Jump to content

Free help from tech experts
Welcome to Geeks to Go forums. Create a FREE account now to gain access to all our features. Once registered and logged in, you will be able to create topics, post replies to existing topics, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. Best of all, registration and all assistance is 100% free! This message, and all ads will be removed once you sign in.
Create an Account Login to Account

gboxapp how do i remove? [Closed]


  • This topic is locked This topic is locked

#1
kojuro

kojuro

    New Member

  • Member
  • Pip
  • 1 posts
my otl

OTL logfile created on: 18/07/2012 13:19:18 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\pidgers\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.61 Gb Total Physical Memory | 1.83 Gb Available Physical Memory | 50.77% Memory free
7.21 Gb Paging File | 5.19 Gb Available in Paging File | 71.97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 290.19 Gb Total Space | 129.69 Gb Free Space | 44.69% Space Free | Partition Type: NTFS

Computer Name: PIDGERS-PC | User Name: pidgers | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/18 13:17:39 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\pidgers\Desktop\OTL.exe
PRC - [2012/07/17 22:20:26 | 000,874,384 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2012/07/16 00:48:58 | 001,677,856 | ---- | M] (bProtector) -- C:\ProgramData\bProtectorForWindows\2.2.463.83\bProtect.exe
PRC - [2012/07/05 22:17:10 | 000,108,384 | ---- | M] (Glarysoft Ltd) -- C:\Program Files (x86)\Glary Utilities\memdefrag.exe
PRC - [2012/07/04 13:37:21 | 000,935,008 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
PRC - [2012/07/04 13:36:48 | 001,107,552 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012/06/19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/06/10 15:17:05 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2012/05/08 15:13:28 | 000,185,856 | ---- | M] () -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
PRC - [2012/04/26 13:33:16 | 002,743,104 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2012/01/03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/10/11 12:49:14 | 001,179,648 | ---- | M] (W3i, LLC) -- C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe
PRC - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/08/30 11:38:04 | 001,754,624 | ---- | M] () -- C:\Program Files (x86)\OEM\DSG OSD 1.02\SunflowerOSD.exe
PRC - [2011/04/28 13:01:20 | 000,439,616 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
PRC - [2011/04/28 12:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
PRC - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe


========== Modules (No Company Name) ==========

MOD - [2012/07/17 22:20:54 | 000,064,000 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2012/07/17 22:20:54 | 000,046,592 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2012/07/17 22:20:53 | 000,276,480 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2012/07/17 22:20:53 | 000,078,336 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2012/07/17 22:20:53 | 000,045,568 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gsttypefindfunctions.dll
MOD - [2012/07/17 22:20:52 | 000,316,928 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2012/07/17 22:20:52 | 000,168,448 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2012/07/17 22:20:52 | 000,076,800 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2012/07/17 22:20:51 | 000,099,840 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll
MOD - [2012/07/17 22:20:51 | 000,098,816 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2012/07/17 22:20:51 | 000,068,608 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2012/07/17 22:20:50 | 000,783,360 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll
MOD - [2012/07/17 22:20:50 | 000,098,816 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2012/07/16 00:48:56 | 002,008,096 | ---- | M] () -- c:\ProgramData\bProtectorForWindows\2.2.463.83\protector.dll
MOD - [2012/07/04 13:37:55 | 000,132,704 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\SiteSafety.dll
MOD - [2012/07/04 13:36:48 | 001,107,552 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2011/08/30 11:38:04 | 001,754,624 | ---- | M] () -- C:\Program Files (x86)\OEM\DSG OSD 1.02\SunflowerOSD.exe
MOD - [2010/03/16 17:14:46 | 000,413,184 | ---- | M] () -- C:\Program Files (x86)\OEM\DSG OSD 1.02\Media_DSG.dll
MOD - [2009/11/17 17:21:06 | 000,092,160 | ---- | M] () -- C:\Program Files (x86)\OEM\DSG OSD 1.02\SoilIO.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/06/11 13:12:16 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012/05/08 15:13:28 | 000,185,856 | ---- | M] () [Auto | Running] -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)
SRV:64bit: - [2012/04/06 03:16:02 | 000,236,544 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/07/17 22:22:26 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/16 00:48:58 | 001,677,856 | ---- | M] (bProtector) [Auto | Running] -- C:\ProgramData\bProtectorForWindows\2.2.463.83\bProtect.exe -- (bProtector)
SRV - [2012/07/04 13:37:21 | 000,935,008 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe -- (vToolbarUpdater11.2.0)
SRV - [2012/06/30 17:10:08 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/06/19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/06/07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/01/03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/06/29 15:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)
SRV - [2011/04/28 12:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/06/11 13:34:31 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/04/06 06:22:40 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/04/06 02:10:44 | 000,343,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/23 13:32:04 | 000,095,760 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/01/05 13:10:11 | 000,161,032 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PSINAflt.sys -- (PSINAflt)
DRV:64bit: - [2011/11/30 18:37:29 | 000,128,264 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PSINProt.sys -- (PSINProt)
DRV:64bit: - [2011/11/23 09:59:45 | 000,149,768 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\PSINKNC.sys -- (PSINKNC)
DRV:64bit: - [2011/10/27 02:25:42 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/10/27 02:25:42 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2011/10/27 02:25:42 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV:64bit: - [2011/10/27 02:25:42 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2011/10/27 02:25:42 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/08/02 12:34:32 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/08/02 12:34:32 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/04/28 12:57:43 | 000,121,928 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PSINProc.sys -- (PSINProc)
DRV:64bit: - [2011/04/28 12:57:42 | 000,114,760 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PSINFile.sys -- (PSINFile)
DRV:64bit: - [2011/04/16 10:37:50 | 000,079,488 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011/04/16 10:37:50 | 000,040,064 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011/01/05 09:08:58 | 001,109,096 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192Ce.sys -- (RTL8192Ce)
DRV:64bit: - [2010/11/30 00:50:38 | 000,044,672 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/11/30 00:20:38 | 000,173,656 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2010/11/21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 04:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/11 02:07:20 | 000,131,600 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\JME.sys -- (JME) JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits)
DRV:64bit: - [2010/11/08 22:52:14 | 000,068,608 | ---- | M] (Sentelic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fspad_xp64.sys -- (fspad_xp64)
DRV:64bit: - [2010/11/08 22:52:14 | 000,068,608 | ---- | M] (Sentelic Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fspad_wlh64.sys -- (fspad_wlh64)
DRV:64bit: - [2010/02/18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/12/11 17:28:52 | 000,017,912 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SoilIO.sys -- (SoilIO)
DRV:64bit: - [2009/12/03 10:04:16 | 000,013,304 | ---- | M] (Systems Internals) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SoilMC.sys -- (SoilMC)
DRV:64bit: - [2009/12/03 10:03:50 | 000,013,816 | ---- | M] (Systems Internals) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Soilkbc.sys -- (soilkbc)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/12/26 13:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM)
DRV - [2010/11/01 06:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {32b29df0-2237-4370-9a29-37cebb730e9b} - C:\Program Files (x86)\FreeSoundRecorder\prxtbFree.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - C:\Program Files (x86)\GadgetBox\gadgetBoxTB.dll (GadgetBox)
IE - HKLM\..\URLSearchHook: {cdf97ee2-ded0-4369-835e-99dd08225fa5} - C:\Program Files (x86)\appbario2\prxtbappb.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {AA74FE59-BC4C-4172-9AC4-73315F71CFFE}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}: "URL" = http://search.imgag....q={searchTerms}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{AA74FE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxap...q={searchTerms}
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxap...q={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.google.com/
IE - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002\..\URLSearchHook: {32b29df0-2237-4370-9a29-37cebb730e9b} - C:\Program Files (x86)\FreeSoundRecorder\prxtbFree.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002\..\URLSearchHook: {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - C:\Program Files (x86)\GadgetBox\gadgetBoxTB.dll (GadgetBox)
IE - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002\..\URLSearchHook: {cdf97ee2-ded0-4369-835e-99dd08225fa5} - C:\Program Files (x86)\appbario2\prxtbappb.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002\..\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}: "URL" = http://search.imgag....q={searchTerms}
IE - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...000d0df9aab683a
IE - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002\..\SearchScopes\{1256FE2D-5D75-400B-8D55-2EE1D79A420C}: "URL" = http://websearch.ask...E5-F16739244BFD
IE - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002\..\SearchScopes\{2F1EE3F8-3C71-4AB5-BD7E-E9D0022D04CF}: "URL" = http://searchya.com/...q={searchTerms}
IE - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2012-07-04 13:37:59&v=11.1.0.12&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002\..\SearchScopes\{A28C96A7-D672-4FAF-A54B-DA6BF7D4399A}: "URL" = http://search.condui...&ctid=CT3227975
IE - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002\..\SearchScopes\{AA74FE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxap...q={searchTerms}
IE - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxap...q={searchTerms}
IE - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incre...6R8vC88oWD&i=26
IE - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002\..\SearchScopes\{DD83EE08-6F33-4A9F-A73D-CB342F1C1DBE}: "URL" = http://start.funmood...q={searchTerms}
IE - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: calendar-timezones@mozilla.org:0.1.2008d
FF - prefs.js..extensions.enabledItems: default-palette@celtx.com:1.0
FF - prefs.js..extensions.enabledItems: inspector@mozilla.org:2.0.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\pidgers\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\pidgers\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2012/06/10 23:07:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/06/01 22:00:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/06/10 15:18:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012/06/10 23:07:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.12\ [2012/07/04 13:38:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\bProtectorForWindows\2.2.463.83\FirefoxExtension [2012/07/16 00:49:14 | 000,000,000 | ---D | M]

[2012/06/16 01:32:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pidgers\AppData\Roaming\Mozilla\Extensions
[2012/06/16 01:32:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pidgers\AppData\Roaming\Mozilla\Extensions\celtx@celtx.com
[2012/02/22 09:48:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pidgers\AppData\Roaming\Mozilla\Extensions\prism@developer.mozilla.org
[2012/07/18 12:24:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/06/25 01:40:13 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/06/16 01:30:21 | 000,000,000 | ---D | M] (Timezone Definitions for Mozilla Calendar) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\CALENDAR-TIMEZONES@MOZILLA.ORG
[2012/06/16 01:30:20 | 000,000,000 | ---D | M] (Default Shot Palette) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\DEFAULT-PALETTE@CELTX.COM
[2012/06/16 01:30:20 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\INSPECTOR@MOZILLA.ORG
[2012/06/10 15:17:36 | 000,129,144 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll
[2012/07/04 13:36:38 | 000,003,750 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/06/03 19:43:13 | 000,002,356 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml

========== Chrome ==========

CHR - homepage: http://www.facebook.com/
CHR - Extension: No name found = C:\Users\pidgers\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\pidgers\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_1\
CHR - Extension: No name found = C:\Users\pidgers\AppData\Local\Google\Chrome\User Data\Default\Extensions\clfbcddjldkgkngnfeofgoboankjdfje\1.0\
CHR - Extension: No name found = C:\Users\pidgers\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\pidgers\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifphbghhodpimajnjejgjlfcjmnnkhci\2.1_0\
CHR - Extension: No name found = C:\Users\pidgers\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: No name found = C:\Users\pidgers\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.14.36_0\
CHR - Extension: No name found = C:\Users\pidgers\AppData\Local\Google\Chrome\User Data\Default\Extensions\keembkgclppcbilkekfgpobhldjjhpmn\1.5.7_0\
CHR - Extension: No name found = C:\Users\pidgers\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd\0.0.12_0\
CHR - Extension: No name found = C:\Users\pidgers\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10297_0\
CHR - Extension: No name found = C:\Users\pidgers\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkmpahmficpegmdcmpgdbckohfpegcim\1_0\
CHR - Extension: No name found = C:\Users\pidgers\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: No name found = C:\Users\pidgers\AppData\Local\Google\Chrome\User Data\Default\Extensions\okmedjidogeeadcippfjfhplchokdhhc\1.0.0.0_0\
CHR - Extension: No name found = C:\Users\pidgers\AppData\Local\Google\Chrome\User Data\Default\Extensions\opeeoaeaoifnbgnigifffgcmfcfimijl\1.7.6_0\
CHR - Extension: No name found = C:\Users\pidgers\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension64.dll ()
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (FreeSoundRecorder Toolbar) - {32b29df0-2237-4370-9a29-37cebb730e9b} - C:\Program Files (x86)\FreeSoundRecorder\prxtbFree.dll (Conduit Ltd.)
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (MyTools Class) - {C3A44133-7EAD-434C-AC9E-7F1DA176BA8C} - C:\Program Files (x86)\MyTools\mytools.dll (MyTools)
O2 - BHO: (appbario2 Toolbar) - {cdf97ee2-ded0-4369-835e-99dd08225fa5} - C:\Program Files (x86)\appbario2\prxtbappb.dll (Conduit Ltd.)
O2 - BHO: (wxDfast Class) - {DB8DEABF-52F3-0BAE-1435-CAC9D5D124D7} - C:\ProgramData\wxDfast\bhoclass.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)
O3:64bit: - HKLM\..\Toolbar: (no name) - !{32b29df0-2237-4370-9a29-37cebb730e9b} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - !{F9639E4A-801B-4843-AEE3-03D9DA199E77} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{32b29df0-2237-4370-9a29-37cebb730e9b} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{F9639E4A-801B-4843-AEE3-03D9DA199E77} - No CLSID value found.
O3 - HKLM\..\Toolbar: (GagetBox) - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - C:\Program Files (x86)\GadgetBox\gadgetBoxTB.dll (GadgetBox)
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002\..\Toolbar\WebBrowser: (appbario2 Toolbar) - {CDF97EE2-DED0-4369-835E-99DD08225FA5} - C:\Program Files (x86)\appbario2\prxtbappb.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [fspuip] C:\Program Files\FSP\FspUip.exe (Sentelic Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [PSUNMain] C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002..\Run: [DAEMON Tools Pro Agent] C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002..\Run: [Facebook Update] C:\Users\pidgers\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002..\Run: [Glary Memory Optimizer] C:\Program Files (x86)\Glary Utilities\memdefrag.exe (Glarysoft Ltd)
O4 - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002..\Run: [InstallIQUpdater] C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe (W3i, LLC)
O4 - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002..\Run: [Recovery Backup Wizard] C:\Program Files (x86)\TTG\Reminder\Reminder.exe (DSG Retail Ltd)
O4 - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002..\Run: [Reminder] C:\Program Files (x86)\TTG\Reminder\Reminder.exe (DSG Retail Ltd)
O4 - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002..\Run: [Sony Ericsson PC Companion] C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson)
O4 - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to AMV/AVI Video Converter... - C:\Program Files (x86)\Media Player Utilities 4.36\AMVConverter\grab.html ()
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to AMV/AVI Video Converter... - C:\Program Files (x86)\Media Player Utilities 4.36\AMVConverter\grab.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2F6B0276-B237-4EC3-84C2-DF670F16D565}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E5BEB3AA-A3F6-48D9-85DF-93100C2F77C7}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll ()
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20 - AppInit_DLLs: (c:\progra~3\bprote~1\22463~1.83\protec~1.dll) - c:\ProgramData\bProtectorForWindows\2.2.463.83\protector.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{b844e72b-20c9-11e1-b057-80ee7324fb7e}\Shell - "" = AutoRun
O33 - MountPoints2\{b844e72b-20c9-11e1-b057-80ee7324fb7e}\Shell\AutoRun\command - "" = F:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)



SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/07/18 13:21:19 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\pidgers\Desktop\aswMBR.exe
[2012/07/18 13:17:31 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\pidgers\Desktop\OTL.exe
[2012/07/18 12:26:26 | 000,000,000 | ---D | C] -- C:\Users\pidgers\Desktop\searchplugins
[2012/07/18 01:15:24 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/07/18 00:54:53 | 000,000,000 | ---D | C] -- C:\Users\pidgers\AppData\Roaming\DriverCure
[2012/07/18 00:54:52 | 000,000,000 | ---D | C] -- C:\Users\pidgers\AppData\Roaming\SpeedyPC Software
[2012/07/18 00:53:19 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedyPC Software
[2012/07/18 00:25:08 | 000,000,000 | ---D | C] -- C:\Users\pidgers\AppData\Local\Macromedia
[2012/07/17 23:38:47 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions
[2012/07/17 19:11:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari
[2012/07/17 19:11:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atari
[2012/07/17 17:51:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lionhead Studios Ltd
[2012/07/17 17:51:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lionhead Studios Ltd
[2012/07/17 17:46:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bethesda Softworks
[2012/07/17 01:37:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\wxDownload Fast
[2012/07/17 01:36:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\wxDownload Fast
[2012/07/17 01:36:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Premium
[2012/07/17 01:36:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SProtector
[2012/07/17 01:36:01 | 000,000,000 | ---D | C] -- C:\ProgramData\GboxUpdater
[2012/07/17 01:35:39 | 000,000,000 | ---D | C] -- C:\ProgramData\GadgetBox
[2012/07/17 01:35:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GadgetBox
[2012/07/17 01:35:04 | 000,000,000 | ---D | C] -- C:\ProgramData\OptimizerPro
[2012/07/17 01:33:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\wxDfast
[2012/07/17 01:33:25 | 000,000,000 | ---D | C] -- C:\ProgramData\wxDfast
[2012/07/17 01:33:19 | 000,000,000 | ---D | C] -- C:\ProgramData\WxDFastUpdater
[2012/07/16 16:49:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lace Mamba Global
[2012/07/16 16:40:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lace Mamba Global
[2012/07/16 00:55:25 | 000,000,000 | ---D | C] -- C:\ProgramData\IBUpdaterService
[2012/07/16 00:53:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\appbario2
[2012/07/16 00:50:28 | 000,000,000 | ---D | C] -- C:\Users\pidgers\AppData\Local\{41C0685E-0B10-4FA5-B920-51245242B9BC}
[2012/07/16 00:50:21 | 000,000,000 | ---D | C] -- C:\Users\pidgers\AppData\Roaming\PerformerSoft
[2012/07/16 00:50:11 | 000,019,000 | ---- | C] (PerformerSoft LLC) -- C:\Windows\SysNative\roboot64.exe
[2012/07/16 00:50:09 | 000,000,000 | ---D | C] -- C:\Users\pidgers\AppData\Local\{91FD812D-F657-4E80-A2F3-05A40EFF4EA4}
[2012/07/16 00:49:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins
[2012/07/16 00:48:53 | 000,000,000 | ---D | C] -- C:\ProgramData\bProtectorForWindows
[2012/07/14 23:59:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Codemasters
[2012/07/14 23:58:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Codemasters
[2012/07/14 22:39:53 | 000,000,000 | ---D | C] -- C:\Users\pidgers\AppData\Roaming\Imperium Romanum
[2012/07/14 22:24:23 | 000,000,000 | ---D | C] -- C:\ProgramData\BVRP Software
[2012/07/14 21:50:33 | 000,000,000 | ---D | C] -- C:\Users\pidgers\AppData\Roaming\Leadertech
[2012/07/14 21:50:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NovaLogic
[2012/07/14 21:46:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NovaLogic
[2012/07/12 15:34:48 | 000,000,000 | ---D | C] -- C:\Users\pidgers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Media Player Utilities 4.36
[2012/07/12 15:33:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Media Player Utilities 4.36
[2012/07/10 16:13:21 | 000,000,000 | ---D | C] -- C:\Ramtron
[2012/07/05 15:44:09 | 000,000,000 | ---D | C] -- C:\Users\pidgers\Demoreel
[2012/07/04 13:38:44 | 000,000,000 | ---D | C] -- C:\Users\pidgers\AppData\Local\AVG Secure Search
[2012/07/04 13:37:55 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2012/07/04 13:36:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2012/07/04 13:36:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
[2012/07/01 18:08:01 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012/07/01 18:07:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012/07/01 18:07:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012/06/30 23:45:36 | 000,000,000 | ---D | C] -- C:\Users\pidgers\AppData\Roaming\vlc
[2012/06/30 23:39:34 | 000,000,000 | ---D | C] -- C:\Users\pidgers\AppData\Local\Graboid_Inc
[2012/06/30 23:39:33 | 000,000,000 | ---D | C] -- C:\Users\pidgers\AppData\Local\Graboid Inc
[2012/06/30 23:39:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Graboid Inc
[2012/06/30 23:39:30 | 000,000,000 | ---D | C] -- C:\Users\pidgers\AppData\Local\Graboid
[2012/06/30 23:37:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Graboid Video
[2012/06/30 23:35:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/06/30 23:33:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2012/06/27 16:22:54 | 000,000,000 | ---D | C] -- C:\Users\pidgers\AppData\Local\{F18B0DAE-E02F-40BF-B38E-B3707F62E51F}
[2012/06/27 16:22:40 | 000,000,000 | ---D | C] -- C:\Users\pidgers\AppData\Local\{7BB54EFF-7BAB-4D93-A564-52248B7C2778}
[2012/06/27 00:52:53 | 000,000,000 | ---D | C] -- C:\Users\pidgers\AppData\Local\{D18D9E0F-FBB9-4C70-BA66-6BD2131D68B0}
[2012/06/27 00:52:39 | 000,000,000 | ---D | C] -- C:\Users\pidgers\AppData\Local\{1429FE6F-58B0-4010-A7F0-541CF168CB52}
[2012/06/25 13:21:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firaxis Games
[2012/06/25 13:17:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Firaxis Games
[2012/06/25 02:03:24 | 000,000,000 | ---D | C] -- C:\Users\pidgers\AppData\Local\{AA601444-40C7-4DEF-9031-9DFE4525FE53}
[2012/06/25 02:03:12 | 000,000,000 | ---D | C] -- C:\Users\pidgers\AppData\Local\{C522A9C0-2C18-4A21-85F7-147F6929BED3}
[2012/06/25 02:02:09 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012/06/25 01:50:52 | 000,000,000 | ---D | C] -- C:\Users\pidgers\AppData\Local\{B9CD7CE8-EF34-45B4-8688-779B32B1E68F}
[2012/06/25 01:50:38 | 000,000,000 | ---D | C] -- C:\Users\pidgers\AppData\Local\{6AB535F4-3997-4350-9936-DC42CEC0BDB6}
[2012/06/25 01:49:53 | 000,000,000 | ---D | C] -- C:\Users\pidgers\AppData\Local\{2AF2564A-03DF-4706-8D2A-64592DC3C807}
[2012/06/25 01:49:42 | 000,000,000 | ---D | C] -- C:\Users\pidgers\AppData\Local\{DCBA6E82-227E-4B6C-8E9B-B1D28D6A121F}
[2012/06/24 17:42:03 | 000,000,000 | ---D | C] -- C:\Users\pidgers\AppData\Roaming\WinRAR
[2012/06/24 17:42:03 | 000,000,000 | ---D | C] -- C:\Users\pidgers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/06/24 17:42:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/06/24 17:41:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2012/06/22 21:13:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Paradox Interactive
[2012/06/22 21:13:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paradox Interactive
[2012/06/21 21:30:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012/06/19 23:27:49 | 000,000,000 | ---D | C] -- C:\Users\pidgers\AppData\Local\{B7AE6C8B-C94B-41F1-A301-DD34BA634AB0}
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/07/18 13:21:44 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\pidgers\Desktop\aswMBR.exe
[2012/07/18 13:17:39 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\pidgers\Desktop\OTL.exe
[2012/07/18 12:42:16 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/18 10:49:10 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1489514248-2083962074-1912098728-1002UA.job
[2012/07/18 10:28:04 | 000,000,354 | -H-- | M] () -- C:\Windows\tasks\OptimizerProUpdaterRefreshTask.job
[2012/07/18 10:28:04 | 000,000,350 | -H-- | M] () -- C:\Windows\tasks\GboxUpdaterRefreshTask.job
[2012/07/18 10:28:03 | 000,000,362 | -H-- | M] () -- C:\Windows\tasks\WxDFastUpdaterRefreshTask.job
[2012/07/18 10:27:57 | 000,000,382 | -H-- | M] () -- C:\Windows\tasks\WxDFastUpdaterLogonTask.job
[2012/07/18 10:27:57 | 000,000,374 | -H-- | M] () -- C:\Windows\tasks\OptimizerProUpdaterLogonTask.job
[2012/07/18 10:27:57 | 000,000,370 | -H-- | M] () -- C:\Windows\tasks\GboxUpdaterLogonTask.job
[2012/07/18 10:27:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/18 01:11:15 | 000,000,414 | ---- | M] () -- C:\Windows\tasks\Final Media Player Update Checker.job
[2012/07/18 00:35:40 | 000,007,603 | ---- | M] () -- C:\Users\pidgers\AppData\Local\Resmon.ResmonCfg
[2012/07/17 23:48:51 | 000,027,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/17 23:48:51 | 000,027,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/17 23:39:15 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012/07/17 23:38:22 | 2904,772,608 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/17 22:49:12 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1489514248-2083962074-1912098728-1002Core.job
[2012/07/17 22:30:33 | 000,001,077 | ---- | M] () -- C:\Users\pidgers\Desktop\Glary Utilities.lnk
[2012/07/17 19:21:28 | 000,043,520 | ---- | M] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2012/07/17 19:20:38 | 000,002,176 | ---- | M] () -- C:\Users\Public\Desktop\Act of War - Direct Action.lnk
[2012/07/16 16:50:02 | 000,002,346 | ---- | M] () -- C:\Users\pidgers\Desktop\Men of War. Assault Squad.lnk
[2012/07/16 00:55:06 | 000,000,009 | ---- | M] () -- C:\END
[2012/07/15 12:48:14 | 000,667,446 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/15 12:48:14 | 000,126,792 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/15 12:48:13 | 000,783,336 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/14 23:59:48 | 000,002,062 | ---- | M] () -- C:\Users\Public\Desktop\Soldiers - Heroes of World War II.lnk
[2012/07/14 22:34:17 | 000,001,236 | ---- | M] () -- C:\Users\pidgers\Desktop\Imperium Romanum.lnk
[2012/07/14 20:41:39 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2012/07/12 23:48:44 | 000,727,668 | ---- | M] () -- C:\Users\pidgers\Desktop\Untitled.png
[2012/07/12 16:19:32 | 001,452,646 | ---- | M] () -- C:\Users\pidgers\Desktop\Shes A Pony Remix.mp3
[2012/07/11 21:53:12 | 000,720,215 | ---- | M] () -- C:\Users\pidgers\Desktop\DSC_0013.JPG
[2012/07/10 16:08:27 | 000,928,620 | ---- | M] () -- C:\Ramtron.zip
[2012/07/08 23:45:33 | 005,838,394 | ---- | M] () -- C:\Users\pidgers\Desktop\Saltlakrits - At the Winter Gala (Mashup).mp3
[2012/07/05 15:45:55 | 000,000,999 | ---- | M] () -- C:\Users\pidgers\Desktop\Demoreel - Shortcut.lnk
[2012/07/03 10:31:13 | 000,274,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/06/30 23:38:00 | 000,001,292 | ---- | M] () -- C:\Users\pidgers\Desktop\Graboid Video.lnk
[2012/06/19 23:36:21 | 000,000,042 | ---- | M] () -- C:\list.m3l
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/07/18 00:35:40 | 000,007,603 | ---- | C] () -- C:\Users\pidgers\AppData\Local\Resmon.ResmonCfg
[2012/07/17 22:30:33 | 000,001,077 | ---- | C] () -- C:\Users\pidgers\Desktop\Glary Utilities.lnk
[2012/07/17 19:20:38 | 000,002,176 | ---- | C] () -- C:\Users\Public\Desktop\Act of War - Direct Action.lnk
[2012/07/17 01:36:08 | 000,000,350 | -H-- | C] () -- C:\Windows\tasks\GboxUpdaterRefreshTask.job
[2012/07/17 01:36:06 | 000,000,370 | -H-- | C] () -- C:\Windows\tasks\GboxUpdaterLogonTask.job
[2012/07/17 01:35:36 | 000,000,354 | -H-- | C] () -- C:\Windows\tasks\OptimizerProUpdaterRefreshTask.job
[2012/07/17 01:35:31 | 000,000,374 | -H-- | C] () -- C:\Windows\tasks\OptimizerProUpdaterLogonTask.job
[2012/07/17 01:33:27 | 000,000,362 | -H-- | C] () -- C:\Windows\tasks\WxDFastUpdaterRefreshTask.job
[2012/07/17 01:33:25 | 000,000,382 | -H-- | C] () -- C:\Windows\tasks\WxDFastUpdaterLogonTask.job
[2012/07/16 16:50:01 | 000,002,346 | ---- | C] () -- C:\Users\pidgers\Desktop\Men of War. Assault Squad.lnk
[2012/07/16 00:55:05 | 000,000,009 | ---- | C] () -- C:\END
[2012/07/15 02:48:44 | 077,464,012 | ---- | C] () -- C:\Users\pidgers\Desktop\quicksand.wmv
[2012/07/14 23:59:48 | 000,002,062 | ---- | C] () -- C:\Users\Public\Desktop\Soldiers - Heroes of World War II.lnk
[2012/07/14 22:34:17 | 000,001,236 | ---- | C] () -- C:\Users\pidgers\Desktop\Imperium Romanum.lnk
[2012/07/14 20:41:39 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/07/14 20:12:35 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2012/07/12 23:48:43 | 000,727,668 | ---- | C] () -- C:\Users\pidgers\Desktop\Untitled.png
[2012/07/12 16:17:38 | 001,452,646 | ---- | C] () -- C:\Users\pidgers\Desktop\Shes A Pony Remix.mp3
[2012/07/11 21:54:44 | 000,720,215 | ---- | C] () -- C:\Users\pidgers\Desktop\DSC_0013.JPG
[2012/07/10 16:08:20 | 000,928,620 | ---- | C] () -- C:\Ramtron.zip
[2012/07/08 23:45:21 | 005,838,394 | ---- | C] () -- C:\Users\pidgers\Desktop\Saltlakrits - At the Winter Gala (Mashup).mp3
[2012/07/05 15:45:55 | 000,000,999 | ---- | C] () -- C:\Users\pidgers\Desktop\Demoreel - Shortcut.lnk
[2012/06/30 23:38:00 | 000,001,292 | ---- | C] () -- C:\Users\pidgers\Desktop\Graboid Video.lnk
[2012/06/19 23:32:35 | 000,000,042 | ---- | C] () -- C:\list.m3l
[2012/05/24 14:48:13 | 000,002,715 | ---- | C] () -- C:\Users\pidgers\.recently-used.xbel
[2012/05/21 00:21:33 | 000,002,625 | ---- | C] () -- C:\Users\pidgers\AppData\Local\recently-used.xbel
[2012/03/19 00:26:14 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012/03/19 00:26:14 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012/03/09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/02/24 20:34:07 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012/02/15 03:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/02/15 03:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011/10/31 12:22:40 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011/10/31 12:22:40 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011/10/31 12:22:40 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011/10/31 12:22:38 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011/09/28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/09/07 10:45:37 | 000,789,182 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/05/06 15:53:12 | 001,074,688 | ---- | C] () -- C:\Windows\TGConfig_VS08.exe

========== LOP Check ==========

[2012/05/21 13:42:04 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\.minecraft
[2012/05/22 02:25:57 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\Avnex
[2012/07/18 00:27:58 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\Azureus
[2012/01/26 22:49:36 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\Babylon
[2012/01/08 22:09:23 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\com.prakaz.project.photogettr.FBAB9E68ED32BC183252F597C39DBF71CF315A79.1
[2012/06/11 14:15:55 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\DAEMON Tools Pro
[2012/07/18 00:54:53 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\DriverCure
[2012/01/27 10:12:19 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\FinalMediaPlayer
[2012/03/22 00:50:50 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\Firefly Studios
[2012/01/23 00:34:54 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\fltk.org
[2012/04/11 10:49:34 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\Free Sound Recorder
[2012/07/13 15:06:08 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\GetRightToGo
[2012/07/17 22:29:50 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\GlarySoft
[2012/06/16 01:32:05 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\Greyfirst
[2012/05/24 14:48:13 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\gtk-2.0
[2012/07/14 22:39:53 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\Imperium Romanum
[2011/12/20 19:19:15 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\IMVU
[2011/11/21 21:41:11 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\IMVUClient
[2012/07/14 21:50:33 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\Leadertech
[2012/01/27 00:49:46 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\Maxotek
[2012/01/24 01:48:57 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\Mount&Blade With Fire and Sword
[2012/04/04 21:46:03 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\Opera
[2012/06/12 12:05:11 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\Panda Security
[2012/07/17 01:51:24 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\PerformerSoft
[2012/02/22 09:47:57 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\Prism
[2012/02/09 07:32:30 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\Raptr
[2011/11/16 19:43:51 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\Samsung
[2012/07/14 20:39:22 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\SoftGrid Client
[2012/07/18 00:54:52 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\SpeedyPC Software
[2012/01/26 23:38:56 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\SumatraPDF
[2012/01/17 19:35:54 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\The Creative Assembly
[2011/11/24 11:45:34 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\TP
[2012/04/12 22:14:03 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\TS3Client
[2012/04/12 22:15:22 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\ts3overlay
[2011/12/24 15:12:52 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\Unity
[2012/04/24 14:40:23 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\VSO
[2012/02/06 22:20:34 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\wargaming.net
[2012/01/27 00:42:00 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\Webshots
[2012/01/26 23:21:03 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\WebshotsDailyFeatures.D47BD63EE77CC0AC7AE23BFA386A3F1EDA7C080D.1
[2012/06/03 19:35:06 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\YourFileDownloader
[2012/07/17 22:49:12 | 000,000,912 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1489514248-2083962074-1912098728-1002Core.job
[2012/07/18 10:49:10 | 000,000,934 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1489514248-2083962074-1912098728-1002UA.job
[2012/07/18 01:11:15 | 000,000,414 | ---- | M] () -- C:\Windows\Tasks\Final Media Player Update Checker.job
[2012/07/18 10:27:57 | 000,000,370 | -H-- | M] () -- C:\Windows\Tasks\GboxUpdaterLogonTask.job
[2012/07/18 10:28:04 | 000,000,350 | -H-- | M] () -- C:\Windows\Tasks\GboxUpdaterRefreshTask.job
[2012/07/17 23:39:15 | 000,000,328 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
[2012/07/18 10:27:57 | 000,000,374 | -H-- | M] () -- C:\Windows\Tasks\OptimizerProUpdaterLogonTask.job
[2012/07/18 10:28:04 | 000,000,354 | -H-- | M] () -- C:\Windows\Tasks\OptimizerProUpdaterRefreshTask.job
[2012/06/15 19:03:18 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/07/18 10:27:57 | 000,000,382 | -H-- | M] () -- C:\Windows\Tasks\WxDFastUpdaterLogonTask.job
[2012/07/18 10:28:03 | 000,000,362 | -H-- | M] () -- C:\Windows\Tasks\WxDFastUpdaterRefreshTask.job

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/08/02 12:28:38 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/08/02 12:28:38 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/08/02 12:28:38 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/08/02 12:28:38 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/08/02 12:28:38 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/08/02 12:28:38 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s >
"DisplayName" = @%SystemRoot%\system32\drivers\netbt.sys,-2
"Group" = PNP_TDI
"ImagePath" = System32\DRIVERS\netbt.sys
"Description" = @%SystemRoot%\system32\drivers\netbt.sys,-1
"ErrorControl" = 1
"Start" = 1
"Type" = 1
"DependOnService" = Tdxtcpip [binary data]
"Tag" = 87
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Linkage]
"OtherDependencies" = Tcpip [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters]
"BcastNameQueryCount" = 3
"BcastQueryTimeout" = 750
"CacheTimeout" = 600000
"EnableLMHOSTS" = 1
"NameServerPort" = 137
"NameSrvQueryCount" = 3
"NameSrvQueryTimeout" = 1500
"NbProvider" = _tcp
"SessionKeepAlive" = 3600000
"Size/Small/Medium/Large" = 1
"TransportBindName" = \Device\
"UseNewSmb" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{2F6B0276-B237-4EC3-84C2-DF670F16D565}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{662AAD7E-6B1F-4630-8F11-34682816DBBA}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{DD2B364B-F170-4553-A984-CF4902AF9357}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{E5BEB3AA-A3F6-48D9-85DF-93100C2F77C7}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Security]
"Security" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Enum]
"0" = Root\LEGACY_NETBT\0000
"Count" = 1
"NextInstance" = 1

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s >
"Type" = 2
"Start" = 1
"ErrorControl" = 1
"Tag" = 2
"ImagePath" = system32\DRIVERS\netbios.sys
"DisplayName" = NetBIOS Interface
"Group" = NetBIOSGroup
"Description" = NetBIOS Interface
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage]
"LanaMap" = 01 0A 01 05 01 03 01 00 01 09 01 06 01 02 01 0B 01 08 01 07 01 04 01 01 [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters]
"MaxLana" = 11
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Enum]
"0" = Root\LEGACY_NETBIOS\0000
"Count" = 1
"NextInstance" = 1

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: firefox.exe
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: firefox.exe
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/04/14 11:30:42 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/04/14 11:30:42 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/04/14 11:30:42 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2012/05/18 00:21:54 | 000,748,664 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: iexplore.exe
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Opera\Opera.exe" /ShowIconsCommand [2012/07/17 22:20:26 | 000,874,384 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Opera\Opera.exe" /HideIconsCommand [2012/07/17 22:20:26 | 000,874,384 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Opera\Opera.exe" /ReInstallBrowser [2012/07/17 22:20:26 | 000,874,384 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\shell\open\command\\: "C:\Program Files (x86)\Opera\Opera.exe" [2012/07/17 22:20:26 | 000,874,384 | ---- | M] (Opera Software)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: FIREFOX.EXE
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: FIREFOX.EXE
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011/04/14 11:30:40 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011/04/14 11:30:40 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011/04/14 11:30:40 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2012/05/18 00:21:54 | 000,748,664 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: IEXPLORE.EXE
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\OPERA\OPERA.EXE" /SHOWICONSCOMMAND [2012/07/17 22:20:26 | 000,874,384 | ---- | M] (Opera Software)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\OPERA\OPERA.EXE" /HIDEICONSCOMMAND [2012/07/17 22:20:26 | 000,874,384 | ---- | M] (Opera Software)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\OPERA\OPERA.EXE" /REINSTALLBROWSER [2012/07/17 22:20:26 | 000,874,384 | ---- | M] (Opera Software)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\shell\open\command\\: "C:\PROGRAM FILES (X86)\OPERA\OPERA.EXE" [2012/07/17 22:20:26 | 000,874,384 | ---- | M] (Opera Software)

< C:\Windows\assembly\tmp\U\*.* /s >

< C:\Program Files\Common Files\ComObjects\*.* /s >

< C:\windows\*. /RP /s >

< %Temp%\smtmp\1\*.* >

< %Temp%\smtmp\2\*.* >

< %Temp%\smtmp\3\*.* >

< %Temp%\smtmp\4\*.* >

< type c:\diskreport.txt /c >
Microsoft DiskPart version 6.1.7601
Copyright © 1999-2008 Microsoft Corporation.
On computer: PIDGERS-PC
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
Volume 0 D DVD-ROM 0 B No Media
Volume 1 E DVD-ROM 0 B No Media
Volume 2 F DVD-ROM 0 B No Media
Volume 3 System NTFS Partition 8089 MB Healthy System
Volume 4 C Windows NTFS Partition 290 GB Healthy Boot

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\History] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\windows\System32\config\systemprofile\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Roaming -> Junction
[C:\windows\System32\config\systemprofile\Cookies] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies -> Junction
[C:\windows\System32\config\systemprofile\Documents\My Music] -> C:\Windows\system32\config\systemprofile\Music -> Junction
[C:\windows\System32\config\systemprofile\Documents\My Pictures] -> C:\Windows\system32\config\systemprofile\Pictures -> Junction
[C:\windows\System32\config\systemprofile\Documents\My Videos] -> C:\Windows\system32\config\systemprofile\Videos -> Junction
[C:\windows\System32\config\systemprofile\Local Settings] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\windows\System32\config\systemprofile\My Documents] -> C:\Windows\system32\config\systemprofile\Documents -> Junction
[C:\windows\System32\config\systemprofile\NetHood] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts -> Junction
[C:\windows\System32\config\systemprofile\PrintHood] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts -> Junction
[C:\windows\System32\config\systemprofile\Recent] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent -> Junction
[C:\windows\System32\config\systemprofile\SendTo] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo -> Junction
[C:\windows\System32\config\systemprofile\Start Menu] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu -> Junction
[C:\windows\System32\config\systemprofile\Templates] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates -> Junction
[C:\windows\SysWOW64\config\systemprofile\AppData\Local\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\windows\SysWOW64\config\systemprofile\AppData\Local\History] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\windows\SysWOW64\config\systemprofile\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Roaming -> Junction
[C:\windows\SysWOW64\config\systemprofile\Cookies] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies -> Junction
[C:\windows\SysWOW64\config\systemprofile\Documents\My Music] -> C:\Windows\system32\config\systemprofile\Music -> Junction
[C:\windows\SysWOW64\config\systemprofile\Documents\My Pictures] -> C:\Windows\system32\config\systemprofile\Pictures -> Junction
[C:\windows\SysWOW64\config\systemprofile\Documents\My Videos] -> C:\Windows\system32\config\systemprofile\Videos -> Junction
[C:\windows\SysWOW64\config\systemprofile\Local Settings] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\windows\SysWOW64\config\systemprofile\My Documents] -> C:\Windows\system32\config\systemprofile\Documents -> Junction
[C:\windows\SysWOW64\config\systemprofile\NetHood] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts -> Junction
[C:\windows\SysWOW64\config\systemprofile\PrintHood] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts -> Junction
[C:\windows\SysWOW64\config\systemprofile\Recent] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent -> Junction
[C:\windows\SysWOW64\config\systemprofile\SendTo] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo -> Junction
[C:\windows\SysWOW64\config\systemprofile\Start Menu] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu -> Junction
[C:\windows\SysWOW64\config\systemprofile\Templates] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates -> Junction

< End of report >



OTL Extras logfile created on: 18/07/2012 13:19:18 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\pidgers\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.61 Gb Total Physical Memory | 1.83 Gb Available Physical Memory | 50.77% Memory free
7.21 Gb Paging File | 5.19 Gb Available in Paging File | 71.97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 290.19 Gb Total Space | 129.69 Gb Free Space | 44.69% Space Free | Partition Type: NTFS

Computer Name: PIDGERS-PC | User Name: pidgers | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-1489514248-2083962074-1912098728-1002\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01776855-77F0-4A5D-9109-C34E2AFBF51E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{08DD598D-4C43-40BB-B256-5A09AB3D812B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0F748F63-8203-415B-B8EA-BA7836E262B2}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{11DF20E6-CF4B-4FA9-AFBD-F39E189DFAE1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{16062061-07EB-4254-9E9A-2DAD65517982}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2001A5FB-F2C4-45D8-9BDF-EE0AE550AA08}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{20BB7559-CD7E-4BCD-BEC1-98544BD3A203}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{250D422E-6149-4D83-921B-8B2170276B30}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{2863B0E6-1B41-4A26-8FE1-9B13BD398350}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2BB620A2-FC91-4C98-AFEE-C7F753935228}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{3A21177A-6C60-4258-87F0-561EF2FD670E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3C55708F-713A-4BF3-A6A4-9FC632CE840B}" = lport=139 | protocol=6 | dir=in | app=system |
"{3D261353-7BA1-4FDD-B005-84A45C055CCE}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3E598DD3-377E-4C22-84AD-0CBFD1882EDB}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{3EC04529-E9AD-417C-BA0B-DC7A7AA98421}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4A5006AE-62AB-4454-9AD2-CF1BC0452F65}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{5840E6F4-E445-493C-BE88-9FECD3188737}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{8489D998-D0F0-456A-9363-DEACF4B68D6F}" = rport=139 | protocol=6 | dir=out | app=system |
"{8C89005F-E316-40DD-8CEB-3DA0EBE67F08}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8FA58DDB-1DB9-475B-A5EC-DAE024D1239B}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{994ED397-B71D-4D62-BF1B-6776BE69102C}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{9C0794B9-CE97-4A23-B1A6-3FDDE4E0C849}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{9F5331DC-D2FA-4043-B005-80E4789F302E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A11F5419-CE40-4BB2-B8E1-A4247B417C77}" = lport=137 | protocol=17 | dir=in | app=system |
"{A6FB6A2E-960E-4B01-AC30-92D3B9E41C79}" = lport=445 | protocol=6 | dir=in | app=system |
"{ACBE5A7E-A3E6-43BA-95C9-4C7784DD9865}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{C2EC6D36-46A7-4CCB-BE89-E03A0F4CC96A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C30AE5CC-19C0-47A9-BCF2-2AB68BFFF386}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{C38BCF23-596C-4310-82E5-823C7CAD8C34}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{D463E476-0418-4635-9A44-BC4B1C4DCB8B}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{DEE6719D-BA96-4A7D-A5C8-B3668669ED93}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E1D35A2D-1D64-4A81-AD09-B06CE6D15245}" = rport=137 | protocol=17 | dir=out | app=system |
"{ED3D82D0-F5CA-4D41-96DA-0AFEB2F4CDDD}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{F007BA05-0E4D-4FD9-8125-33269E89BE72}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F262EA42-D9A9-4459-8DF9-4A16A9F14BF7}" = rport=445 | protocol=6 | dir=out | app=system |
"{F42C3243-58CC-4931-9194-5CF02DA1161A}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{F5CFC365-CC91-4AD8-8B0F-B9D4D3960878}" = rport=138 | protocol=17 | dir=out | app=system |
"{FB81CA3A-D0C1-4251-A635-A51BBA0531BD}" = lport=138 | protocol=17 | dir=in | app=system |
"{FCAB55BA-235C-4C8E-8EB3-457CB3207079}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0070E9EA-600C-4FDB-A162-971DC8258209}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magic the gathering tactics\launchpad.exe |
"{01AD864E-95D8-4E83-B6D1-3AB62D9D1835}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{0979E8E0-5D3B-4BAC-9C0E-9BC9EC953EE9}" = protocol=6 | dir=in | app=c:\program files (x86)\thq\company of heroes\relicdownloader\relicdownloader.exe |
"{0D118739-4297-4481-B6E8-6F15C5FC56A3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{0FA96C92-9C09-44F0-B39A-6E1375049E4C}" = dir=in | app=c:\program files (x86)\finalmediaplayer\fmpcheckforupdates.exe |
"{10380454-F740-4D01-AC6C-8C0CA3D79238}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{1589EC4A-B97A-4382-9D3F-B17F44202219}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{17D6F996-C41A-4190-9842-633CF241831A}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{17EC40DF-6E6D-44D6-8F7E-4055AD67F970}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{192F1D89-E92E-4193-97E3-CC9632A8BEC0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2020DD04-FAEF-46D1-B0A7-DAB6B4959468}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{21C8C016-D30A-4001-A098-AABAFE41C712}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\empire total war\empire.exe |
"{2232B5B4-BBBB-489D-BFD4-C640FC03C2C3}" = dir=in | app=c:\program files (x86)\finalmediaplayer\fmpcheckforupdates.exe |
"{2434391C-F2AC-4EC5-B331-C39FD1A2B7BC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{253E3698-4150-4B9A-AFC9-8A3C6ED869CD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{25AD904D-BE36-42ED-A652-3E19A3A8E1B0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{287C1678-0026-43F1-BFF8-A448D4401BCB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brawl busters\bin\pbclient.exe |
"{2998E82C-6AAC-4B40-9147-9B3F7923DB58}" = protocol=17 | dir=in | app=c:\users\pidgers\appdata\local\temp\cf_downloader.exe |
"{2A40A906-7BCA-4DDA-901F-4E3E4DC06D92}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{2AE72DEF-45D6-4716-9980-BA2FDD756559}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2DAE78EC-1252-4BE1-A2EC-F2513FC7698A}" = protocol=6 | dir=out | app=system |
"{2E2A0D80-8AE0-4E40-98DA-472A7D606D61}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\empire total war\empire.exe |
"{30794F10-E1D1-4429-B3EE-CD71F112B929}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{3AE93CDC-59D7-4F0F-BAEF-F68854A19C41}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{3DD718B9-7057-4DAA-AFDC-84DFBFA2D533}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mount & blade with fire and sword\mb_wfas.exe |
"{40ED17EC-BD56-41C7-9047-C0BD2CB6140B}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{45895716-D6D8-4064-85AA-36401ECF77EA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brawl busters\launcher.exe |
"{4602C38B-0589-49A1-BBC4-75F99E946442}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{465DEEFE-79C2-4B28-8CDE-5B2100B0363F}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{472237FD-9C7E-4B43-8BEE-0A6D7D2DBB55}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{47ABD050-DA56-44D7-BB0A-04F3ED3660BD}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{48859BD7-A0A8-4282-8D53-32B95337F587}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{4CE669CB-134A-4884-843A-3E6EF6F37603}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{4D3851C3-EE81-48B3-8091-972BA3D61215}" = protocol=17 | dir=in | app=c:\program files (x86)\z8games\crossfire\cf_g4box.exe |
"{4F95DD51-876E-4B57-AC8D-DB69585E3B3D}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{4F97F046-A763-4941-A54D-21763706F913}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5131720A-F638-483D-BC3A-82280B1F79CD}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{524F52A6-166C-4BEC-963A-556FF806C21A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{527893E2-364D-4D21-BD0D-B0545A264991}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{54127977-167A-44C7-83D4-A1956F0F8734}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{546E9265-3883-4F34-A609-E593BD8D4892}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{5581973D-F3B1-4B7B-8BE0-6964488C2C1E}" = protocol=17 | dir=in | app=c:\program files (x86)\thq\company of heroes\reliccoh.exe |
"{55B58969-E485-45BD-82BF-7EE6F407852A}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{57A97751-B169-4649-B1C0-68E4E97EBD9F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{58D41FCB-ABB8-4333-B159-0027C8A80E00}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{5C0CA6C5-624E-468A-BAE2-6C7EB327CF0B}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{5CDB2EE9-C960-4DFB-80AD-C54F509A15EB}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{641E7428-228A-4083-BC1C-D47802A5CFA7}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{6549E3F0-470A-4739-A625-D5763268A1A3}" = protocol=6 | dir=in | app=c:\program files (x86)\z8games\crossfire\cf_g4box.exe |
"{6E1650F2-2E99-4D25-B6DF-375B7961ACAA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6ECA66E3-4EC1-4A3A-A7AD-3379B0835073}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magic the gathering tactics\launchpad.exe |
"{6F82F46A-222C-4C91-8955-813647088C5D}" = dir=in | app=c:\users\pidgers\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{788D3728-BE06-4CE4-9E80-36783C31B0B5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{80152633-0CDC-4CF4-A6E1-FA492B86D927}" = protocol=17 | dir=in | app=c:\program files (x86)\kalypso\sins of a solar empire\sins of a solar empire.exe |
"{81C5FBAB-8DD8-4DF0-9889-4538A17AFB50}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{877A801A-3EE3-47B6-8E86-FF9D7186D23E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{8C1169C7-22E6-419D-A020-35C0B363F978}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{8C85DBA0-8BB7-4680-BE42-E228FE5D650F}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{8E2D3AFC-300E-4712-A8E6-E9E365025407}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brawl busters\bin\pbclient.exe |
"{9F23EA5C-D75D-4F58-BB59-23A4DE4A79B5}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{A00A04E3-E214-43A9-BAB4-8A65483EE0FB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A7773731-554F-4E4A-A22B-19BE749C416B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ABF17E82-A8C6-4DAA-951C-2A01942B16A9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\world of battles\release\launcher.exe |
"{AC412914-9C90-47A0-9957-8BD046E4BDF5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brawl busters\launcher.exe |
"{AF53ABE0-9938-4D2B-A473-AA6FA27B3AEA}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B0E66A72-C52B-4309-B33A-2C8EAE9EC6A4}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{B80EC5F9-E89C-4385-94A0-3AAA4E72E98E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BD926C51-A642-466E-A84E-CCA4C7479728}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{C0AF6ED0-1048-4D0D-BC94-DD8FB63A3128}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{C372A421-9F34-438E-946F-AC80BDDCB166}" = protocol=6 | dir=in | app=c:\program files (x86)\thq\company of heroes\reliccoh.exe |
"{C84338C6-FC79-4101-888D-C113324A66AD}" = protocol=17 | dir=in | app=c:\program files (x86)\thq\company of heroes\relicdownloader\relicdownloader.exe |
"{C851A556-AEE6-433C-A8CF-71E0D5E0759F}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{CC9D98ED-6304-473B-841A-643CA3A2B07D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\iron grip marauders\prism.exe |
"{CF58440C-B506-41E1-A51F-8DEBDE7CD4F6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mount & blade with fire and sword\mb_wfas.exe |
"{D4C17559-C943-4117-BF23-19885C0C3411}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{D62A19C5-6FB2-4383-A8F0-E4F4C15F8AAF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D62E853F-0E78-46D3-910B-84E7B8ED2F05}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brawl busters\bin\pblauncher.exe |
"{D8C79C68-40F7-4A0F-9254-E64865BF3692}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{DEDECDC5-27D6-483C-B3A4-825F5429F778}" = protocol=6 | dir=in | app=c:\program files (x86)\kalypso\sins of a solar empire\sins of a solar empire.exe |
"{DFE07AFE-FE19-482F-8A08-CC48FF50D1E8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\world of battles\release\launcher.exe |
"{E1317A8F-9A86-45D3-9356-D5DA88BAA980}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E744B4AF-B28E-43C2-AA29-39909209D73D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E8EC07FA-0415-4536-99EF-FDCAD3B6C4C2}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{EA761AD8-F832-4D16-A8E3-50C1334AE9A5}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{EB42598F-92AE-4A32-88D7-10F86E6C8A05}" = protocol=6 | dir=in | app=c:\users\pidgers\appdata\local\temp\cf_downloader.exe |
"{EC78E2AF-EA06-4486-87B1-52FFF89CD80D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{EDFBBCF5-B240-43BA-87A1-10B371597D06}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F0695F6D-1F93-4840-AF26-67537C3E076B}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{F2136F3A-EC73-4D71-8A42-B38DAD23EE61}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brawl busters\bin\pblauncher.exe |
"{F293716C-64D7-4AAE-BC4B-72B095134385}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F843B203-22DF-44A1-ADD9-CA1B9C3CD17E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\iron grip marauders\prism.exe |
"{FA5F8E7E-05C4-4D03-A4F7-3D92274ECA46}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FF967064-7F46-4EE6-97EB-765EF74291DF}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"TCP Query User{0C8B1B2D-AC93-42D6-86CE-528DC6436BFD}C:\program files (x86)\knowhow\knowhowappcentre\bin\ismagent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\knowhow\knowhowappcentre\bin\ismagent.exe |
"TCP Query User{0F5EF363-8475-4F1A-A2AE-9B78D104CA02}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{13C7DD3A-9E00-43AB-8E23-CB56D868076B}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{15FBE3AA-1000-4A42-B176-B1929D99C26A}C:\program files (x86)\novalogic\delta force black hawk down\dfbhd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\novalogic\delta force black hawk down\dfbhd.exe |
"TCP Query User{21F03DF4-C1A8-4AAC-87AA-34A2643D9A3C}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"TCP Query User{248FD476-8860-4903-B0D9-412BB66AD7F9}C:\program files (x86)\knowhow\knowhowappcentre\bin\ismagent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\knowhow\knowhowappcentre\bin\ismagent.exe |
"TCP Query User{2BA65E02-D3D8-4382-811D-FABDBB4E84BF}C:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe |
"TCP Query User{2C376DF5-EFA8-4A28-ACB6-9795440E07FC}C:\program files (x86)\the creative assembly\rome - total war\rometw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\the creative assembly\rome - total war\rometw.exe |
"TCP Query User{3A62E584-B998-4CDF-B043-09F7BB5841E3}C:\program files (x86)\steam\steamapps\godolphinpike\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\godolphinpike\team fortress 2\hl2.exe |
"TCP Query User{4571DC78-CB30-48E1-A9F9-CC58D738A7A4}C:\program files (x86)\3do\army men rts\amrts.exe" = protocol=6 | dir=in | app=c:\program files (x86)\3do\army men rts\amrts.exe |
"TCP Query User{51109B86-436F-4AF8-94C8-C7E7C7F40CA6}C:\users\pidgers\appdata\local\temp\a77a5e1291e84f4e8b1f95ba15751bd9\relicdownloader.exe" = protocol=6 | dir=in | app=c:\users\pidgers\appdata\local\temp\a77a5e1291e84f4e8b1f95ba15751bd9\relicdownloader.exe |
"TCP Query User{70BED39C-C325-49E0-9D08-119023D2502E}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{80D9345E-09BF-4F1B-93D6-38FEE73DCDAA}C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe |
"TCP Query User{94E7A8DD-10DE-4C73-973B-34549E6585B5}C:\program files (x86)\lace mamba global\men of war. assault squad\mow_assault_squad.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lace mamba global\men of war. assault squad\mow_assault_squad.exe |
"TCP Query User{9A316DF9-D6C7-41E0-8C38-5C038EE99EB5}C:\program files (x86)\1clickdownload\1clickdownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\1clickdownload\1clickdownloader.exe |
"TCP Query User{9FB4F0E8-8A2E-4C5A-BC2F-E481D136F312}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"TCP Query User{A35AD684-944B-433D-ACF1-100C601F7DDE}C:\program files (x86)\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"TCP Query User{A5491F7A-728B-4507-9299-D492A16AF6DB}C:\program files (x86)\raptr\raptr.exe" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"TCP Query User{B8B574D7-C2D2-4678-AA23-706E6DC902F4}C:\program files (x86)\lionhead studios ltd\black & white\runblack.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lionhead studios ltd\black & white\runblack.exe |
"TCP Query User{D3D6F1C0-5872-4BD8-B86C-AA4251A2D547}C:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe" = protocol=6 | dir=in | app=c:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe |
"TCP Query User{D3DD42B7-7466-4790-8406-79414703A69C}C:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe |
"TCP Query User{D7A04B0D-FB9C-4961-A4F1-C31C140FEC81}C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe" = protocol=6 | dir=in | app=c:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe |
"UDP Query User{0DFB632F-F7D5-4402-AB4A-ABDE848A6465}C:\program files (x86)\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"UDP Query User{328D7E15-E04A-4741-8114-9DF6EB2FA740}C:\program files (x86)\lionhead studios ltd\black & white\runblack.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lionhead studios ltd\black & white\runblack.exe |
"UDP Query User{455DFBA8-8119-495D-A157-159BCC229058}C:\program files (x86)\lace mamba global\men of war. assault squad\mow_assault_squad.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lace mamba global\men of war. assault squad\mow_assault_squad.exe |
"UDP Query User{4B9A254F-A1F3-4B8C-B06F-635BD8DEBF85}C:\program files (x86)\knowhow\knowhowappcentre\bin\ismagent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\knowhow\knowhowappcentre\bin\ismagent.exe |
"UDP Query User{6A44C88C-8FF1-4679-916F-870748F8C610}C:\program files (x86)\the creative assembly\rome - total war\rometw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\the creative assembly\rome - total war\rometw.exe |
"UDP Query User{73D6D281-4B3D-412A-A08A-02E7DE63C1DF}C:\program files (x86)\knowhow\knowhowappcentre\bin\ismagent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\knowhow\knowhowappcentre\bin\ismagent.exe |
"UDP Query User{74F265A1-8E5B-4167-B98E-32D3151D7160}C:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\star trek online\star trek online\live\gameclient.exe |
"UDP Query User{82CD1B4D-B266-4709-882C-7D93360A36D0}C:\program files (x86)\novalogic\delta force black hawk down\dfbhd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\novalogic\delta force black hawk down\dfbhd.exe |
"UDP Query User{85AA314E-221C-422A-BA55-94CD0E8B28A0}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"UDP Query User{939953D8-EE14-4BA9-A86E-3A1382CAB4B5}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{957B5021-196A-4745-BBEC-D7E208A8B03A}C:\program files (x86)\3do\army men rts\amrts.exe" = protocol=17 | dir=in | app=c:\program files (x86)\3do\army men rts\amrts.exe |
"UDP Query User{ABC7BE4C-3062-4E42-B8BD-DFCAA55A3AF2}C:\program files (x86)\raptr\raptr.exe" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"UDP Query User{B77DCD46-939E-4045-A7B8-C2A7230F6C29}C:\users\pidgers\appdata\local\temp\a77a5e1291e84f4e8b1f95ba15751bd9\relicdownloader.exe" = protocol=17 | dir=in | app=c:\users\pidgers\appdata\local\temp\a77a5e1291e84f4e8b1f95ba15751bd9\relicdownloader.exe |
"UDP Query User{BE120AF7-5D1E-4059-B1F9-48BE70376844}C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe |
"UDP Query User{C3EA4D5D-F81B-487E-A0C0-936D546EBF3E}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{CEF9DCF9-CB3F-4883-AAE7-9929ECF76776}C:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe |
"UDP Query User{D8190FB7-DA22-4811-A3E0-8D4CF0815B6A}C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe" = protocol=17 | dir=in | app=c:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe |
"UDP Query User{E1184A68-6AB0-47DB-BB2A-9C401D59454A}C:\program files (x86)\steam\steamapps\godolphinpike\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\godolphinpike\team fortress 2\hl2.exe |
"UDP Query User{E44F2BAA-F88D-42D6-9DAD-83EFD1F656B0}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"UDP Query User{E8ED30CB-D25A-4C4D-8CBE-B577929EE492}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{F1CD6677-5D94-4D8B-8D78-7F5F9236108D}C:\program files (x86)\1clickdownload\1clickdownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\1clickdownload\1clickdownloader.exe |
"UDP Query User{F7A99DD2-CD36-44F6-B13D-2F0F2149ADA8}C:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe" = protocol=17 | dir=in | app=c:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{119B2F5A-2A06-DB96-FF28-992EC2A10BDF}" = AMD Accelerated Video Transcoding
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{21D0374C-C358-0748-CAF9-7CBE65EB6FFF}" = AMD Fuel
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.439
"{47F9B7C3-F172-940F-D0C4-203C7914E5D2}" = AMD Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D533F05-A3F6-F8A9-F1F6-FA6812089D36}" = AMD Drag and Drop Transcoding
"{4E021D2A-16ED-4FFF-87CB-774F4F62A1A1}" = ccc-utility64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{50431EE1-C1CC-4AE7-BDE3-B60536E7BA92}" = Panda Cloud Antivirus
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{63CE6C32-1EB3-4C51-89FC-9FD96A661A9C}" = AMD Media Foundation Decoders
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{BA56CD60-1D9F-4BE6-AC2F-B7C4A5437C35}" = Driver 1.3
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C7}" = WinZip 16.0
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA2737A4-B639-96F4-1CC2-30D2919EE1FB}" = AMD Steady Video Plug-In
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}" = Finger Sensing Pad Driver
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"GIMP-2_is1" = GIMP 2.8.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{14DDF23F-414A-46DB-4762-56569080292C}" = CCC Help Russian
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = PC Performer Manager
"{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates!
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{199E6632-EB28-4F73-AECB-3E192EB92D18}" = Company of Heroes - FAKEMSI
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21D6A73A-48E6-2195-C408-2158273A914E}" = Catalyst Control Center Localization All
"{224828D6-DCA7-FDF3-3B85-085298AEC919}" = Catalyst Control Center InstallProxy
"{22FB113C-A78B-480E-9A59-73BD65A3E3DD}" = Bulkr
"{2596DB11-997F-FC5B-F5C2-737623D9D8B6}" = AMD VISION Engine Control Center
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java™ 7 Update 5
"{283153BB-CEE6-EE9C-81E8-4350D73354BA}" = CCC Help Turkish
"{28904D9A-13A6-ECA2-48D8-21542759D998}" = CCC Help Polish
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2C8BBDA6-79A7-B2DE-3E5B-287E7F667C67}" = CCC Help Danish
"{2E119961-E99B-C147-9AC3-A93683172DC1}" = CCC Help Swedish
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3EE51BAD-9916-49C7-90BA-3D500B031E0C}_is1" = VSO Image Resizer 3.0.1.55
"{44ED90A1-453B-5C9A-D9ED-80D8AB0258B8}" = CCC Help Thai
"{45E00595-897E-64B6-28F9-5D0927EBA4A5}" = CCC Help Chinese Standard
"{46DE5F4E-BA8B-AC9E-0EED-05B7D93AD215}" = CCC Help Spanish
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}" = Microsoft Games for Windows - LIVE
"{4F4C5E11-0612-48D2-8055-987992AAC432}" = wxDfast
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5A9C96FE-1376-45E1-8556-C81255F0B5A7}" = DSG OSD 1.02
"{5B04E832-4530-B8FF-F742-8BE25ADD43BD}" = CCC Help German
"{5ED93D68-5EAA-9343-9B74-B1E276217264}" = CCC Help Dutch
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D185295-DE89-9C39-18E6-310C148836EB}" = CCC Help Chinese Traditional
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71A8F958-D272-E262-7C9A-7B8F713EE0C3}" = CCC Help French
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7513D3F0-55BC-273C-7A53-488394EDBFCC}" = CCC Help Italian
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77CEF490-8C06-437D-A91A-725765DFE6E0}" = Sengoku
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79AA9BFA-F962-A1E9-71CE-D0887A92444C}" = CCC Help Portuguese
"{7ACEF1BF-9306-5AD7-5F30-ECE72A81E924}" = CCC Help Finnish
"{7afe55e6-a082-4f76-8321-80c0d3e071ac}" = Webshots Grabber
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}" = Company of Heroes - FAKEMSI
"{80D03817-7943-4839-8E96-B9F924C5E67D}" = Company of Heroes - FAKEMSI
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{867D3E0B-B774-4BB6-B439-675E62C6386A}_is1" = WMV Converter 3.2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}" = Media Player Utilities 4.36
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E1CB0F1-67BF-4052-AA23-FA22E94804C1}" = InstallIQ Updater
"{8FE54D21-8254-4CCF-AEE0-066496AE43F4}" = Delta Force - Black Hawk Down
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{97A19679-4C07-4B34-8ACB-D5565C3440FC}" = Stronghold
"{97E5205F-EA4F-438F-B211-F1846419F1C1}" = Company of Heroes - FAKEMSI
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99A7722D-9ACB-43F3-A222-ABC7133F159E}" = Company of Heroes - FAKEMSI
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C1EC871-05B9-03B7-96F6-9BD5C0D8F41D}" = Catalyst Control Center Graphics Previews Common
"{9C41195F-11B3-8EEC-6634-7183BE6CB1B1}" = CCC Help Japanese
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C0E69600-E8D1-784D-829C-788D91D65051}" = CCC Help Polish
"{C4129D57-5C83-3BF0-A11A-3798C008C6C7}" = CCC Help Greek
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF937220-C6A5-438F-AB5C-8C7CD5F6DEA3}" = Star Trek Legacy Patch v1.1
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D0BC4101-6C30-ECFF-F693-63408134F29B}" = CCC Help Czech
"{D2402DAD-B180-A4A0-261D-4A8933BFBFEE}" = CCC Help Japanese
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D8B5C1BB-5951-422D-A4D5-451675614956}_is1" = Men of War: Assault Squad (Remove Only)
"{DA7E8D81-2B14-415B-8FC5-02CE4CF9F839}" = CCC Help Hungarian
"{DB3FBD3C-A061-34C9-0A2B-6CCDD8C96640}" = CCC Help Turkish
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E086E914-2928-48F9-364B-0C715DFF6A45}" = CCC Help Korean
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E51B4CD9-A0A6-4324-B26A-31B3F2DE26CE}" = Black and White
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E8F30BD6-ABAB-C24E-E9A7-BF67EB96152C}" = CCC Help Norwegian
"{E9A5B6CD-7ABB-F295-2E11-F25BC322FF80}" = CCC Help English
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.02.002
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F9B915DF-B79C-4747-9BA3-9705A57DC717}" = Act of War - Direct Action
"{FCB29739-3E50-4B12-B459-116ADDC60221}" = Soldiers - Heroes of World War II
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"«Total War™: SHOGUN 2»_is1" = «Total War™: SHOGUN 2»
"7-Zip" = 7-Zip 9.20
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"appbario2 Toolbar" = appbario2 Toolbar
"Applian FLV Player2.0.25" = Applian FLV Player
"aTube Catcher" = aTube Catcher
"AVG Secure Search" = AVG Security Toolbar
"Celtx (2.9.7)" = Celtx (2.9.7)
"com.prakaz.project.photogettr.FBAB9E68ED32BC183252F597C39DBF71CF315A79.1" = Bulkr
"Company of Heroes" = Company of Heroes
"DAEMON Tools Pro" = DAEMON Tools Pro
"DarthMod Ultimate Commander Edition" = DarthMod Ultimate Commander Edition
"DivX Setup" = DivX Setup
"FinalMediaPlayer_is1" = Final Media Player 2011
"Free Sound Recorder_is1" = Free Sound Recorder v9.3.1
"FreeSoundRecorder Toolbar" = FreeSoundRecorder Toolbar
"GadgetBox" = GadgetBox
"GBoxUpdater" = Gbox Updater
"GIMPshop_is1" = GIMPshop 2.6.11
"Glary Utilities_is1" = Glary Utilities 2.47.0.1539
"Graboid Video" = Graboid Video 3.11
"Imperium Romanum" = Imperium Romanum 1.03
"incredibar" = Incredibar Toolbar on IE
"InstallShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates!
"jZip" = jZip
"MegaTrainer eXperience_is1" = MegaTrainer eXperience V1.1.0.8
"MyTools" = MyTools
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Opera 12.00.1467" = Opera 12.00
"OptimizerProUpdater" = OptimizerPro Updater
"Panda Cloud Antivirus" = Panda Cloud Antivirus
"Picasa 3" = Picasa 3
"Premiumplay Codec-C" = Premiumplay Codec-C
"RealPlayer 15.0" = RealPlayer
"Shockwave" = Shockwave
"SProtector" = SProtector 1.46
"Starship Ranger_is1" = Starship Ranger v1.7
"Steam App 10500" = Empire: Total War
"Steam App 113900" = World of Battles
"Steam App 34330" = Total War: SHOGUN 2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VLC media player" = VLC media player 1.0.1
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"WxDFastUpdater" = WxDFast Updater
"wxDownload Fast_is1" = wxDownload Fast 0.6.0
"Xvid Video Codec 1.3.1" = Xvid Video Codec
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1489514248-2083962074-1912098728-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"IMVU Avatar chat client software BETA" = IMVU Avatar Chat Software
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 16/07/2012 20:56:12 | Computer Name = pidgers-PC | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 20.0.1132.57, time
stamp: 0x4ffb8830 Faulting module name: RPCRT4.dll, version: 6.1.7601.17514, time
stamp: 0x4ce7ba59 Exception code: 0xc0020043 Fault offset: 0x0005cd99 Faulting process
id: 0xde0 Faulting application start time: 0x01cd63b664590b20 Faulting application
path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Faulting module
path: C:\Windows\syswow64\RPCRT4.dll Report Id: 33d637f4-cfaa-11e1-b3b5-80ee7324fb7e

Error - 17/07/2012 09:38:56 | Computer Name = pidgers-PC | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 20.0.1132.57, time
stamp: 0x4ffb8830 Faulting module name: ntdll.dll, version: 6.1.7601.17725, time
stamp: 0x4ec49b8f Exception code: 0xc000070a Fault offset: 0x0009c76d Faulting process
id: 0x11b0 Faulting application start time: 0x01cd641a07a66505 Faulting application
path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Faulting module
path: C:\Windows\SysWOW64\ntdll.dll Report Id: c1261b60-d014-11e1-b3b5-80ee7324fb7e

Error - 17/07/2012 14:03:06 | Computer Name = pidgers-PC | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 20.0.1132.57, time
stamp: 0x4ffb8830 Faulting module name: ntdll.dll, version: 6.1.7601.17725, time
stamp: 0x4ec49b8f Exception code: 0xc000070a Fault offset: 0x0009c76d Faulting process
id: 0x11a0 Faulting application start time: 0x01cd64465707f421 Faulting application
path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Faulting module
path: C:\Windows\SysWOW64\ntdll.dll Report Id: a854a017-d039-11e1-b3b5-80ee7324fb7e

Error - 17/07/2012 14:21:47 | Computer Name = pidgers-PC | Source = Application Error | ID = 1000
Description = Faulting application name: ACTOFWAR.EXE, version: 0.0.0.0, time stamp:
0x00000000 Faulting module name: KERNELBASE.dll, version: 6.1.7601.17651, time stamp:
0x4e211319 Exception code: 0x0eedfade Fault offset: 0x0000b9bc Faulting process id:
0xe94 Faulting application start time: 0x01cd6448eff82648 Faulting application path:
C:\Program Files (x86)\Atari\Act of War - Direct Action\ACTOFWAR.EXE Faulting module
path: C:\Windows\syswow64\KERNELBASE.dll Report Id: 4498dada-d03c-11e1-b3b5-80ee7324fb7e

Error - 17/07/2012 17:07:29 | Computer Name = pidgers-PC | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 20.0.1132.57, time
stamp: 0x4ffb8830 Faulting module name: chrome.dll, version: 20.0.1132.57, time
stamp: 0x4ffb87b1 Exception code: 0x80000003 Fault offset: 0x005477e0 Faulting process
id: 0x608 Faulting application start time: 0x01cd644671363f57 Faulting application
path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Faulting module
path: C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\chrome.dll Report
Id: 6a6482c8-d053-11e1-b3b5-80ee7324fb7e

Error - 17/07/2012 18:40:00 | Computer Name = pidgers-PC | Source = WinMgmt | ID = 10
Description =

Error - 17/07/2012 19:23:28 | Computer Name = pidgers-PC | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 20.0.1132.57, time
stamp: 0x4ffb8830 Faulting module name: chrome.dll, version: 20.0.1132.57, time
stamp: 0x4ffb87b1 Exception code: 0x80000003 Fault offset: 0x005477e0 Faulting process
id: 0xc7c Faulting application start time: 0x01cd647316d0a0ae Faulting application
path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Faulting module
path: C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\chrome.dll Report
Id: 69686de9-d066-11e1-a8f0-80ee7324fb7e

Error - 17/07/2012 19:28:51 | Computer Name = pidgers-PC | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 20.0.1132.57, time
stamp: 0x4ffb8830 Faulting module name: chrome.dll, version: 20.0.1132.57, time
stamp: 0x4ffb87b1 Exception code: 0x80000003 Fault offset: 0x005477e0 Faulting process
id: 0x14fc Faulting application start time: 0x01cd6473dc8cba71 Faulting application
path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Faulting module
path: C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\chrome.dll Report
Id: 2a3dd6f9-d067-11e1-a8f0-80ee7324fb7e

Error - 17/07/2012 19:33:12 | Computer Name = pidgers-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Users\pidgers\Downloads\SoftonicDownloader_for_msn-messenger.exe".Error
in manifest or policy file "" on line . A component version required by the application
conflicts with another component version already active. Conflicting components
are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 18/07/2012 07:26:14 | Computer Name = pidgers-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16446,
time stamp: 0x4fb57c8f Faulting module name: SteadyVideo.dll_unloaded, version: 0.0.0.0,
time stamp: 0x4f39573b Exception code: 0xc0000005 Fault offset: 0x705c1c6c Faulting
process id: 0x2ff0 Faulting application start time: 0x01cd64cf5083f040 Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
SteadyVideo.dll Report Id: 619e6eab-d0cb-11e1-a8f0-80ee7324fb7e

[ Media Center Events ]
Error - 23/03/2012 04:49:07 | Computer Name = pidgers-PC | Source = MCUpdate | ID = 0
Description = 08:49:07 - Error connecting to the internet. 08:49:07 - Unable
to contact server..

Error - 23/03/2012 04:51:17 | Computer Name = pidgers-PC | Source = MCUpdate | ID = 0
Description = 08:49:12 - Error connecting to the internet. 08:49:12 - Unable
to contact server..

Error - 12/04/2012 07:30:50 | Computer Name = pidgers-PC | Source = MCUpdate | ID = 0
Description = 12:30:39 - Failed to retrieve Directory (Error: The underlying connection
was closed: An unexpected error occurred on a send.)

Error - 15/04/2012 14:44:30 | Computer Name = pidgers-PC | Source = MCUpdate | ID = 0
Description = 19:44:29 - Error connecting to the internet. 19:44:29 - Unable
to contact server..

Error - 15/04/2012 14:44:50 | Computer Name = pidgers-PC | Source = MCUpdate | ID = 0
Description = 19:44:35 - Error connecting to the internet. 19:44:35 - Unable
to contact server..

[ System Events ]
Error - 02/07/2012 10:37:16 | Computer Name = pidgers-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 19/07/2012 18:04:03 | Computer Name = pidgers-PC | Source = Microsoft-Windows-Time-Service | ID = 34
Description = The time service has detected that the system time needs to be changed
by -1209592 seconds. The time service will not change the system time by more than
54000 seconds. Verify that your time and time zone are correct, and that the time
source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->65.55.21.19:123) is working
properly.

Error - 08/07/2012 17:51:11 | Computer Name = pidgers-PC | Source = DCOM | ID = 10005
Description =

Error - 08/07/2012 17:51:11 | Computer Name = pidgers-PC | Source = Service Control Manager | ID = 7000
Description = The Google Update Service (gupdate) service failed to start due to
the following error: %%109

Error - 10/07/2012 06:15:14 | Computer Name = pidgers-PC | Source = DCOM | ID = 10010
Description =

Error - 14/07/2012 19:46:06 | Computer Name = pidgers-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 00:40:18 on ?15/?07/?2012 was unexpected.

Error - 16/07/2012 20:36:37 | Computer Name = pidgers-PC | Source = DCOM | ID = 10010
Description =

Error - 17/07/2012 12:55:23 | Computer Name = pidgers-PC | Source = cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 17/07/2012 18:38:37 | Computer Name = pidgers-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 23:36:54 on ?17/?07/?2012 was unexpected.

Error - 18/07/2012 05:28:28 | Computer Name = pidgers-PC | Source = DCOM | ID = 10010
Description =


< End of report >


Mod Edit: Moved from Waiting Room to Malware Removal forum.-ST.
  • 0

Similar Topics: gboxapp how do i remove? [Closed]     x


#2
Essexboy

Essexboy

    GeekU Moderator

  • GeekU Moderator
  • 62,611 posts
Hi there let me know on completion of this run of any problems remaining

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image

    :OTL
    SRV:64bit: - [2012/05/08 15:13:28 | 000,185,856 | ---- | M] () [Auto | Running] -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)
    SRV - [2012/07/16 00:48:58 | 001,677,856 | ---- | M] (bProtector) [Auto | Running] -- C:\ProgramData\bProtectorForWindows\2.2.463.83\bProtect.exe -- (bProtector)
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
    IE - HKLM\..\SearchScopes\{AA74FE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxap...q={searchTerms}
    IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxap...q={searchTerms}
    IE - HKLM\..\SearchScopes,DefaultScope = {AA74FE59-BC4C-4172-9AC4-73315F71CFFE}
    IE - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002\..\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}: "URL" = http://search.imgag....q={searchTerms}
    IE - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...000d0df9aab683a
    IE - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002\..\SearchScopes\{AA74FE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxap...q={searchTerms}
    IE - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxap...q={searchTerms}
    IE - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incre...6R8vC88oWD&i=26
    IE - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002\..\SearchScopes\{DD83EE08-6F33-4A9F-A73D-CB342F1C1DBE}: "URL" = http://start.funmood...q={searchTerms}
    [2012/06/03 19:43:13 | 000,002,356 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
    O2:64bit: - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension64.dll ()
    O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
    O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
    O2 - BHO: (wxDfast Class) - {DB8DEABF-52F3-0BAE-1435-CAC9D5D124D7} - C:\ProgramData\wxDfast\bhoclass.dll ()
    O3:64bit: - HKLM\..\Toolbar: (no name) - !{32b29df0-2237-4370-9a29-37cebb730e9b} - No CLSID value found.
    O3:64bit: - HKLM\..\Toolbar: (no name) - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
    O3:64bit: - HKLM\..\Toolbar: (no name) - !{F9639E4A-801B-4843-AEE3-03D9DA199E77} - No CLSID value found.
    O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - !{32b29df0-2237-4370-9a29-37cebb730e9b} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - !{F9639E4A-801B-4843-AEE3-03D9DA199E77} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O3 - HKU\S-1-5-21-1489514248-2083962074-1912098728-1002\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
    O20 - AppInit_DLLs: (c:\progra~3\bprote~1\22463~1.83\protec~1.dll) - c:\ProgramData\bProtectorForWindows\2.2.463.83\protector.dll ()
    [2012/07/17 01:37:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\wxDownload Fast
    [2012/07/17 01:36:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\wxDownload Fast
    [2012/07/17 01:36:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Premium
    [2012/07/17 01:36:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SProtector
    [2012/07/17 01:36:01 | 000,000,000 | ---D | C] -- C:\ProgramData\GboxUpdater
    [2012/07/17 01:35:39 | 000,000,000 | ---D | C] -- C:\ProgramData\GadgetBox
    [2012/07/17 01:35:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GadgetBox
    [2012/07/17 01:35:04 | 000,000,000 | ---D | C] -- C:\ProgramData\OptimizerPro
    [2012/07/17 01:33:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\wxDfast
    [2012/07/17 01:33:25 | 000,000,000 | ---D | C] -- C:\ProgramData\wxDfast
    [2012/07/17 01:33:19 | 000,000,000 | ---D | C] -- C:\ProgramData\WxDFastUpdater
    [2012/07/16 00:48:53 | 000,000,000 | ---D | C] -- C:\ProgramData\bProtectorForWindows
    [2012/07/18 10:28:04 | 000,000,354 | -H-- | M] () -- C:\Windows\tasks\OptimizerProUpdaterRefreshTask.job
    [2012/07/18 10:28:04 | 000,000,350 | -H-- | M] () -- C:\Windows\tasks\GboxUpdaterRefreshTask.job
    [2012/07/18 10:28:03 | 000,000,362 | -H-- | M] () -- C:\Windows\tasks\WxDFastUpdaterRefreshTask.job
    [2012/07/18 10:27:57 | 000,000,382 | -H-- | M] () -- C:\Windows\tasks\WxDFastUpdaterLogonTask.job
    [2012/07/18 10:27:57 | 000,000,374 | -H-- | M] () -- C:\Windows\tasks\OptimizerProUpdaterLogonTask.job
    [2012/07/18 10:27:57 | 000,000,370 | -H-- | M] () -- C:\Windows\tasks\GboxUpdaterLogonTask.job
    [2012/01/26 22:49:36 | 000,000,000 | ---D | M] -- C:\Users\pidgers\AppData\Roaming\Babylon

    :Files
    ipconfig /flushdns /c
    C:\Program Files\Web Assistant
    C:\ProgramData\bProtectorForWindows
    C:\Program Files (x86)\Incredibar.com
    C:\ProgramData\wxDfast

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • GeekU Moderator
  • 62,611 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

featured