TheTechGuide Forum
General Category => Tech Clinic => Topic started by: mengskx on June 14, 2011, 11:44:50 AM
-
Every program I try to open it makes me find the exe on my computer to open it.
OTL logfile created on: 6/14/2011 11:38:33 AM - Run 2
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Mengsk\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 60.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 458.28 Gb Total Space | 56.07 Gb Free Space | 12.23% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 327.22 Gb Free Space | 70.26% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MENGSK-PC
Current User Name: Mengsk
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2011/03/24 04:59:34 | 000,199,904 | ---- | M] () -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
PRC - [2011/01/07 02:22:44 | 001,084,256 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/01/06 16:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/12/05 17:26:40 | 000,654,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/12/05 17:26:12 | 000,650,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2010/10/22 05:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/10/22 05:56:58 | 000,845,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2010/10/16 01:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/09/01 23:26:24 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Mengsk\Desktop\OTL.exe
PRC - [2010/05/07 19:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/07/07 15:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/06 13:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) -- C:\Windows\System32\atashost.exe
PRC - [2008/09/29 13:19:22 | 000,415,744 | ---- | M] () -- C:\Program Files\Atomic Alarm Clock\timeserv.exe
PRC - [2007/02/14 17:23:18 | 000,538,096 | ---- | M] ( ) -- C:\Windows\System32\dlcccoms.exe
========== Modules (SafeList) ==========
MOD - [2010/09/01 23:26:24 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Mengsk\Desktop\OTL.exe
MOD - [2010/08/31 10:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2008/01/20 21:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2011/06/06 20:57:54 | 003,435,096 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_8675ab0.dll -- (Akamai)
SRV - [2011/03/24 04:59:34 | 000,199,904 | ---- | M] () [Auto | Running] -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe -- (Toolbar Updater Service)
SRV - [2011/01/06 16:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/10/22 05:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/10/16 01:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/10/06 11:31:48 | 000,517,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/05/07 19:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/11/20 13:55:15 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/09/24 20:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/08/24 06:36:45 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2009/07/07 15:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2009/03/06 13:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) [Auto | Running] -- C:\Windows\System32\atashost.exe -- (atashost)
SRV - [2008/09/29 13:19:22 | 000,415,744 | ---- | M] () [Auto | Running] -- C:\Program Files\Atomic Alarm Clock\timeserv.exe -- (AtomicAlarmClock)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/02/14 17:23:18 | 000,538,096 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlcccoms.exe -- (dlcc_device)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Mengsk\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2010/12/08 05:12:38 | 000,251,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/11/12 14:19:38 | 000,299,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010/09/13 16:27:40 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 03:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 03:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/08/19 21:42:38 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/19 21:42:38 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010/08/19 21:42:36 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2010/07/10 06:37:00 | 011,008,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/05/14 17:04:02 | 006,842,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech HD Webcam C270(UVC)
DRV - [2010/05/14 17:02:26 | 000,276,448 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2010/05/14 17:02:14 | 000,114,784 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2010/05/07 19:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/07/07 15:48:44 | 000,027,696 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\purendis.sys -- (purendis)
DRV - [2009/07/07 15:48:44 | 000,026,672 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\pnarp.sys -- (pnarp)
DRV - [2009/06/30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009/04/10 23:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/12/18 07:23:49 | 000,103,360 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2008/11/02 03:44:10 | 000,056,572 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2008/07/21 07:11:58 | 000,024,392 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2008/01/25 19:02:04 | 000,140,832 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2008/01/25 19:02:04 | 000,132,128 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2008/01/20 21:23:49 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\umpass.sys -- (UMPass)
DRV - [2008/01/20 21:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 21:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 21:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 21:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 21:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 21:23:26 | 000,052,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msdv.sys -- (MSDV)
DRV - [2008/01/20 21:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 21:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 21:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 21:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 21:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/20 21:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 21:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 21:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 21:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 21:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 21:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 21:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 21:23:23 | 000,045,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\61883.sys -- (61883)
DRV - [2008/01/20 21:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 21:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 21:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 21:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 21:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2008/01/20 21:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 21:23:20 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avc.sys -- (Avc)
DRV - [2008/01/20 21:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 21:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 21:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/07/14 20:37:04 | 000,027,992 | ---- | M] (EnTech Taiwan) [Kernel | System | Running] -- C:\Windows\System32\drivers\pstrip.sys -- (PStrip)
DRV - [2007/06/15 10:52:18 | 000,143,256 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mv61xx.sys -- (mv61xx)
DRV - [2007/06/02 15:59:42 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerGuardian2\pgfilter.sys -- (pgfilter)
DRV - [2007/05/24 09:15:00 | 000,246,784 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2007/04/25 11:17:36 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2007/04/11 23:18:34 | 000,048,000 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID)
DRV - [2006/12/28 18:51:56 | 000,110,592 | ---- | M] (ATI Technologies Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ahcix86s.sys -- (ahcix86s)
DRV - [2006/12/12 11:16:06 | 000,022,528 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emAudio.sys -- (emAudio)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 00:50:52 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2006/10/30 18:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2006/10/19 00:44:48 | 000,007,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2006/09/24 08:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan)
DRV - [2006/08/28 16:12:04 | 000,013,312 | ---- | M] () [Kernel | System | Running] -- C:\Windows\system32\drivers\MTictwl.sys -- (NCPro)
DRV - [2006/08/28 16:12:04 | 000,013,312 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MTictwl.sys -- (MagicTune)
DRV - [2006/02/07 18:52:58 | 000,006,912 | ---- | M] (JMicron ) [Kernel | Boot | Stopped] -- C:\Windows\system32\drivers\jgogo.sys -- (JGOGO)
DRV - [2005/12/21 09:14:52 | 000,100,957 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emDevice.sys -- (DCamUSBEMPIA)
DRV - [2005/12/21 09:14:52 | 000,005,245 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emFilter.sys -- (FiltUSBEMPIA)
DRV - [2005/12/21 09:14:52 | 000,004,493 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emScan.sys -- (ScanUSBEMPIA)
DRV - [2005/09/23 23:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2002/07/17 16:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ASPI32.SYS -- (ASPI)
DRV - [1996/04/03 14:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.alienware.com/mothership
IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alienware.com/Mothership?Comp=%ALIENFACTORY_Company%&SysCode=%ALIENFACTORY_SystemCode%&ai=636E3D34363638393826706F3D35383437363541
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.startnow.com/?src=startpage&provider=Bing&provider_code=Z057&partner_id=333&product_id=519&affiliate_id=&channel=DPGL15&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110605&user_guid=2BF1F04879014F378FCB3C319611A6BF&machine_id=e4a1724e4c5c7173d43a1ccd39ceb3b8&browser=IE&os=win&os_version=6.0-x86-SP2
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.alienware.com/Mothership?Comp=%ALIENFACTORY_Company%&SysCode=%ALIENFACTORY_SystemCode%&ai=636E3D34363638393826706F3D35383437363541
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.bing.com/"
FF - prefs.js..extensions.enabledItems: {dd3d7613-0246-469d-bc65-2a3cc1668adc}:0.7.1.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.2
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1209
FF - prefs.js..keyword.URL: "http://www.startnow.com/s/?src=addrbar&provider=Bing&provider_code=Z057&partner_id=333&product_id=519&affiliate_id=&channel=DPGL15&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110605&user_guid=2BF1F04879014F378FCB3C319611A6BF&machine_id=e4a1724e4c5c7173d43a1ccd39ceb3b8&browser=FF&os=win&os_version=6.0-x86-SP2&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared [2010/12/12 20:10:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/03/30 08:38:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramDataMozilla\Extensions\[email protected] [2011/06/04 23:34:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/06 23:37:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/06 23:37:40 | 000,000,000 | ---D | M]
[2009/04/29 22:07:49 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Extensions
[2011/06/07 22:59:41 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\extensions
[2010/08/22 21:58:46 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/05/08 23:54:54 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2011/01/01 21:30:51 | 000,000,000 | ---D | M] (BlockSite) -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
[2011/03/24 22:48:39 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2011/05/08 23:54:52 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\extensions\[email protected]
[2011/06/04 23:34:23 | 000,002,265 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\bing-zugo.xml
[2009/08/21 16:06:56 | 000,002,164 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\bing.xml
[2011/06/09 11:20:39 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-1.xml
[2010/02/09 22:02:27 | 000,000,961 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-2.xml
[2010/03/12 02:40:30 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-3.xml
[2010/03/23 17:07:23 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-4.xml
[2010/04/03 00:29:34 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-5.xml
[2010/06/23 12:48:20 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-6.xml
[2010/06/27 02:16:42 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-7.xml
[2010/07/21 16:17:26 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-8.xml
[2010/07/24 23:29:47 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-9.xml
[2010/01/04 03:03:29 | 000,000,955 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin.xml
[2010/11/05 02:18:29 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/12/12 15:10:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011/02/25 20:28:08 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/05/06 23:37:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/05/06 23:37:38 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml.old
O1 HOSTS File: ([2010/09/05 23:13:52 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.9\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll (Zugo)
O2 - BHO: (Window Shopper) - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files\Superfish\Window Shopper\SuperfishIEAddon.dll (Superfish)
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (IE Developer Toolbar BHO) - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll (Zugo)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.9\facemoodsTlbr.dll (facemoods.com)
O3 - HKCU\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DLCCCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\DLCCtime.DLL ()
O4 - HKLM..\Run: [facemoods] C:\Program Files\facemoods.com\facemoods\1.4.17.9\facemoodssrv.exe (facemoods.com)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [razer] C:\Program Files\Razer\razerhid.exe ()
O4 - HKLM..\Run: [USB2Check] C:\Windows\System32\PCLECoInst.DLL (Pinnacle Systems)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [SkinClock] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Window Shopper - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - C:\Program Files\Superfish\Window Shopper\SuperfishIEAddon.dll (Superfish)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 64.233.207.9 64.233.207.8
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Mengsk\Downloads\NightHunter01.jpg
O24 - Desktop BackupWallPaper: C:\Users\Mengsk\Downloads\NightHunter01.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "C:\Users\Mengsk\AppData\Local\pcc.exe" -a "%1" %* File not found
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "C:\Users\Mengsk\AppData\Local\pcc.exe" -a "%1" %* File not found
========== Files/Folders - Created Within 30 Days ==========
[2011/06/14 01:27:06 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Users\Mengsk\AppData\Local\iqe.exe
[2011/06/14 01:27:03 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Users\Mengsk\0.08067139743463347.exe
[2011/06/05 21:21:50 | 000,000,000 | ---D | C] -- C:\Program Files\Atomic Alarm Clock
[2011/06/05 21:03:59 | 000,000,000 | ---D | C] -- C:\Program Files\facemoods.com
[2011/06/05 17:08:07 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/06/04 23:34:17 | 000,000,000 | ---D | C] -- C:\Program Files\StartNow Toolbar
[2011/06/04 23:34:16 | 000,000,000 | ---D | C] -- C:\Program Files\Superfish
[2011/06/04 23:34:14 | 000,000,000 | ---D | C] -- C:\ProgramDataMozilla
[2008/12/31 00:43:53 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Mengsk\AppData\Roaming\pcouffin.sys
[2006/12/20 18:08:24 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlccpmui.dll
[2006/12/20 18:06:58 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlccserv.dll
[2006/12/20 18:01:04 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlcccomm.dll
[2006/12/20 17:59:24 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlcclmpm.dll
[2006/12/20 17:58:02 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlcciesc.dll
[2006/12/20 17:55:40 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlccpplc.dll
[2006/12/20 17:54:54 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlcccomc.dll
[2006/12/20 17:54:20 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlccprox.dll
[2006/12/20 17:47:32 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlccinpa.dll
[2006/12/20 17:46:50 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\dlccusb1.dll
[2006/12/20 17:42:36 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlcchbn3.dll
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/06/14 11:39:31 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/14 11:39:30 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/14 11:38:45 | 003,932,160 | -HS- | M] () -- C:\Users\Mengsk\NTUSER.DAT
[2011/06/14 11:28:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3144074192-4086266024-1217872548-1000UA.job
[2011/06/14 11:20:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/14 10:58:00 | 000,000,270 | ---- | M] () -- C:\Windows\tasks\Check Updates for Windows Live Toolbar.job
[2011/06/14 10:12:10 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/06/14 09:20:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/14 03:53:13 | 118,471,457 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011/06/14 01:51:47 | 000,000,000 | ---- | M] () -- C:\Users\Mengsk\AppData\Local\prvlcl.dat
[2011/06/14 01:46:40 | 000,707,392 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2011/06/14 01:46:40 | 000,607,168 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/06/14 01:46:40 | 000,104,808 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/06/14 01:41:48 | 000,037,013 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/06/14 01:41:47 | 000,037,013 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/06/14 01:39:30 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2011/06/14 01:39:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/14 01:39:18 | 3488,931,840 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/14 01:36:45 | 000,524,288 | -HS- | M] () -- C:\Users\Mengsk\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2011/06/14 01:36:45 | 000,065,536 | -HS- | M] () -- C:\Users\Mengsk\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2011/06/14 01:36:37 | 000,000,745 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\AtomicAlarmClock.ini
[2011/06/14 01:36:33 | 003,541,443 | -H-- | M] () -- C:\Users\Mengsk\AppData\Local\IconCache.db
[2011/06/14 01:27:31 | 000,001,460 | -HS- | M] () -- C:\Users\Mengsk\AppData\Local\0unryb7xj2n40hddcwv086j5f6f4q30g08j6n
[2011/06/14 01:27:31 | 000,001,460 | -HS- | M] () -- C:\ProgramData\0unryb7xj2n40hddcwv086j5f6f4q30g08j6n
[2011/06/14 01:27:06 | 000,339,968 | ---- | M] (Microsoft Corporation) -- C:\Users\Mengsk\AppData\Local\iqe.exe
[2011/06/14 01:27:04 | 000,339,968 | ---- | M] (Microsoft Corporation) -- C:\Users\Mengsk\0.08067139743463347.exe
[2011/06/13 15:28:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3144074192-4086266024-1217872548-1000Core.job
[2011/06/12 04:45:00 | 000,000,585 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\alarms.ini
[2011/06/05 21:57:17 | 000,000,914 | ---- | M] () -- C:\Users\Mengsk\Desktop\AtomicAlarmClock.lnk
[2011/06/05 21:21:52 | 000,000,914 | ---- | M] () -- C:\Users\Mengsk\Desktop\Atomic Alarm Clock.lnk
[2011/06/05 17:08:07 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/05/20 02:16:54 | 000,096,256 | ---- | M] () -- C:\Users\Mengsk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/18 13:54:39 | 000,002,722 | ---- | M] () -- C:\Users\Mengsk\.recently-used.xbel
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/06/14 01:27:31 | 000,001,460 | -HS- | C] () -- C:\Users\Mengsk\AppData\Local\0unryb7xj2n40hddcwv086j5f6f4q30g08j6n
[2011/06/14 01:27:31 | 000,001,460 | -HS- | C] () -- C:\ProgramData\0unryb7xj2n40hddcwv086j5f6f4q30g08j6n
[2011/06/10 20:32:54 | 000,000,585 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\alarms.ini
[2011/06/05 21:57:17 | 000,000,914 | ---- | C] () -- C:\Users\Mengsk\Desktop\AtomicAlarmClock.lnk
[2011/06/05 21:21:52 | 000,000,914 | ---- | C] () -- C:\Users\Mengsk\Desktop\Atomic Alarm Clock.lnk
[2011/06/05 21:16:09 | 000,000,745 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\AtomicAlarmClock.ini
[2011/05/18 13:54:39 | 000,002,722 | ---- | C] () -- C:\Users\Mengsk\.recently-used.xbel
[2011/04/18 03:11:54 | 000,000,328 | ---- | C] () -- C:\ProgramData\41344776
[2011/03/10 02:16:10 | 000,037,013 | ---- | C] () -- C:\ProgramData\nvModes.001
[2011/03/10 02:16:09 | 000,037,013 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2011/02/02 20:58:28 | 000,096,256 | ---- | C] () -- C:\Users\Mengsk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/31 02:00:40 | 000,000,000 | ---- | C] () -- C:\Users\Mengsk\AppData\Local\prvlcl.dat
[2010/11/05 02:19:04 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/10/11 21:37:14 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/07/22 14:56:56 | 000,000,565 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\myMPQ.ini
[2010/05/14 16:56:06 | 010,830,680 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2010/05/14 16:55:58 | 000,290,648 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2010/05/14 16:47:00 | 000,090,071 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2010/05/07 19:46:36 | 000,014,168 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2010/05/07 19:43:30 | 000,025,824 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2009/12/30 13:35:18 | 008,892,928 | ---- | C] () -- C:\ProgramData\atscie.msi
[2009/12/06 21:20:33 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2009/09/17 06:39:59 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/01/12 01:23:00 | 000,001,041 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\vso_ts_preview.xml
[2008/12/31 00:43:53 | 000,007,887 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\pcouffin.cat
[2008/12/31 00:43:53 | 000,001,144 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\pcouffin.inf
[2008/12/31 00:43:53 | 000,000,034 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\pcouffin.log
[2008/12/28 12:29:45 | 000,815,104 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008/12/28 12:29:45 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008/12/28 02:36:54 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2008/11/21 16:47:52 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/11/21 16:45:16 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2008/11/21 16:45:16 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest
[2008/11/21 16:44:16 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2008/08/12 21:31:10 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008/08/12 21:31:10 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2008/07/18 20:18:12 | 000,013,312 | ---- | C] () -- C:\Windows\System32\drivers\MTictwl.sys
[2008/07/15 07:42:52 | 000,000,274 | ---- | C] () -- C:\Windows\AWACT.dll
[2007/09/07 09:34:50 | 000,000,395 | ---- | C] () -- C:\ProgramData\pstrip.ini
[2007/02/07 13:57:16 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlcccoin.dll
[2007/01/26 08:11:42 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dlccinsr.dll
[2007/01/26 08:11:20 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dlcccur.dll
[2007/01/26 08:09:58 | 000,135,168 | ---- | C] () -- C:\Windows\System32\dlccjswr.dll
[2007/01/26 07:59:04 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlccinsb.dll
[2007/01/26 07:58:30 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dlcccub.dll
[2007/01/26 07:57:38 | 000,073,728 | ---- | C] () -- C:\Windows\System32\dlcccu.dll
[2007/01/26 07:57:18 | 000,159,744 | ---- | C] () -- C:\Windows\System32\dlccins.dll
[2007/01/26 07:53:46 | 000,434,176 | ---- | C] () -- C:\Windows\System32\dlccutil.dll
[2007/01/26 02:04:12 | 000,138,752 | ---- | C] () -- C:\Windows\System32\mase32.dll
[2007/01/26 02:04:12 | 000,027,648 | ---- | C] () -- C:\Windows\System32\ma32.dll
[2007/01/22 03:24:50 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dlcccfg.dll
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/10/19 00:44:48 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2005/08/18 07:26:46 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlccvs.dll
[2005/04/01 12:44:16 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlcccnv4.dll
[1996/04/03 14:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys
========== Alternate Data Streams ==========
@Alternate Data Stream - 3552 bytes -> C:\Windows\alienware logo_slvr.jpg:�Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:288A91F8
< End of report >
-
Right click on OTL.exe and choose to "Run as Administrator"
- Under the [color="#0000FF"]Custom Scans/Fixes[/color] box at the bottom, copy/paste in the following in the quote box below. don't include the word Quote please
:OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Mengsk\AppData\Local\Temp\catchme.sys -- (catchme)
O35 - HKCU\..exefile [open] -- "C:\Users\Mengsk\AppData\Local\pcc.exe" -a "%1" %* File not found
O37 - HKCU\...exe [@ = exefile] -- "C:\Users\Mengsk\AppData\Local\pcc.exe" -a "%1" %* File not found
[2011/06/14 01:27:31 | 000,001,460 | -HS- | M] () -- C:\Users\Mengsk\AppData\Local\0unryb7xj2n40hddcwv086j5f6f4q30g08j6n
[2011/06/14 01:27:31 | 000,001,460 | -HS- | M] () -- C:\ProgramData\0unryb7xj2n40hddcwv086j5f6f4q30g08j6n
[2011/06/14 01:27:06 | 000,339,968 | ---- | M] (Microsoft Corporation) -- C:\Users\Mengsk\AppData\Local\iqe.exe
[2011/06/14 01:27:04 | 000,339,968 | ---- | M] (Microsoft Corporation) -- C:\Users\Mengsk\0.08067139743463347.exe
:Reg
:Files
ipconfig /flushdns /c
:Commands
[EmptyFlash]
[Reboot]
- Then click the [color="#FF0000"]Run Fix[/color] button at the top
- Let the program run unhindered, reboot the PC when it is done
On startup, Allow OTL to run if prompted
A log should open, can you post it please
A copy of this log can also be found in
C:\_OTL\Moved Files folder
In addition: I'm unsure if you got Malwarebytes to run it's course
Can you open MBAM
- Check for Updates
- If an update is found, it will download and install the latest version.
- Once done updating, select "Perform Quick Scan", then click Scan.
- The scan may take some time to finish,so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
- Copy&Paste the entire report in your next reply
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.
-
========== OTL ==========
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\Users\Mengsk\AppData\Local\Temp\catchme.sys not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Classes\exefile\shell\open\command\\'' updated successfully.
File "C:\Users\Mengsk\AppData\Local\pcc.exe" -a "%1" %* File not found not found.
Registry key HKEY_CURRENT_USER\Software\Classes\.exe\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Classes\exefile\ deleted successfully.
HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully!
C:\Users\Mengsk\AppData\Local\0unryb7xj2n40hddcwv086j5f6f4q30g08j6n moved successfully.
C:\ProgramData\0unryb7xj2n40hddcwv086j5f6f4q30g08j6n moved successfully.
C:\Users\Mengsk\AppData\Local\iqe.exe moved successfully.
C:\Users\Mengsk\0.08067139743463347.exe moved successfully.
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
File delete failed. C:\Users\Mengsk\Desktop\cmd.bat scheduled to be deleted on reboot.
C:\Users\Mengsk\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 41 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Mcx1
User: Mengsk
->Flash cache emptied: 2026358 bytes
User: Public
Total Flash Files Cleaned = 2.00 mb
OTL by OldTimer - Version 3.2.11.0 log created on 06142011_221352
Files\Folders moved on Reboot...
C:\Users\Mengsk\Desktop\cmd.bat moved successfully.
Registry entries deleted on Reboot...
-
Nothing found on the malware scan
-
Sorry for the delay
Can you do the following please
Reopen OTL.exe, under "Extra Registry" Select "Use Safelist" then choose to
Run Scan
When done, It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
In addition, keep me informed how things are now running please
-
OTL logfile created on: 6/28/2011 9:33:33 PM - Run 3
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Mengsk\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 65.00% Memory free
7.00 Gb Paging File | 5.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 458.28 Gb Total Space | 111.01 Gb Free Space | 24.22% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 333.04 Gb Free Space | 71.50% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MENGSK-PC
Current User Name: Mengsk
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2011/06/25 23:32:54 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/04/18 17:40:08 | 002,334,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/04/14 05:36:42 | 001,080,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/03/28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2011/03/24 04:59:34 | 000,199,904 | ---- | M] () -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
PRC - [2011/03/16 16:05:14 | 000,656,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2011/02/22 09:58:35 | 000,397,688 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\BitTorrent\bittorrent.exe
PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2011/02/08 05:33:20 | 000,658,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/12/13 18:16:14 | 009,777,448 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunes.exe
PRC - [2010/10/29 15:06:08 | 005,915,480 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Vid HD\Vid.exe
PRC - [2010/10/16 01:57:30 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
PRC - [2010/10/16 01:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/09/01 23:26:24 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Mengsk\Desktop\OTL.exe
PRC - [2010/08/10 00:00:42 | 000,013,088 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
PRC - [2010/05/07 19:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2010/05/07 19:43:52 | 000,651,096 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2010/05/07 19:34:58 | 000,168,792 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2009/07/07 15:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2009/07/07 15:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/06 13:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) -- C:\Windows\System32\atashost.exe
PRC - [2008/09/29 13:19:22 | 000,415,744 | ---- | M] () -- C:\Program Files\Atomic Alarm Clock\timeserv.exe
PRC - [2008/09/24 05:05:05 | 000,527,360 | ---- | M] () -- C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
PRC - [2007/12/13 15:36:46 | 000,049,220 | ---- | M] (Samsung) -- C:\Program Files\SEC\Natural Color Pro\NCProTray.exe
PRC - [2007/06/02 16:59:08 | 001,457,152 | ---- | M] (Phoenix Labs) -- C:\Program Files\PeerGuardian2\pg2.exe
PRC - [2007/02/14 17:23:18 | 000,538,096 | ---- | M] ( ) -- C:\Windows\System32\dlcccoms.exe
PRC - [2005/05/17 17:21:12 | 000,147,456 | ---- | M] () -- C:\Program Files\Razer\razerhid.exe
PRC - [2005/01/18 00:06:12 | 000,143,360 | ---- | M] (Razer Inc.) -- C:\Program Files\Razer\razerofa.exe
========== Modules (SafeList) ==========
MOD - [2010/09/01 23:26:24 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Mengsk\Desktop\OTL.exe
MOD - [2010/08/31 10:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2008/01/20 21:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2011/06/28 16:22:03 | 003,435,096 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_e477fed.dll -- (Akamai)
SRV - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/03/24 04:59:34 | 000,199,904 | ---- | M] () [Auto | Running] -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe -- (Toolbar Updater Service)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/10/16 01:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/10/06 11:31:48 | 000,517,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/05/07 19:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/11/20 13:55:15 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/09/24 20:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/07 15:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2009/03/06 13:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) [Auto | Running] -- C:\Windows\System32\atashost.exe -- (atashost)
SRV - [2008/09/29 13:19:22 | 000,415,744 | ---- | M] () [Auto | Running] -- C:\Program Files\Atomic Alarm Clock\timeserv.exe -- (AtomicAlarmClock)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/02/14 17:23:18 | 000,538,096 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlcccoms.exe -- (dlcc_device)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2011/04/14 21:28:18 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:12:38 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/02/10 07:53:30 | 000,028,624 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:28 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/07/10 06:37:00 | 011,008,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/05/14 17:04:02 | 006,842,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech HD Webcam C270(UVC)
DRV - [2010/05/14 17:02:26 | 000,276,448 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2010/05/14 17:02:14 | 000,114,784 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2010/05/07 19:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/07/07 15:48:44 | 000,027,696 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\purendis.sys -- (purendis)
DRV - [2009/07/07 15:48:44 | 000,026,672 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\pnarp.sys -- (pnarp)
DRV - [2009/06/30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009/04/10 23:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/12/18 07:23:49 | 000,103,360 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2008/11/02 03:44:10 | 000,056,572 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2008/07/21 07:11:58 | 000,024,392 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2008/01/25 19:02:04 | 000,140,832 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2008/01/25 19:02:04 | 000,132,128 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2008/01/20 21:23:49 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\umpass.sys -- (UMPass)
DRV - [2008/01/20 21:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 21:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 21:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 21:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 21:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 21:23:26 | 000,052,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msdv.sys -- (MSDV)
DRV - [2008/01/20 21:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 21:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 21:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 21:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 21:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/20 21:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 21:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 21:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 21:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 21:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 21:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 21:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 21:23:23 | 000,045,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\61883.sys -- (61883)
DRV - [2008/01/20 21:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 21:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 21:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 21:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 21:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2008/01/20 21:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 21:23:20 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avc.sys -- (Avc)
DRV - [2008/01/20 21:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 21:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 21:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/07/14 20:37:04 | 000,027,992 | ---- | M] (EnTech Taiwan) [Kernel | System | Running] -- C:\Windows\System32\drivers\pstrip.sys -- (PStrip)
DRV - [2007/06/15 10:52:18 | 000,143,256 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mv61xx.sys -- (mv61xx)
DRV - [2007/06/02 15:59:42 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\PeerGuardian2\pgfilter.sys -- (pgfilter)
DRV - [2007/05/24 09:15:00 | 000,246,784 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2007/04/25 11:17:36 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2007/04/11 23:18:34 | 000,048,000 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID)
DRV - [2006/12/28 18:51:56 | 000,110,592 | ---- | M] (ATI Technologies Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ahcix86s.sys -- (ahcix86s)
DRV - [2006/12/12 11:16:06 | 000,022,528 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emAudio.sys -- (emAudio)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 00:50:52 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2006/10/30 18:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2006/10/19 00:44:48 | 000,007,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2006/09/24 08:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan)
DRV - [2006/08/28 16:12:04 | 000,013,312 | ---- | M] () [Kernel | System | Running] -- C:\Windows\system32\drivers\MTictwl.sys -- (NCPro)
DRV - [2006/08/28 16:12:04 | 000,013,312 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MTictwl.sys -- (MagicTune)
DRV - [2006/02/07 18:52:58 | 000,006,912 | ---- | M] (JMicron ) [Kernel | Boot | Stopped] -- C:\Windows\system32\drivers\jgogo.sys -- (JGOGO)
DRV - [2005/12/21 09:14:52 | 000,100,957 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emDevice.sys -- (DCamUSBEMPIA)
DRV - [2005/12/21 09:14:52 | 000,005,245 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emFilter.sys -- (FiltUSBEMPIA)
DRV - [2005/12/21 09:14:52 | 000,004,493 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emScan.sys -- (ScanUSBEMPIA)
DRV - [2005/09/23 23:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2002/07/17 16:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ASPI32.SYS -- (ASPI)
DRV - [1996/04/03 14:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.alienware.com/mothership
IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alienware.com/Mothership?Comp=%ALIENFACTORY_Company%&SysCode=%ALIENFACTORY_SystemCode%&ai=636E3D34363638393826706F3D35383437363541
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.startnow.com/?src=startpage&provider=Bing&provider_code=Z057&partner_id=333&product_id=519&affiliate_id=&channel=DPGL15&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110605&user_guid=2BF1F04879014F378FCB3C319611A6BF&machine_id=e4a1724e4c5c7173d43a1ccd39ceb3b8&browser=IE&os=win&os_version=6.0-x86-SP2
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.alienware.com/Mothership?Comp=%ALIENFACTORY_Company%&SysCode=%ALIENFACTORY_SystemCode%&ai=636E3D34363638393826706F3D35383437363541
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.bing.com/"
FF - prefs.js..extensions.enabledItems: {dd3d7613-0246-469d-bc65-2a3cc1668adc}:0.7.1.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.2
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1209
FF - prefs.js..keyword.URL: "http://www.startnow.com/s/?src=addrbar&provider=Bing&provider_code=Z057&partner_id=333&product_id=519&affiliate_id=&channel=DPGL15&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110605&user_guid=2BF1F04879014F378FCB3C319611A6BF&machine_id=e4a1724e4c5c7173d43a1ccd39ceb3b8&browser=FF&os=win&os_version=6.0-x86-SP2&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared [2010/12/12 20:10:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/06/24 09:59:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramDataMozilla\Extensions\[email protected] [2011/06/04 23:34:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/25 23:32:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/18 01:28:25 | 000,000,000 | ---D | M]
[2009/04/29 22:07:49 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Extensions
[2011/06/27 19:05:09 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\extensions
[2010/08/22 21:58:46 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/01 21:30:51 | 000,000,000 | ---D | M] (BlockSite) -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
[2011/03/24 22:48:39 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2011/05/08 23:54:52 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\extensions\[email protected]
[2011/06/04 23:34:23 | 000,002,265 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\bing-zugo.xml
[2009/08/21 16:06:56 | 000,002,164 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\bing.xml
[2011/06/23 22:19:33 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-1.xml
[2010/02/09 22:02:27 | 000,000,961 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-2.xml
[2010/03/12 02:40:30 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-3.xml
[2010/03/23 17:07:23 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-4.xml
[2010/04/03 00:29:34 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-5.xml
[2010/06/23 12:48:20 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-6.xml
[2010/06/27 02:16:42 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-7.xml
[2010/07/21 16:17:26 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-8.xml
[2010/07/24 23:29:47 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-9.xml
[2010/01/04 03:03:29 | 000,000,955 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin.xml
[2010/11/05 02:18:29 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/12/12 15:10:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011/02/25 20:28:08 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/06/25 23:32:54 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/05/06 23:37:38 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml.old
O1 HOSTS File: ([2010/09/05 23:13:52 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.9\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll (Zugo)
O2 - BHO: (Window Shopper) - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files\Superfish\Window Shopper\SuperfishIEAddon.dll (Superfish)
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (IE Developer Toolbar BHO) - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll (Zugo)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.9\facemoodsTlbr.dll (facemoods.com)
O3 - HKCU\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DLCCCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\DLCCtime.DLL ()
O4 - HKLM..\Run: [facemoods] C:\Program Files\facemoods.com\facemoods\1.4.17.9\facemoodssrv.exe (facemoods.com)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [razer] C:\Program Files\Razer\razerhid.exe ()
O4 - HKLM..\Run: [USB2Check] C:\Windows\System32\PCLECoInst.DLL (Pinnacle Systems)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [SkinClock] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe ()
O4 - HKCU..\RunOnce: [spchecker] C:\Program Files\AVG\AVG10\Notification\SPCheckerTE.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Window Shopper - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - C:\Program Files\Superfish\Window Shopper\SuperfishIEAddon.dll (Superfish)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 64.233.207.9 64.233.207.8
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Mengsk\Downloads\NightHunter01.jpg
O24 - Desktop BackupWallPaper: C:\Users\Mengsk\Downloads\NightHunter01.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/06/16 14:56:39 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/06/16 14:56:39 | 000,471,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/06/16 14:56:39 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/06/16 14:56:39 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/06/16 14:56:39 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/06/16 14:56:39 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2011/06/14 22:13:52 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/06/05 21:21:50 | 000,000,000 | ---D | C] -- C:\Program Files\Atomic Alarm Clock
[2011/06/05 21:03:59 | 000,000,000 | ---D | C] -- C:\Program Files\facemoods.com
[2011/06/05 17:08:07 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/06/04 23:34:17 | 000,000,000 | ---D | C] -- C:\Program Files\StartNow Toolbar
[2011/06/04 23:34:16 | 000,000,000 | ---D | C] -- C:\Program Files\Superfish
[2011/06/04 23:34:14 | 000,000,000 | ---D | C] -- C:\ProgramDataMozilla
[2008/12/31 00:43:53 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Mengsk\AppData\Roaming\pcouffin.sys
[2006/12/20 18:08:24 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlccpmui.dll
[2006/12/20 18:06:58 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlccserv.dll
[2006/12/20 18:01:04 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlcccomm.dll
[2006/12/20 17:59:24 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlcclmpm.dll
[2006/12/20 17:58:02 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlcciesc.dll
[2006/12/20 17:55:40 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlccpplc.dll
[2006/12/20 17:54:54 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlcccomc.dll
[2006/12/20 17:54:20 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlccprox.dll
[2006/12/20 17:47:32 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlccinpa.dll
[2006/12/20 17:46:50 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\dlccusb1.dll
[2006/12/20 17:42:36 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlcchbn3.dll
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/06/28 21:33:29 | 003,932,160 | -HS- | M] () -- C:\Users\Mengsk\NTUSER.DAT
[2011/06/28 21:28:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3144074192-4086266024-1217872548-1000UA.job
[2011/06/28 21:19:59 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/28 21:06:39 | 000,000,000 | ---- | M] () -- C:\Users\Mengsk\AppData\Local\prvlcl.dat
[2011/06/28 20:58:00 | 000,000,270 | ---- | M] () -- C:\Windows\tasks\Check Updates for Windows Live Toolbar.job
[2011/06/28 20:34:17 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/28 20:34:17 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/28 15:53:20 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/06/28 15:28:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3144074192-4086266024-1217872548-1000Core.job
[2011/06/28 09:20:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/28 09:13:54 | 120,225,783 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011/06/28 05:05:44 | 000,722,140 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2011/06/28 05:05:44 | 000,607,168 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/06/28 05:05:44 | 000,104,808 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/06/26 00:33:41 | 000,103,424 | ---- | M] () -- C:\Users\Mengsk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/22 14:04:49 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/06/22 13:51:28 | 000,000,745 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\AtomicAlarmClock.ini
[2011/06/22 13:50:58 | 000,037,013 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/06/22 13:50:58 | 000,037,013 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/06/22 13:48:43 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2011/06/22 13:48:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/22 13:48:32 | 3488,931,840 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/22 13:46:54 | 000,524,288 | -HS- | M] () -- C:\Users\Mengsk\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2011/06/22 13:46:54 | 000,065,536 | -HS- | M] () -- C:\Users\Mengsk\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2011/06/22 13:46:29 | 003,734,463 | -H-- | M] () -- C:\Users\Mengsk\AppData\Local\IconCache.db
[2011/06/19 22:00:20 | 000,000,016 | ---- | M] () -- C:\Windows\System32\package.lst
[2011/06/14 22:22:15 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/12 04:45:00 | 000,000,585 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\alarms.ini
[2011/06/05 21:57:17 | 000,000,914 | ---- | M] () -- C:\Users\Mengsk\Desktop\AtomicAlarmClock.lnk
[2011/06/05 21:21:52 | 000,000,914 | ---- | M] () -- C:\Users\Mengsk\Desktop\Atomic Alarm Clock.lnk
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/06/10 20:32:54 | 000,000,585 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\alarms.ini
[2011/06/05 21:57:17 | 000,000,914 | ---- | C] () -- C:\Users\Mengsk\Desktop\AtomicAlarmClock.lnk
[2011/06/05 21:21:52 | 000,000,914 | ---- | C] () -- C:\Users\Mengsk\Desktop\Atomic Alarm Clock.lnk
[2011/06/05 21:16:09 | 000,000,745 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\AtomicAlarmClock.ini
[2011/04/18 03:11:54 | 000,000,328 | ---- | C] () -- C:\ProgramData\41344776
[2011/03/10 02:16:10 | 000,037,013 | ---- | C] () -- C:\ProgramData\nvModes.001
[2011/03/10 02:16:09 | 000,037,013 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2011/02/02 20:58:28 | 000,103,424 | ---- | C] () -- C:\Users\Mengsk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/31 02:00:40 | 000,000,000 | ---- | C] () -- C:\Users\Mengsk\AppData\Local\prvlcl.dat
[2010/11/05 02:19:04 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/10/11 21:37:14 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/07/22 14:56:56 | 000,000,565 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\myMPQ.ini
[2010/05/14 16:56:06 | 010,830,680 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2010/05/14 16:55:58 | 000,290,648 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2010/05/14 16:47:00 | 000,090,071 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2010/05/07 19:46:36 | 000,014,168 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2010/05/07 19:43:30 | 000,025,824 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2009/12/30 13:35:18 | 008,892,928 | ---- | C] () -- C:\ProgramData\atscie.msi
[2009/12/06 21:20:33 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2009/09/17 06:39:59 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/01/12 01:23:00 | 000,001,041 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\vso_ts_preview.xml
[2008/12/31 00:43:53 | 000,007,887 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\pcouffin.cat
[2008/12/31 00:43:53 | 000,001,144 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\pcouffin.inf
[2008/12/31 00:43:53 | 000,000,034 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\pcouffin.log
[2008/12/28 12:29:45 | 000,815,104 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008/12/28 12:29:45 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008/12/28 02:36:54 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2008/11/21 16:47:52 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/11/21 16:45:16 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2008/11/21 16:45:16 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest
[2008/11/21 16:44:16 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2008/08/12 21:31:10 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008/08/12 21:31:10 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2008/07/18 20:18:12 | 000,013,312 | ---- | C] () -- C:\Windows\System32\drivers\MTictwl.sys
[2008/07/15 07:42:52 | 000,000,274 | ---- | C] () -- C:\Windows\AWACT.dll
[2007/09/07 09:34:50 | 000,000,395 | ---- | C] () -- C:\ProgramData\pstrip.ini
[2007/02/07 13:57:16 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlcccoin.dll
[2007/01/26 08:11:42 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dlccinsr.dll
[2007/01/26 08:11:20 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dlcccur.dll
[2007/01/26 08:09:58 | 000,135,168 | ---- | C] () -- C:\Windows\System32\dlccjswr.dll
[2007/01/26 07:59:04 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlccinsb.dll
[2007/01/26 07:58:30 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dlcccub.dll
[2007/01/26 07:57:38 | 000,073,728 | ---- | C] () -- C:\Windows\System32\dlcccu.dll
[2007/01/26 07:57:18 | 000,159,744 | ---- | C] () -- C:\Windows\System32\dlccins.dll
[2007/01/26 07:53:46 | 000,434,176 | ---- | C] () -- C:\Windows\System32\dlccutil.dll
[2007/01/26 02:04:12 | 000,138,752 | ---- | C] () -- C:\Windows\System32\mase32.dll
[2007/01/26 02:04:12 | 000,027,648 | ---- | C] () -- C:\Windows\System32\ma32.dll
[2007/01/22 03:24:50 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dlcccfg.dll
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/10/19 00:44:48 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2005/08/18 07:26:46 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlccvs.dll
[2005/04/01 12:44:16 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlcccnv4.dll
[1996/04/03 14:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys
========== Alternate Data Streams ==========
@Alternate Data Stream - 3552 bytes -> C:\Windows\alienware logo_slvr.jpg:�Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:288A91F8
< End of report >
-
OTL Extras logfile created on: 6/28/2011 9:33:33 PM - Run 3
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Mengsk\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 65.00% Memory free
7.00 Gb Paging File | 5.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 458.28 Gb Total Space | 111.01 Gb Free Space | 24.22% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 333.04 Gb Free Space | 71.50% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MENGSK-PC
Current User Name: Mengsk
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{028C7EAA-3E54-44AB-A60F-B6CA9CB9D6C0}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{0C00BF8F-DC9D-4374-803C-C19DECFE4D1C}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{174A4950-ED71-4D06-B81B-D61282EA769F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{187747C1-D849-4521-A2CC-0734949BF0C4}" = lport=139 | protocol=6 | dir=in | app=system |
"{1F5631CC-831E-4F7E-AA13-953EAD794D2D}" = lport=137 | protocol=17 | dir=in | app=system |
"{25B44BB7-0EA1-4F59-9287-82EDE3390BA8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3B5FD846-890B-4473-AC55-D0962F3060AF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3E35DEFF-A75B-41E7-98E8-3D9076B14E01}" = lport=3390 | protocol=6 | dir=in | app=system |
"{3ECF40F5-E8DC-4EE6-8A3D-711A9C3169C8}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{4AB783FB-D142-4128-80EE-474C1883ADCA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4FC6D67B-B449-461A-85AA-C97BAB910C68}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{50759338-1F5F-4BF8-A311-EE40687493A1}" = rport=445 | protocol=6 | dir=out | app=system |
"{5311B277-9E59-424D-BD37-4F1E6657A38E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{53E3FED5-F0B2-46E4-A14F-78A7B5712929}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{5A011F8D-2107-4A77-AD5C-9C07BE999FC1}" = rport=5357 | protocol=6 | dir=out | app=system |
"{6471ED7E-2EF6-4252-9D6B-474111E8DD71}" = lport=10244 | protocol=6 | dir=in | app=system |
"{69BFC1CC-ECCD-4D9D-B59C-0127C0C90E69}" = rport=139 | protocol=6 | dir=out | app=system |
"{6D51026F-5EEC-40C3-BAC5-76851D5B8A22}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7C75E82A-9657-4B82-B7E5-6D5DBB9F47CE}" = lport=138 | protocol=17 | dir=in | app=system |
"{8276C576-600E-4C5A-9BCD-CE33E1675F8C}" = rport=10244 | protocol=6 | dir=out | app=system |
"{870F3A2F-E4C8-44FA-9695-F0FE4F90E18B}" = rport=137 | protocol=17 | dir=out | app=system |
"{8835C20A-CF3E-4338-A3FD-4E97703F760D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8CB1CBC4-5FEA-4728-8BBB-BFA5CE57E7AA}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{97C3B761-6032-4A20-8B58-F89831400A35}" = lport=3390 | protocol=6 | dir=in | app=system |
"{9B613075-C7F2-42B3-8966-FAD20D66D927}" = rport=5358 | protocol=6 | dir=out | app=system |
"{9BCCFE5C-7E36-4257-A1CC-021A24816C4B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A451BE3D-FE7A-4983-838A-65345A6BA470}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{B529E360-09F3-47D1-B2DC-5E8131D74C59}" = rport=138 | protocol=17 | dir=out | app=system |
"{B84BADAB-261F-4E72-8263-A4BEA686F72C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{B96AC28A-8665-4891-879F-6E9E8E1DC0DB}" = lport=445 | protocol=6 | dir=in | app=system |
"{B9A0A002-D131-4D29-BC16-204D3CE32286}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{BD8C4D72-0F92-43D1-9E62-47FE64A686B3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C1A33DC3-69CA-4334-B836-D6BCE25495A3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C1F91D88-7216-4FC3-AF22-B83175A76E84}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D75B5FEC-3030-49DD-8E44-BC9997BF52C2}" = lport=5357 | protocol=6 | dir=in | app=system |
"{E13FDF02-3115-480A-A492-876123E3DA72}" = lport=10244 | protocol=6 | dir=in | app=system |
"{E355404D-5487-4C9F-98FE-2998A12E75AA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E3BCB264-09DA-4B59-88A7-C9932CE1DB51}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{E831C670-2520-492B-B325-D85303B8FD60}" = lport=5358 | protocol=6 | dir=in | app=system |
"{E8E0306B-7B7D-449F-B235-4972140D15DD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{EBECEB1E-85CD-4421-9DFA-B14F269B8A42}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F5F18E9F-E8B1-4D9D-AA7A-873C404D6462}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{F9EB5AF7-D885-4D89-A906-0B660F92FD52}" = rport=10244 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{034B8306-952C-4CC3-8ECB-C30A8A79A562}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"{07617474-0E33-4DAA-B0BA-44ACECA65D4D}" = protocol=1 | dir=in | [email protected],-28543 |
"{0D783094-BF92-4697-8CDF-A46691C80FB8}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 12\programs\rm.exe |
"{1257D893-D5A6-44B4-8209-BEF1DAF0578E}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 12\programs\umi.exe |
"{1B49EB52-2155-4F04-BDA8-76F178EB4167}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{20301CCB-0492-416C-8B13-FA2C370E58CE}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe |
"{207DAE7E-C38D-45B1-BB05-697E90584B8F}" = protocol=17 | dir=in | app=c:\users\mengsk\downloads\facemoods.exe |
"{211D972F-40E7-49DD-A1D1-AB92F0061A7A}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{2FE89778-82BD-43B8-8F88-729C038F9219}" = protocol=17 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
"{312C5A0F-CE01-411A-8ADF-84A24C4A7D36}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"{33309C51-09F4-4055-995C-1280890CC251}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{38B033FA-D999-4209-AC05-9723C9A21A0D}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{44D6E451-4F22-486E-A2B8-957B6F795B34}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 12\programs\umi.exe |
"{47FACF47-90FA-45A9-B62E-CFA5E9C1C2A9}" = protocol=6 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{49B31070-FD8E-49C5-8F58-6CA494BDB50C}" = protocol=58 | dir=out | [email protected],-28546 |
"{4ABFC161-2465-4DC4-B850-77B0779DDFC0}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
"{4B4A4B19-945E-458D-9B0D-A00FDED28923}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{4B54F7A1-C061-419A-8DFE-D0699936E7FA}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{4B9A2258-7D5D-44E8-8CAC-7F60E3F4CAFD}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{597495EF-E6E0-4B50-9FF8-6E684A24B1B4}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"{5D5EE141-A598-450B-8D2E-7854F6B2D46F}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{5DC42F76-8E4A-451C-BBE1-C9870996221B}" = protocol=17 | dir=in | app=c:\windows\system32\dlcccoms.exe |
"{6AE256DA-0963-4B4F-BA88-45F25CE1DE7E}" = protocol=17 | dir=in | app=c:\program files\smartftp client\smartftp.exe |
"{71C39F30-6963-488C-8DC5-C3915C48FB71}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{741896E1-2485-440C-BE52-564CA5015BC5}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7E1A0149-B076-482E-9EFC-81C6EB99E520}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{7F4F00A6-E3A2-470D-8C55-8297CA1EC046}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{81EFBD05-D04F-44AC-8A39-0D0F7A3E532A}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{8380183F-E7D5-4B00-903D-8BC49712FC00}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{879D2D89-405D-4C5B-9753-32B852D9592A}" = protocol=6 | dir=in | app=c:\windows\system32\dlcccoms.exe |
"{8CE0D3AE-9754-4698-A4CC-F2B83CD24DAA}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{8D7EB537-1C60-47A4-9695-89A3E27721DB}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 12\programs\studio.exe |
"{8E81CC54-D4D9-49A0-850D-641BA30083F8}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{915D5967-12D6-46AB-B9B1-0BCBA44B5F9B}" = protocol=17 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{9245A49D-078D-49FF-B845-23574C930553}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{98174B7A-9CC0-4712-959D-1595B9044E09}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{9D8CA449-380E-4414-B7AB-407EA849BC48}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{A1FD576B-10B1-4AE9-BE82-7EA71F819670}" = protocol=1 | dir=out | [email protected],-28544 |
"{A4E175E8-AABB-478C-BF15-79B17A9B4BC0}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{A517C2AA-1530-497A-B61D-6409B4DC6BFF}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{AEE5886E-64B8-41F7-9CC4-EC8C95FAA664}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AF45C63A-0B67-4549-B5A4-78520D25481F}" = protocol=58 | dir=in | [email protected],-28545 |
"{B3DE9ADB-5778-461E-BB7E-A8E51F74BB1B}" = protocol=6 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
"{B8BCF47F-34DE-45B3-9E1B-88BFC6820BC9}" = protocol=6 | dir=in | app=c:\program files\smartftp client\smartftp.exe |
"{BA7A7808-8438-4EF7-8BDE-2A1400E6799A}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{BFAFE3C1-EC4F-4ECD-9343-83DECB5B3CAE}" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\starcraft ii.exe |
"{C149994B-9F51-48BB-A0E9-8240105FC3D1}" = protocol=17 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{C6E1975B-DAFA-49F0-8ECB-55E1325E6380}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{CB77648A-4CCF-4487-A92A-6724B89DF4F9}" = protocol=6 | dir=in | app=c:\users\mengsk\downloads\facemoods.exe |
"{CCD16C8A-6B35-49D9-906A-ECCF26A61E87}" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\starcraft ii.exe |
"{D2420C09-46D2-4B1E-9027-796F9B09C9A0}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{D3820260-0228-4B33-B9B0-9817EF725F29}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{D5B05F0E-2492-4CB8-820A-1299F165D4E9}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"{D9086F64-E104-4304-B333-84D484A11378}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{DA2D390B-3B3D-4387-A589-2C9D7E4168FE}" = protocol=6 | dir=out | app=system |
"{DD8A0D88-37E3-402D-84A3-1AD26EB60BB2}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 12\programs\studio.exe |
"{E048A4E6-E044-4FF6-88FF-E677C8AE0839}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 12\programs\rm.exe |
"{E316CE3F-9C04-4CE1-8199-EDE780246424}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{EF2B5163-2177-461A-AA86-031CEEFABE1C}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{EFB34C1A-31CC-43E4-A0AE-5BC63A7D951F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F3B6093E-D804-4563-8FB7-24E8D9B9D7FC}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe |
"{F58CBE8F-AD95-4041-AB49-000E189E462A}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{F6CF80D2-C8E8-4669-B933-D51CE6B8FEBD}" = protocol=6 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{FD9E5B1E-51EB-4E0D-8136-0A72854CD672}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"TCP Query User{064EF267-3136-415C-960E-BAFEDF676271}C:\program files\java\jdk1.6.0_16\jre\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.6.0_16\jre\bin\java.exe |
"TCP Query User{52AEF29F-3AB2-48F9-8A32-356A8D9B6337}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{53C81A9F-50C3-4D9F-AE86-3900B7E29AFC}C:\users\mengsk\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\mengsk\program files\dna\btdna.exe |
"TCP Query User{80886110-6F42-427C-B9CC-95DC8F2A5D0A}C:\program files\soulseek\slsk.exe" = protocol=6 | dir=in | app=c:\program files\soulseek\slsk.exe |
"TCP Query User{8C9BA1C2-22F7-4994-953D-BBF22A3B313D}C:\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\starcraft\starcraft.exe |
"TCP Query User{8C9F67D8-7882-4FE2-B18B-6E03279575E3}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{9811B358-B0E0-4AF5-A53A-38030D1DB8C2}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{C98179B9-13FD-4B52-8927-130E2E0A451F}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{12D562A7-1975-4C8E-9374-34C45615B273}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{3DF59503-8A8E-4EF6-9026-4004500FCF6A}C:\program files\soulseek\slsk.exe" = protocol=17 | dir=in | app=c:\program files\soulseek\slsk.exe |
"UDP Query User{4FC26744-4D71-4248-B1C7-6D81B3237FB1}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{6199F4DA-E204-474B-BB7F-933070DF3267}C:\users\mengsk\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\mengsk\program files\dna\btdna.exe |
"UDP Query User{9A8383F4-9D19-49C2-A390-A3E21BA15FFD}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"UDP Query User{C04EB569-99A3-4A0B-9B0E-4EA93A78221C}C:\program files\java\jdk1.6.0_16\jre\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.6.0_16\jre\bin\java.exe |
"UDP Query User{E41659A6-A042-489C-91F9-B2EC61CB672D}C:\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\starcraft\starcraft.exe |
"UDP Query User{F013851D-99EF-421D-9552-DAFE5FD54BD0}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{1696C54E-599A-4BA2-9941-BB70C4727887}" = Xtranormal State - Voicepack-English-UK-Daniel
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{18039280-98B7-4C5E-AAC0-10EBC9731033}" = Nero 7 Essentials
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.6
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{228814B2-6A64-4AD5-8D2D-4E2188DEB191}" = AVG 2011
"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 18
"{2BB34316-5C68-45C0-9656-64DF7F34F6BA}" = Map Button (Windows Live Toolbar)
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{32A3A4F4-B792-11D6-A78A-00B0D0160160}" = Java(TM) SE Development Kit 6 Update 16
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{43602F34-1AA3-44FB-AEB2-D08C2C73743F}" = Paint.NET v3.36
"{467A3BF8-4C87-4E68-835C-CE5318C157C2}" = Xtranormal State - Voicepack-English-US-Tom
"{485ACF57-F364-440A-8496-E1E81C8FA1AA}" = Adobe Premiere Pro CS3 Third Party Content
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}" = Adobe Encore CS3
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3
"{5EB90C06-964F-4195-B83E-BD7E55C88415}" = Pinnacle Video Driver
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6F23C1A3-9F62-470C-BD12-B83F04E67865}" = SmartFTP Client
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7066F2DB-5032-4B6F-A8E7-A6F946043438}" = Adobe Setup
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.5.3.139
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites for Windows Live Toolbar
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7AC0886A-CE48-4EB6-9CC3-4C56D427F2E1}" = Cisco Network Magic
"{7B59BE72-68EF-400B-B08A-2860283A4FE3}" = Smart Menus (Windows Live Toolbar)
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7FCC4EDC-6EE2-4309-ABD7-85F2667A7B90}" = WebEx Support Manager for Internet Explorer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{838A22DF-81CA-4452-9BDD-A1745224D960}" = Xtranormal State - Voicepack-English-UK-Serena
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A64032F-FF5E-4AC9-ADF7-84E548B7C2B4}" = Highlight Viewer (Windows Live Toolbar)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8EC4F64D-92E4-4274-9495-4C887D49DEC3}" = Xtranormal State
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{912536C4-273C-416F-B42C-BBC5B72114D7}" = Xtranormal State - Voicepack-English-US-Samantha
"{924EB80F-C2BB-4B9F-8412-88BBA937393F}" = MobileMe Control Panel
"{926C96FB-9D0A-4504-8000-C6D3A4A3118E}" = Java DB 10.4.2.1
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A1570454-ED12-4050-A7AC-9282C7AFB23C}" = Window Shopper
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.5
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B5C314F7-928B-44E3-A8A3-169648B1077D}" = Xtranormal State - SoundPack-Starter Kit
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}" = Adobe Encore CS3 Codecs
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BB81360F-041C-4CF7-B15E-71380D154244}" = Adobe Setup
"{C1212AE3-DBB9-4365-8473-F8ABC7B06BBB}" = Pinnacle Instant DVD Recorder
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C6876FE6-A314-4628-B0D7-F3EE5E35C4B4}" = Windows Live Toolbar
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D041EB9E-890A-4098-8F94-51DA194AC72A}" = Pinnacle Studio 12
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D28CB048-A0AB-4F98-909F-69F3F25AA87D}" = Xtranormal State - Showpak-Playgoz-Preview
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{D6D5CFB3-7095-4073-B6B7-B7E909838C57}" = Razer
"{DB90FF25-9932-48F2-B643-1802F1864FAF}" = AVG 2011
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skypeâ„¢ 5.1
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{E7081891-BC7F-43F9-9CE6-B5DD2F497156}" = Internet Explorer Developer Toolbar
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EE614F8D-267D-49CC-805B-FC08D94EDFE5}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FC2C7405-BC58-4E11-8F51-29671BEAC06B}" = Natural Color Pro
"{FC467B61-F890-4E29-8585-365DAB66F13E}" = Pure Networks Platform
"{FC66E05E-8D39-47A6-8D07-759F33727EB0}" = Opera 10.00
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_acce07fd2c8fe7f9e3f26243e626578" = Adobe Dreamweaver CS4
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Akamai" = Akamai NetSession Interface
"AlienRespawn20_AD" = AlienRespawn v2.0
"AnyDVD" = AnyDVD
"Atomic Alarm Clock_is1" = Atomic Alarm Clock 5.85
"AudioConverter Studio_is1" = AudioConverter Studio 6.0
"AVG" = AVG 2011
"AviSynth" = AviSynth 2.5
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"BeyondCompare3_is1" = Beyond Compare Version 3.1.9
"BitTorrentBar Toolbar" = BitTorrentBar Toolbar
"CCleaner" = CCleaner
"Cheat Engine 5.5_is1" = Cheat Engine 5.5
"CleanUp!" = CleanUp!
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"conduitEngine" = Conduit Engine
"dBpoweramp [Arrange Audio] Codec" = dBpoweramp [Arrange Audio] Codec
"dBpoweramp [Audio Info] Codec" = dBpoweramp [Audio Info] Codec
"dBpoweramp [Channel Split] Codec" = dBpoweramp [Channel Split] Codec
"dBpoweramp [ID Tag Update] Codec" = dBpoweramp [ID Tag Update] Codec
"dBpoweramp [Length Split] Codec" = dBpoweramp [Length Split] Codec
"dBpoweramp [Multi Encoder] Codec" = dBpoweramp [Multi Encoder] Codec
"dBpoweramp [ReplayGain] Codec" = dBpoweramp [ReplayGain] Codec
"dBpoweramp [Tag From Filename] Codec" = dBpoweramp [Tag From Filename] Codec
"dBpoweramp DSP Effects" = dBpoweramp DSP Effects
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab 8_is1" = DVDFab 8.0.0.5 (25/08/2010)
"DVDx_is1" = DVDx
"EditPlus 3" = EditPlus 3
"facemoods" = Facemoods Toolbar
"ffdshow_is1" = ffdshow [rev 2033] [2008-07-05]
"FileZilla Client" = FileZilla Client 3.2.2.1
"Fraps" = Fraps (remove only)
"Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16
"FreeStar Free Video Converter" = FreeStar Free Video Converter 9.0.1 build 5
"Google Updater" = Google Updater
"HijackThis" = HijackThis 2.0.2
"ImgBurn" = ImgBurn
"Internet Scrabble Club_is1" = WordBiz version 1.8
"Logitech Vid" = Logitech Vid HD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 5.0 (x86 en-US)" = Mozilla Firefox 5.0 (x86 en-US)
"Network MagicUninstall" = Network Magic
"Notepad++" = Notepad++
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"PeerGuardian_is1" = PeerGuardian 2.0
"Polipo" = Polipo 1.0.4
"PowerISO" = PowerISO
"PowerStrip 3 (remove only)" = PowerStrip 3 (remove only)
"PROR" = Microsoft Office Professional 2007 Subscription
"Registry Mechanic_is1" = Registry Mechanic 8.0
"Soulseek" = SoulSeek Client 156c
"Soulseek2" = SoulSeek 157 NS 13e
"SpeedFan" = SpeedFan (remove only)
"Starcraft" = Starcraft
"StarCraft II" = StarCraft II
"StartNow Toolbar" = StartNow Toolbar 2.0
"Tor" = Tor 0.2.1.22
"Vidalia" = Vidalia 0.2.6
"VLC media player" = VLC media player 0.9.8a
"WinAVI Video Capture_is1" = WinAVI Video Capture 2.0
"Windows Live Toolbar" = Windows Live Toolbar
"WinGimp-2.0_is1" = Gimp 2.6.2 Debug
"WinRAR archiver" = WinRAR archiver
"Xvid_is1" = Xvid 1.2.1 final uninstall
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"Google Chrome" = Google Chrome
"Move Media Player" = Move Media Player
"Pic2Ico" = Picture To Icon (remove only)
"UB" = UB
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 6/14/2011 2:36:37 AM | Computer Name = Mengsk-PC | Source = Bonjour Service | ID = 100
Description = 416: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)
Error - 6/14/2011 2:36:37 AM | Computer Name = Mengsk-PC | Source = Bonjour Service | ID = 100
Description = 412: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)
Error - 6/14/2011 2:40:39 AM | Computer Name = Mengsk-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/14/2011 2:44:58 AM | Computer Name = Mengsk-PC | Source = Software Licensing Service | ID = 8198
Description = License Activation (SLUI.exe) failed with the following error code:
0x80070057
Error - 6/14/2011 3:41:19 AM | Computer Name = Mengsk-PC | Source = Software Licensing Service | ID = 8198
Description = License Activation (SLUI.exe) failed with the following error code:
0x80070057
Error - 6/14/2011 3:45:06 AM | Computer Name = Mengsk-PC | Source = Software Licensing Service | ID = 8198
Description = License Activation (SLUI.exe) failed with the following error code:
0x80070057
Error - 6/14/2011 11:17:46 PM | Computer Name = Mengsk-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/14/2011 11:20:49 PM | Computer Name = Mengsk-PC | Source = Software Licensing Service | ID = 8198
Description = License Activation (SLUI.exe) failed with the following error code:
0x80070057
Error - 6/14/2011 11:25:28 PM | Computer Name = Mengsk-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/14/2011 11:29:32 PM | Computer Name = Mengsk-PC | Source = Software Licensing Service | ID = 8198
Description = License Activation (SLUI.exe) failed with the following error code:
0x80070057
[ Media Center Events ]
Error - 1/12/2009 2:24:08 AM | Computer Name = Mengsk-PC | Source = McrMgr | ID = 109
Description =
Error - 3/20/2009 6:21:12 AM | Computer Name = Mengsk-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 4/3/2009 9:34:09 PM | Computer Name = Mengsk-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 4/8/2009 9:45:25 PM | Computer Name = Mengsk-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 6/5/2009 9:38:34 PM | Computer Name = Mengsk-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 6/5/2009 11:47:56 PM | Computer Name = Mengsk-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 8/5/2009 9:42:13 PM | Computer Name = Mengsk-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 10/19/2009 9:37:11 PM | Computer Name = Mengsk-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 10/26/2009 9:39:09 PM | Computer Name = Mengsk-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 1/12/2010 12:46:13 AM | Computer Name = Mengsk-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
[ OSession Events ]
Error - 6/28/2009 2:40:37 AM | Computer Name = Mengsk-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
Error - 7/4/2009 3:36:18 AM | Computer Name = Mengsk-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
Error - 7/26/2009 3:57:44 AM | Computer Name = Mengsk-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.
Error - 8/4/2009 5:04:52 AM | Computer Name = Mengsk-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 11
seconds with 0 seconds of active time. This session ended with a crash.
Error - 8/11/2009 4:22:15 AM | Computer Name = Mengsk-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
Error - 8/15/2009 4:00:38 AM | Computer Name = Mengsk-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
Error - 8/16/2009 5:25:08 AM | Computer Name = Mengsk-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.
Error - 8/31/2009 7:33:14 PM | Computer Name = Mengsk-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
Error - 9/1/2009 9:29:21 PM | Computer Name = Mengsk-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
Error - 9/10/2009 2:42:09 PM | Computer Name = Mengsk-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 6/14/2011 11:25:28 PM | Computer Name = Mengsk-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 6/17/2011 6:25:14 AM | Computer Name = Mengsk-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 6/18/2011 2:28:22 AM | Computer Name = Mengsk-PC | Source = DCOM | ID = 10005
Description =
Error - 6/18/2011 2:28:22 AM | Computer Name = Mengsk-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 6/18/2011 2:28:22 AM | Computer Name = Mengsk-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 6/18/2011 2:32:07 AM | Computer Name = Mengsk-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 6/19/2011 10:55:40 PM | Computer Name = Mengsk-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 6/22/2011 2:49:59 PM | Computer Name = Mengsk-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 6/22/2011 2:49:59 PM | Computer Name = Mengsk-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 6/22/2011 4:08:37 PM | Computer Name = Mengsk-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
< End of report >
-
Double click on OTL.exe and Run it
- Under the [color="#0000FF"]Custom Scans/Fixes[/color] box at the bottom, copy/paste in the following in the quote box below. don't include the word Quote please
:OTL
O35 - HKCU\..exefile [open] -- "C:\Users\Mengsk\AppData\Local\pcc.exe" -a "%1" %* File not found
O37 - HKCU\...exe [@ = exefile] -- "C:\Users\Mengsk\AppData\Local\pcc.exe" -a "%1" %* File not found
[2011/06/14 01:27:06 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Users\Mengsk\AppData\Local\iqe.exe
[2011/06/14 01:27:03 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Users\Mengsk\0.08067139743463347.exe
[2011/06/14 01:27:31 | 000,001,460 | -HS- | M] () -- C:\Users\Mengsk\AppData\Local\0unryb7xj2n40hddcwv086j5f6f4q30g08j6n
[2011/06/14 01:27:31 | 000,001,460 | -HS- | M] () -- C:\ProgramData\0unryb7xj2n40hddcwv086j5f6f4q30g08j6n
:Reg
:Files
ipconfig /flushdns /c
C:\Users\Mengsk\AppData\Local\pcc.exe
:Commands
[EmptyTemp]
[EmptyFlash]
[Reboot]
- Then click the [color="#FF0000"]Run Fix[/color] button at the top
- Let the program run unhindered, reboot the PC when it is done
On startup, Allow OTL to run if prompted
A log should open, can you post it please
A copy of this log can also be found in
C:\_OTL\Moved Files folder
Back in Windows, do the following please
Please download TFC by Old Timer and save it to your desktop.
http://oldtimer.geekstogo.com/TFC.exe
Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it.
NOTE: If you are using Vista, right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! If TFC prompts you to reboot, please do so immediately.
Afterwards, run OTL.exe again, run a Quick Scan and post the new log
Keep me informed how things are now running
-
All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Classes\exefile\shell\open\command\\'' updated successfully.
File "C:\Users\Mengsk\AppData\Local\pcc.exe" -a "%1" %* File not found not found.
Registry key HKEY_CURRENT_USER\Software\Classes\.exe\ not found.
Registry key HKEY_CURRENT_USER\Software\Classes\exefile\ deleted successfully.
HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully!
File C:\Users\Mengsk\AppData\Local\iqe.exe not found.
File C:\Users\Mengsk\0.08067139743463347.exe not found.
File C:\Users\Mengsk\AppData\Local\0unryb7xj2n40hddcwv086j5f6f4q30g08j6n not found.
File C:\ProgramData\0unryb7xj2n40hddcwv086j5f6f4q30g08j6n not found.
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Mengsk\Desktop\cmd.bat deleted successfully.
C:\Users\Mengsk\Desktop\cmd.txt deleted successfully.
File\Folder C:\Users\Mengsk\AppData\Local\pcc.exe not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Mcx1
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Mengsk
->Temp folder emptied: 96818097 bytes
->Temporary Internet Files folder emptied: 47373085 bytes
->Java cache emptied: 1900676 bytes
->FireFox cache emptied: 67230850 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 10416 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 111627355 bytes
RecycleBin emptied: 7770013 bytes
Total Files Cleaned = 317.00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Mcx1
User: Mengsk
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0.00 mb
OTL by OldTimer - Version 3.2.11.0 log created on 06292011_141722
Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\WebEx\Log\629\atashost.log scheduled to be moved on reboot.
Registry entries deleted on Reboot...
-
OTL logfile created on: 6/29/2011 2:40:34 PM - Run 5
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Mengsk\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 56.00% Memory free
7.00 Gb Paging File | 5.00 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 458.28 Gb Total Space | 108.48 Gb Free Space | 23.67% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 333.04 Gb Free Space | 71.50% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MENGSK-PC
Current User Name: Mengsk
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2011/06/25 23:32:54 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/06/25 23:32:53 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2011/04/18 17:40:08 | 002,334,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/04/14 05:36:42 | 001,080,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/03/28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2011/03/24 04:59:34 | 000,199,904 | ---- | M] () -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
PRC - [2011/03/16 16:05:14 | 000,656,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2011/02/08 05:33:20 | 000,658,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/10/29 15:06:08 | 005,915,480 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Vid HD\Vid.exe
PRC - [2010/10/16 01:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/09/01 23:26:24 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Mengsk\Desktop\OTL.exe
PRC - [2010/05/07 19:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2010/05/07 19:43:52 | 000,651,096 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2010/05/07 19:35:22 | 000,165,208 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2010/05/07 19:34:58 | 000,168,792 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2009/07/07 15:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2009/07/07 15:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/06 13:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) -- C:\Windows\System32\atashost.exe
PRC - [2008/09/29 13:19:22 | 000,415,744 | ---- | M] () -- C:\Program Files\Atomic Alarm Clock\timeserv.exe
PRC - [2008/09/24 05:05:05 | 000,527,360 | ---- | M] () -- C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
PRC - [2007/12/13 15:36:46 | 000,049,220 | ---- | M] (Samsung) -- C:\Program Files\SEC\Natural Color Pro\NCProTray.exe
PRC - [2007/02/14 17:23:18 | 000,538,096 | ---- | M] ( ) -- C:\Windows\System32\dlcccoms.exe
PRC - [2005/05/17 17:21:12 | 000,147,456 | ---- | M] () -- C:\Program Files\Razer\razerhid.exe
PRC - [2005/01/18 00:06:12 | 000,143,360 | ---- | M] (Razer Inc.) -- C:\Program Files\Razer\razerofa.exe
========== Modules (SafeList) ==========
MOD - [2010/09/01 23:26:24 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Mengsk\Desktop\OTL.exe
MOD - [2010/08/31 10:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2008/01/20 21:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2011/06/28 16:22:03 | 003,435,096 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_e477fed.dll -- (Akamai)
SRV - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/03/24 04:59:34 | 000,199,904 | ---- | M] () [Auto | Running] -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe -- (Toolbar Updater Service)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/10/16 01:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/10/06 11:31:48 | 000,517,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/05/07 19:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/11/20 13:55:15 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/09/24 20:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/07 15:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2009/03/06 13:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) [Auto | Running] -- C:\Windows\System32\atashost.exe -- (atashost)
SRV - [2008/09/29 13:19:22 | 000,415,744 | ---- | M] () [Auto | Running] -- C:\Program Files\Atomic Alarm Clock\timeserv.exe -- (AtomicAlarmClock)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/02/14 17:23:18 | 000,538,096 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlcccoms.exe -- (dlcc_device)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2011/04/14 21:28:18 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:12:38 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/02/10 07:53:30 | 000,028,624 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:28 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/07/10 06:37:00 | 011,008,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/05/14 17:04:02 | 006,842,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech HD Webcam C270(UVC)
DRV - [2010/05/14 17:02:26 | 000,276,448 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2010/05/14 17:02:14 | 000,114,784 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2010/05/07 19:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/07/07 15:48:44 | 000,027,696 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\purendis.sys -- (purendis)
DRV - [2009/07/07 15:48:44 | 000,026,672 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\pnarp.sys -- (pnarp)
DRV - [2009/06/30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009/04/10 23:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/12/18 07:23:49 | 000,103,360 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2008/11/02 03:44:10 | 000,056,572 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2008/07/21 07:11:58 | 000,024,392 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2008/01/25 19:02:04 | 000,140,832 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2008/01/25 19:02:04 | 000,132,128 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2008/01/20 21:23:49 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\umpass.sys -- (UMPass)
DRV - [2008/01/20 21:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 21:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 21:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 21:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 21:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 21:23:26 | 000,052,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msdv.sys -- (MSDV)
DRV - [2008/01/20 21:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 21:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 21:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 21:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 21:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/20 21:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 21:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 21:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 21:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 21:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 21:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 21:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 21:23:23 | 000,045,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\61883.sys -- (61883)
DRV - [2008/01/20 21:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 21:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 21:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 21:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 21:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2008/01/20 21:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 21:23:20 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avc.sys -- (Avc)
DRV - [2008/01/20 21:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 21:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 21:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/07/14 20:37:04 | 000,027,992 | ---- | M] (EnTech Taiwan) [Kernel | System | Running] -- C:\Windows\System32\drivers\pstrip.sys -- (PStrip)
DRV - [2007/06/15 10:52:18 | 000,143,256 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mv61xx.sys -- (mv61xx)
DRV - [2007/06/02 15:59:42 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerGuardian2\pgfilter.sys -- (pgfilter)
DRV - [2007/05/24 09:15:00 | 000,246,784 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2007/04/25 11:17:36 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2007/04/11 23:18:34 | 000,048,000 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID)
DRV - [2006/12/28 18:51:56 | 000,110,592 | ---- | M] (ATI Technologies Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ahcix86s.sys -- (ahcix86s)
DRV - [2006/12/12 11:16:06 | 000,022,528 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emAudio.sys -- (emAudio)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 00:50:52 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2006/10/30 18:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2006/10/19 00:44:48 | 000,007,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2006/09/24 08:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan)
DRV - [2006/08/28 16:12:04 | 000,013,312 | ---- | M] () [Kernel | System | Running] -- C:\Windows\system32\drivers\MTictwl.sys -- (NCPro)
DRV - [2006/08/28 16:12:04 | 000,013,312 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MTictwl.sys -- (MagicTune)
DRV - [2006/02/07 18:52:58 | 000,006,912 | ---- | M] (JMicron ) [Kernel | Boot | Stopped] -- C:\Windows\system32\drivers\jgogo.sys -- (JGOGO)
DRV - [2005/12/21 09:14:52 | 000,100,957 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emDevice.sys -- (DCamUSBEMPIA)
DRV - [2005/12/21 09:14:52 | 000,005,245 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emFilter.sys -- (FiltUSBEMPIA)
DRV - [2005/12/21 09:14:52 | 000,004,493 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emScan.sys -- (ScanUSBEMPIA)
DRV - [2005/09/23 23:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2002/07/17 16:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ASPI32.SYS -- (ASPI)
DRV - [1996/04/03 14:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.alienware.com/mothership
IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alienware.com/Mothership?Comp=%ALIENFACTORY_Company%&SysCode=%ALIENFACTORY_SystemCode%&ai=636E3D34363638393826706F3D35383437363541
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.startnow.com/?src=startpage&provider=Bing&provider_code=Z057&partner_id=333&product_id=519&affiliate_id=&channel=DPGL15&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110605&user_guid=2BF1F04879014F378FCB3C319611A6BF&machine_id=e4a1724e4c5c7173d43a1ccd39ceb3b8&browser=IE&os=win&os_version=6.0-x86-SP2
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.alienware.com/Mothership?Comp=%ALIENFACTORY_Company%&SysCode=%ALIENFACTORY_SystemCode%&ai=636E3D34363638393826706F3D35383437363541
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.bing.com/"
FF - prefs.js..extensions.enabledItems: {dd3d7613-0246-469d-bc65-2a3cc1668adc}:0.7.1.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.2
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1209
FF - prefs.js..keyword.URL: "http://www.startnow.com/s/?src=addrbar&provider=Bing&provider_code=Z057&partner_id=333&product_id=519&affiliate_id=&channel=DPGL15&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110605&user_guid=2BF1F04879014F378FCB3C319611A6BF&machine_id=e4a1724e4c5c7173d43a1ccd39ceb3b8&browser=FF&os=win&os_version=6.0-x86-SP2&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared [2010/12/12 20:10:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/06/24 09:59:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramDataMozilla\Extensions\[email protected] [2011/06/04 23:34:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/25 23:32:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/18 01:28:25 | 000,000,000 | ---D | M]
[2009/04/29 22:07:49 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Extensions
[2011/06/27 19:05:09 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\extensions
[2010/08/22 21:58:46 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/01 21:30:51 | 000,000,000 | ---D | M] (BlockSite) -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
[2011/03/24 22:48:39 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2011/05/08 23:54:52 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\extensions\[email protected]
[2011/06/04 23:34:23 | 000,002,265 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\bing-zugo.xml
[2009/08/21 16:06:56 | 000,002,164 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\bing.xml
[2011/06/23 22:19:33 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-1.xml
[2010/02/09 22:02:27 | 000,000,961 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-2.xml
[2010/03/12 02:40:30 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-3.xml
[2010/03/23 17:07:23 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-4.xml
[2010/04/03 00:29:34 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-5.xml
[2010/06/23 12:48:20 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-6.xml
[2010/06/27 02:16:42 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-7.xml
[2010/07/21 16:17:26 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-8.xml
[2010/07/24 23:29:47 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-9.xml
[2010/01/04 03:03:29 | 000,000,955 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin.xml
[2010/11/05 02:18:29 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/12/12 15:10:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011/02/25 20:28:08 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/06/25 23:32:54 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/05/06 23:37:38 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml.old
O1 HOSTS File: ([2010/09/05 23:13:52 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.9\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll (Zugo)
O2 - BHO: (Window Shopper) - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files\Superfish\Window Shopper\SuperfishIEAddon.dll (Superfish)
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (IE Developer Toolbar BHO) - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll (Zugo)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.9\facemoodsTlbr.dll (facemoods.com)
O3 - HKCU\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DLCCCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\DLCCtime.DLL ()
O4 - HKLM..\Run: [facemoods] C:\Program Files\facemoods.com\facemoods\1.4.17.9\facemoodssrv.exe (facemoods.com)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [razer] C:\Program Files\Razer\razerhid.exe ()
O4 - HKLM..\Run: [USB2Check] C:\Windows\System32\PCLECoInst.DLL (Pinnacle Systems)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [SkinClock] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Window Shopper - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - C:\Program Files\Superfish\Window Shopper\SuperfishIEAddon.dll (Superfish)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 64.233.207.9 64.233.207.8
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Mengsk\Downloads\NightHunter01.jpg
O24 - Desktop BackupWallPaper: C:\Users\Mengsk\Downloads\NightHunter01.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 90 Days ==========
[2011/06/14 22:13:52 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/06/05 21:21:50 | 000,000,000 | ---D | C] -- C:\Program Files\Atomic Alarm Clock
[2011/06/05 21:03:59 | 000,000,000 | ---D | C] -- C:\Program Files\facemoods.com
[2011/06/04 23:34:17 | 000,000,000 | ---D | C] -- C:\Program Files\StartNow Toolbar
[2011/06/04 23:34:16 | 000,000,000 | ---D | C] -- C:\Program Files\Superfish
[2011/06/04 23:34:14 | 000,000,000 | ---D | C] -- C:\ProgramDataMozilla
[2011/04/19 01:39:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Soulseek
[2011/04/14 21:28:18 | 000,134,480 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\System32\drivers\AVGIDSDriver.sys
[2011/04/08 18:03:04 | 000,000,000 | ---D | C] -- C:\Users\Mengsk\AppData\Roaming\NVIDIA
[2011/04/05 00:59:56 | 000,297,168 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2008/12/31 00:43:53 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Mengsk\AppData\Roaming\pcouffin.sys
[2006/12/20 18:08:24 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlccpmui.dll
[2006/12/20 18:06:58 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlccserv.dll
[2006/12/20 18:01:04 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlcccomm.dll
[2006/12/20 17:59:24 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlcclmpm.dll
[2006/12/20 17:58:02 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlcciesc.dll
[2006/12/20 17:55:40 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlccpplc.dll
[2006/12/20 17:54:54 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlcccomc.dll
[2006/12/20 17:54:20 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlccprox.dll
[2006/12/20 17:47:32 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlccinpa.dll
[2006/12/20 17:46:50 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\dlccusb1.dll
[2006/12/20 17:42:36 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlcchbn3.dll
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files - Modified Within 90 Days ==========
[2011/06/29 14:40:35 | 003,932,160 | -HS- | M] () -- C:\Users\Mengsk\NTUSER.DAT
[2011/06/29 14:35:25 | 000,707,392 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2011/06/29 14:35:25 | 000,607,168 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/06/29 14:35:25 | 000,104,808 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/06/29 14:31:38 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/06/29 14:31:00 | 000,000,745 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\AtomicAlarmClock.ini
[2011/06/29 14:30:07 | 000,037,013 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/06/29 14:30:07 | 000,037,013 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/06/29 14:29:29 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/29 14:29:29 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/29 14:29:13 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/29 14:29:09 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2011/06/29 14:29:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/29 14:29:01 | 3488,931,840 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/29 14:27:28 | 000,524,288 | -HS- | M] () -- C:\Users\Mengsk\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2011/06/29 14:27:28 | 000,065,536 | -HS- | M] () -- C:\Users\Mengsk\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2011/06/29 13:58:00 | 000,000,270 | ---- | M] () -- C:\Windows\tasks\Check Updates for Windows Live Toolbar.job
[2011/06/29 13:28:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3144074192-4086266024-1217872548-1000UA.job
[2011/06/29 13:20:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/29 09:12:42 | 120,337,785 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011/06/29 05:16:12 | 006,291,456 | -H-- | M] () -- C:\Users\Mengsk\AppData\Local\IconCache.db
[2011/06/29 02:06:46 | 000,000,000 | ---- | M] () -- C:\Users\Mengsk\AppData\Local\prvlcl.dat
[2011/06/29 01:16:38 | 000,000,016 | ---- | M] () -- C:\Windows\System32\package.lst
[2011/06/28 15:28:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3144074192-4086266024-1217872548-1000Core.job
[2011/06/26 00:33:41 | 000,103,424 | ---- | M] () -- C:\Users\Mengsk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/14 22:22:15 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/12 04:45:00 | 000,000,585 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\alarms.ini
[2011/06/05 21:57:17 | 000,000,914 | ---- | M] () -- C:\Users\Mengsk\Desktop\AtomicAlarmClock.lnk
[2011/06/05 21:21:52 | 000,000,914 | ---- | M] () -- C:\Users\Mengsk\Desktop\Atomic Alarm Clock.lnk
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/05/18 13:54:39 | 000,002,722 | ---- | M] () -- C:\Users\Mengsk\.recently-used.xbel
[2011/04/19 16:50:07 | 000,028,641 | ---- | M] () -- C:\Users\Mengsk\Documents\Top 10 lifting routines.odt
[2011/04/18 22:19:15 | 000,001,724 | ---- | M] () -- C:\Users\Mengsk\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (2).lnk
[2011/04/18 22:19:13 | 000,001,664 | ---- | M] () -- C:\Users\Mengsk\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes (2).lnk
[2011/04/18 18:46:00 | 000,504,657 | ---- | M] () -- C:\Users\Mengsk\Desktop\unhide.exe
[2011/04/18 03:11:54 | 000,000,328 | ---- | M] () -- C:\ProgramData\41344776
[2011/04/16 05:30:53 | 002,575,480 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/04/14 21:28:18 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\System32\drivers\AVGIDSDriver.sys
[2011/04/12 16:50:27 | 000,040,598 | ---- | M] () -- C:\Users\Mengsk\Desktop\Justin Music Discography.odt
[2011/04/10 04:23:33 | 000,227,955 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2011/04/08 19:16:00 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2011/04/07 01:25:46 | 000,008,510 | ---- | M] () -- C:\Users\Mengsk\Documents\lifetrack.odt
[2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/06/10 20:32:54 | 000,000,585 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\alarms.ini
[2011/06/05 21:57:17 | 000,000,914 | ---- | C] () -- C:\Users\Mengsk\Desktop\AtomicAlarmClock.lnk
[2011/06/05 21:21:52 | 000,000,914 | ---- | C] () -- C:\Users\Mengsk\Desktop\Atomic Alarm Clock.lnk
[2011/06/05 21:16:09 | 000,000,745 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\AtomicAlarmClock.ini
[2011/05/18 13:54:39 | 000,002,722 | ---- | C] () -- C:\Users\Mengsk\.recently-used.xbel
[2011/04/19 16:50:05 | 000,028,641 | ---- | C] () -- C:\Users\Mengsk\Documents\Top 10 lifting routines.odt
[2011/04/18 22:19:15 | 000,001,724 | ---- | C] () -- C:\Users\Mengsk\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (2).lnk
[2011/04/18 22:19:13 | 000,001,664 | ---- | C] () -- C:\Users\Mengsk\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes (2).lnk
[2011/04/18 18:45:59 | 000,504,657 | ---- | C] () -- C:\Users\Mengsk\Desktop\unhide.exe
[2011/04/18 18:28:02 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/18 03:11:54 | 000,000,328 | ---- | C] () -- C:\ProgramData\41344776
[2011/04/07 01:25:44 | 000,008,510 | ---- | C] () -- C:\Users\Mengsk\Documents\lifetrack.odt
[2011/03/10 02:16:10 | 000,037,013 | ---- | C] () -- C:\ProgramData\nvModes.001
[2011/03/10 02:16:09 | 000,037,013 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2011/02/02 20:58:28 | 000,103,424 | ---- | C] () -- C:\Users\Mengsk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/31 02:00:40 | 000,000,000 | ---- | C] () -- C:\Users\Mengsk\AppData\Local\prvlcl.dat
[2010/11/05 02:19:04 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/10/11 21:37:14 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/07/22 14:56:56 | 000,000,565 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\myMPQ.ini
[2010/05/14 16:56:06 | 010,830,680 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2010/05/14 16:55:58 | 000,290,648 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2010/05/14 16:47:00 | 000,090,071 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2010/05/07 19:46:36 | 000,014,168 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2010/05/07 19:43:30 | 000,025,824 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2009/12/30 13:35:18 | 008,892,928 | ---- | C] () -- C:\ProgramData\atscie.msi
[2009/12/06 21:20:33 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2009/09/17 06:39:59 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/01/12 01:23:00 | 000,001,041 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\vso_ts_preview.xml
[2008/12/31 00:43:53 | 000,007,887 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\pcouffin.cat
[2008/12/31 00:43:53 | 000,001,144 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\pcouffin.inf
[2008/12/31 00:43:53 | 000,000,034 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\pcouffin.log
[2008/12/28 12:29:45 | 000,815,104 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008/12/28 12:29:45 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008/12/28 02:36:54 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2008/11/21 16:47:52 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/11/21 16:45:16 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2008/11/21 16:45:16 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest
[2008/11/21 16:44:16 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2008/08/12 21:31:10 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008/08/12 21:31:10 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2008/07/18 20:18:12 | 000,013,312 | ---- | C] () -- C:\Windows\System32\drivers\MTictwl.sys
[2008/07/15 07:42:52 | 000,000,274 | ---- | C] () -- C:\Windows\AWACT.dll
[2007/09/07 09:34:50 | 000,000,395 | ---- | C] () -- C:\ProgramData\pstrip.ini
[2007/02/07 13:57:16 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlcccoin.dll
[2007/01/26 08:11:42 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dlccinsr.dll
[2007/01/26 08:11:20 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dlcccur.dll
[2007/01/26 08:09:58 | 000,135,168 | ---- | C] () -- C:\Windows\System32\dlccjswr.dll
[2007/01/26 07:59:04 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlccinsb.dll
[2007/01/26 07:58:30 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dlcccub.dll
[2007/01/26 07:57:38 | 000,073,728 | ---- | C] () -- C:\Windows\System32\dlcccu.dll
[2007/01/26 07:57:18 | 000,159,744 | ---- | C] () -- C:\Windows\System32\dlccins.dll
[2007/01/26 07:53:46 | 000,434,176 | ---- | C] () -- C:\Windows\System32\dlccutil.dll
[2007/01/26 02:04:12 | 000,138,752 | ---- | C] () -- C:\Windows\System32\mase32.dll
[2007/01/26 02:04:12 | 000,027,648 | ---- | C] () -- C:\Windows\System32\ma32.dll
[2007/01/22 03:24:50 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dlcccfg.dll
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/10/19 00:44:48 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2005/08/18 07:26:46 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlccvs.dll
[2005/04/01 12:44:16 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlcccnv4.dll
[1996/04/03 14:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys
========== LOP Check ==========
[2010/03/31 00:37:42 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Acapela Group
[2010/11/03 21:10:51 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\AVG10
[2011/06/29 05:15:53 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\BitTorrent
[2009/08/20 02:40:50 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\dBpoweramp
[2010/01/11 22:52:55 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\EditPlus 3
[2009/09/09 10:42:23 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Elluminate
[2009/03/28 20:43:15 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\FileZilla
[2011/05/18 13:54:39 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\gtk-2.0
[2009/12/12 15:11:00 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\ICQ
[2010/07/05 23:11:18 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\ImgBurn
[2009/08/05 17:47:27 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\IrfanView
[2010/12/25 12:55:58 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Leadertech
[2009/11/26 15:08:49 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\MPEG Streamclip
[2009/11/01 18:40:21 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Notepad++
[2009/01/30 15:24:56 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\OpenOffice.org
[2008/10/03 08:48:02 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Opera
[2010/01/11 23:22:45 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Scooter Software
[2009/09/16 22:04:17 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\SharePod
[2010/07/31 13:17:19 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\SystemRequirementsLab
[2009/09/28 22:35:54 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\TeamViewer
[2009/03/17 17:10:08 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Thunderbird
[2010/02/24 18:33:08 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\UB
[2010/09/30 01:36:39 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Vso
[2010/03/31 00:37:45 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Xtranormal
[2011/06/29 13:58:00 | 000,000,270 | ---- | M] () -- C:\Windows\Tasks\Check Updates for Windows Live Toolbar.job
[2011/06/29 14:27:31 | 000,032,612 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 3552 bytes -> C:\Windows\alienware logo_slvr.jpg:�Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:288A91F8
< End of report >
-
You have a few toolbars and addons that may not be required
I've seen these browser addons actually slow IE loading time and browsing itself
Take a look at the following
StartNow Toolbar 2.0
Conduit EngineYou should close down all instances of your Browser
And uninstall the above 2
The next are optional:
Skype Toolbars > If you don't need the Skype toolbar, simply uninstall it, this does not remove Skype itself
BitTorrentBar Toolbar
Facemoods Toolbar
You forgot to mention how things are now running?
-
I will get rid of those. My computer has been running fine, haven't noticed anything problematic. Thanks for all the help
-
Been away for a few days, if you get a chance, uninstall the forementioned
Reboot the computer
Run a Quick Scan with OTL.exe and post it's new log
We'll just get rid of residuals, and properly remove OTL.exe
-
ok removed the toolbars
OTL logfile created on: 7/15/2011 6:17:25 PM - Run 6
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Mengsk\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 67.00% Memory free
7.00 Gb Paging File | 5.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 458.28 Gb Total Space | 76.69 Gb Free Space | 16.73% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 333.04 Gb Free Space | 71.50% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MENGSK-PC
Current User Name: Mengsk
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2011/04/18 17:40:08 | 002,334,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/04/14 05:36:42 | 001,080,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/03/16 16:05:14 | 000,656,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2011/02/08 05:33:20 | 000,658,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/10/29 15:06:08 | 005,915,480 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Vid HD\Vid.exe
PRC - [2010/10/16 01:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/09/01 23:26:24 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Mengsk\Desktop\OTL.exe
PRC - [2010/05/07 19:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2010/05/07 19:43:52 | 000,651,096 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2010/05/07 19:34:58 | 000,168,792 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2009/07/07 15:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2009/07/07 15:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/06 13:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) -- C:\Windows\System32\atashost.exe
PRC - [2008/09/29 13:19:22 | 000,415,744 | ---- | M] () -- C:\Program Files\Atomic Alarm Clock\timeserv.exe
PRC - [2008/09/24 05:05:05 | 000,527,360 | ---- | M] () -- C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
PRC - [2007/12/13 15:36:46 | 000,049,220 | ---- | M] (Samsung) -- C:\Program Files\SEC\Natural Color Pro\NCProTray.exe
PRC - [2007/02/14 17:23:18 | 000,538,096 | ---- | M] ( ) -- C:\Windows\System32\dlcccoms.exe
PRC - [2005/05/17 17:21:12 | 000,147,456 | ---- | M] () -- C:\Program Files\Razer\razerhid.exe
PRC - [2005/01/18 00:06:12 | 000,143,360 | ---- | M] (Razer Inc.) -- C:\Program Files\Razer\razerofa.exe
========== Modules (SafeList) ==========
MOD - [2010/09/01 23:26:24 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Mengsk\Desktop\OTL.exe
MOD - [2010/08/31 10:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2008/01/20 21:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2011/06/28 16:22:03 | 003,435,096 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_e477fed.dll -- (Akamai)
SRV - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/10/16 01:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/10/06 11:31:48 | 000,517,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/05/07 19:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/11/20 13:55:15 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/09/24 20:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/07 15:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2009/03/06 13:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) [Auto | Running] -- C:\Windows\System32\atashost.exe -- (atashost)
SRV - [2008/09/29 13:19:22 | 000,415,744 | ---- | M] () [Auto | Running] -- C:\Program Files\Atomic Alarm Clock\timeserv.exe -- (AtomicAlarmClock)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/02/14 17:23:18 | 000,538,096 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlcccoms.exe -- (dlcc_device)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2011/04/14 21:28:18 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:12:38 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/02/10 07:53:30 | 000,028,624 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:28 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/07/10 06:37:00 | 011,008,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/05/14 17:04:02 | 006,842,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech HD Webcam C270(UVC)
DRV - [2010/05/14 17:02:26 | 000,276,448 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2010/05/14 17:02:14 | 000,114,784 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2010/05/07 19:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/07/07 15:48:44 | 000,027,696 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\purendis.sys -- (purendis)
DRV - [2009/07/07 15:48:44 | 000,026,672 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\pnarp.sys -- (pnarp)
DRV - [2009/06/30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009/04/10 23:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/12/18 07:23:49 | 000,103,360 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2008/11/02 03:44:10 | 000,056,572 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2008/07/21 07:11:58 | 000,024,392 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2008/01/25 19:02:04 | 000,140,832 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2008/01/25 19:02:04 | 000,132,128 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2008/01/20 21:23:49 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\umpass.sys -- (UMPass)
DRV - [2008/01/20 21:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 21:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 21:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 21:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 21:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 21:23:26 | 000,052,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msdv.sys -- (MSDV)
DRV - [2008/01/20 21:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 21:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 21:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 21:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 21:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/20 21:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 21:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 21:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 21:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 21:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 21:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 21:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 21:23:23 | 000,045,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\61883.sys -- (61883)
DRV - [2008/01/20 21:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 21:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 21:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 21:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 21:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2008/01/20 21:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 21:23:20 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avc.sys -- (Avc)
DRV - [2008/01/20 21:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 21:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 21:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/07/14 20:37:04 | 000,027,992 | ---- | M] (EnTech Taiwan) [Kernel | System | Running] -- C:\Windows\System32\drivers\pstrip.sys -- (PStrip)
DRV - [2007/06/15 10:52:18 | 000,143,256 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mv61xx.sys -- (mv61xx)
DRV - [2007/06/02 15:59:42 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerGuardian2\pgfilter.sys -- (pgfilter)
DRV - [2007/05/24 09:15:00 | 000,246,784 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2007/04/25 11:17:36 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2007/04/11 23:18:34 | 000,048,000 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID)
DRV - [2006/12/28 18:51:56 | 000,110,592 | ---- | M] (ATI Technologies Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ahcix86s.sys -- (ahcix86s)
DRV - [2006/12/12 11:16:06 | 000,022,528 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emAudio.sys -- (emAudio)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 00:50:52 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2006/10/30 18:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2006/10/19 00:44:48 | 000,007,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2006/09/24 08:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan)
DRV - [2006/08/28 16:12:04 | 000,013,312 | ---- | M] () [Kernel | System | Running] -- C:\Windows\system32\drivers\MTictwl.sys -- (NCPro)
DRV - [2006/08/28 16:12:04 | 000,013,312 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MTictwl.sys -- (MagicTune)
DRV - [2006/02/07 18:52:58 | 000,006,912 | ---- | M] (JMicron ) [Kernel | Boot | Stopped] -- C:\Windows\system32\drivers\jgogo.sys -- (JGOGO)
DRV - [2005/12/21 09:14:52 | 000,100,957 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emDevice.sys -- (DCamUSBEMPIA)
DRV - [2005/12/21 09:14:52 | 000,005,245 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emFilter.sys -- (FiltUSBEMPIA)
DRV - [2005/12/21 09:14:52 | 000,004,493 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emScan.sys -- (ScanUSBEMPIA)
DRV - [2005/09/23 23:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2002/07/17 16:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ASPI32.SYS -- (ASPI)
DRV - [1996/04/03 14:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.alienware.com/mothership
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alienware.com/Mothership?Comp=%ALIENFACTORY_Company%&SysCode=%ALIENFACTORY_SystemCode%&ai=636E3D34363638393826706F3D35383437363541
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.startnow.com/?src=startpage&provider=Bing&provider_code=Z057&partner_id=333&product_id=519&affiliate_id=&channel=DPGL15&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110605&user_guid=2BF1F04879014F378FCB3C319611A6BF&machine_id=e4a1724e4c5c7173d43a1ccd39ceb3b8&browser=IE&os=win&os_version=6.0-x86-SP2
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.alienware.com/Mothership?Comp=%ALIENFACTORY_Company%&SysCode=%ALIENFACTORY_SystemCode%&ai=636E3D34363638393826706F3D35383437363541
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.bing.com/"
FF - prefs.js..extensions.enabledItems: {dd3d7613-0246-469d-bc65-2a3cc1668adc}:0.7.1.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.2
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1209
FF - prefs.js..keyword.URL: "http://www.startnow.com/s/?src=addrbar&provider=Bing&provider_code=Z057&partner_id=333&product_id=519&affiliate_id=&channel=DPGL15&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110605&user_guid=2BF1F04879014F378FCB3C319611A6BF&machine_id=e4a1724e4c5c7173d43a1ccd39ceb3b8&browser=FF&os=win&os_version=6.0-x86-SP2&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared [2010/12/12 20:10:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/07/12 08:41:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramDataMozilla\Extensions\[email protected] [2011/06/04 23:34:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/25 23:32:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/18 01:28:25 | 000,000,000 | ---D | M]
[2009/04/29 22:07:49 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Extensions
[2011/06/27 19:05:09 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\extensions
[2010/08/22 21:58:46 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/01 21:30:51 | 000,000,000 | ---D | M] (BlockSite) -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
[2011/03/24 22:48:39 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2011/05/08 23:54:52 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\extensions\[email protected]
[2011/06/04 23:34:23 | 000,002,265 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\bing-zugo.xml
[2009/08/21 16:06:56 | 000,002,164 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\bing.xml
[2011/07/15 16:04:01 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-1.xml
[2010/02/09 22:02:27 | 000,000,961 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-2.xml
[2010/03/12 02:40:30 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-3.xml
[2010/03/23 17:07:23 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-4.xml
[2010/04/03 00:29:34 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-5.xml
[2010/06/23 12:48:20 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-6.xml
[2010/06/27 02:16:42 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-7.xml
[2010/07/21 16:17:26 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-8.xml
[2010/07/24 23:29:47 | 000,000,950 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin-9.xml
[2010/01/04 03:03:29 | 000,000,955 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\Mozilla\Firefox\Profiles\nkn6p427.default\searchplugins\icqplugin.xml
[2011/07/15 18:10:30 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/12/12 15:10:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011/06/25 23:32:54 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/05/06 23:37:38 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml.old
O1 HOSTS File: ([2010/09/05 23:13:52 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Window Shopper) - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files\Superfish\Window Shopper\SuperfishIEAddon.dll (Superfish)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (IE Developer Toolbar BHO) - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DLCCCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\DLCCtime.DLL ()
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [razer] C:\Program Files\Razer\razerhid.exe ()
O4 - HKLM..\Run: [USB2Check] C:\Windows\System32\PCLECoInst.DLL (Pinnacle Systems)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [SkinClock] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Window Shopper - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - C:\Program Files\Superfish\Window Shopper\SuperfishIEAddon.dll (Superfish)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 64.233.207.9 64.233.207.8
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Mengsk\Downloads\NightHunter01.jpg
O24 - Desktop BackupWallPaper: C:\Users\Mengsk\Downloads\NightHunter01.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 90 Days ==========
[2011/06/14 22:13:52 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/06/05 21:21:50 | 000,000,000 | ---D | C] -- C:\Program Files\Atomic Alarm Clock
[2011/06/04 23:34:16 | 000,000,000 | ---D | C] -- C:\Program Files\Superfish
[2011/06/04 23:34:14 | 000,000,000 | ---D | C] -- C:\ProgramDataMozilla
[2011/04/19 01:39:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Soulseek
[2008/12/31 00:43:53 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Mengsk\AppData\Roaming\pcouffin.sys
[2006/12/20 18:08:24 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlccpmui.dll
[2006/12/20 18:06:58 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlccserv.dll
[2006/12/20 18:01:04 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlcccomm.dll
[2006/12/20 17:59:24 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlcclmpm.dll
[2006/12/20 17:58:02 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlcciesc.dll
[2006/12/20 17:55:40 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlccpplc.dll
[2006/12/20 17:54:54 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlcccomc.dll
[2006/12/20 17:54:20 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlccprox.dll
[2006/12/20 17:47:32 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlccinpa.dll
[2006/12/20 17:46:50 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\dlccusb1.dll
[2006/12/20 17:42:36 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlcchbn3.dll
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files - Modified Within 90 Days ==========
[2011/07/15 18:20:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/15 18:17:30 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/07/15 18:17:27 | 003,932,160 | -HS- | M] () -- C:\Users\Mengsk\NTUSER.DAT
[2011/07/15 18:16:45 | 000,000,745 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\AtomicAlarmClock.ini
[2011/07/15 18:16:11 | 000,037,013 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/07/15 18:16:10 | 000,037,013 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/07/15 18:15:24 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/15 18:15:23 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/15 18:15:04 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/15 18:15:01 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2011/07/15 18:14:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/15 18:14:47 | 3488,931,840 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/15 18:12:51 | 000,524,288 | -HS- | M] () -- C:\Users\Mengsk\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2011/07/15 18:12:51 | 000,065,536 | -HS- | M] () -- C:\Users\Mengsk\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2011/07/15 18:12:32 | 001,788,991 | -H-- | M] () -- C:\Users\Mengsk\AppData\Local\IconCache.db
[2011/07/15 17:58:00 | 000,000,270 | ---- | M] () -- C:\Windows\tasks\Check Updates for Windows Live Toolbar.job
[2011/07/15 17:28:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3144074192-4086266024-1217872548-1000UA.job
[2011/07/15 17:22:03 | 000,000,000 | ---- | M] () -- C:\Users\Mengsk\AppData\Local\prvlcl.dat
[2011/07/15 15:59:07 | 000,707,392 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2011/07/15 15:59:07 | 000,607,168 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/07/15 15:59:07 | 000,104,808 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/07/15 15:28:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3144074192-4086266024-1217872548-1000Core.job
[2011/07/15 04:52:34 | 122,394,958 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011/07/13 05:22:28 | 002,575,480 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/07/04 22:03:21 | 000,108,544 | ---- | M] () -- C:\Users\Mengsk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/04 06:31:44 | 000,000,000 | ---- | M] () -- C:\Users\Mengsk\AppData\Roaming\alarms.ini
[2011/06/29 01:16:38 | 000,000,016 | ---- | M] () -- C:\Windows\System32\package.lst
[2011/06/14 22:22:15 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/05 21:57:17 | 000,000,914 | ---- | M] () -- C:\Users\Mengsk\Desktop\AtomicAlarmClock.lnk
[2011/06/05 21:21:52 | 000,000,914 | ---- | M] () -- C:\Users\Mengsk\Desktop\Atomic Alarm Clock.lnk
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/05/18 13:54:39 | 000,002,722 | ---- | M] () -- C:\Users\Mengsk\.recently-used.xbel
[2011/04/19 16:50:07 | 000,028,641 | ---- | M] () -- C:\Users\Mengsk\Documents\Top 10 lifting routines.odt
[2011/04/18 22:19:15 | 000,001,724 | ---- | M] () -- C:\Users\Mengsk\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (2).lnk
[2011/04/18 22:19:13 | 000,001,664 | ---- | M] () -- C:\Users\Mengsk\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes (2).lnk
[2011/04/18 18:46:00 | 000,504,657 | ---- | M] () -- C:\Users\Mengsk\Desktop\unhide.exe
[2011/04/18 03:11:54 | 000,000,328 | ---- | M] () -- C:\ProgramData\41344776
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/06/10 20:32:54 | 000,000,000 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\alarms.ini
[2011/06/05 21:57:17 | 000,000,914 | ---- | C] () -- C:\Users\Mengsk\Desktop\AtomicAlarmClock.lnk
[2011/06/05 21:21:52 | 000,000,914 | ---- | C] () -- C:\Users\Mengsk\Desktop\Atomic Alarm Clock.lnk
[2011/06/05 21:16:09 | 000,000,745 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\AtomicAlarmClock.ini
[2011/05/18 13:54:39 | 000,002,722 | ---- | C] () -- C:\Users\Mengsk\.recently-used.xbel
[2011/04/19 16:50:05 | 000,028,641 | ---- | C] () -- C:\Users\Mengsk\Documents\Top 10 lifting routines.odt
[2011/04/18 22:19:15 | 000,001,724 | ---- | C] () -- C:\Users\Mengsk\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (2).lnk
[2011/04/18 22:19:13 | 000,001,664 | ---- | C] () -- C:\Users\Mengsk\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes (2).lnk
[2011/04/18 18:45:59 | 000,504,657 | ---- | C] () -- C:\Users\Mengsk\Desktop\unhide.exe
[2011/04/18 18:28:02 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/18 03:11:54 | 000,000,328 | ---- | C] () -- C:\ProgramData\41344776
[2011/03/10 02:16:10 | 000,037,013 | ---- | C] () -- C:\ProgramData\nvModes.001
[2011/03/10 02:16:09 | 000,037,013 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2011/02/02 20:58:28 | 000,108,544 | ---- | C] () -- C:\Users\Mengsk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/31 02:00:40 | 000,000,000 | ---- | C] () -- C:\Users\Mengsk\AppData\Local\prvlcl.dat
[2010/11/05 02:19:04 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/10/11 21:37:14 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/07/22 14:56:56 | 000,000,565 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\myMPQ.ini
[2010/05/14 16:56:06 | 010,830,680 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2010/05/14 16:55:58 | 000,290,648 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2010/05/14 16:47:00 | 000,090,071 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2010/05/07 19:46:36 | 000,014,168 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2010/05/07 19:43:30 | 000,025,824 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2009/12/30 13:35:18 | 008,892,928 | ---- | C] () -- C:\ProgramData\atscie.msi
[2009/12/06 21:20:33 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2009/09/17 06:39:59 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/01/12 01:23:00 | 000,001,041 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\vso_ts_preview.xml
[2008/12/31 00:43:53 | 000,007,887 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\pcouffin.cat
[2008/12/31 00:43:53 | 000,001,144 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\pcouffin.inf
[2008/12/31 00:43:53 | 000,000,034 | ---- | C] () -- C:\Users\Mengsk\AppData\Roaming\pcouffin.log
[2008/12/28 12:29:45 | 000,815,104 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008/12/28 12:29:45 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008/12/28 02:36:54 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2008/11/21 16:47:52 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/11/21 16:45:16 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2008/11/21 16:45:16 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest
[2008/11/21 16:44:16 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2008/08/12 21:31:10 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008/08/12 21:31:10 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2008/07/18 20:18:12 | 000,013,312 | ---- | C] () -- C:\Windows\System32\drivers\MTictwl.sys
[2008/07/15 07:42:52 | 000,000,274 | ---- | C] () -- C:\Windows\AWACT.dll
[2007/09/07 09:34:50 | 000,000,395 | ---- | C] () -- C:\ProgramData\pstrip.ini
[2007/02/07 13:57:16 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlcccoin.dll
[2007/01/26 08:11:42 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dlccinsr.dll
[2007/01/26 08:11:20 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dlcccur.dll
[2007/01/26 08:09:58 | 000,135,168 | ---- | C] () -- C:\Windows\System32\dlccjswr.dll
[2007/01/26 07:59:04 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlccinsb.dll
[2007/01/26 07:58:30 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dlcccub.dll
[2007/01/26 07:57:38 | 000,073,728 | ---- | C] () -- C:\Windows\System32\dlcccu.dll
[2007/01/26 07:57:18 | 000,159,744 | ---- | C] () -- C:\Windows\System32\dlccins.dll
[2007/01/26 07:53:46 | 000,434,176 | ---- | C] () -- C:\Windows\System32\dlccutil.dll
[2007/01/26 02:04:12 | 000,138,752 | ---- | C] () -- C:\Windows\System32\mase32.dll
[2007/01/26 02:04:12 | 000,027,648 | ---- | C] () -- C:\Windows\System32\ma32.dll
[2007/01/22 03:24:50 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dlcccfg.dll
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/10/19 00:44:48 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2005/08/18 07:26:46 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlccvs.dll
[2005/04/01 12:44:16 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlcccnv4.dll
[1996/04/03 14:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys
========== LOP Check ==========
[2010/03/31 00:37:42 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Acapela Group
[2010/11/03 21:10:51 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\AVG10
[2011/07/11 07:47:29 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\BitTorrent
[2009/08/20 02:40:50 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\dBpoweramp
[2010/01/11 22:52:55 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\EditPlus 3
[2009/09/09 10:42:23 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Elluminate
[2009/03/28 20:43:15 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\FileZilla
[2011/05/18 13:54:39 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\gtk-2.0
[2009/12/12 15:11:00 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\ICQ
[2010/07/05 23:11:18 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\ImgBurn
[2009/08/05 17:47:27 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\IrfanView
[2010/12/25 12:55:58 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Leadertech
[2009/11/26 15:08:49 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\MPEG Streamclip
[2009/11/01 18:40:21 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Notepad++
[2009/01/30 15:24:56 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\OpenOffice.org
[2008/10/03 08:48:02 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Opera
[2010/01/11 23:22:45 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Scooter Software
[2009/09/16 22:04:17 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\SharePod
[2010/07/31 13:17:19 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\SystemRequirementsLab
[2009/09/28 22:35:54 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\TeamViewer
[2009/03/17 17:10:08 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Thunderbird
[2010/02/24 18:33:08 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\UB
[2010/09/30 01:36:39 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Vso
[2010/03/31 00:37:45 | 000,000,000 | ---D | M] -- C:\Users\Mengsk\AppData\Roaming\Xtranormal
[2011/07/15 17:58:00 | 000,000,270 | ---- | M] () -- C:\Windows\Tasks\Check Updates for Windows Live Toolbar.job
[2011/07/15 18:13:10 | 000,032,612 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 3552 bytes -> C:\Windows\alienware logo_slvr.jpg:�Q30lsldxJoudresxAaaqpcawXc
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:288A91F8
< End of report >