Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

my computer has problems but im not too sure? [Closed]


  • This topic is locked This topic is locked

#1
JoOEyn

JoOEyn

    Member

  • Member
  • PipPip
  • 10 posts
OTL Extras logfile created on: 26/04/2012 10:43:33 PM - Run 1
OTL by OldTimer - Version 3.2.42.1 Folder = C:\Users\Sykian\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

3.00 Gb Total Physical Memory | 1.43 Gb Available Physical Memory | 47.69% Memory free
5.99 Gb Paging File | 4.08 Gb Available in Paging File | 68.10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149.05 Gb Total Space | 24.62 Gb Free Space | 16.52% Space Free | Partition Type: NTFS
Drive D: | 296.53 Gb Total Space | 49.76 Gb Free Space | 16.78% Space Free | Partition Type: NTFS

Computer Name: MIKEY-LTP | User Name: Sykian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files (x86)\PC Unleashed Online\Suite\noapp.exe %1 (PC Unleashed Online)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files (x86)\PC Unleashed Online\Suite\noapp.exe %1 (PC Unleashed Online)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0032ED11-6E7B-4FA5-821E-421D68D940A0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{12374ECF-2E66-499A-BABA-672D8B4EE1A1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{12C38A17-9F7D-4490-B137-9B5F4C8F2F1B}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{134A9A81-E1F9-4DF7-8536-220CC10DA67B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{144120AE-83E3-4452-8572-AE0FA258ECA6}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{23C8E731-FB4E-449C-985C-67D2147DC933}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{262B3C92-3561-46A3-8B24-614EADCA987E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2CEF7FAB-8284-4EDA-9E21-3A9F84599E19}" = lport=49176 | protocol=6 | dir=in | name=akamai netsession interface |
"{337998E7-A188-4FE5-9B0F-6E055A3F95B0}" = rport=445 | protocol=6 | dir=out | app=system |
"{34888440-2B88-49D6-91A7-2A6421DF8E6C}" = lport=56097 | protocol=6 | dir=in | name=pando media booster |
"{35EF279E-9AEA-48B4-8982-D8BE337EBB82}" = lport=139 | protocol=6 | dir=in | app=system |
"{376B101B-F868-43C6-8436-B8F58139C9BA}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{39F9C6C0-AFEF-4195-ADF1-AD8F2083E814}" = lport=138 | protocol=17 | dir=in | app=system |
"{5BCD6761-B2E9-4639-AC68-27B9F7D91380}" = lport=137 | protocol=17 | dir=in | app=system |
"{67E8B8D1-95B5-4B29-BBE2-3702D7B594A4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6DD0A208-8ADC-400C-9007-51044E463BE3}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{773B376D-6F4B-4C72-BA5C-96F466B94A8B}" = rport=138 | protocol=17 | dir=out | app=system |
"{7F475639-A3BD-4AD0-8B47-C78DC8D8649D}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{807A76EA-5148-4605-A7F2-3A6C531426AB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{86352157-24DC-40F3-ABBE-56FBED6C48EF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8C5FA441-713C-471E-A764-9D4BFC5C0030}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8F8885B8-3054-40C3-A988-3B3342661CC0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{99372112-B542-455C-9E3C-1E8CD734B03E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A8F6CA14-1469-4D37-BD09-F7D8233F936C}" = lport=56097 | protocol=6 | dir=in | name=pando media booster |
"{ABB61117-0D99-46BB-9FE8-8E8394A8D26A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AC08558D-40C0-431F-B0B9-E62805AFF2D8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B6A3A951-0288-426A-BF48-91228542A12C}" = lport=56097 | protocol=17 | dir=in | name=pando media booster |
"{BFCEC5C0-B65D-4C78-B5E1-3F23512CFC04}" = lport=445 | protocol=6 | dir=in | app=system |
"{C70EC846-E7AE-40EF-A964-1F1B2F7C317A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C8BED20C-59D3-4F68-96ED-663D3474DB85}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D479D41D-F40D-4F49-BC52-DE758E71B50D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{DBB820C6-4083-4425-A5D6-CE05F426B7BB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EB38D7DD-8904-4C6A-85B1-97A9A4272080}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{ED5ADD71-4486-4FE4-95F2-001E3A84732F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{F1D8C20E-BFBC-46D0-AF1B-6A167BEB71E5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F456E9CE-C1FA-41F5-971C-E06918B87CD7}" = rport=139 | protocol=6 | dir=out | app=system |
"{F7A709B3-BA91-48C9-9183-FED89919E435}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{F7EA8475-8317-4EAC-958E-2B2AACA6F146}" = rport=137 | protocol=17 | dir=out | app=system |
"{FA92290F-614F-43B0-908C-3309C1E288AF}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{FEE3246D-5250-4507-B663-E8D23C7A16FD}" = lport=56097 | protocol=17 | dir=in | name=pando media booster |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00097952-DE10-4CC4-B404-93E14AC672FE}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0086B599-1D80-4BFF-8C1C-34485034E52D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0293E1D9-C5CB-4111-9B5F-86CB07FBF15F}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{035AF71F-5BEE-4F36-9724-727B9F466F7C}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{06051364-F5D8-433F-8AAE-EA37B0354E33}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{15135184-DDE2-4494-8B47-33029B2B3722}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{167D15FB-5951-4375-8592-843A73BBAB2D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{24F1BD46-FEC3-470B-84FB-38AA81AE2E4D}" = protocol=1 | dir=out | [email protected],-28544 |
"{2617B52E-4A48-4074-A35C-DBED25A3119B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{26BBB5B6-1013-4C5F-9C4B-B209CF1229F3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\spiral knights\java_vm\bin\javaw.exe |
"{2A179A58-D234-4F70-900A-176B9385471F}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{3086FF4C-2BE8-4523-8964-D234A0D99704}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{310D142B-501F-4561-9B13-99C0501FEEAF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{31118E2B-F4E3-40E0-9234-F1C13A12A6A1}" = protocol=17 | dir=in | app=d:\games\resident evil 5\re5dx10.exe |
"{3709C91A-70AC-4ED4-AD41-9556B67F7264}" = protocol=6 | dir=in | app=d:\games\prince of persia\prince of persia.exe |
"{3779CC28-1B69-4ACB-8453-CF75407E0FE2}" = protocol=6 | dir=in | app=d:\games\resident evil 5\re5dx9.exe |
"{3DD58250-BCB4-4063-AD4F-BF34935BC6ED}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{3F0F6B39-C8D0-4FD2-980B-D0A9FC1E38A4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3F6E7180-F0CE-4BE3-8563-0951ADB12086}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{42F69C05-FD5B-4021-97DE-DB9299871D50}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{46D22C3F-228C-418B-A6E8-82BE85FF9052}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{47ED9D95-DB5F-4F64-AF6B-A1342E71D656}" = protocol=17 | dir=in | app=d:\games\prince of persia\princeofpersia_launcher.exe |
"{4C570967-08D3-4D41-BEB4-5A47E9EC0817}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{4CE9A27C-978F-4B1E-AB67-3BC8EC699576}" = protocol=6 | dir=in | app=c:\program files (x86)\thq\frontlines-fuel of war\binaries\ffow.exe |
"{4EA1A84C-E474-454E-AA98-CD015DEE505A}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{50725CCA-6927-4BC4-8328-127CB8EB6258}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\need for speed™ hot pursuit\launcher.exe |
"{5188E2C2-286E-4A67-950C-B1A131C40FDA}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{53560022-5EF8-4C22-979E-B07F584DEABA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{55FD339E-1308-47D2-B768-9198C9E795CA}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3y.exe |
"{5C0F33F0-1764-444E-AE14-71280A850081}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5CA6F916-5837-4CDE-A3E2-A10519FF5E9D}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5D9AC35E-B743-41BE-89E0-F67F4154A0B2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{5F002F37-636B-42AA-8D54-C0578D61AEA2}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5FD15DE2-96FF-46B8-95CE-DB923D452FD0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{64FC6F25-7F4D-458A-A3BE-E250AFFFC7F3}" = protocol=6 | dir=in | app=d:\games\prince of persia\princeofpersia_launcher.exe |
"{6787C7CD-8AE2-415B-8E1E-A3ED1606D133}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\spiral knights\java_vm\bin\javaw.exe |
"{7073505A-4282-4F7D-B5A3-A8A4632881F4}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{71B55A6D-2D7E-4C09-A180-A8B1B4B82741}" = protocol=17 | dir=in | app=c:\users\sykian\desktop\games\w3\war3.exe |
"{7CB07447-FEE6-4FD2-A53D-F6DDD61FD2DF}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{7D6DF36C-D40C-492E-A9A5-47315112F09D}" = protocol=1 | dir=in | [email protected],-28543 |
"{87275807-9450-4A13-BEDE-07C1548103F7}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{87588407-9B66-4FAE-A315-5E9C7194E4E7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3y.exe |
"{8B504DF6-F650-4A68-9D59-A1C24DF5C9E3}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{8E8CFA85-6A2D-4D8C-A3C7-D06689F71F3D}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{919F94CE-7429-418B-90F2-946C80F0AFFF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9271B90E-A209-46AD-9756-C173382810B2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9478FE77-1F4F-4513-98D3-998A6FB21C87}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{947FE647-6D95-4E80-82E1-C259EE794D5C}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgam.exe |
"{94A59FE7-84D5-407F-80FB-4AF6DED9A58A}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{98E3E4BD-213D-4233-829C-250FBB063538}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"{9BCCC26A-B176-4762-826A-A1741EDF2385}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{9D07FCD5-6D8D-4FA3-971E-1E827BF10DFD}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{9DAFA1D1-B36C-4D0C-B1F8-D520E08B72F1}" = protocol=6 | dir=in | app=d:\games\resident evil 5\re5dx10.exe |
"{A5C0710C-904E-4B2C-AADE-7A192B1AA578}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{A6A92491-DA4E-4AA9-B8A6-761641B52385}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A9947DAF-DDF1-422E-8200-9FBE534CA664}" = protocol=58 | dir=out | [email protected],-28546 |
"{AB4D5ACF-7159-4CCF-AE61-782609FC58B2}" = protocol=17 | dir=in | app=d:\games\prince of persia\prince of persia.exe |
"{ACCB2274-6429-458C-A233-0B45DDDC366B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AE7E2A3A-862B-4A2F-9656-467B2E3811BB}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{B0D883B8-795A-4010-BE53-222219862B39}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B1BEFE6B-0C02-40FC-AB81-8C44AC94BD60}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{B32FBCFF-EF84-46A8-838C-0D4D537A19EC}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{B6BC2D52-FB13-4319-8A83-B9FAF5A15D39}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B760CB29-EF33-466A-8644-88A272D1A428}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B8C38D43-D030-4C85-B8FF-B7328E222A8A}" = protocol=58 | dir=in | [email protected],-28545 |
"{BC051845-EC31-44C3-BCB2-1CBAAF762A1A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3.exe |
"{BC817E4D-1AEF-4726-B07B-3C51498DF82D}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{C6B4F7B3-E66E-47F9-9C54-D8A3771D7624}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3.exe |
"{CE998E58-4423-473F-B8A6-32EA4EBDDA0A}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"{D2AC2D0A-8578-4BB7-A437-2BC74527CFAE}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{D5814971-DF18-4141-9EF9-72C323CB8C8F}" = protocol=6 | dir=in | app=c:\nexon\maplestory\maplestory.exe |
"{D5CBA8D9-078F-42DB-9E5B-6E28ED894628}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{D86E1613-815B-4E1B-9362-F9DFD065FFFB}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgam.exe |
"{D902EE36-57E8-461C-B451-972715CA54BD}" = protocol=17 | dir=in | app=d:\games\resident evil 5\re5dx9.exe |
"{D9941987-95D1-4D86-B9AD-036B893B116A}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{D9ACF98C-A40D-4A07-BD0C-F1F715AE58C9}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{DADBD21D-3679-422C-BA4D-79EB7852CB0D}" = protocol=6 | dir=out | app=system |
"{E21D3B46-B599-4F6A-8431-BD9040C7B921}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{E850DE97-7001-42E1-B755-D736C3622EA2}" = protocol=6 | dir=in | app=d:\games\spider-man™ - shattered dimensions\game.exe |
"{EBA2E191-DD6D-47BC-A523-6909310BB265}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{ED0EDC4E-EB24-46FC-A65B-09AEB6277FD9}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{EE98CF2A-23E3-4AC7-8DA3-57F3BCF8BDB4}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\need for speed™ hot pursuit\launcher.exe |
"{EF4E4CE5-2E8B-424E-8B08-105C65DDC006}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{EF6AC147-BA41-43E3-AA53-380358E65C81}" = protocol=17 | dir=in | app=c:\nexon\maplestory\maplestory.exe |
"{EFE62004-5F68-4372-8A02-8C50A83E83CD}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{F4C0F20E-42B3-455C-A548-15B1AB56784B}" = protocol=6 | dir=in | app=c:\users\sykian\desktop\games\w3\war3.exe |
"{F63A554E-9E78-4BC9-84DF-91AFB591B9D9}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{F8394E3E-3D16-43F1-AA16-BDCFA1041637}" = protocol=17 | dir=in | app=d:\games\spider-man™ - shattered dimensions\game.exe |
"{FBE076F9-C4D4-4674-BFB5-C62B56B23D64}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{FBF706EB-BCFC-432D-8253-EEDF10FE2D40}" = protocol=17 | dir=in | app=c:\program files (x86)\thq\frontlines-fuel of war\binaries\ffow.exe |
"{FD8D9068-725C-4481-B9ED-8EA4623855C3}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{FDE11DBD-CC8E-4402-A205-B2F256782D5A}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"TCP Query User{007B1A0A-B29A-4F52-A764-A46793F29F37}C:\users\sykian\documents\casinos\games\w3\war3.exe" = protocol=6 | dir=in | app=c:\users\sykian\documents\casinos\games\w3\war3.exe |
"TCP Query User{0ADD7B53-114D-4756-8612-457122B46CD8}D:\games\resident evil 5\re5dx9.exe" = protocol=6 | dir=in | app=d:\games\resident evil 5\re5dx9.exe |
"TCP Query User{449C9CBF-579F-46FD-BFA6-A9461F4492AB}D:\games\worms 4 mayhem\worms 4 mayhem.exe" = protocol=6 | dir=in | app=d:\games\worms 4 mayhem\worms 4 mayhem.exe |
"TCP Query User{B6AA1395-BA60-4AA8-8A03-C3EE7DA11FC1}C:\program files (x86)\windows live\messenger\msnmsgr.exe" = protocol=6 | dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"TCP Query User{C7D42EEE-CF69-4C71-8B62-38815022E9B0}D:\games\resident evil 5\re5dx10.exe" = protocol=6 | dir=in | app=d:\games\resident evil 5\re5dx10.exe |
"TCP Query User{D2C589EA-171A-487A-B8C8-A9BCF3FA4D31}C:\users\sykian\desktop\games\w3\war3.exe" = protocol=6 | dir=in | app=c:\users\sykian\desktop\games\w3\war3.exe |
"TCP Query User{E052D9CE-8FF9-49F8-A678-CAAF63D70BAC}C:\program files (x86)\amsn\bin\wish.exe" = protocol=6 | dir=in | app=c:\program files (x86)\amsn\bin\wish.exe |
"UDP Query User{034894BE-C244-45DF-894B-49EF784C8D34}D:\games\resident evil 5\re5dx10.exe" = protocol=17 | dir=in | app=d:\games\resident evil 5\re5dx10.exe |
"UDP Query User{2D67FE46-8BAD-4A4F-86F0-C4A111823A60}C:\users\sykian\documents\casinos\games\w3\war3.exe" = protocol=17 | dir=in | app=c:\users\sykian\documents\casinos\games\w3\war3.exe |
"UDP Query User{37B28879-E73F-408F-A513-6EB4D9D6112E}D:\games\resident evil 5\re5dx9.exe" = protocol=17 | dir=in | app=d:\games\resident evil 5\re5dx9.exe |
"UDP Query User{98E9E852-E384-4BA9-B64B-9AB7222D73BC}C:\users\sykian\desktop\games\w3\war3.exe" = protocol=17 | dir=in | app=c:\users\sykian\desktop\games\w3\war3.exe |
"UDP Query User{D2EC2F0E-3D37-4986-AA25-0F94AA57D67F}C:\program files (x86)\amsn\bin\wish.exe" = protocol=17 | dir=in | app=c:\program files (x86)\amsn\bin\wish.exe |
"UDP Query User{E119B4E0-4DBA-42DF-90BB-088C9A449205}D:\games\worms 4 mayhem\worms 4 mayhem.exe" = protocol=17 | dir=in | app=d:\games\worms 4 mayhem\worms 4 mayhem.exe |
"UDP Query User{F28CBB88-54AC-40AD-AD24-E5FD56BF8642}C:\program files (x86)\windows live\messenger\msnmsgr.exe" = protocol=17 | dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1F8E2B4C-BAD5-4F40-A95C-4EEFE4A994F3}" = Dolby Control Center
"{3ED4AD02-F631-4A4C-AAC8-2325996E5A56}" = Microsoft IntelliPoint 8.1
"{4BDE7544-0A08-4AD9-8A8F-4B7944471C36}" = iTunes
"{55E76113-3899-4A63-A308-71A9BD3491EE}" = MobileMe Control Panel
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{63DA1F6A-2E65-4367-99B9-9E39FADEC446}" = HDMI Control Manager
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{86B5E5AF-3D50-4979-9C81-687C1B3C586D}" = TOSHIBA WUSB
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Runtime 1.10.01
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9666782C-CEBB-4D2A-8651-5A02AECA8034}" = AVG 2012
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{B90E5EBE-DF18-44D5-9D18-689ADEE9DA6C}" = Intel® PROSet/Wireless WiFi Software
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E51A1789-9C20-43FC-AF13-C7AC29FAF111}" = AVG 2012
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AVG" = AVG 2012
"FlatOut Ultimate Carnage" = FlatOut Ultimate Carnage
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft IntelliPoint 8.1" = Microsoft IntelliPoint 8.1
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TOSHIBA Software Modem" = TOSHIBA Software Modem

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{14C36646-83C8-430E-92B3-16F998BDB4E0}" = Activision®
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = Toshiba Assist
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java™ 6 Update 6
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C3F3228-13BE-41D0-A782-3DDE7CB2479A}" = CD/DVD Drive Acoustic Silencer
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4EAB69C5-7763-4BB8-9D06-733292AA6E0C}" = Bing Bar
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{63DA1F6A-2E65-4367-99B9-9E39FADEC446}" = HDMI Control Manager
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C11154F-3539-4CB5-979D-EF7913473E53}" = Prince of Persia
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed™ Hot Pursuit
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E1CB0F1-67BF-4052-AA23-FA22E94804C1}" = InstallIQ Updater
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93B6424D-0E28-4123-988E-D866E58AA655}" = Aeria Ignite
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8A98F85-9CC8-418D-B65B-FDE1EC737C47}" = PC Unleashed Online PC Unleashed
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC08BBA0-96B9-431A-A7D0-D8598E493775}" = RESIDENT EVIL 5
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
"{AF4AFD90-9A89-4A28-993A-D3752EA9344F}" = Worms 4 Mayhem
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C711E88C-9DC2-4254-A989-D6E017844DDF}" = Frontlines: Fuel of War
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EDA0FFC5-7964-4E2F-9014-693F04695933}" = BA Installer
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Aeria Ignite" = Aeria Ignite
"Aeria Ignite 1.6.1062" = Aeria Ignite
"AhnLab Online Security" = AhnLab Online Security
"CSS FULL DZ [Oct 15 2007]" = CSS FULL DZ [Oct 15 2007] v18.1
"DealPly" = DealPly
"Eden Eternal" = Eden Eternal
"FlatOut Ultimate Carnage" = FlatOut Ultimate Carnage
"hon" = Heroes of Newerth
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{14C36646-83C8-430E-92B3-16F998BDB4E0}" = Spider-Man™ - Shattered Dimensions
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{63DA1F6A-2E65-4367-99B9-9E39FADEC446}" = HDMI Control Manager
"InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"jv16 PowerTools 2011" = jv16 PowerTools 2012
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.9.5 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"MapleStory" = MapleStory
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"NSS" = Norton Security Scan
"Steam App 99900" = Spiral Knights
"SuddenAttackNA" = SuddenAttack
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.6
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Yahoo! Companion" = Yahoo!7 Toolbar
"Yahoo! Software Update" = Yahoo! Software Update
"Yahoo!7 Messenger" = Yahoo!7 Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 26/04/2012 1:07:36 AM | Computer Name = Mikey-LTP | Source = Microsoft-Windows-CAPI2 | ID = 257
Description = The Cryptographic Services service failed to initialize the Catalog
Database. The ESENT error was: -1216.

Error - 26/04/2012 1:13:01 AM | Computer Name = Mikey-LTP | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = The performance strings in the Performance registry value is corrupted
when process Performance extension counter provider. The BaseIndex value from the
Performance registry is the first DWORD in the Data section, LastCounter value
is the second DWORD in the Data section, and LastHelp value is the third DWORD in
the Data section.

Error - 26/04/2012 1:13:01 AM | Computer Name = Mikey-LTP | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The first DWORD in the Data section contains the error code.

Error - 26/04/2012 1:45:39 AM | Computer Name = Mikey-LTP | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = The performance strings in the Performance registry value is corrupted
when process Performance extension counter provider. The BaseIndex value from the
Performance registry is the first DWORD in the Data section, LastCounter value
is the second DWORD in the Data section, and LastHelp value is the third DWORD in
the Data section.

Error - 26/04/2012 1:45:39 AM | Computer Name = Mikey-LTP | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The first DWORD in the Data section contains the error code.

Error - 26/04/2012 6:17:04 AM | Computer Name = Mikey-LTP | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = The performance strings in the Performance registry value is corrupted
when process Performance extension counter provider. The BaseIndex value from the
Performance registry is the first DWORD in the Data section, LastCounter value
is the second DWORD in the Data section, and LastHelp value is the third DWORD in
the Data section.

Error - 26/04/2012 6:17:04 AM | Computer Name = Mikey-LTP | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The first DWORD in the Data section contains the error code.

Error - 26/04/2012 6:22:37 AM | Computer Name = Mikey-LTP | Source = Application Hang | ID = 1002
Description = The program Skype.exe version 5.9.0.114 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: cd0 Start Time:
01cd23950e5f6736 Termination Time: 0 Application Path: C:\Program Files (x86)\Skype\Phone\Skype.exe

Report
Id:

Error - 26/04/2012 6:47:49 AM | Computer Name = Mikey-LTP | Source = Application Error | ID = 1000
Description = Faulting application name: _Launcher.exe, version: 1.1.1.1, time stamp:
0x4f9124aa Faulting module name: _Launcher.exe, version: 1.1.1.1, time stamp: 0x4f9124aa
Exception
code: 0xc0000005 Fault offset: 0x007da381 Faulting process id: 0x1698 Faulting application
start time: 0x01cd23984f729201 Faulting application path: C:\AeriaGames\EdenEternal\_Launcher.exe
Faulting
module path: C:\AeriaGames\EdenEternal\_Launcher.exe Report Id: 43c2247e-8f8d-11e1-90b6-001eec3f9aac

Error - 26/04/2012 8:26:23 AM | Computer Name = Mikey-LTP | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = The performance strings in the Performance registry value is corrupted
when process Performance extension counter provider. The BaseIndex value from the
Performance registry is the first DWORD in the Data section, LastCounter value
is the second DWORD in the Data section, and LastHelp value is the third DWORD in
the Data section.

[ System Events ]
Error - 26/04/2012 4:01:30 AM | Computer Name = Mikey-LTP | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolume4.

Error - 26/04/2012 4:01:30 AM | Computer Name = Mikey-LTP | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolume4.

Error - 26/04/2012 4:01:30 AM | Computer Name = Mikey-LTP | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolume4.

Error - 26/04/2012 4:01:30 AM | Computer Name = Mikey-LTP | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolume4.

Error - 26/04/2012 4:01:30 AM | Computer Name = Mikey-LTP | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolume4.

Error - 26/04/2012 4:01:30 AM | Computer Name = Mikey-LTP | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolume4.

Error - 26/04/2012 4:01:30 AM | Computer Name = Mikey-LTP | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolume4.

Error - 26/04/2012 6:12:10 AM | Computer Name = Mikey-LTP | Source = DCOM | ID = 10010
Description =

Error - 26/04/2012 8:21:49 AM | Computer Name = Mikey-LTP | Source = DCOM | ID = 10010
Description =

Error - 26/04/2012 8:37:26 AM | Computer Name = Mikey-LTP | Source = DCOM | ID = 10010
Description =


< End of report >
  • 0

Advertisements


#2
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Hi, JoOEyn! Posted ImageMy nick name is CompCav and I will be assisting you with your Malware/Security problems. Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any questions or you are unsure about anything, just ask and I will help you out. :)

If you have resolved the issues you were originally experiencing, or have received help elsewhere, please let me know so that this topic can be closed.


Please make sure you are saving and printing the instructions out prior to each fix, this way you will have them on hand just in case you are unable to access this site. One of the steps I will be asking you to do requires you to boot into Safe Mode and this process will be much easier for you to perform if the instructions are printed out for you to follow.

If you are ready to get started, please review and follow these guidelines so that we resolve your issues in a timely and effective manner:
  • Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post.
  • Please make sure to carefully read any instructions that I give you. Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
  • If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
  • These instructions have been specifically tailored to your computer and the issues you are experiencing with your computer. These instructions are not suitable for any other computer, even if the issues are fairly similar.
  • Do not do things I do not ask for, such as running a spyware scan on your computer. However, the one thing that you should always do, is to make sure your anti-virus definitions are up-to-date!
  • Please do not use the Attachment feature for any log file. Just do a Copy/Paste of the entire contents of the log file inside your post and submit.
  • You must reply within four days failure to reply will result in the topic being closed!
  • Please do not PM me directly for help. If you have any questions, post them in this topic. PM me only if I have not responded to your last post in 2 days.
  • Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to ultimately reformat your hard drive and reinstall the operating system.
    Don't worry, this only happens in severe cases, but it sadly does happen. Please have the software and storage media for backing up your data available.



Step 1.

OK next we will check the disc and then the file structure

  • On the desktop click the My Computer icon
  • Right click your main drive (I am on C) and select properties
  • Select the tools tab
  • Select error checking
  • Place a tick in both boxes
  • Press start
  • You will get a warning that it needs to reboot to continue
  • Allow it to do so

Posted Image

Once completed go to next step.


Step 2.

Run an elevated command prompt
Go to Start, All programs, Accessories
Right click command prompt and select run as administrator
Posted Image

In the black box that opens type or copy and paste the following command and press enter:

sfc /scannow

Posted Image


Step 3.

Download aswMBR.exe ( 1.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image
If it does not run rename aswMBR.exe to Iexplore.exe and try it again.

Step 3.

Please post:

aswMBR log




After all this is completed could you update me on the problems being experienced
  • 0

#3
JoOEyn

JoOEyn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
I scanned it all and now i posted my aswMBR.txt

Attached Files


  • 0

#4
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Please post logs unless I specifically ask for them to be attached.

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-02 20:33:10
-----------------------------
20:33:10.607 OS Version: Windows x64 6.1.7601 Service Pack 1
20:33:10.607 Number of processors: 2 586 0x1706
20:33:10.608 ComputerName: MIKEY-LTP UserName: Sykian
20:33:15.417 Initialize success
20:33:30.620 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
20:33:30.625 Disk 0 Vendor: Hitachi_ FC4O Size: 305245MB BusType: 3
20:33:30.630 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
20:33:30.634 Disk 1 Vendor: SAMSUNG_ HH10 Size: 152627MB BusType: 3
20:33:30.651 Disk 1 MBR read successfully
20:33:30.655 Disk 1 MBR scan
20:33:30.658 Disk 1 Windows XP default MBR code
20:33:30.666 Disk 1 Partition 1 00 07 HPFS/NTFS NTFS 152625 MB offset 2048
20:33:30.678 Disk 1 scanning C:\Windows\system32\drivers
20:33:42.837 Service scanning
20:33:59.871 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
20:34:06.946 Modules scanning
20:34:06.966 Disk 1 trace - called modules:
20:34:06.977
20:34:07.332 Scan finished successfully
20:34:22.778 Disk 1 MBR has been saved successfully to "C:\Users\Sykian\Desktop\MBR.dat"
20:34:22.792 The log file has been saved successfully to "C:\Users\Sykian\Desktop\aswMBR.txt"
  • 0

#5
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Please update me on the issues you are having with your computer.
  • 0

#6
JoOEyn

JoOEyn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
sorry but it just blue screened of death . tthat only happened once so far is there any way i can check out my systems performance and upgrade it . was ondering if you know any programs that could do that without paying for it? cause my computer's cpu runs hard i hear it run and its loud dont really know if there is a problem but yeahs
  • 0

#7
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Step 1.

In Safe Mode with Networking, please do the following:

Blue Screen Errors

  • Click here to download BlueScreenView or here
  • Right click bluescreenview.zip and choose "Extract All" or "Extract Here" to extract the contents of the zip file
  • Once extracted, double click on BlueScreenView.exe to run the program
  • Click Edit, then Select All
  • Click File, then Save Selected Items
  • In the File name, type bluescreenlog.txt and then Save it to your Desktop
  • Open bluescreenlog.txt, then copy and paste all of the contents into your next reply

  • 0

#8
JoOEyn

JoOEyn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
==================================================
Dump File : 112110-28438-01.dmp
Crash Time : 21/11/2010 5:02:41 PM
Bug Check String : KMODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x0000001e
Parameter 1 : ffffffff`c0000005
Parameter 2 : fffff880`03ebe844
Parameter 3 : 00000000`00000001
Parameter 4 : 00000000`00000168
Caused By Driver : kl1.sys
Caused By Address : kl1.sys+60844
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+70740
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\112110-28438-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7600
Dump File Size : 274,584
==================================================

Attached Files


  • 0

#9
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
The Blue Screen tool says the offending driver is a Kaspersky AntiVirus file. Did you ever have a Kaspersky product on this computer?

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select Scan All Users
  • Select Lop Check and Purity Check
  • Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    kl1.sys
    consrv.dll
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    C:\Windows\assembly\tmp\U\*.* /s
    C:\Program Files\Common Files\ComObjects\*.* /s
    C:\windows\*. /RP /s
    %Temp%\smtmp\1\*.*
    %Temp%\smtmp\2\*.*
    %Temp%\smtmp\3\*.*
    %Temp%\smtmp\4\*.*
    >C:\commands.txt echo list vol /raw /hide /c
    /wait
    >C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
    /wait
    type c:\diskreport.txt /c
    /wait
    erase c:\commands.txt /hide /c
    /wait
    erase c:\diskreport.txt /hide /c
    CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open OTL.Txt
  • Post OTL.txt

  • 0

#10
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP