EB569-99A3-4A0B-9B0E-4EA93A78221C}C:\program files\java\jdk1.6.0_16\jre\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.6.0_16\jre\bin\java.exe |
"UDP Query User{CF142B95-E556-4812-BF82-F8B0E3D9F83A}C:\program files\starcraft ii 2012 beta\versions\base23271\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii 2012 beta\versions\base23271\sc2.exe |
"UDP Query User{DD659BB1-E809-42AF-A1E3-3597E8609643}C:\program files\starcraft ii\versions\base23260\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base23260\sc2.exe |
"UDP Query User{E41659A6-A042-489C-91F9-B2EC61CB672D}C:\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\starcraft\starcraft.exe |
"UDP Query User{F013851D-99EF-421D-9552-DAFE5FD54BD0}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{F3575FF7-4534-47A4-8693-C4293F581409}C:\program files\starcraft ii\versions\base19679\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base19679\sc2.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{0467A27E-6F81-4809-97BC-B886A6C08350}" = Xtranormal State - Showpak-FM-Preview
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{06055B48-E374-430A-AC2A-B335A4A5F1C5}" = Xtranormal State - Voicepack-USEnglish-Heather22k
"{0713D1F9-DD77-42C1-8C7D-54D479E2E743}" = Nero SoundTrax 11
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0D7A4289-99CF-4B8D-B812-86BE50A54552}" = Nero Video 11
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{11A8AACE-401B-4D6D-BB7D-12D974A79EFF}" = Xtranormal State - Showpak-RBT
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{1696C54E-599A-4BA2-9941-BB70C4727887}" = Xtranormal State - Voicepack-English-UK-Daniel
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{18039280-98B7-4C5E-AAC0-10EBC9731033}" = Nero 7 Essentials
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{2BB34316-5C68-45C0-9656-64DF7F34F6BA}" = Map Button (Windows Live Toolbar)
"{2CA7225D-CB12-462A-9DD1-50319E158BA5}" = Nero 11 PiP Effects Basic
"{2CCC5C78-20FF-478E-8B65-46B58CC5781B}" = AVG 2013
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM)
"{39BB1890-4858-4830-8AF0-F116A207610E}" = Xtranormal State - Showpak-THN
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{408F40F6-97F7-4F72-B618-CD7317438920}" = Xtranormal State - Showpak-COL
"{43602F34-1AA3-44FB-AEB2-D08C2C73743F}" = Paint.NET v3.36
"{467A3BF8-4C87-4E68-835C-CE5318C157C2}" = Xtranormal State - Voicepack-English-US-Tom
"{485ACF57-F364-440A-8496-E1E81C8FA1AA}" = Adobe Premiere Pro CS3 Third Party Content
"{49C984E3-7D13-4DF5-8B9A-97A4866AA73C}" = Xtranormal State
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}" = Adobe Encore CS3
"{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM)
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM)
"{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3
"{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5EB90C06-964F-4195-B83E-BD7E55C88415}" = Pinnacle Video Driver
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM)
"{6F23C1A3-9F62-470C-BD12-B83F04E67865}" = SmartFTP Client
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7066F2DB-5032-4B6F-A8E7-A6F946043438}" = Adobe Setup
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{731E713B-C13E-4527-B624-8A6DF2D33DAF}" = AVG 2013
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.5.3.139
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites for Windows Live Toolbar
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7AC0886A-CE48-4EB6-9CC3-4C56D427F2E1}" = Cisco Network Magic
"{7B59BE72-68EF-400B-B08A-2860283A4FE3}" = Smart Menus (Windows Live Toolbar)
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7E4413BB-CE31-4E01-A1C0-E37BDD0187CE}" = Nero 11
"{7FCC4EDC-6EE2-4309-ABD7-85F2667A7B90}" = WebEx Support Manager for Internet Explorer
"{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}" = Nero WaveEditor 11
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{838A22DF-81CA-4452-9BDD-A1745224D960}" = Xtranormal State - Voicepack-English-UK-Serena
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{85EB510F-C24B-4A51-86EA-B2E12BBB3707}" = Xtranormal State - Showpak-Beiges
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A64032F-FF5E-4AC9-ADF7-84E548B7C2B4}" = Highlight Viewer (Windows Live Toolbar)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{912536C4-273C-416F-B42C-BBC5B72114D7}" = Xtranormal State - Voicepack-English-US-Samantha
"{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback
"{924EB80F-C2BB-4B9F-8412-88BBA937393F}" = MobileMe Control Panel
"{926C96FB-9D0A-4504-8000-C6D3A4A3118E}" = Java DB 10.4.2.1
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D3758E2-1A30-4122-A569-7E93B1AC64E8}" = Xtranormal State - Showpak-SBG
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A1570454-ED12-4050-A7AC-9282C7AFB23C}" = Window Shopper
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}" = Nero BackItUp 11
"{ABDB8612-E6AA-4B60-9C45-754AC98DF758}" = Xtranormal State - Voicepack-British-Lucy22k
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.3
"{AD73EA4D-9E94-400F-8DEB-1125D1200CB8}" = Xtranormal State - Showpak-STA1
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B5C314F7-928B-44E3-A8A3-169648B1077D}" = Xtranormal State - SoundPack-Starter Kit
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}" = Adobe Encore CS3 Codecs
"{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM)
"{BB81360F-041C-4CF7-B15E-71380D154244}" = Adobe Setup
"{BE814218-3919-4EA3-868A-2F60BC135CB4}" = Nero Kwik Media
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{C1212AE3-DBB9-4365-8473-F8ABC7B06BBB}" = Pinnacle Instant DVD Recorder
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C6876FE6-A314-4628-B0D7-F3EE5E35C4B4}" = Windows Live Toolbar
"{CCE210DF-7EEF-4A76-A63C-3EB091FDB992}" = welcome
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D041EB9E-890A-4098-8F94-51DA194AC72A}" = Pinnacle Studio 12
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM)
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{D5A32BDB-81BC-4D25-89DF-65C5A0DD8FE0}" = Xtranormal State - Showpak-SUT
"{D6B490CE-202D-4256-9C05-7BFB59904856}" = Xtranormal State - Voicepack-USEnglish-Ryan22k
"{D6D5CFB3-7095-4073-B6B7-B7E909838C57}" = Razer
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E0B28469-6E5E-4759-9602-F8AB6812EC4B}" = Xtranormal State - Voicepack-British-Graham22k
"{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11
"{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}" = Nero 11 Effects Basic
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{E7081891-BC7F-43F9-9CE6-B5DD2F497156}" = Internet Explorer Developer Toolbar
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM)
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EE614F8D-267D-49CC-805B-FC08D94EDFE5}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F3743A2C-5D5F-4456-8F98-5DF36A954C50}" = Nero 11 Image Samples
"{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}" = Nero 11 Disc Menus Basic
"{F69FB940-5031-4FE8-AFAD-085802D0BF63}" = Nero Recode 11
"{F8EF9B71-53E7-41F5-8E54-47B4C979CB38}" = Nero Backup Drivers
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM)
"{FC2C7405-BC58-4E11-8F51-29671BEAC06B}" = Natural Color Pro
"{FC467B61-F890-4E29-8585-365DAB66F13E}" = Pure Networks Platform
"{FC66E05E-8D39-47A6-8D07-759F33727EB0}" = Opera 10.00
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1ClickDownloader" = 1ClickDownloader
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AI RoboForm" = RoboForm 7-4-2 (All Users)
"Akamai" = Akamai NetSession Interface
"AlienRespawn20_AD" = AlienRespawn v2.0
"AnyDVD" = AnyDVD
"Atomic Alarm Clock_is1" = Atomic Alarm Clock 5.85
"AudioConverter Studio_is1" = AudioConverter Studio 6.0
"AVG" = AVG 2013
"AviSynth" = AviSynth 2.5
"AVS Screen Capture_is1" = AVS Screen Capture version 2.0.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor_is1" = AVS Video Editor 6
"AVS Video Recorder_is1" = AVS Video Recorder 2.4
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"BeyondCompare3_is1" = Beyond Compare Version 3.1.9
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cheat Engine 5.5_is1" = Cheat Engine 5.5
"CleanUp!" = CleanUp!
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Coupon Companion Plugin" = Coupon Companion Plugin
"d4cfeebc-b821-40b7-9f81-d366b1466f03_is1" = Horizon v2.5.8.0
"dBpoweramp [Arrange Audio] Codec" = dBpoweramp [Arrange Audio] Codec
"dBpoweramp [Audio Info] Codec" = dBpoweramp [Audio Info] Codec
"dBpoweramp [Channel Split] Codec" = dBpoweramp [Channel Split] Codec
"dBpoweramp [ID Tag Update] Codec" = dBpoweramp [ID Tag Update] Codec
"dBpoweramp [Length Split] Codec" = dBpoweramp [Length Split] Codec
"dBpoweramp [Multi Encoder] Codec" = dBpoweramp [Multi Encoder] Codec
"dBpoweramp [ReplayGain] Codec" = dBpoweramp [ReplayGain] Codec
"dBpoweramp [Tag From Filename] Codec" = dBpoweramp [Tag From Filename] Codec
"dBpoweramp DSP Effects" = dBpoweramp DSP Effects
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab 8_is1" = DVDFab 8.0.0.5 (25/08/2010)
"DVDx_is1" = DVDx
"EditPlus 3" = EditPlus 3
"ffdshow_is1" = ffdshow [rev 2033] [2008-07-05]
"FileZilla Client" = FileZilla Client 3.2.2.1
"Fraps" = Fraps (remove only)
"Free 3GP Video Converter_is1" = Free 3GP Video Converter version 4.0.3.804
"Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16
"FreeStar Free Video Converter" = FreeStar Free Video Converter 9.0.1 build 5
"Google Updater" = Google Updater
"HijackThis" = HijackThis 2.0.2
"iLivid" = iLivid
"ImgBurn" = ImgBurn
"InfoAtoms" = InfoAtoms [Uninstall]
"Internet Scrabble Club_is1" = WordBiz version 1.8
"Logitech Vid" = Logitech Vid HD
"Magic DVD Ripper_is1" = Magic DVD Ripper V6.1.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 18.0 (x86 en-US)" = Mozilla Firefox 18.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Network MagicUninstall" = Network Magic
"Notepad++" = Notepad++
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Polipo" = Polipo 1.0.4
"PowerISO" = PowerISO
"PowerStrip 3 (remove only)" = PowerStrip 3 (remove only)
"Registry Mechanic_is1" = Registry Mechanic 8.0
"sl-dlc" = SelectionLinks
"Soulseek" = SoulSeek Client 156c
"Soulseek2" = SoulSeek 157 NS 13e
"SpeedFan" = SpeedFan (remove only)
"Starcraft" = Starcraft
"StarCraft II" = StarCraft II
"StarCraft II Beta" = StarCraft II Beta
"Tor" = Tor 0.2.1.22
"uTorrent" = µTorrent
"uTorrentControl_v2 Toolbar" = uTorrentControl_v2 Toolbar
"Vidalia" = Vidalia 0.2.6
"VLC media player" = VLC media player 0.9.8a
"Wajam" = Wajam
"WinAVI Video Capture_is1" = WinAVI Video Capture 2.0
"Windows Live Toolbar" = Windows Live Toolbar
"WinGimp-2.0_is1" = Gimp 2.6.2 Debug
"WinRAR archiver" = WinRAR archiver
"Xvid_is1" = Xvid 1.2.1 final uninstall
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"BitTorrent" = BitTorrent
"Google Chrome" = Google Chrome
"Move Media Player" = Move Media Player
"Pic2Ico" = Picture To Icon (remove only)
"Spotify" = Spotify
"UB" = UB
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 4/16/2012 10:56:26 PM | Computer Name = Mengsk-PC | Source = Bonjour Service | ID = 100
Description = 416: ERROR: read_msg errno 10054 (An existing connection was forcibly
 closed by the remote host.)
 
Error - 4/16/2012 11:00:16 PM | Computer Name = Mengsk-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 4/28/2012 1:09:16 AM | Computer Name = Mengsk-PC | Source = Application Hang | ID = 1002
Description = The program getpopupinfo.exe version 13.2.0.2 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
 check the problem history in the Problem Reports and Solutions control panel.  Process
 ID: c14  Start Time: 01cd24fcf09b5290  Termination Time: 2
 
Error - 4/30/2012 1:26:12 AM | Computer Name = Mengsk-PC | Source = Application Error | ID = 1000
Description = Faulting application Skype.exe, version 5.5.0.124, time stamp 0x4e96a02b,
 faulting module Flash32_11_2_202_233.ocx, version 11.2.202.233, time stamp 0x4f85ff58,
 exception code 0xc0000005, fault offset 0x00004152,  process id 0x1560, application
 start time 0x01cd268014876f70.
 
Error - 5/2/2012 12:56:34 AM | Computer Name = Mengsk-PC | Source = Application Error | ID = 1000
Description = Faulting application Skype.exe, version 5.5.0.124, time stamp 0x4e96a02b,
 faulting module Flash32_11_2_202_233.ocx_unloaded, version 0.0.0.0, time stamp
0x4f85ff58, exception code 0xc0000005, fault offset 0x5d9441bf,  process id 0x17dc,
 application start time 0x01cd28164abf1a10.
 
Error - 5/3/2012 1:38:57 AM | Computer Name = Mengsk-PC | Source = Application Error | ID = 1000
Description = Faulting application Skype.exe, version 5.5.0.124, time stamp 0x4e96a02b,
 faulting module Flash32_11_2_202_233.ocx_unloaded, version 0.0.0.0, time stamp
0x4f85ff58, exception code 0xc0000005, fault offset 0x5c1b41f6,  process id 0x15b8,
 application start time 0x01cd28e4ab0de710.
 
Error - 5/9/2012 2:34:40 PM | Computer Name = Mengsk-PC | Source = Bonjour Service | ID = 100
Description = 404: ERROR: read_msg errno 10054 (An existing connection was forcibly
 closed by the remote host.)
 
Error - 5/9/2012 2:34:40 PM | Computer Name = Mengsk-PC | Source = Bonjour Service | ID = 100
Description = 412: ERROR: read_msg errno 10054 (An existing connection was forcibly
 closed by the remote host.)
 
Error - 5/9/2012 2:34:40 PM | Computer Name = Mengsk-PC | Source = Bonjour Service | ID = 100
Description = 416: ERROR: read_msg errno 10054 (An existing connection was forcibly
 closed by the remote host.)
 
Error - 5/9/2012 2:41:20 PM | Computer Name = Mengsk-PC | Source = WinMgmt | ID = 10
Description =
 
[ Media Center Events ]
Error - 1/12/2009 2:24:08 AM | Computer Name = Mengsk-PC | Source = McrMgr | ID = 109
Description =
 
Error - 3/20/2009 6:21:12 AM | Computer Name = Mengsk-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
 
Error - 4/3/2009 9:34:09 PM | Computer Name = Mengsk-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
 
Error - 4/8/2009 9:45:25 PM | Computer Name = Mengsk-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
 
Error - 6/5/2009 9:38:34 PM | Computer Name = Mengsk-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
 
Error - 6/5/2009 11:47:56 PM | Computer Name = Mengsk-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
 
Error - 8/5/2009 9:42:13 PM | Computer Name = Mengsk-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
 
Error - 10/19/2009 9:37:11 PM | Computer Name = Mengsk-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
 
Error - 10/26/2009 9:39:09 PM | Computer Name = Mengsk-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
 
Error - 1/12/2010 12:46:13 AM | Computer Name = Mengsk-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
 
[ System Events ]
Error - 1/17/2013 4:27:38 AM | Computer Name = Mengsk-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable.  Please
 run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy23.
 
Error - 1/17/2013 4:27:38 AM | Computer Name = Mengsk-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable.  Please
 run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy23.
 
Error - 1/17/2013 3:52:25 PM | Computer Name = Mengsk-PC | Source = Service Control Manager | ID = 7006
Description =
 
Error - 1/17/2013 3:55:57 PM | Computer Name = Mengsk-PC | Source = Service Control Manager | ID = 7006
Description =
 
Error - 1/17/2013 3:55:57 PM | Computer Name = Mengsk-PC | Source = Service Control Manager | ID = 7006
Description =
 
Error - 1/17/2013 3:55:57 PM | Computer Name = Mengsk-PC | Source = Service Control Manager | ID = 7026
Description =
 
Error - 1/17/2013 6:24:38 PM | Computer Name = Mengsk-PC | Source = Service Control Manager | ID = 7006
Description =
 
Error - 1/17/2013 6:27:10 PM | Computer Name = Mengsk-PC | Source = Service Control Manager | ID = 7006
Description =
 
Error - 1/17/2013 6:27:10 PM | Computer Name = Mengsk-PC | Source = Service Control Manager | ID = 7006
Description =
 
Error - 1/17/2013 6:27:10 PM | Computer Name = Mengsk-PC | Source = Service Control Manager | ID = 7026
Description =
 
 
< End of report >
 



#4 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 31 January 2013 - 01:28 PM

Are you still in need of a hand.. I was out of town without Internet access, sorry for the delay


Do you want to post your own logs from FRST?
Follow the instructions posted Click Here


#5 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 22 February 2013 - 11:04 AM

closed as the original topic starter has not returned


Do you want to post your own logs from FRST?
Follow the instructions posted Click Here