Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Stuttering computer


  • This topic is locked This topic is locked
7 replies to this topic

#1 LastHand

LastHand

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:49 PM

Posted 09 October 2012 - 11:51 PM

My computer will randomly stutter and hang for a few seconds. If audio is playing it makes a nerr noise.


No dust buildup in computer
Tempuratures are within normal range for a laptop
Twin fan laptop cooler
Avg found no viruses after defintion update.
Malwarebytes found nothing
ccleaner made computer run faster, but didn't fix stuttering.
defraggler defragment the drives
Defogger found nothing
Backed up C: with DriveImage XML

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_35
Run by Danny at 13:23:35 on 2012-10-09
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.4094.1261 [GMT -5:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\Direct Console\DCHelper.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Windows\RAVCpl64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\Direct Console\Direct Console.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\MsgTranAgt64.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files (x86)\Razer\Orochi\RazerOrochiTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\Motorola Media Link\NServiceEntry.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
C:\Program Files (x86)\Runtime Software\DriveImage XML\dixml.exe
C:\Windows\System32\notepad.exe
C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\DataProxy.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
uRun: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
mRun: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
mRun: [ATKMEDIA] "C:\Program Files (x86)\ASUS\ATK Media\DMEDIA.EXE"
mRun: [DirectConsole2] C:\Program Files (x86)\ASUS\Direct Console\Direct Console.exe
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Razer Orochi Driver] C:\Program Files (x86)\Razer\Orochi\RazerOrochiTray.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
dRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 24.217.0.5 24.217.201.67 24.247.15.53
TCP: Interfaces\{AAD0F56C-E186-4DCA-B26F-5E301AAA0688} : DhcpNameServer = 24.217.0.5 24.217.201.67 24.247.15.53
TCP: Interfaces\{D3F23F41-6485-4ECC-8DA9-BFA66193A389} : DhcpNameServer = 24.217.0.5 24.217.201.67 24.247.15.53
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
BHO-X64: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO-X64: AVG Do Not Track - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
mRun-x64: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
mRun-x64: [ATKMEDIA] "C:\Program Files (x86)\ASUS\ATK Media\DMEDIA.EXE"
mRun-x64: [DirectConsole2] C:\Program Files (x86)\ASUS\Direct Console\Direct Console.exe
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun-x64: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Razer Orochi Driver] C:\Program Files (x86)\Razer\Orochi\RazerOrochiTray.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\q2iuc6vg.default\
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Danny\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Danny\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\system32\DRIVERS\avgidsha.sys --> C:\Windows\system32\DRIVERS\avgidsha.sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R0 lullaby;lullaby;C:\Windows\system32\DRIVERS\lullaby.sys --> C:\Windows\system32\DRIVERS\lullaby.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R2 ASMMAP64;ASMMAP64;C:\Program Files\ATKGFNEX\ASMMAP64.sys [2011-4-18 14904]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-8-13 5167736]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
R2 DeviceMonitorService;DeviceMonitorService;C:\Program Files (x86)\Motorola Media Link\NServiceEntry.exe [2010-11-5 81920]
R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-4-26 223088]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\Nvidia Corporation\NVIDIA Update Core\daemonu.exe [2012-7-14 1262400]
R2 SplashtopRemoteService;Splashtop® Remote Service;C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2012-6-15 548264]
R2 SSUService;Splashtop Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2012-3-15 370504]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\Nvidia Corporation\3D Vision\nvSCPAPISvr.exe [2012-5-15 382272]
R3 AmdLLD64;AMD Low Level Device Driver;C:\Windows\system32\DRIVERS\AmdLLD64.sys --> C:\Windows\system32\DRIVERS\AmdLLD64.sys [?]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdrivera.sys --> C:\Windows\system32\DRIVERS\avgidsdrivera.sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\avgidsfiltera.sys --> C:\Windows\system32\DRIVERS\avgidsfiltera.sys [?]
R3 itecir;ITECIR Infrared Receiver;C:\Windows\system32\DRIVERS\itecir.sys --> C:\Windows\system32\DRIVERS\itecir.sys [?]
R3 NETw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\NETw5v64.sys --> C:\Windows\system32\DRIVERS\NETw5v64.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-13 250808]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-9-30 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-9-30 79360]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudbus.sys --> C:\Windows\system32\DRIVERS\ssudbus.sys [?]
S3 fssfltr;FssFltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2012-9-30 150464]
S3 motusbdevice;Motorola USB Dev Driver;C:\Windows\system32\DRIVERS\motusbdevice.sys --> C:\Windows\system32\DRIVERS\motusbdevice.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-3 114144]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S3 WRfiltv;WRfiltv;C:\Windows\system32\drivers\WRfiltv.sys --> C:\Windows\system32\drivers\WRfiltv.sys [?]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2011-4-30 89920]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2012-10-09 04:50:22 -------- d-----w- C:\Program Files (x86)\Runtime Software
2012-10-08 02:56:58 -------- d-----w- C:\Users\Danny\.thumbnails
2012-10-08 02:51:00 -------- d-----w- C:\Users\Danny\AppData\Local\fontconfig
2012-10-08 02:50:58 -------- d-----w- C:\Users\Danny\.gimp-2.8
2012-10-08 02:50:57 -------- d-----w- C:\Users\Danny\AppData\Local\gegl-0.2
2012-10-08 02:49:36 -------- d-----w- C:\Program Files\GIMP 2
2012-10-04 17:28:20 -------- d-----w- C:\Windows\pss
2012-10-04 08:40:30 -------- d-----w- C:\Program Files\Defraggler
2012-10-04 08:33:41 -------- d-----w- C:\Program Files\CCleaner
2012-10-04 07:40:33 -------- d-----w- C:\Users\Danny\AppData\Roaming\Malwarebytes
2012-10-04 07:40:23 -------- d-----w- C:\ProgramData\Malwarebytes
2012-10-04 07:40:22 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-10-04 07:40:22 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-10-01 02:15:46 -------- d-----w- C:\Program Files (x86)\Futuremark
2012-09-13 08:01:05 -------- d-----r- C:\Program Files (x86)\Skype
2012-09-11 18:54:23 -------- d-----w- C:\ProgramData\McAfee Security Scan
2012-09-11 18:54:17 -------- d-----w- C:\Program Files (x86)\McAfee Security Scan
.
==================== Find3M ====================
.
2012-10-08 21:38:09 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-08 21:38:09 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-10-07 06:34:33 45056 ----a-w- C:\Windows\System32\acovcnt.exe
2012-08-29 01:24:56 477168 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2012-08-29 01:24:53 473072 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-08-24 20:43:16 384352 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-07-30 18:32:08 102240 ----a-w- C:\Windows\System32\drivers\ssudbus.sys
2012-07-29 08:13:14 189248 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-07-29 08:13:10 189248 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-07-29 08:13:08 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2012-07-26 08:21:28 291680 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2008-07-02 02:28:38 61440 ----a-w- C:\Program Files (x86)\Common Files\CPInstallAction.dll
.
============= FINISH: 13:25:05.30 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 4/18/2011 3:26:06 AM
System Uptime: 10/7/2012 1:58:20 AM (60 hours ago)
.
Motherboard: ASUSTeK Computer Inc. | | G50VT
Processor: Intel® Core™2 Duo CPU P8400 @ 2.26GHz | Socket 478 | 2268/267mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 35.477 GiB free.
D: is FIXED (NTFS) - 149 GiB total, 28.12 GiB free.
E: is CDROM (UDF)
F: is CDROM ()
G: is FIXED (NTFS) - 932 GiB total, 586.942 GiB free.
H: is FIXED (NTFS) - 70 GiB total, 27.496 GiB free.
I: is FIXED (NTFS) - 70 GiB total, 49.771 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP354: 10/7/2012 3:41:40 PM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
µTorrent
7-Zip 9.20
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 8.3.1
Apple Application Support
Apple Software Update
ASUS CopyProtect
ASUS Data Security Manager
ASUS LifeFrame3
ASUS Live Update
ASUS MultiFrame
ASUS SmartLogon
ASUS Splendid Video Enhancement Technology
ASUS Virtual Camera
ATK Generic Function Service
ATK Hotkey
ATK Media
ATKOSD2
Blacklight Retribution
Borderlands 2
CDisplay 1.8
Cities XL 2012
CraftBukkit
Creative System Information
D3DX10
Dawn
Diablo III
Direct Console 2.0
DriveImage XML (Private Edition)
Dual-Core Optimizer
Dungeons & Dragons Online ®: Eberron Unlimited ™ v01.14.00.802
Dusk 5900
eSupport UndeletePlus 3.0.3.521
Express Gate
Facebook Video Calling 1.2.0.159
FullRA Plus V3.03
Futuremark SystemInfo
Geeks3D.com FurMark 1.9.0
Google Chrome
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
ITECIR
Java Auto Updater
Java™ 6 Update 22
Java™ 6 Update 35
Junk Mail filter update
LCDHype Version 0.7.4
Malwarebytes Anti-Malware version 1.65.0.1400
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft Flight
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft WSE 3.0 Runtime
Microsoft XNA Framework Redistributable 4.0
MotoHelper 2.0.51 Driver 5.1.0
MotoHelper MergeModules
MOTOROLA MEDIA LINK
Mozilla Firefox 15.0 (x86 en-US)
Mozilla Firefox 15.0.1 (x86 en-US)
Mozilla Maintenance Service
MSI Afterburner 2.1.0
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nalu
NB Probe
Need for Speed: Hot Pursuit
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
Oblivion
OpenOffice.org 3.3
Origin
Pando Media Booster
Portal 2
PunkBuster Services
Razer Orochi
Realtek 8169 8168 8101E 8102E Ethernet Driver
Realtek High Definition Audio Driver
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01
Rosetta Stone Version 3
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Segoe UI
Sid Meier's Civilization V
Sid Meier's SimGolf
SimCity 4 Deluxe
SimMars Beta 3
SketchUp 8
Skype™ 5.10
Sound Blaster World of Warcraft Wireless Headset
SpeedFan (remove only)
Splashtop Streamer
Star Wars: The Old Republic
StarCraft
StarCraft II
StarCraft II Beta
Steam
System Requirements Lab CYRI
The Sims Medieval
Universe Sandbox
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
VirtualCloneDrive
Visual Studio 2008 x64 Redistributables
VLC media player 2.0.1
Westwood Shared Internet Components
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinFlash
Wireless Console 2
World of Tanks v.0.6.4
World of Warcraft
Z Engine
.
==== Event Viewer Messages From Past Week ========
.
10/9/2012 1:24:37 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume Vista64.
10/7/2012 2:01:16 AM, Error: Microsoft-Windows-LanguagePackSetup [1001] - Application initialization failed. Last error: 0x80070032
10/7/2012 2:00:20 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
10/7/2012 2:00:20 AM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).
10/7/2012 2:00:07 AM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
10/7/2012 1:59:04 AM, Error: EventLog [6008] - The previous system shutdown at 1:57:38 AM on 10/7/2012 was unexpected.
10/7/2012 1:49:53 AM, Error: EventLog [6008] - The previous system shutdown at 1:35:45 AM on 10/7/2012 was unexpected.
10/7/2012 1:34:04 AM, Error: EventLog [6008] - The previous system shutdown at 1:30:22 AM on 10/7/2012 was unexpected.
10/7/2012 1:20:27 AM, Error: EventLog [6008] - The previous system shutdown at 1:18:52 AM on 10/7/2012 was unexpected.
10/6/2012 12:12:48 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
10/5/2012 9:54:39 PM, Error: netbt [4319] - A duplicate name has been detected on the TCP network. The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the Conflict state.
10/4/2012 3:18:50 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
10/4/2012 3:18:50 AM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/4/2012 11:08:23 PM, Error: Service Control Manager [7000] - The cpuz135 service failed to start due to the following error: The system cannot find the path specified.
10/3/2012 10:17:41 PM, Error: Microsoft-Windows-Dhcp-Client [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 00215D0CB32C. The following error occurred: The operation was canceled by the user.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
.
==== End Of File ===========================

BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:49 PM

Posted 11 October 2012 - 02:23 PM

Greetings LastHand and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary. If you would allow me to call you by your first name I would prefer to do that. :thumbup2:


===================================================


Ground Rules:

  • First, I would also like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me about it.
  • When you post your reply, do not use the Posted Image button but use the Posted Image button instead.
  • In the upper right hand corner of the topic you will see the Posted Image button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:

===================================================


Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please run this for me.


===================================================


Running chkdsk /r

--------------------

  • Click Start, then Computer
  • Right click on your system drive (normally C:) and select Properties
  • Click the Tools tab, then Check Now
  • Check Automatically fix the file system errors and Scan for and attempt recovery of bad sectors

    Posted Image
  • Click Start, then Schedule disk check when the pop up window appears
  • Please allow the system to reboot on its own and run the program. This process will run for a long time.
  • When completed your system will reboot

===================================================


Things I would like to see in your next reply. :thumbsup2:

  • Is your computer running any differently?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#3 LastHand

LastHand
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:49 PM

Posted 13 October 2012 - 02:04 AM

It said the drive was clean. It didn't take very long. I haven't been on enough to notice any stuttering yet.

EDIT: Still stuttering.

Edited by LastHand, 13 October 2012 - 02:14 AM.


#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:49 PM

Posted 13 October 2012 - 01:34 PM

Hi LastHand,

Let's first look at your audio device to make sure it is OK. I will also have you run another program to look for malicious software. Please do this for me.


===================================================


Troubleshooting Through Device Manager

----------

  • Press windows key Posted Image + r on your keyboard at the same time
  • Type devmgmt.msc and press Enter
  • Expand the Sound, video, and game controllers section by clicking + sign
  • Do any of the entries have a question mark, exclamation point, etc.
  • Please provide the names of the devices listed in this category

===================================================


OTL

--------------------

Please download OTL here.

  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Copy and paste the two reports in your next reply.

  • OTL.txt <-- Will be opened
  • Extra.txt <-- Will be minimized

===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Device information
  • OTL.txt
  • Extra.txt

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#5 LastHand

LastHand
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:49 PM

Posted 13 October 2012 - 10:12 PM

Nvidia High definition audio
Realtek High definition audio
No "! or ?"

OTL logfile created on: 10/13/2012 9:48:42 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Danny\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 1.04 Gb Available Physical Memory | 25.91% Memory free
8.17 Gb Paging File | 4.22 Gb Available in Paging File | 51.65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149.04 Gb Total Space | 28.21 Gb Free Space | 18.93% Space Free | Partition Type: NTFS
Drive D: | 149.04 Gb Total Space | 28.12 Gb Free Space | 18.87% Space Free | Partition Type: NTFS
Drive E: | 7.57 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 931.51 Gb Total Space | 586.94 Gb Free Space | 63.01% Space Free | Partition Type: NTFS
Drive H: | 69.78 Gb Total Space | 27.50 Gb Free Space | 39.40% Space Free | Partition Type: NTFS
Drive I: | 69.51 Gb Total Space | 49.77 Gb Free Space | 71.60% Space Free | Partition Type: NTFS

Computer Name: DANNY-PC | User Name: Danny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/13 21:47:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Danny\Downloads\OTL.exe
PRC - [2012/10/08 16:38:10 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
PRC - [2012/10/04 00:32:48 | 000,529,744 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012/09/06 20:19:45 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/08/16 03:41:16 | 001,353,080 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2012/08/13 03:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
PRC - [2012/07/31 03:37:02 | 002,596,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2012/07/29 03:13:14 | 000,189,248 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2012/07/29 03:13:08 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/06/15 15:44:04 | 000,548,264 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
PRC - [2012/06/15 15:44:02 | 002,463,648 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
PRC - [2012/06/15 15:43:54 | 006,526,888 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
PRC - [2012/06/15 15:43:48 | 002,032,040 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\DataProxy.exe
PRC - [2012/05/15 05:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\Nvidia Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/05/15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\Nvidia Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/03/15 00:20:30 | 000,370,504 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/04/26 15:23:02 | 000,223,088 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2011/04/26 15:22:44 | 000,681,840 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2010/11/05 16:11:52 | 000,081,920 | R--- | M] (Nero AG) -- C:\Program Files (x86)\Motorola Media Link\NServiceEntry.exe
PRC - [2009/11/16 19:59:28 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2009/10/22 10:43:58 | 002,548,056 | ---- | M] (Razer USA Ltd) -- C:\Program Files (x86)\Razer\Orochi\RazerOrochiTray.exe
PRC - [2009/04/11 01:28:15 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2008/08/08 23:00:40 | 000,217,088 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2008/07/24 21:42:44 | 002,701,880 | ---- | M] (ASUSTek.) -- C:\Program Files (x86)\ASUS\Direct Console\Direct Console.exe
PRC - [2008/06/23 22:16:24 | 002,482,176 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2008/06/18 00:10:24 | 000,297,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2008/03/24 23:39:18 | 000,322,104 | ---- | M] (ASUSTek.) -- C:\Program Files (x86)\ASUS\Direct Console\DCHelper.exe
PRC - [2008/01/23 17:34:42 | 007,766,016 | ---- | M] () -- C:\Program Files\ATKOSD2\ATKOSD2.exe
PRC - [2008/01/23 12:51:28 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2007/11/30 13:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007/11/28 17:26:00 | 000,294,912 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
PRC - [2007/10/02 23:53:00 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2007/08/15 13:20:16 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2007/08/08 02:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2007/08/03 14:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
PRC - [2007/05/18 04:31:16 | 000,073,728 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2006/11/02 10:27:32 | 000,061,440 | ---- | M] (ASUSTeK Computer INC.) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe


========== Modules (No Company Name) ==========

MOD - [2012/10/08 16:38:09 | 009,814,968 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
MOD - [2012/10/04 00:32:46 | 020,317,008 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/10/04 00:32:43 | 000,902,480 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012/10/04 00:32:41 | 000,123,232 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/10/04 00:32:39 | 000,190,816 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/10/04 00:32:37 | 001,099,616 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012/09/06 20:19:44 | 002,244,064 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/05/15 02:21:26 | 000,368,448 | ---- | M] () -- C:\Program Files (x86)\Nvidia Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2011/04/26 15:22:44 | 000,681,840 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2008/05/28 23:40:38 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\ASUS\Direct Console\OLED.dll
MOD - [2008/05/28 23:39:48 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\Direct Console\SysInfo.dll
MOD - [2008/02/19 00:32:46 | 000,012,288 | ---- | M] () -- C:\Program Files (x86)\ASUS\Direct Console\OvrClk.dll
MOD - [2008/01/23 17:34:42 | 007,766,016 | ---- | M] () -- C:\Program Files\ATKOSD2\ATKOSD2.exe
MOD - [2007/12/27 18:04:42 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\Direct Console\LED.dll
MOD - [2007/12/11 18:07:28 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\ASUS\Direct Console\OUTLOOK.dll
MOD - [2007/12/07 17:32:02 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Direct Console\MSN.dll
MOD - [2007/11/30 13:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
MOD - [2007/07/19 13:50:12 | 000,104,520 | ---- | M] () -- C:\Windows\SysWOW64\OSD.dll
MOD - [2007/06/15 12:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
MOD - [2007/06/01 19:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
MOD - [2007/03/09 18:16:52 | 000,106,496 | ---- | M] () -- C:\Program Files\ATKGFNEX\AGFNEX.dll


========== Services (SafeList) ==========

SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/08/08 02:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV:64bit: - [2007/08/03 14:24:54 | 000,125,496 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV:64bit: - [2007/05/18 04:31:16 | 000,073,728 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV - [2012/10/08 16:38:10 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/10/04 00:32:48 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/09/06 20:19:44 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/13 03:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/08/10 12:42:54 | 000,150,464 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2012/07/29 03:13:14 | 000,189,248 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2012/07/29 03:13:08 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/06/15 15:44:04 | 000,548,264 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe -- (SplashtopRemoteService)
SRV - [2012/05/15 05:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\Nvidia Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/05/15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\Nvidia Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/05/12 03:53:09 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/03/15 00:20:30 | 000,370,504 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe -- (SSUService)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/09/30 20:57:06 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011/09/30 20:56:37 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2011/04/26 15:23:02 | 000,223,088 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2010/11/05 16:11:52 | 000,081,920 | R--- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Motorola Media Link\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2010/03/18 15:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/11/16 19:59:28 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/10/02 23:53:00 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/08/24 15:43:16 | 000,384,352 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012/07/30 13:32:08 | 000,102,240 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/07/26 03:21:28 | 000,291,680 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012/04/19 04:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012/04/18 12:08:03 | 000,188,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/02/29 08:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/31 04:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/12/23 13:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/12/23 13:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/12/23 13:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/01/15 11:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\VClone.sys -- (VClone)
DRV:64bit: - [2010/12/16 17:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/06/23 11:21:34 | 000,318,568 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2010/03/08 12:03:36 | 000,067,104 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\itecir.sys -- (itecir)
DRV:64bit: - [2010/01/25 19:57:54 | 000,010,240 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\motusbdevice.sys -- (motusbdevice)
DRV:64bit: - [2009/09/30 19:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/07/31 11:40:32 | 000,025,600 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WRfiltv.sys -- (WRfiltv)
DRV:64bit: - [2009/04/11 00:03:32 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2008/06/25 17:40:20 | 004,735,488 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys -- (NETw5v64)
DRV:64bit: - [2008/06/03 01:41:50 | 000,017,464 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2008/05/29 12:21:00 | 000,016,440 | ---- | M] (Windows ® Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\lullaby.sys -- (lullaby)
DRV:64bit: - [2008/05/07 04:40:38 | 000,395,288 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2008/04/01 04:59:20 | 001,878,440 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2008/02/15 20:27:18 | 000,062,976 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2008/01/20 21:46:59 | 000,054,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2007/12/06 05:12:56 | 000,320,048 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2007/08/10 22:19:44 | 000,034,872 | ---- | M] (Windows ® Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\AsDsm.sys -- (AsDsm)
DRV:64bit: - [2007/08/02 23:26:48 | 000,017,464 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV:64bit: - [2007/07/27 21:45:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2007/07/26 22:33:54 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2007/07/24 13:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV:64bit: - [2007/07/23 09:57:04 | 000,052,992 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\Alpham164.sys -- (Alpham1)
DRV:64bit: - [2007/06/29 14:48:06 | 000,039,424 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\AmdLLD64.sys -- (AmdLLD64)
DRV:64bit: - [2007/03/20 11:51:04 | 000,021,760 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\Alpham264.sys -- (Alpham2)
DRV:64bit: - [2006/10/27 08:01:08 | 000,013,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ATK64AMD.sys -- (MTsensor)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1339579510-645221487-415253513-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-1339579510-645221487-415253513-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\S-1-5-21-1339579510-645221487-415253513-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1339579510-645221487-415253513-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 70 3A A2 70 17 FE CB 01 [binary data]
IE - HKU\S-1-5-21-1339579510-645221487-415253513-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1339579510-645221487-415253513-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1339579510-645221487-415253513-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1339579510-645221487-415253513-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========



FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Danny\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Danny\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Danny\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/09/10 14:48:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012/07/02 09:59:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/06 20:19:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/06 20:19:45 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011/04/19 02:30:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Danny\AppData\Roaming\Mozilla\Extensions
[2012/05/01 23:26:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\q2iuc6vg.default\extensions
[2012/09/12 13:25:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/09/06 20:19:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/09/12 13:25:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012/10/12 05:46:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions
[2012/10/12 05:46:43 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/10/12 05:46:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/10/12 05:46:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012/09/06 20:19:45 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/08/28 23:47:22 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/08/28 23:47:22 | 000,002,253 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Danny\AppData\Local\Google\Chrome\Application\22.0.1229.92\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Danny\AppData\Local\Google\Chrome\Application\22.0.1229.92\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Danny\AppData\Local\Google\Chrome\Application\22.0.1229.92\pdf.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Danny\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AVG Safe Search = C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\
CHR - Extension: AVG Do Not Track = C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: Gmail = C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006/09/18 16:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMEDIA.EXE (ASUSTeK Computer INC.)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ATKOSD2\ATKOSD2.exe ()
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DirectConsole2] C:\Program Files (x86)\ASUS\Direct Console\Direct Console.exe (ASUSTek.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe ()
O4 - HKLM..\Run: [Razer Orochi Driver] C:\Program Files (x86)\Razer\Orochi\RazerOrochiTray.exe (Razer USA Ltd)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1339579510-645221487-415253513-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-1339579510-645221487-415253513-1000..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - HKU\S-1-5-21-1339579510-645221487-415253513-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1339579510-645221487-415253513-1003..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.217.0.5 24.217.201.67 24.247.15.53
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AAD0F56C-E186-4DCA-B26F-5E301AAA0688}: DhcpNameServer = 24.217.0.5 24.217.201.67 24.247.15.53
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D3F23F41-6485-4ECC-8DA9-BFA66193A389}: DhcpNameServer = 24.217.0.5 24.217.201.67 24.247.15.53
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Forest Flowers.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Forest Flowers.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/06/27 16:06:25 | 000,000,000 | ---D | M] - G:\autorun -- [ NTFS ]
O32 - AutoRun File - [2012/04/20 09:56:52 | 000,000,091 | ---- | M] () - G:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - H:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{41f85e49-6dec-11e0-a3ee-002354153bc8}\Shell - "" = AutoRun
O33 - MountPoints2\{41f85e49-6dec-11e0-a3ee-002354153bc8}\Shell\AutoRun\command - "" = F:\Setup.exe
O33 - MountPoints2\{41f85e57-6dec-11e0-a3ee-002354153bc8}\Shell - "" = AutoRun
O33 - MountPoints2\{41f85e57-6dec-11e0-a3ee-002354153bc8}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{41f85e58-6dec-11e0-a3ee-002354153bc8}\Shell - "" = AutoRun
O33 - MountPoints2\{41f85e58-6dec-11e0-a3ee-002354153bc8}\Shell\AutoRun\command - "" = H:\autorun.exe
O33 - MountPoints2\{41f85e59-6dec-11e0-a3ee-002354153bc8}\Shell - "" = AutoRun
O33 - MountPoints2\{41f85e59-6dec-11e0-a3ee-002354153bc8}\Shell\AutoRun\command - "" = I:\autorun.exe
O33 - MountPoints2\{70ec6fbe-8e78-11e0-8ab4-002354153bc8}\Shell - "" = AutoRun
O33 - MountPoints2\{70ec6fbe-8e78-11e0-8ab4-002354153bc8}\Shell\AutoRun\command - "" = G:\setup.exe -a
O33 - MountPoints2\{9d17869d-1a55-11e1-966b-002354153bc8}\Shell - "" = AutoRun
O33 - MountPoints2\{9d17869d-1a55-11e1-966b-002354153bc8}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{a51c245d-c5c5-11e0-a0dd-002354153bc8}\Shell - "" = AutoRun
O33 - MountPoints2\{a51c245d-c5c5-11e0-a0dd-002354153bc8}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{be60d4ee-6994-11e0-9313-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{be60d4ee-6994-11e0-9313-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{ccfead56-e1d0-11e0-8479-002354153bc8}\Shell - "" = AutoRun
O33 - MountPoints2\{ccfead56-e1d0-11e0-8479-002354153bc8}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/10/11 03:27:36 | 000,000,000 | -HSD | C] -- C:\found.000
[2012/10/10 07:09:47 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/10/10 07:09:45 | 001,268,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/10/10 07:09:45 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/10/10 07:09:41 | 004,699,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/10/08 23:50:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Runtime Software
[2012/10/08 23:50:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Runtime Software
[2012/10/07 21:56:58 | 000,000,000 | ---D | C] -- C:\Users\Danny\.thumbnails
[2012/10/07 21:51:00 | 000,000,000 | ---D | C] -- C:\Users\Danny\AppData\Local\fontconfig
[2012/10/07 21:50:58 | 000,000,000 | ---D | C] -- C:\Users\Danny\.gimp-2.8
[2012/10/07 21:50:57 | 000,000,000 | ---D | C] -- C:\Users\Danny\AppData\Local\gegl-0.2
[2012/10/07 21:49:36 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2012/10/06 17:19:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games
[2012/10/04 12:28:20 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/10/04 03:40:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
[2012/10/04 03:40:30 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2012/10/04 03:33:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/10/04 03:33:41 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/10/04 02:40:33 | 000,000,000 | ---D | C] -- C:\Users\Danny\AppData\Roaming\Malwarebytes
[2012/10/04 02:40:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/10/04 02:40:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/10/04 02:40:22 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/10/04 02:40:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/09/30 21:15:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Futuremark
[2012/09/23 02:20:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2012/09/22 03:01:12 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/09/22 03:01:12 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/09/22 03:01:10 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/09/22 03:01:10 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/09/22 03:01:10 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/09/22 03:01:10 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/09/22 03:01:08 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/09/22 03:01:08 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/09/22 03:01:07 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/09/22 03:01:07 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/09/22 03:01:07 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/09/22 03:01:06 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/09/22 03:01:04 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/09/22 03:01:04 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/09/22 03:01:03 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/09/18 00:34:13 | 000,000,000 | ---D | C] -- C:\Users\Danny\Documents\Sketchup
[2012/09/18 00:11:43 | 000,000,000 | ---D | C] -- C:\Users\Danny\AppData\Roaming\Google
[2012/09/18 00:11:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2012/09/18 00:10:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 8
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/10/13 21:38:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/10/13 21:25:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1339579510-645221487-415253513-1000UA.job
[2012/10/13 20:10:45 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/13 20:10:45 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/13 19:19:01 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1339579510-645221487-415253513-1000UA.job
[2012/10/13 18:17:32 | 000,463,273 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012/10/13 15:25:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1339579510-645221487-415253513-1000Core.job
[2012/10/13 09:26:07 | 097,271,295 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/10/13 01:19:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1339579510-645221487-415253513-1000Core.job
[2012/10/12 00:11:07 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2012/10/12 00:10:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/12 00:10:10 | 4294,168,576 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/12 00:08:58 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/10/10 19:27:11 | 000,002,049 | ---- | M] () -- C:\Users\Danny\Desktop\Google Chrome.lnk
[2012/10/10 19:27:11 | 000,002,011 | ---- | M] () -- C:\Users\Danny\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/10/08 23:50:26 | 000,000,973 | ---- | M] () -- C:\Users\Danny\Application Data\Microsoft\Internet Explorer\Quick Launch\DriveImage XML.lnk
[2012/10/08 23:50:26 | 000,000,949 | ---- | M] () -- C:\Users\Public\Desktop\DriveImage XML.lnk
[2012/10/08 23:46:53 | 000,000,000 | ---- | M] () -- C:\Users\Danny\defogger_reenable
[2012/10/08 16:38:09 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/10/08 16:38:09 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/10/08 02:47:02 | 000,003,897 | ---- | M] () -- C:\Users\Danny\AppData\Local\recently-used.xbel
[2012/10/08 01:24:26 | 000,000,412 | ---- | M] () -- C:\Users\Danny\AppData\Roaming\All CPU Meter_Settings.ini
[2012/10/07 13:43:18 | 000,000,715 | ---- | M] () -- C:\Users\Danny\Desktop\Ventrilo.lnk
[2012/10/07 01:42:54 | 676,194,734 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/10/07 01:23:12 | 000,000,710 | ---- | M] () -- C:\Users\Danny\Desktop\IntelBurnTestV2 - Shortcut.lnk
[2012/10/07 01:22:22 | 000,000,683 | ---- | M] () -- C:\Users\Danny\Desktop\setfsb - Shortcut.lnk
[2012/10/07 01:10:18 | 000,000,813 | ---- | M] () -- C:\Users\Danny\Desktop\HyperPI - Shortcut.lnk
[2012/10/06 22:20:38 | 000,001,047 | ---- | M] () -- C:\Users\Danny\Desktop\Borderlands2 - Shortcut.lnk
[2012/10/04 03:40:30 | 000,001,679 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2012/10/04 03:33:42 | 000,000,777 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/10/04 02:40:25 | 000,000,955 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/26 12:19:16 | 000,000,813 | ---- | M] () -- C:\Users\Danny\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/09/26 12:19:16 | 000,000,789 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012/09/23 02:53:42 | 000,000,841 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2012/09/22 01:24:05 | 000,090,112 | ---- | M] () -- C:\Users\Danny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/09/18 00:10:57 | 000,001,718 | ---- | M] () -- C:\Users\Public\Desktop\SketchUp 8.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/10/08 23:50:26 | 000,000,973 | ---- | C] () -- C:\Users\Danny\Application Data\Microsoft\Internet Explorer\Quick Launch\DriveImage XML.lnk
[2012/10/08 23:50:26 | 000,000,949 | ---- | C] () -- C:\Users\Public\Desktop\DriveImage XML.lnk
[2012/10/08 23:46:53 | 000,000,000 | ---- | C] () -- C:\Users\Danny\defogger_reenable
[2012/10/08 02:47:02 | 000,003,897 | ---- | C] () -- C:\Users\Danny\AppData\Local\recently-used.xbel
[2012/10/07 21:50:12 | 000,000,843 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2012/10/07 13:37:12 | 000,000,412 | ---- | C] () -- C:\Users\Danny\AppData\Roaming\All CPU Meter_Settings.ini
[2012/10/07 01:33:58 | 676,194,734 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/10/07 01:23:12 | 000,000,710 | ---- | C] () -- C:\Users\Danny\Desktop\IntelBurnTestV2 - Shortcut.lnk
[2012/10/07 01:22:22 | 000,000,683 | ---- | C] () -- C:\Users\Danny\Desktop\setfsb - Shortcut.lnk
[2012/10/07 01:10:18 | 000,000,813 | ---- | C] () -- C:\Users\Danny\Desktop\HyperPI - Shortcut.lnk
[2012/10/06 22:20:41 | 000,001,047 | ---- | C] () -- C:\Users\Danny\Desktop\Borderlands2 - Shortcut.lnk
[2012/10/04 03:40:30 | 000,001,679 | ---- | C] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2012/10/04 03:33:42 | 000,000,777 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/10/04 02:40:25 | 000,000,955 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/18 00:10:57 | 000,001,718 | ---- | C] () -- C:\Users\Public\Desktop\SketchUp 8.lnk
[2012/08/28 00:17:43 | 000,000,552 | ---- | C] () -- C:\Users\Danny\AppData\Local\d3d8caps.dat
[2012/07/29 03:13:10 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/07/29 03:13:08 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012/07/29 03:13:08 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/05/26 12:23:37 | 000,000,166 | ---- | C] () -- C:\Users\Danny\AppData\Roaming\Battery Meter_Settings.ini
[2012/05/26 03:50:08 | 000,000,339 | ---- | C] () -- C:\Users\Danny\AppData\Roaming\Drives Meter_Settings.ini
[2012/05/15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012/03/04 02:08:08 | 000,001,824 | ---- | C] () -- C:\Users\Danny\AppData\Roaming\EliseProfile0.dat
[2011/12/10 19:16:49 | 000,000,585 | ---- | C] () -- C:\Users\Danny\AppData\Roaming\Acreon - Shortcut.lnk
[2011/09/30 21:27:12 | 000,000,129 | ---- | C] () -- C:\Users\Danny\jagex_runescape_preferences2.dat
[2011/09/30 21:26:05 | 000,000,035 | ---- | C] () -- C:\Users\Danny\jagex_runescape_preferences.dat
[2011/09/30 20:57:11 | 000,001,801 | ---- | C] () -- C:\Windows\WRcfg.ini
[2011/09/30 20:57:11 | 000,000,388 | ---- | C] () -- C:\Windows\WRMCcfg.ini
[2011/09/30 20:57:09 | 000,176,128 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011/09/30 20:57:09 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/08/29 17:52:33 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2011/04/30 12:47:30 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2011/04/30 12:46:43 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2011/04/30 12:46:05 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2011/04/29 03:57:07 | 000,090,112 | ---- | C] () -- C:\Users\Danny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/25 01:46:40 | 000,000,760 | ---- | C] () -- C:\Windows\eReg.dat
[2011/04/23 17:03:04 | 000,088,576 | R--- | C] () -- C:\Windows\rauninst.exe
[2011/04/23 01:19:43 | 000,000,680 | ---- | C] () -- C:\Users\Danny\AppData\Local\d3d9caps.dat
[2011/04/20 02:52:17 | 000,000,093 | ---- | C] () -- C:\Users\Danny\AppData\Local\fusioncache.dat
[2011/04/20 01:34:55 | 000,807,894 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/04/19 02:09:15 | 000,337,144 | ---- | C] () -- C:\ProgramData\nvModes.001
[2011/04/19 02:03:52 | 000,337,144 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2011/04/18 14:54:25 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2011/04/18 04:00:40 | 000,000,732 | ---- | C] () -- C:\Users\Danny\AppData\Local\d3d9caps64.dat
[2008/07/01 21:28:38 | 000,061,440 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008/05/22 11:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg

========== ZeroAccess Check ==========

[2006/11/02 10:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 12:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 02:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 21:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

OTL Extras logfile created on: 10/13/2012 9:48:42 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Danny\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 1.04 Gb Available Physical Memory | 25.91% Memory free
8.17 Gb Paging File | 4.22 Gb Available in Paging File | 51.65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149.04 Gb Total Space | 28.21 Gb Free Space | 18.93% Space Free | Partition Type: NTFS
Drive D: | 149.04 Gb Total Space | 28.12 Gb Free Space | 18.87% Space Free | Partition Type: NTFS
Drive E: | 7.57 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 931.51 Gb Total Space | 586.94 Gb Free Space | 63.01% Space Free | Partition Type: NTFS
Drive H: | 69.78 Gb Total Space | 27.50 Gb Free Space | 39.40% Space Free | Partition Type: NTFS
Drive I: | 69.51 Gb Total Space | 49.77 Gb Free Space | 71.60% Space Free | Partition Type: NTFS

Computer Name: DANNY-PC | User Name: Danny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1339579510-645221487-415253513-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 80 50 A9 16 CB 10 CC 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2FDF89CC-9595-4D5A-AE94-FF3276C4C626}" = rport=139 | protocol=6 | dir=out | app=system |
"{323174F2-2A8E-4A77-8102-EE6D31F78B5B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{34F7C6E9-3E31-4A8E-AB4E-52E73F8250BB}" = rport=445 | protocol=6 | dir=out | app=system |
"{538D58D2-10F7-4606-8137-B88C3222D980}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5FD6C1F1-F551-4D3A-8013-3A7C351BADB0}" = lport=10243 | protocol=6 | dir=in | app=system |
"{61B34115-3002-4567-8DC4-DE222C34DC7A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7D646B08-7085-45C4-9A94-8EAC38CCCC50}" = lport=137 | protocol=17 | dir=in | app=system |
"{845EB832-5C10-4129-8047-057F7E4B0FD1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{90F5D64C-5C02-4E11-B3AF-83B4C9EDC44F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{97F9A2EF-C79C-4D9E-858D-3C51C8F30CC1}" = rport=137 | protocol=17 | dir=out | app=system |
"{9C46D920-0E7E-4E3E-B467-A9EB61BFB5D2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A19AABAF-0887-438F-AFF4-779299954FAE}" = lport=445 | protocol=6 | dir=in | app=system |
"{AD9E58B9-D36B-44A9-BA2A-B62813408D83}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B12BC8A8-A0C8-4499-92D1-809667C6BF80}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B21057CB-CE59-492C-877C-ACD3571112B4}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{CBD6DB19-AF03-4F84-A5FF-B8CD0845423B}" = lport=139 | protocol=6 | dir=in | app=system |
"{D66FE9B1-3A46-4F75-BE2C-611B783EA745}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E7D91A6F-87AB-402A-BC4F-4ABD93CB85FE}" = lport=138 | protocol=17 | dir=in | app=system |
"{EAF59D6E-CD78-4EDA-8DD6-61726406A00C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{F2BB5388-F02A-4D1B-B0FA-8FBFDA30C8F8}" = rport=10243 | protocol=6 | dir=out | app=system |
"{FA80C659-DEAA-4A51-BCD9-4821F0D35DDF}" = rport=138 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01C5BB4E-11A2-46A5-8091-58D704DDA8CA}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{04180F12-9E2F-42D7-B1B2-E33ED41082E4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\need for speed hot pursuit\support\ea help\electronic_arts_technical_support.htm |
"{05C8BE0F-63B4-4A74-8F3F-DDFE35377E15}" = protocol=6 | dir=out | app=system |
"{06139EAC-0AD9-4BCF-9D1B-4DB1756495BC}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{0728D4E2-3CB8-4B6D-BE75-03D97E2B0480}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{0993C08D-39BA-4C40-A933-A2667A0D56C8}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{0B6FAE27-38D6-4B40-AB43-C355C5571BC5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\universe sandbox\universe sandbox.exe |
"{0BB555F9-52C6-44FB-B75C-D25DFBA178AF}" = protocol=17 | dir=in | app=d:\games\star wars-the old republic\launcher.exe |
"{0F37853C-6368-4293-B626-E3BA6DACE473}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{120E1E8B-B97F-442C-9D4B-16517D8F0150}" = protocol=17 | dir=in | app=d:\games\star wars-the old republic\swtor\retailclient\swtor.exe |
"{126105D3-E4CE-4FF2-81B8-1899C779BCC4}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{12B8BDB3-62C1-4E85-B419-89DBC8D9A52B}" = protocol=6 | dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srserver.exe |
"{136D500E-DBAD-4997-B0D2-C7EB5F739E85}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"{13E6A57D-1F8C-4788-86DF-27FF31E5EADB}" = protocol=6 | dir=in | app=d:\program files (x86)\world of warcraft\launcher.exe |
"{1707847F-7B00-4C4D-8452-AC3795C3EB99}" = protocol=6 | dir=in | app=d:\program files (x86)\diablo iii\diablo iii.exe |
"{1A4B5E02-E24F-40F7-A442-1FE9C5E02410}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii 2012 beta\starcraft ii beta.exe |
"{1B99BDA4-B037-48DF-9A9E-00FDC1C90B55}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1BC407B6-DCF0-4470-BE80-5C49D193D43B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1DE5C86E-914C-4197-BA7B-D2A2549D0D88}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{206D6014-8006-47DB-9E03-2AB19A810B8E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2 demo\shogun2.exe |
"{21FF13BF-454F-4156-95F1-E7BE1C1AB959}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft public test\launcher.exe |
"{24AC8A44-A37B-480A-8B26-01EC37A8AB41}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{2508A030-3F70-4A00-AA84-1A0821D14264}" = protocol=17 | dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srserver.exe |
"{2796B6A6-C223-401C-9B3D-48B7037EE78E}" = protocol=17 | dir=in | app=d:\program files (x86)\world of warcraft\launcher.patch.exe |
"{288A94B3-7174-4CF7-870A-F95589BE1592}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{29049303-9A8F-4FA1-AF36-7E33464B0BF5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{301999AB-DC18-40E3-8CF3-EEC7156D52D2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\need for speed hot pursuit\support\ea help\electronic_arts_technical_support.htm |
"{30E104D2-88AB-43BC-B2D4-88AEBAA2BF6E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{3227BB1E-8A91-441C-9EC3-6DD81800FAC6}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{331384B2-7C8E-42C5-B14F-74C9A99888A7}" = dir=in | app=d:\program files (x86)\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe |
"{347144F4-6CF1-4B20-A3C4-4CE21E7C5D99}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{34A9B4E4-4A01-49AE-927E-A75F0B9CF1DF}" = protocol=17 | dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srfeature.exe |
"{3534757E-4347-4E2D-842D-F245E91BDE12}" = protocol=17 | dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\dataproxy.exe |
"{37A45DC7-5361-4D30-9D7B-412DA278F5F1}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{3869C9EC-2A06-4D82-A231-07469D945318}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cities xl 2012\citiesxl_2012.exe |
"{39FB6D94-7C73-4D00-9613-B3B987DC2F2D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\need for speed hot pursuit\nfs11.exe |
"{3AE165C5-689B-4262-858F-7A4DC3B1186D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{3C8AFA0D-7F91-4B8B-951D-B7E493670A17}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{3E0B531B-C231-48B1-9438-A887B8365834}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{40687D91-C1AE-4D3C-B3A1-3EF2B5B41C59}" = protocol=6 | dir=out | app=d:\program files (x86)\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe |
"{40DB34C6-A372-41FE-9FEF-56299B7BB0B8}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"{420B4621-9041-443D-B1A1-87A87C71919C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2 demo\shogun2.exe |
"{42366A2A-A42F-49B2-B20D-3AC2C3442A94}" = protocol=17 | dir=in | app=d:\games\star wars-the old republic\swtor\retailclient\swtor.exe |
"{4274FFE2-38D3-4290-ABAC-3AB5EFEA66E6}" = protocol=6 | dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srlogin.exe |
"{4551366B-5164-48AB-A3B9-48A944676A08}" = protocol=17 | dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srlogin.exe |
"{45C3332E-716A-4296-A74E-5CECFDCCF05B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{49862CD9-CF69-4B16-AFAE-D61B7B89134D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4C046AE4-EB56-4D72-8A88-E04606480607}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4C835E9A-2CBA-414E-85D5-3FBF8C5C33F1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4D0122A2-5896-4DC2-B05E-3E2FA0A18928}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{4FE11CC2-2D81-450A-B7D1-22BB4B7095EE}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{515367E2-D5AC-48E6-8605-176128E73001}" = dir=in | app=c:\users\danny\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{5221814E-DCB6-482C-A525-02F560BA998B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\microsoft flight\flight.exe |
"{579991F4-07C4-466D-8EC6-20D596AC8FB3}" = protocol=6 | dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srserver.exe |
"{5A64FE4F-E656-4FB0-B4F0-4CC57EF218D6}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{5A6ABA94-FB25-4167-AB9D-45E31B8B5293}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock demo\builds\release\bioshock.exe |
"{5B0E7833-275C-4FE2-9913-F0B3D6DE11F3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\universe sandbox\universe sandbox.exe |
"{5BA5DC0E-DFC8-4572-8553-38D0AE9C4AF7}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{5D6E1D66-438F-4383-9806-029F885315CE}" = protocol=6 | dir=in | app=d:\games\star wars-the old republic\launcher.exe |
"{5DC1A4D0-00D6-477C-B59F-E9BDC8A3876E}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{5E01316C-3477-47FF-8137-C56F3CA1063E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{5F23DD89-A268-49CF-AAE0-09B13FF75342}" = protocol=6 | dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\dataproxy.exe |
"{61D4825E-C1B1-4ADE-B2AB-675570314DDF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\batman arkham asylum - demo\binaries\shippingpc-bmgame.exe |
"{63D3D0B6-A901-40A3-93F8-7AD19DE6A491}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{69529C76-F4D5-4A59-B3A2-D6C64289B53C}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{6968647E-786F-4673-9F95-451C937D2D80}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{6A6D3B63-D2B8-44E9-AF8F-CACA65BB1CFC}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{6B5FDA84-4954-4844-8E19-47F05D2DE391}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6CDE30FF-E6AF-4FB2-90C9-6099468BE9DD}" = dir=in | app=d:\program files (x86)\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe |
"{6D297304-6307-4210-9BD6-C8B030C2394F}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft public test\launcher.exe |
"{703CD1BD-C0B3-40C0-9499-85FB0E16578C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{71F708D4-D7D7-4881-9613-3D12F45FD7E3}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{725D6959-3A92-4C92-B642-703DFF43F1D3}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{757D9B56-F57F-4749-8666-A6A117A78219}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{763C5451-C56F-4872-B1D3-A9C17BEA302F}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{7AFC2EAC-4E50-40FF-8B40-12125628CABC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{801024A3-B47B-47C8-A67F-6BE5DCD8376F}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{801EF4AC-5F95-44EE-8C52-0C1618DA0909}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{801EF7E8-E831-40B9-84DE-3DA2B751B279}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{804B4FED-A250-4056-8B7B-74374687ED46}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{80F742D1-C858-4298-B13F-DC0B4C1B15BA}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{8220688C-D43C-4E32-AFD9-70B2812353FC}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{83EA8715-F296-4F19-8460-EA8073A91D8A}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft public test\launcher.patch.exe |
"{8429BA25-3830-4BE5-AFCE-8BE5C2D4FDBA}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{864CE9CF-58D1-4664-ACF9-6B982EFDBC97}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{86EBAE70-7D20-4F3F-8E90-73EB58F0FFF0}" = protocol=6 | dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\inputserv.exe |
"{8BFD851F-8630-4245-AA07-B40036127EB2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{8F0F203E-1383-4B02-BC1F-67EFF3D63C99}" = protocol=17 | dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srserver.exe |
"{91D9E23D-F59F-4C5B-A0EF-BCA17A75DEEB}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{9459ED3B-B7AC-4F5D-AD18-F7159A50CDBF}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii 2012 beta\starcraft ii beta.exe |
"{95B6B2E5-52F6-4885-94E6-EA748E744E17}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{9823D867-5D8F-47BF-BE5A-2C2F6586C41D}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{99BB4024-67CB-4CFA-A464-0D9E878164CD}" = protocol=17 | dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\inputserv.exe |
"{A161CF44-B4A9-4D53-8B37-26EAFC45336D}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{A274C4B2-FD46-46AA-9140-9DB1BA86B0CF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\microsoft flight\flight.exe |
"{A3D34E65-4F1F-46C7-B1F5-CDDAA38D0BEE}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{A4104AFF-5E9F-430E-9948-9DCF05E698C8}" = protocol=17 | dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\dataproxy.exe |
"{A547AADA-02E3-4063-B8EA-941D2BAFA2FB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\duke nukem forever\system\dukeforever.exe |
"{A6F8D4A3-BA5A-47D6-AC99-0CE9A110DB0C}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"{A7F75749-B832-4542-BAB5-75C8FF76DD48}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{AA02648B-1FA1-456C-8EF7-A20BC9EED109}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{AD270D6E-7344-48A0-8451-9D85F9853525}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{AD2F88EC-749D-4585-954A-40D5B90DA143}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"{AE9DAE49-DFDB-4ED6-8507-F8C27B3FF75B}" = protocol=17 | dir=in | app=d:\games\star wars-the old republic\launcher.exe |
"{B09FF9EE-0FF7-42B0-A295-3B60E4A244C6}" = protocol=6 | dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\dataproxy.exe |
"{B1B9C295-5D1A-4452-9793-F3A2744E4661}" = protocol=6 | dir=in | app=d:\games\star wars-the old republic\swtor\retailclient\swtor.exe |
"{B5350F40-4C3C-4C11-91F6-936F35736977}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cities xl 2012\citiesxl_2012.exe |
"{B7927DDF-C08B-4112-9C4A-453CEA462408}" = protocol=6 | dir=in | app=d:\games\star wars-the old republic\launcher.exe |
"{B8842ABB-C38F-40E5-888E-15670472B704}" = protocol=6 | dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srfeature.exe |
"{B94EFC35-4783-4A87-B493-0C6333463AD0}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{BA52FDB2-2293-4EE5-8FF7-36D757348797}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{BAF730F7-E6F6-432A-9E7D-FCFD3B5D3822}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\batman arkham asylum - demo\binaries\shippingpc-bmgame.exe |
"{BB0B7F64-3FF4-4435-A6B4-730C5ADC67E1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{BD11658F-869B-4DA3-9DC0-761AED4B441E}" = protocol=6 | dir=in | app=d:\games\star wars-the old republic\swtor\retailclient\swtor.exe |
"{BE4ED694-7D6A-4F76-937F-D5B1BBB743AB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BE7112C6-1940-4545-BE38-B460DF3D4586}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{BE8D6E66-C329-4558-B37D-D3870B09FC52}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BEA2823A-6330-4E27-BFD3-A418DE8709C6}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft public test\launcher.patch.exe |
"{BF529363-A01E-40B4-83EC-0BC553E5C8A4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C2251E63-BE5F-43CC-810A-6165ECD41A35}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{C375922B-3DA1-4B88-8182-6B1F85F8E6AD}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{C4FCB69A-368E-4E83-A230-937DF711D6F0}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{C682B24C-F584-43E7-A736-F283B75A9BEB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock demo\builds\release\bioshock.exe |
"{C6919A7A-257F-413B-9067-B640B6AF4870}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\duke nukem forever\system\dukeforever.exe |
"{C851409F-E175-4B30-B43D-3EDE2CB837FD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{CC2F3D8F-C43C-4DFF-98CA-F0DC0BC82B80}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{CC7E1372-8BA4-4757-B7E6-4D41D65D9BA3}" = protocol=6 | dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srfeature.exe |
"{CCB2771E-ACDF-428A-BCAB-E729B867FD48}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D23AED30-4E87-46BA-BD68-6066FEADEAA0}" = protocol=6 | dir=in | app=d:\program files (x86)\world of warcraft\launcher.patch.exe |
"{D31F0C8A-DCE7-4C7D-8EB1-FDE67DCBADE6}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{D7415638-A099-4312-A1D8-E013F7BEB247}" = protocol=6 | dir=out | app=d:\program files (x86)\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe |
"{D8F8EF2E-45E2-4CF6-B368-FF44E7DC6AF9}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{D9CF39A3-3914-45C8-94F1-B19D9B467C5A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\need for speed hot pursuit\nfs11.exe |
"{DA77282D-51CB-43BE-B627-B0CE95DF8D31}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{DCF0D69B-E7A9-422D-B3A3-DCF6432ABA50}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{DD0EE3F0-FB07-4EC0-9243-3F22CC50A362}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{E4FE67BB-C543-4CBD-802D-90A4EC123D76}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{E5A83DD7-CD94-4CC5-A8C5-FC0B67B3FE47}" = protocol=17 | dir=in | app=d:\program files (x86)\diablo iii\diablo iii.exe |
"{E67A32FD-5BF1-45CB-A758-CC12C6991D5E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EA03AA86-DA00-4F8F-B4A0-E459DAD4529A}" = protocol=17 | dir=in | app=d:\program files (x86)\world of warcraft\launcher.exe |
"{ECD2A2F9-8169-4600-A6FE-CB21A157366A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EEBF70B3-28A6-41AA-B43B-261BF5E780CF}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{F49ABAFD-8D80-455A-BA03-D86B5082CC59}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{F9F65AF5-F06C-4E5B-81F9-6ED3972083F3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FAF51E3F-848D-404B-804E-DB9C78BD00F9}" = protocol=17 | dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srfeature.exe |
"{FC8B2804-9504-4334-B69E-EE4EBA2DA360}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{FCD51694-9E8F-4A18-95B9-87E6351601BA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"TCP Query User{020E8EB5-FC39-4808-BFB5-1C636B09A760}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"TCP Query User{05DF98AD-BE15-4812-9957-B2CC6C524E1F}C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base21029\sc2.exe |
"TCP Query User{06FD0F29-FD9C-43B7-8862-8851EB866008}C:\program files (x86)\starcraft ii\versions\base18092\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base18092\sc2.exe |
"TCP Query User{0B2C50CD-1423-4CA2-ACB3-C3041E298668}D:\program files (x86)\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe" = protocol=6 | dir=in | app=d:\program files (x86)\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe |
"TCP Query User{13C3D557-5C4B-4A45-A43E-A04B137543B1}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{26A3E17B-E549-4078-88E6-7F647CE37E71}C:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe |
"TCP Query User{2B002100-0014-4B05-B6CD-76EDC0ECC734}C:\program files (x86)\motorola media link\mml.exe" = protocol=6 | dir=in | app=c:\program files (x86)\motorola media link\mml.exe |
"TCP Query User{2C1C7672-9AAF-46D1-B46D-6BB3DC6AF60B}C:\program files (x86)\motorola media link\mml.exe" = protocol=6 | dir=in | app=c:\program files (x86)\motorola media link\mml.exe |
"TCP Query User{319B8263-2C03-40EA-850D-148F093F0D11}C:\program files (x86)\world of warcraft\temp\wow-4.2.0.2552-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.0.2552-enus-tools-downloader.exe |
"TCP Query User{3C63804D-57D2-44E3-843E-F22348AD874D}D:\program files (x86)\turbine\ddo unlimited\dndclient.exe" = protocol=6 | dir=in | app=d:\program files (x86)\turbine\ddo unlimited\dndclient.exe |
"TCP Query User{40F6B2BB-95B7-4DF3-9A85-CA632155C8C3}D:\program files (x86)\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=6 | dir=in | app=d:\program files (x86)\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe |
"TCP Query User{533C9B4D-59E2-4B03-BEFE-3D37EDCD461C}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{541A7838-BF85-41E6-B447-B52594B5246F}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe |
"TCP Query User{57916801-5F00-4DC7-B679-FCC204CF9959}D:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{5A5BB409-DB8E-4E5F-ABC6-AA2CACD397E6}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"TCP Query User{5C14A156-0CDC-40D4-8DA4-511A7DE01AEC}C:\users\danny\downloads\ptr-installer-en_us.exe" = protocol=6 | dir=in | app=c:\users\danny\downloads\ptr-installer-en_us.exe |
"TCP Query User{5DFF6E1D-3258-4042-B33A-384AEB251B85}D:\program files (x86)\2k games\borderlands 2\binaries\win32\borderlands2.exe" = protocol=6 | dir=in | app=d:\program files (x86)\2k games\borderlands 2\binaries\win32\borderlands2.exe |
"TCP Query User{69153F2E-627D-4399-900F-578951CA916F}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{6C0BDC54-3D8B-4C95-B7BE-764552C81185}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{79BDF756-7D4E-4FB2-97C0-6D9240414F07}C:\users\danny\downloads\fah_gpu_tracker_v2\fah gpu tracker v2\gpu0\fahcore_11.exe" = protocol=6 | dir=in | app=c:\users\danny\downloads\fah_gpu_tracker_v2\fah gpu tracker v2\gpu0\fahcore_11.exe |
"TCP Query User{836D7350-EE92-4999-88F5-0FDB768C1A3A}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{86BBA65E-EC26-4F60-8A98-3EC22FA4D69E}C:\program files (x86)\world of warcraft public test\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft public test\backgrounddownloader.exe |
"TCP Query User{90EC26EE-12CD-4DEB-915D-DB3AA6A0357F}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2617-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2617-enus-tools-downloader.exe |
"TCP Query User{9A7F2C4B-83EA-48CE-8897-78E71BEC4C5C}C:\users\danny\downloads\downloader_starcraft_combo_enus.exe" = protocol=6 | dir=in | app=c:\users\danny\downloads\downloader_starcraft_combo_enus.exe |
"TCP Query User{9B00EC46-1815-4274-AF6A-DC737745AB9A}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{9D7DE48F-FE0E-4950-ADAD-6DCEFB8A5788}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"TCP Query User{A12BF07E-36BE-4C38-B982-FD13B6FC7AEB}C:\program files (x86)\starcraft ii 2012 beta\versions\base22334\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii 2012 beta\versions\base22334\sc2.exe |
"TCP Query User{A368F02B-791A-4551-BEE8-938E9A20AB03}C:\program files (x86)\starcraft ii 2012 beta\versions\base22213\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii 2012 beta\versions\base22213\sc2.exe |
"TCP Query User{A51F61FD-FF20-486A-90C3-430E0AAA6563}C:\program files (x86)\starcraft ii\starcraft ii.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"TCP Query User{A7514B95-E6A6-44B5-B064-FC05453061B9}D:\program files (x86)\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe" = protocol=6 | dir=in | app=d:\program files (x86)\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe |
"TCP Query User{A9D7E1DA-5C9F-4595-9562-74DBFECEF292}D:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=d:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{AF99A0E6-C626-4D04-A5B9-64E3B3FED7A6}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"TCP Query User{AFA12E80-DE9A-4788-94FD-4209A6C65E06}C:\users\danny\downloads\starcraft_2_na_en-us.exe" = protocol=6 | dir=in | app=c:\users\danny\downloads\starcraft_2_na_en-us.exe |
"TCP Query User{BDDCA8C9-F34D-48CE-B6AD-1FC305B31D61}C:\program files (x86)\steam\steamapps\lasthand\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\lasthand\team fortress 2\hl2.exe |
"TCP Query User{C28AC00D-EC98-4FFE-87C9-1CFD003932B4}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{C6AE38F9-2AE5-4634-8566-9AF29E26D35A}C:\program files (x86)\world of warcraft\launcher.patch.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"TCP Query User{DC4EE74C-996F-49CF-8F17-AC91DF8D5AD3}C:\program files (x86)\starcraft ii\versions\base19679\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base19679\sc2.exe |
"TCP Query User{E2CD2DC6-022C-4414-AA70-2F82E719B8AF}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe |
"TCP Query User{E34354F4-ADAD-4E34-8F2F-8F4ECD3B5DCC}C:\program files (x86)\starcraft ii\versions\base18092\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base18092\sc2.exe |
"TCP Query User{FBC02F53-F337-4143-B7F9-2A1A2A75EA66}D:\program files (x86)\turbine\ddo unlimited\dndclient.exe" = protocol=6 | dir=in | app=d:\program files (x86)\turbine\ddo unlimited\dndclient.exe |
"TCP Query User{FF86FDAD-9132-4042-A5FA-B94308402E9E}C:\program files (x86)\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"UDP Query User{01693431-98F5-4AAD-8C89-D8DC56804200}C:\program files (x86)\starcraft ii 2012 beta\versions\base22213\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii 2012 beta\versions\base22213\sc2.exe |
"UDP Query User{050C1391-68EF-41DF-8621-F703B3C68009}C:\program files (x86)\world of warcraft\launcher.patch.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"UDP Query User{05444981-D6FA-4E15-9E5C-6EAB85E25CFE}C:\program files (x86)\motorola media link\mml.exe" = protocol=17 | dir=in | app=c:\program files (x86)\motorola media link\mml.exe |
"UDP Query User{0888A072-0955-4D5F-86ED-5AC67E34BA8B}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{0AC52B3E-9377-4686-8723-B47AD1CC0065}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{1964DECA-E279-4DB8-99E9-1A011BD43053}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"UDP Query User{385A5F9E-35BD-479F-B6FD-F76B80186FB2}D:\program files (x86)\turbine\ddo unlimited\dndclient.exe" = protocol=17 | dir=in | app=d:\program files (x86)\turbine\ddo unlimited\dndclient.exe |
"UDP Query User{3EDF8CC8-1614-47AB-AA20-4EAD7CDC7BA0}D:\program files (x86)\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe" = protocol=17 | dir=in | app=d:\program files (x86)\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe |
"UDP Query User{443AEBCB-B2DF-49CD-A94D-8C8DE2F9EC18}C:\program files (x86)\starcraft ii\starcraft ii.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"UDP Query User{4C6DC791-608E-4A0A-939D-39FF9361BC70}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"UDP Query User{50C9ABFF-6A6F-43D4-9605-1082442A75EA}C:\program files (x86)\starcraft ii\versions\base19679\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base19679\sc2.exe |
"UDP Query User{594EA7A0-DB05-4E7E-882A-26EE855804D6}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2617-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2617-enus-tools-downloader.exe |
"UDP Query User{6506A392-C8C5-4A31-9AA0-D6C29C25C173}C:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe |
"UDP Query User{69B4F6F2-0F39-4238-BA93-EF72A179A6FE}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe |
"UDP Query User{6CF19DB4-6F69-4F5B-B735-6E290D982DF6}C:\users\danny\downloads\downloader_starcraft_combo_enus.exe" = protocol=17 | dir=in | app=c:\users\danny\downloads\downloader_starcraft_combo_enus.exe |
"UDP Query User{75C9953E-4968-4B95-99A6-E5DFDF76D328}C:\program files (x86)\starcraft ii 2012 beta\versions\base22334\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii 2012 beta\versions\base22334\sc2.exe |
"UDP Query User{7BF96191-9DAD-4FD6-B924-62B053F86166}D:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{7C49C5B1-C708-471D-AFBC-774B24BD9804}D:\program files (x86)\2k games\borderlands 2\binaries\win32\borderlands2.exe" = protocol=17 | dir=in | app=d:\program files (x86)\2k games\borderlands 2\binaries\win32\borderlands2.exe |
"UDP Query User{7CE44300-3FF8-480C-99EF-62729551C5D0}C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base21029\sc2.exe |
"UDP Query User{80781FAA-3762-45A8-8E2C-B6D9F7304407}D:\program files (x86)\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe" = protocol=17 | dir=in | app=d:\program files (x86)\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe |
"UDP Query User{A379B5FB-781B-49A1-B6FC-77AB1C344A42}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"UDP Query User{A581CE8B-96C3-494A-A28D-04B0D30B8173}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe |
"UDP Query User{A6B9D82E-ED97-4B52-8BEC-68F19E95D468}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{A80F0089-BC36-471C-BA6F-18196B82A725}D:\program files (x86)\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=17 | dir=in | app=d:\program files (x86)\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe |
"UDP Query User{AF533481-7964-4215-8926-4A1F37FDFFD1}C:\program files (x86)\world of warcraft\temp\wow-4.2.0.2552-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.0.2552-enus-tools-downloader.exe |
"UDP Query User{B7F46DEF-F4B0-49F5-9C97-946E94858C86}D:\program files (x86)\turbine\ddo unlimited\dndclient.exe" = protocol=17 | dir=in | app=d:\program files (x86)\turbine\ddo unlimited\dndclient.exe |
"UDP Query User{BFD02ED9-2665-4A22-8504-FA91B0361AD9}C:\users\danny\downloads\fah_gpu_tracker_v2\fah gpu tracker v2\gpu0\fahcore_11.exe" = protocol=17 | dir=in | app=c:\users\danny\downloads\fah_gpu_tracker_v2\fah gpu tracker v2\gpu0\fahcore_11.exe |
"UDP Query User{C15DAF56-C4E8-43D3-AC18-D232AB214269}C:\program files (x86)\starcraft ii\versions\base18092\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base18092\sc2.exe |
"UDP Query User{C6DB49E6-4D32-44DC-8B25-09BF3A3A09AF}C:\program files (x86)\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"UDP Query User{CBF26185-7715-4BFB-8BEA-C862CE63C38B}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{CDBF9AC5-B34A-4CF0-9808-0FA1B17705E6}C:\program files (x86)\motorola media link\mml.exe" = protocol=17 | dir=in | app=c:\program files (x86)\motorola media link\mml.exe |
"UDP Query User{CEC1BE0D-3358-4411-8250-54FC9229677B}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"UDP Query User{D0F46993-3F63-4AD6-B307-D4C7A880A803}C:\users\danny\downloads\starcraft_2_na_en-us.exe" = protocol=17 | dir=in | app=c:\users\danny\downloads\starcraft_2_na_en-us.exe |
"UDP Query User{D1556934-E754-46C9-94ED-AE713EE9072C}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{DA428B9B-4B4E-431D-9113-67FE37DAEA5C}C:\users\danny\downloads\ptr-installer-en_us.exe" = protocol=17 | dir=in | app=c:\users\danny\downloads\ptr-installer-en_us.exe |
"UDP Query User{DB98F4EC-BCA2-4547-AB1D-30B827A20A1D}C:\program files (x86)\steam\steamapps\lasthand\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\lasthand\team fortress 2\hl2.exe |
"UDP Query User{DE2D3DB6-8080-4B88-9F02-DACF95CA8F5D}C:\program files (x86)\world of warcraft public test\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft public test\backgrounddownloader.exe |
"UDP Query User{DFAE1BE2-17F3-434F-AB65-FBF8ED0915DE}C:\program files (x86)\starcraft ii\versions\base18092\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base18092\sc2.exe |
"UDP Query User{E32BFF45-8F42-473E-9D51-9D98CA8538E6}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{E45F787D-CD8F-4597-B387-CFE8964F520E}D:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=d:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{FFB3843D-517A-4F97-B983-D67C11A27A3F}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1686C4D1-B1FD-42E8-B7A8-FB4C4DBA5BA8}" = ASUS Power4Gear eXtreme
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86416029FF}" = Java™ 6 Update 29 (64-bit)
"{344C0D46-2EF4-4BC8-AE03-3DACDA9B9485}" = AVG 2012
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{581F6FB0-46E6-42DA-98CC-ABB001386520}" = Motorola Mobile Drivers Installation 5.1.0
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{70E8EBD5-78C9-4258-B20A-5098CCA000F0}" = Dolby Control Center
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.16.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BF46C84D-1AC3-4CC3-A45C-EF6257B80984}" = AVG 2012
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player Plugin 64" = Adobe Flash Player 10 Plugin 64-bit
"AVG" = AVG 2012
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"GIMP-2_is1" = GIMP 2.8.2
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media
"{148E08FF-D7C4-46ED-8D4D-601C67FE0AFD}" = Rosetta Stone Version 3
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}" = ASUS Data Security Manager
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.6.4
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D.com FurMark 1.9.0
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java™ 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java™ 6 Update 35
"{2862A3C1-0CD9-4D8B-A28C-8C337D4DD5EB}" = Express Gate
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2C082D2E-57BC-4D12-8DB3-C0DE13E89B33}_is1" = SimMars Beta 3
"{2EFEAD58-3311-4B2B-9D8A-8D663581D109}" = Splashtop Streamer
"{306D4754-BECE-4FC7-85F3-B7FEED274AA8}" = Razer Orochi
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{40580068-9B10-40B5-9548-536CE88AB23C}" = ITECIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D5308D2-DC8E-4658-A37C-351000008100}" = Microsoft Flight
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{5569C99B-129C-426E-920A-FD1F0DC01FDC}" = Dawn
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01
"{5A61BF94-5213-4B3F-AEA3-A09AD4D9B4A2}" = Dusk 5900
"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{64E47A5F-B3C4-476A-9100-2D006BD1FFB4}" = Z Engine
"{679F739E-5C76-4A41-B562-F9392156B6DD}" = System Requirements Lab CYRI
"{681F447D-49EC-4D5D-AE0A-145A8AA4E239}" = Nalu
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{779D8CA1-03DD-4AD4-B21F-3E20BFE7BEDE}" = SketchUp 8
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}" = The Sims Medieval
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C4504A1-9280-11D5-9F7E-00902712427E}" = Sid Meier's SimGolf
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}" = SimCity 4 Deluxe
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A83000000003}" = Adobe Reader 8.3.1
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D9DC70B6-BE13-41DD-9053-9E617E72D085}" = MOTOROLA MEDIA LINK
"{DA403202-E59F-4F34-9B48-B3147CCC62B1}" = Direct Console 2.0
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E010C6F5-3EE2-4293-A461-0FFCF4CF01A5}" = Sound Blaster World of Warcraft Wireless Headset
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7E1CA14-B39D-452A-960B-39423DDDD933}" = DriveImage XML (Private Edition)
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Afterburner" = MSI Afterburner 2.1.0
"bc8a6440-918f-11dd-ad8b-0800200c9a66_is1" = Dungeons & Dragons Online ®: Eberron Unlimited ™ v01.14.00.802
"Blacklight Retribution" = Blacklight Retribution
"Borderlands 2_is1" = Borderlands 2
"CDisplay_is1" = CDisplay 1.8
"CraftBukkit" = CraftBukkit
"Diablo III" = Diablo III
"eSupport UndeletePlus_is1" = eSupport UndeletePlus 3.0.3.521
"GFWL_{4D5308D2-DC8E-4658-A37C-351000008100}" = Microsoft Flight
"InstallShield_{2EFEAD58-3311-4B2B-9D8A-8D663581D109}" = Splashtop Streamer
"InstallShield_{5A61BF94-5213-4B3F-AEA3-A09AD4D9B4A2}" = Dusk 5900
"LCDHype Version 0.7.4_is1" = LCDHype Version 0.7.4
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.0.1400
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MotoHelper" = MotoHelper 2.0.51 Driver 5.1.0
"Mozilla Firefox 15.0 (x86 en-US)" = Mozilla Firefox 15.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"RA+ V3.03_is1" = FullRA Plus V3.03
"SpeedFan" = SpeedFan (remove only)
"StarCraft" = StarCraft
"StarCraft II" = StarCraft II
"StarCraft II Beta" = StarCraft II Beta
"Steam App 201760" = Cities XL 2012
"Steam App 47870" = Need for Speed: Hot Pursuit
"Steam App 620" = Portal 2
"Steam App 72200" = Universe Sandbox
"Steam App 8930" = Sid Meier's Civilization V
"SysInfo" = Creative System Information
"uTorrent" = µTorrent
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 2.0.1
"WinLiveSuite" = Windows Live Essentials
"WOLAPI" = Westwood Shared Internet Components
"World of Warcraft" = World of Warcraft

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1339579510-645221487-415253513-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Mozilla Firefox 15.0.1 (x86 en-US)" = Mozilla Firefox 15.0.1 (x86 en-US)

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10/7/2012 3:00:01 AM | Computer Name = Danny-PC | Source = Windows Search Service | ID = 7040
Description =

Error - 10/7/2012 3:00:01 AM | Computer Name = Danny-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 10/7/2012 3:00:01 AM | Computer Name = Danny-PC | Source = Windows Search Service | ID = 3028
Description =

Error - 10/7/2012 3:00:01 AM | Computer Name = Danny-PC | Source = Windows Search Service | ID = 3058
Description =

Error - 10/7/2012 3:00:20 AM | Computer Name = Danny-PC | Source = WinMgmt | ID = 10
Description =

Error - 10/7/2012 3:41:39 AM | Computer Name = Danny-PC | Source = Perflib | ID = 1010
Description =

Error - 10/7/2012 2:39:18 PM | Computer Name = Danny-PC | Source = Perflib | ID = 1023
Description =

Error - 10/8/2012 3:45:16 AM | Computer Name = Danny-PC | Source = Perflib | ID = 1010
Description =

Error - 10/8/2012 5:36:30 PM | Computer Name = Danny-PC | Source = Perflib | ID = 1023
Description =

Error - 10/9/2012 3:46:28 AM | Computer Name = Danny-PC | Source = Perflib | ID = 1010
Description =

[ System Events ]
Error - 10/9/2012 2:24:37 PM | Computer Name = Danny-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume Vista64.

Error - 10/10/2012 4:28:10 AM | Computer Name = Danny-PC | Source = netbt | ID = 4319
Description = A duplicate name has been detected on the TCP network. The IP address
of the computer that sent the message is in the data. Use nbtstat -n in a command
window to see which name is in the Conflict state.

Error - 10/10/2012 2:28:58 PM | Computer Name = Danny-PC | Source = bowser | ID = 8003
Description =

Error - 10/10/2012 2:41:37 PM | Computer Name = Danny-PC | Source = BROWSER | ID = 8032
Description =

Error - 10/10/2012 7:37:54 PM | Computer Name = Danny-PC | Source = netbt | ID = 4319
Description = A duplicate name has been detected on the TCP network. The IP address
of the computer that sent the message is in the data. Use nbtstat -n in a command
window to see which name is in the Conflict state.

Error - 10/11/2012 4:22:43 AM | Computer Name = Danny-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume Vista64.

Error - 10/11/2012 4:22:43 AM | Computer Name = Danny-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume Vista64.

Error - 10/11/2012 4:22:43 AM | Computer Name = Danny-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume Vista64.

Error - 10/12/2012 1:03:38 AM | Computer Name = Danny-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 10/12/2012 1:13:38 AM | Computer Name = Danny-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =


< End of report >

Edited by LastHand, 13 October 2012 - 10:14 PM.


#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:49 PM

Posted 13 October 2012 - 10:40 PM

Hi LastHand,

I am not finding any malware in the information you have provided.

  • Were there any other symptoms you noticed before taking the steps you described?
  • Did it just start out of the blue with no other warnings?
  • Are you able to provide exactly when it started?
  • Do you have an installation disk?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:49 PM

Posted 17 October 2012 - 05:57 PM

Hi LastHand,


===================================================


3 Day Bump

It has been more than 3 days since my last post.

  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:49 PM

Posted 20 October 2012 - 02:24 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users