Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Google Chrome - Default Extension 1.0 Redirect

Started by kraby , Jul 21 2012 12:02 PM

  • Please log in to reply

#1
kraby
Posted 21 July 2012 - 12:02 PM

kraby

    New Member

  • Member
  • Pip
  • 2 posts
Hi I am having the following problem I could use some advice on. Any assistance would be greatly appreciated, thank you.

Using Google Chrome I was finding my search results in Google being redirected to other sites when I clicked on them. I found a extension named Default Extension 1.0 in Google Chrome which I disabled and deleted but it keeps coming back whenever I restart Chrome.

I am on Windows 7 Ultimate x64, I use ESET Smart Security 5 as my AntiVirus/Firewall/Antispam protection and I do keep it up-to-date as well as Windows updates.

So far I have done a full system scan with ESET Smart Security, MalwareBytes AntiMalware, TDSSKiller, and msert fixed a couple of minor issues and now they all show up clean, but I am still having the issue.

Here is the OTL.txt:

OTL logfile created on: 7/21/2012 10:38:59 AM - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Kenny\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.99 Gb Total Physical Memory | 4.34 Gb Available Physical Memory | 54.32% Memory free
15.98 Gb Paging File | 12.60 Gb Available in Paging File | 78.84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.51 Gb Total Space | 617.61 Gb Free Space | 66.30% Space Free | Partition Type: NTFS
Drive D: | 698.63 Gb Total Space | 35.65 Gb Free Space | 5.10% Space Free | Partition Type: NTFS
Drive E: | 97.65 Gb Total Space | 4.91 Gb Free Space | 5.02% Space Free | Partition Type: NTFS
Drive F: | 270.22 Gb Total Space | 135.48 Gb Free Space | 50.14% Space Free | Partition Type: NTFS
Drive H: | 614.91 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive I: | 930.86 Gb Total Space | 744.91 Gb Free Space | 80.02% Space Free | Partition Type: NTFS

Computer Name: OFFICE | User Name: Kenny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/21 10:38:09 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Kenny\Downloads\OTL.exe
PRC - [2012/07/18 06:50:30 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/07/03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/06/28 19:58:42 | 000,529,232 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012/06/01 16:17:16 | 013,806,592 | ---- | M] (Google Inc.) -- C:\Users\Kenny\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
PRC - [2012/05/24 11:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Kenny\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/03/07 15:40:34 | 000,913,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2012/01/06 10:25:37 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2012/01/03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/09/08 00:15:22 | 000,670,792 | ---- | M] (Juniper Networks) -- C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
PRC - [2011/02/10 02:00:16 | 000,012,800 | ---- | M] (Mr. John aka japamd) -- C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
PRC - [2011/01/17 18:37:40 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 18:37:40 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010/08/03 09:43:02 | 000,522,824 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
PRC - [2009/03/16 01:47:28 | 000,122,880 | ---- | M] () -- C:\Windows\SysWOW64\WinMsgBalloonServer.exe
PRC - [2009/03/16 01:47:24 | 000,139,264 | ---- | M] () -- C:\Windows\SysWOW64\WinMsgBalloonClient.exe
PRC - [2009/03/16 01:47:22 | 000,122,880 | ---- | M] (AMD) -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
PRC - [2009/03/16 01:47:20 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
PRC - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2007/10/17 16:02:50 | 001,040,384 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files (x86)\RALINK\Common\RaUI.exe


========== Modules (No Company Name) ==========

MOD - [2012/07/18 06:50:30 | 002,003,424 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/07/09 21:09:00 | 000,438,296 | ---- | M] () -- C:\Users\Kenny\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppgooglenaclpluginchrome.dll
MOD - [2012/07/09 21:08:59 | 003,972,120 | ---- | M] () -- C:\Users\Kenny\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll
MOD - [2012/07/09 21:07:39 | 000,554,520 | ---- | M] () -- C:\Users\Kenny\AppData\Local\Google\Chrome\Application\20.0.1132.57\libglesv2.dll
MOD - [2012/07/09 21:07:37 | 000,117,784 | ---- | M] () -- C:\Users\Kenny\AppData\Local\Google\Chrome\Application\20.0.1132.57\libegl.dll
MOD - [2012/07/09 21:07:22 | 000,140,328 | ---- | M] () -- C:\Users\Kenny\AppData\Local\Google\Chrome\Application\20.0.1132.57\avutil-51.dll
MOD - [2012/07/09 21:07:21 | 000,262,184 | ---- | M] () -- C:\Users\Kenny\AppData\Local\Google\Chrome\Application\20.0.1132.57\avformat-54.dll
MOD - [2012/07/09 21:07:19 | 002,386,984 | ---- | M] () -- C:\Users\Kenny\AppData\Local\Google\Chrome\Application\20.0.1132.57\avcodec-54.dll
MOD - [2012/07/09 19:17:27 | 009,255,112 | ---- | M] () -- C:\Users\Kenny\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
MOD - [2012/06/28 19:58:38 | 020,313,384 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/06/28 19:58:26 | 000,895,312 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012/06/28 19:58:25 | 001,099,576 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012/06/28 19:58:25 | 000,190,776 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/06/28 19:58:25 | 000,123,192 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/06/01 16:06:02 | 000,344,064 | ---- | M] () -- C:\Users\Kenny\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
MOD - [2012/06/01 16:05:48 | 000,346,624 | ---- | M] () -- C:\Users\Kenny\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
MOD - [2012/06/01 16:04:48 | 000,198,656 | ---- | M] () -- C:\Users\Kenny\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
MOD - [2012/06/01 16:04:46 | 000,364,032 | ---- | M] () -- C:\Users\Kenny\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
MOD - [2011/11/08 13:46:02 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2011/04/04 12:33:24 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 16:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/06/11 13:12:16 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012/04/05 19:16:02 | 000,236,544 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/03/07 15:40:34 | 000,913,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/05/20 15:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 18:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/07/18 06:50:30 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/06/28 19:58:42 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/02/29 09:16:46 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/01/03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/09/08 00:15:22 | 000,670,792 | ---- | M] (Juniper Networks) [Auto | Running] -- C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe -- (dsNcService)
SRV - [2011/02/10 02:00:16 | 000,012,800 | ---- | M] (Mr. John aka japamd) [Auto | Running] -- C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe -- (RadeonPro Support Service)
SRV - [2010/06/25 10:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/16 01:47:22 | 000,122,880 | ---- | M] (AMD) [Auto | Running] -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe -- (AMD_RAIDXpert)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/05/11 11:14:26 | 000,251,528 | ---- | M] (PC Tools) [Kernel | Disabled | Running] -- C:\Windows\SysNative\drivers\PCTSD64.sys -- (PCTSD)
DRV:64bit: - [2012/04/05 22:22:40 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2012/04/05 22:22:40 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/04/05 18:10:44 | 000,343,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/03/14 08:40:04 | 000,187,632 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2012/03/14 08:40:04 | 000,062,496 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2012/03/14 08:40:04 | 000,038,288 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2012/03/14 08:40:02 | 000,209,768 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2012/03/14 08:40:02 | 000,148,528 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2012/03/05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV:64bit: - [2012/03/05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/23 05:32:04 | 000,095,760 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/24 17:55:33 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2011/02/24 17:55:33 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 04:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 04:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/06/25 10:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2010/06/24 13:46:14 | 000,033,888 | ---- | M] (Applian Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\appliand.sys -- (appliandMP)
DRV:64bit: - [2010/06/24 13:46:14 | 000,033,888 | ---- | M] (Applian Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appliand.sys -- (appliand)
DRV:64bit: - [2010/06/07 23:35:32 | 000,032,768 | ---- | M] (Juniper Networks) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dsNcAdpt.sys -- (dsNcAdpt)
DRV:64bit: - [2010/05/20 15:26:30 | 002,060,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VX3000.sys -- (VX3000)
DRV:64bit: - [2010/04/07 13:14:50 | 000,446,304 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr6164.sys -- (rt61x64)
DRV:64bit: - [2010/02/18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010/01/11 03:05:20 | 001,290,752 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009/12/22 03:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/12/22 01:54:00 | 001,308,160 | ---- | M] (C-Media Electronics Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CM10864.sys -- (USBPNPA)
DRV:64bit: - [2009/11/27 00:47:56 | 000,067,072 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009/07/13 19:35:40 | 000,226,616 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ahcix64s.sys -- (ahcix64s)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/04 18:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=8
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 35 DF 04 F2 DC 89 CC 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....erms}&fr=mkg028
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....h?fr=mkg030&p="
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/?ilc=8"
FF - prefs.js..keyword.URL: "http://search.yahoo....h?fr=mkg030&p="


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Users\Kenny\AppData\Local\HuluDesktop\instances\0.9.14.1\npHDPlg.dll (Hulu LLC)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Kenny\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Kenny\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Kenny\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Kenny\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Kenny\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2012/06/14 00:50:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/04/25 11:40:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/04/25 11:40:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/18 06:50:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012/06/14 00:50:22 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/18 06:50:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011/08/21 09:20:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kenny\AppData\Roaming\Mozilla\Extensions
[2012/07/20 20:39:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kenny\AppData\Roaming\Mozilla\Firefox\Profiles\0ngeo5o2.default\extensions
[2012/07/20 20:39:50 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\Kenny\AppData\Roaming\Mozilla\Firefox\Profiles\0ngeo5o2.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2012/05/21 14:20:23 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Kenny\AppData\Roaming\Mozilla\Firefox\Profiles\0ngeo5o2.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/03/29 15:20:10 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Kenny\AppData\Roaming\Mozilla\Firefox\Profiles\0ngeo5o2.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/05/21 14:20:24 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Kenny\AppData\Roaming\Mozilla\Firefox\Profiles\0ngeo5o2.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012/05/03 12:59:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/03/18 09:01:41 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/07/18 06:50:30 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/06/19 07:20:40 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/06/19 07:20:40 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Kenny\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Kenny\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Kenny\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Kenny\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Logitech Device Detection (Enabled) = C:\Users\Kenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\elncikmfipkphghakkmemnlnahadedno\1.24.0.9_0\npLogitechDeviceDetection.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: ActiveTouch General Plugin Container (Enabled) = C:\Users\Kenny\AppData\Local\Google\Chrome\Application\plugins\npatgpc.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Kenny\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Kenny\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: AmazonMP3DownloaderPlugin (Enabled) = C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Kenny\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Hulu Desktop (Enabled) = C:\Users\Kenny\AppData\Local\HuluDesktop\instances\0.9.14.1\npHDPlg.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Users\Kenny\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
CHR - Extension: Angry Birds = C:\Users\Kenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Star Legends = C:\Users\Kenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\chcaflnbhnoegjedbjaamecefhglfamc\1.1.1.2_0\
CHR - Extension: Logitech Device Detection = C:\Users\Kenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\elncikmfipkphghakkmemnlnahadedno\1.24.0.9_0\
CHR - Extension: feedly = C:\Users\Kenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob\10.2.437_0\
CHR - Extension: Personal Blocklist (by Google) = C:\Users\Kenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nolijncfnkgaikbjbdaogikpmpbdcdef\2.3_0\

O1 HOSTS File: ([2012/07/20 20:43:59 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (FireShot) - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Users\Kenny\AppData\Roaming\Mozilla\Firefox\Profiles\0ngeo5o2.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.92.dll File not found
O4:64bit: - HKLM..\Run: [Cm108Sound] C:\Windows\Syswow64\cm108.dll (C-Media Corporation)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [MusicManager] C:\Users\Kenny\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (Google Inc.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Kenny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/...SetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AB01BAC0-BF9E-4A1A-8C50-D46ED07B6C2A}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/02/14 02:49:03 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/06/18 14:12:18 | 000,000,088 | ---- | M] () - H:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/07/20 23:55:35 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/07/20 23:48:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/07/20 23:48:28 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/07/20 23:44:48 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/07/20 20:58:13 | 000,251,528 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTSD64.sys
[2012/07/20 20:58:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools
[2012/07/20 20:58:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2012/07/20 20:54:48 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2012/07/20 20:54:47 | 000,000,000 | ---D | C] -- C:\Users\Kenny\AppData\Roaming\TestApp
[2012/07/20 20:29:36 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/07/20 20:29:36 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/07/20 20:29:36 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/07/20 20:29:31 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/07/20 20:28:59 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/07/20 20:28:48 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/07/19 14:17:23 | 000,000,000 | ---D | C] -- C:\Users\Kenny\AppData\Roaming\Malwarebytes
[2012/07/19 14:17:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/19 14:17:09 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/07/19 14:17:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/07/19 14:17:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/07/14 08:27:47 | 000,000,000 | ---D | C] -- C:\Users\Kenny\AppData\Roaming\Advanced Combat Tracker
[2012/07/14 08:25:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Combat Tracker
[2012/07/14 08:25:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Advanced Combat Tracker
[2012/07/12 23:33:10 | 000,000,000 | ---D | C] -- C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
[2012/07/12 23:32:11 | 000,000,000 | ---D | C] -- C:\Users\Kenny\Documents\My Curse
[2012/07/12 11:15:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\efs
[2012/07/12 11:15:19 | 000,000,000 | ---D | C] -- C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Effective File Search
[2012/07/11 14:54:24 | 000,000,000 | ---D | C] -- C:\Users\Kenny\AppData\Roaming\Wireshark
[2012/07/07 12:44:17 | 000,000,000 | ---D | C] -- C:\flashdrivebackup
[2012/07/06 00:55:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Essentia Software
[2012/06/29 08:42:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
[2012/06/29 08:42:44 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2012/06/28 20:07:48 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012/06/28 20:07:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012/06/28 20:07:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012/06/24 08:04:15 | 000,000,000 | ---D | C] -- C:\Users\Kenny\AppData\Roaming\SystemRequirementsLab
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/07/21 10:42:55 | 000,001,108 | ---- | M] () -- C:\Users\Kenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/07/21 10:42:52 | 000,000,928 | ---- | M] () -- C:\Users\Kenny\Desktop\NTREGOPT.lnk
[2012/07/21 10:42:52 | 000,000,909 | ---- | M] () -- C:\Users\Kenny\Desktop\ERUNT.lnk
[2012/07/21 10:41:48 | 000,012,736 | ---- | M] () -- C:\Users\Kenny\_viminfo
[2012/07/21 09:59:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3910122349-1506787841-2143514312-1000UA.job
[2012/07/20 23:54:37 | 000,014,816 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/20 23:54:37 | 000,014,816 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/20 23:48:31 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/07/20 23:44:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/20 23:43:50 | 2141,007,871 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/20 20:58:51 | 001,664,234 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2012/07/20 20:43:59 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/07/20 19:59:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3910122349-1506787841-2143514312-1000Core.job
[2012/07/19 14:17:11 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/19 13:19:14 | 000,233,984 | ---- | M] () -- C:\Users\Kenny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/17 18:53:13 | 000,001,068 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2012/07/15 08:30:57 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\NannyPay 2012 Updates.job
[2012/07/14 08:25:58 | 000,001,191 | ---- | M] () -- C:\Users\Public\Desktop\Advanced Combat Tracker.lnk
[2012/07/12 23:33:10 | 000,000,318 | ---- | M] () -- C:\Users\Kenny\Desktop\Curse Client.appref-ms
[2012/07/12 11:15:22 | 000,000,958 | ---- | M] () -- C:\Users\Kenny\Desktop\Effective File Search.lnk
[2012/07/12 09:55:35 | 000,002,399 | ---- | M] () -- C:\Users\Kenny\Desktop\Google Chrome.lnk
[2012/07/11 09:33:03 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/07/11 06:50:52 | 000,462,264 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/07/09 09:11:35 | 000,001,145 | ---- | M] () -- C:\Users\Kenny\Desktop\Newsbin Pro 64.lnk
[2012/07/07 12:45:42 | 000,740,046 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/07 12:45:42 | 000,632,930 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/07 12:45:42 | 000,110,564 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/06 15:31:47 | 000,007,614 | ---- | M] () -- C:\Users\Kenny\AppData\Local\Resmon.ResmonCfg
[2012/07/06 00:55:46 | 000,001,962 | ---- | M] () -- C:\Users\Public\Desktop\NannyPay 2012.lnk
[2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/07/03 07:32:27 | 000,001,006 | ---- | M] () -- C:\Users\Kenny\Desktop\ClientPatcher.exe - Shortcut.lnk
[2012/06/29 10:51:12 | 000,015,553 | ---- | M] () -- C:\Users\Kenny\Desktop\Kenny.lgp
[2012/06/29 08:42:45 | 000,001,724 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/07/20 23:48:31 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/07/20 20:58:16 | 001,664,234 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2012/07/20 20:29:36 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/07/20 20:29:36 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/07/20 20:29:36 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/07/20 20:29:36 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/07/20 20:29:36 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/07/19 14:17:11 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/14 08:25:20 | 000,001,191 | ---- | C] () -- C:\Users\Public\Desktop\Advanced Combat Tracker.lnk
[2012/07/12 23:33:10 | 000,000,318 | ---- | C] () -- C:\Users\Kenny\Desktop\Curse Client.appref-ms
[2012/07/12 11:15:22 | 000,000,958 | ---- | C] () -- C:\Users\Kenny\Desktop\Effective File Search.lnk
[2012/07/03 07:32:27 | 000,001,006 | ---- | C] () -- C:\Users\Kenny\Desktop\ClientPatcher.exe - Shortcut.lnk
[2012/06/29 10:51:11 | 000,015,553 | ---- | C] () -- C:\Users\Kenny\Desktop\Kenny.lgp
[2012/06/29 08:42:45 | 000,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2012/03/09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/02/14 19:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/02/14 19:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011/10/25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011/09/23 14:22:15 | 000,012,832 | ---- | C] () -- C:\Users\Kenny\_viminfo
[2011/09/12 15:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/05/24 09:47:11 | 000,000,218 | ---- | C] () -- C:\Users\Kenny\.recently-used.xbel
[2011/05/23 18:33:48 | 000,143,360 | ---- | C] () -- C:\Windows\Vmix108.dll
[2011/05/23 18:33:48 | 000,000,169 | ---- | C] () -- C:\Windows\Cm108.ini.cfl
[2011/05/23 18:33:40 | 000,002,029 | ---- | C] () -- C:\Windows\Cm108.ini.cfg
[2011/05/23 18:33:40 | 000,001,318 | ---- | C] () -- C:\Windows\cm108.ini
[2011/05/23 18:33:40 | 000,000,126 | ---- | C] () -- C:\Windows\Cm108.ini.imi
[2011/05/02 03:18:54 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/05/02 03:18:54 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/03/22 12:15:30 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/03/08 09:17:34 | 000,000,093 | ---- | C] () -- C:\Users\Kenny\AppData\Local\fusioncache.dat
[2011/03/07 18:34:09 | 000,755,554 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/03/04 09:16:43 | 000,233,984 | ---- | C] () -- C:\Users\Kenny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/24 17:56:53 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2011/02/24 16:47:15 | 000,000,798 | ---- | C] () -- C:\Users\Kenny\AppData\Local\RT61_{AB01BAC0-BF9E-4A1A-8C50-D46ED07B6C2A}_sta
[2011/02/24 16:47:03 | 000,000,795 | ---- | C] () -- C:\Users\Kenny\AppData\Local\RT61_{AB01BAC0-BF9E-4A1A-8C50-D46ED07B6C2A}_prof
[2011/02/24 14:41:30 | 000,007,614 | ---- | C] () -- C:\Users\Kenny\AppData\Local\Resmon.ResmonCfg
[2011/02/24 08:06:41 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

========== LOP Check ==========

[2012/07/19 11:28:39 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\Advanced Combat Tracker
[2011/12/01 11:58:34 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\Amazon
[2011/06/18 10:20:29 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\Barnes & Noble
[2012/04/08 00:51:43 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\com.pandora.desktop.FB9956FD96E03239939108614098AD95535EE674.1
[2012/07/20 23:45:15 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\Dropbox
[2012/06/08 16:11:56 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\EoN
[2012/01/31 11:59:36 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\ESET
[2011/06/30 07:50:48 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\FireShot
[2011/05/24 09:06:35 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\gtk-2.0
[2011/02/28 23:27:02 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\IrfanView
[2012/06/06 08:56:33 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\Juniper Networks
[2011/09/09 20:38:36 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\LolClient
[2011/05/04 11:07:30 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\MMOUI
[2012/07/20 21:05:00 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\Mumble
[2012/03/27 12:28:09 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\ooVoo Details
[2011/04/04 12:43:01 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\OpenOffice.org
[2011/05/24 08:42:55 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\Participatory Culture Foundation
[2011/06/21 12:25:19 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\PCF-VLC
[2012/03/06 16:39:01 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\RadeonPro
[2011/03/19 01:41:04 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\Replay Media Catcher 4
[2011/12/01 19:39:12 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\RIFT
[2012/06/24 08:04:15 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\SystemRequirementsLab
[2012/07/20 20:54:47 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\TestApp
[2012/07/20 23:54:37 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\TS3Client
[2012/07/20 23:54:37 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\uTorrent
[2011/11/09 23:40:20 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\Voxatron
[2011/06/21 16:18:12 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\wargaming.net
[2012/04/03 11:14:16 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\WeatherBug
[2012/03/15 20:32:05 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\webex
[2012/04/03 11:15:04 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\Winff
[2012/07/11 14:54:24 | 000,000,000 | ---D | M] -- C:\Users\Kenny\AppData\Roaming\Wireshark
[2012/07/15 08:30:57 | 000,000,292 | ---- | M] () -- C:\Windows\Tasks\NannyPay 2012 Updates.job
[2009/07/13 22:08:49 | 000,029,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 175 bytes -> C:\ProgramData\TEMP:A149E8AD
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >

And Extras.txt

OTL Extras logfile created on: 7/21/2012 10:38:59 AM - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Kenny\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.99 Gb Total Physical Memory | 4.34 Gb Available Physical Memory | 54.32% Memory free
15.98 Gb Paging File | 12.60 Gb Available in Paging File | 78.84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.51 Gb Total Space | 617.61 Gb Free Space | 66.30% Space Free | Partition Type: NTFS
Drive D: | 698.63 Gb Total Space | 35.65 Gb Free Space | 5.10% Space Free | Partition Type: NTFS
Drive E: | 97.65 Gb Total Space | 4.91 Gb Free Space | 5.02% Space Free | Partition Type: NTFS
Drive F: | 270.22 Gb Total Space | 135.48 Gb Free Space | 50.14% Space Free | Partition Type: NTFS
Drive H: | 614.91 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive I: | 930.86 Gb Total Space | 744.91 Gb Free Space | 80.02% Space Free | Partition Type: NTFS

Computer Name: OFFICE | User Name: Kenny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1840BB83-2EB0-404E-A96F-9BDC17CC784A}" = lport=57411 | protocol=6 | dir=in | name=pando media booster |
"{1A7B5BD4-EFC7-4C4F-99D9-A65AE66A9B80}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{34E66025-AB17-4C7C-8067-3BE8E3AA6DC5}" = lport=57411 | protocol=6 | dir=in | name=pando media booster |
"{35BBA779-B70D-42A9-8796-9CCB14FF0BA1}" = lport=137 | protocol=17 | dir=in | app=system |
"{375C3857-20C9-4594-B1F3-CE713A7AFDF6}" = lport=10243 | protocol=6 | dir=in | app=system |
"{3AE97CF4-1C1C-4B68-8339-11FE15154642}" = lport=57411 | protocol=17 | dir=in | name=pando media booster |
"{3F595A33-1DC7-40B8-B566-F99FFC5C70EE}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{4108F6E6-FCCD-4FD5-8800-EE4826F82193}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{41719CFA-584F-434E-8D29-F814E03D589F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{477D9B48-0092-4B69-AA59-4644F250DB8C}" = lport=57320 | protocol=6 | dir=in | name=pando media booster |
"{4FE9C742-CE4C-4AFC-9DCF-18159F5FE60F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{592833FE-0F88-47C4-A712-DF35FF5AB35C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5961BFE1-F35B-40F5-BB74-FDAB352E1B86}" = lport=57411 | protocol=17 | dir=in | name=pando media booster |
"{5BF08695-EF3D-457C-AA50-1E80C533117E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{60504659-1046-4FA0-BC86-B25B4050F76C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{72AE0194-B3B2-4363-BF3A-1E1B0508B65F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{756598A2-D511-4BF0-BD27-55214BD46F19}" = lport=445 | protocol=6 | dir=in | app=system |
"{7C7EB19B-C117-4EB5-91DF-650D83B75E44}" = rport=139 | protocol=6 | dir=out | app=system |
"{814920F3-7D63-4004-8A3F-733E5E8A18C7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{833BD6E7-4C84-42EC-B544-FBFE70149449}" = rport=137 | protocol=17 | dir=out | app=system |
"{84F53399-64C2-46F6-AFF7-81C4EA87AA21}" = lport=138 | protocol=17 | dir=in | app=system |
"{91F2D5B1-87CF-4A60-BC5E-F5495C826C77}" = rport=138 | protocol=17 | dir=out | app=system |
"{933DADBB-DD7B-45FC-A084-0F741D57C221}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{94A52770-7164-4DAD-B7CE-59CB40AB4BA2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A817416C-695F-4592-8166-0DCE72F4FBF7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{AAD48843-6849-4365-ACB2-1BB7E289AAEE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AF95B84F-15B3-4604-B591-FC0E3D85BF9F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{BD21BF13-E503-4905-9E11-0283334668FD}" = rport=445 | protocol=6 | dir=out | app=system |
"{D60947B3-E7A8-40DB-826A-DA5C0973515B}" = lport=139 | protocol=6 | dir=in | app=system |
"{DA239396-4C81-4864-B434-A41A397C51F0}" = lport=57320 | protocol=17 | dir=in | name=pando media booster |
"{DF6F3E3D-C0DA-455A-8882-FC30F3C8E9FA}" = lport=57320 | protocol=17 | dir=in | name=pando media booster |
"{EA9493C4-E565-4962-8BEB-F43EBD3F517B}" = lport=57320 | protocol=6 | dir=in | name=pando media booster |
"{ED264238-747F-4FFA-A3F8-D7BA9CF387BF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F9D2A150-2EF5-447B-A324-87D120A01ACD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0201DB8B-796E-41A7-B2FC-313E264A82DE}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"{030915A3-493A-4A42-B529-8E1526217632}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{05C24E57-46D4-4485-96D4-BCED47455262}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{06F224B5-2A92-4607-AE72-86B2741E8866}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{0D79E089-8CA5-4636-BBB3-506BE151D74B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{0E36873D-149F-45FC-B703-7F79D2B2EA7C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{12A0AC91-163E-4AAC-AD14-2EADED025FE2}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{13A51EBD-D3F8-4C48-BEA2-25349DA109AB}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{158909F0-0106-4FEE-B860-47A9BBD68774}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{1665F20D-E081-43A1-A145-BFF1A2AB1B3C}" = protocol=17 | dir=in | app=c:\the secret world\clientpatcher.exe |
"{18486427-7BE3-40A0-9B01-7877345669EA}" = protocol=6 | dir=in | app=c:\users\kenny\appdata\local\apps\2.0\739p9wkd.a7x\6w47mzb4.oow\curs..tion_eee711038731a406_0004.0000_efb506202a7c3b08\curseclient.exe |
"{19D82828-A31E-4110-A188-1CE595628283}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{217B9C1F-EACF-4419-8ACE-2151E0C6E7AC}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{28F11153-AC68-4657-A320-0E9BD32ADDFF}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{2BE2C49A-B54A-4AD2-9F50-765BDF5AF6F5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2C484AEC-1151-40F8-B0E2-2402C18B11BD}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{36CA63F1-6B1E-46C1-AF16-9BCC1C0B8B43}" = protocol=6 | dir=in | app=c:\program files\newsbin\newsbinpro64.exe |
"{43224758-8C6D-4E9E-9116-A778436DDAAF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{446F98A0-2F1A-4684-BB8D-FBAE91328269}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{44DF1079-55B1-490A-BE05-67B96E5FB3F5}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{4665098E-6D69-4917-8DBC-F29091515ACB}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{4B059459-AD58-4EC0-8774-219F187EE3DF}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{4BA4C0A2-CE36-43A0-95F7-9192DBB095EC}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{4DB3F459-2BBF-4BE7-91E4-396D2A718763}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{50842B7C-0091-4481-A58F-F912CED6782F}" = protocol=17 | dir=in | app=c:\endofnations\rtsclientg.exe |
"{539BD163-E637-4413-A17F-CE9C20783A8C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{54B4EE05-6741-45C2-9A64-2221C00083DE}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{5C0373A9-605C-4BD0-BED0-83454C369315}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{5D8A6C80-45B5-4C95-AABC-E2E78AA0909D}" = protocol=6 | dir=in | app=c:\the secret world\clientpatcher.exe |
"{61553072-E399-47B3-930F-312B84C40150}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\plants vs zombies\plantsvszombies.exe |
"{61D636D1-5944-40DF-A156-4B2774218863}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{639C08DC-E920-4467-9C28-E01B5DEBCE8D}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{6A1FE693-3C62-4B5C-86B2-4A75906C85AB}" = protocol=17 | dir=in | app=c:\program files\newsbin\newsbinpro64.exe |
"{6C9F5944-D6E3-467B-AD36-2093FCF662B5}" = protocol=17 | dir=in | app=c:\users\kenny\appdata\local\apps\2.0\739p9wkd.a7x\6w47mzb4.oow\curs..tion_eee711038731a406_0004.0000_efb506202a7c3b08\curseclient.exe |
"{74631567-15A0-4CAC-A883-A61C62B153B7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7BED3200-C253-4B51-8E03-325FDFB48133}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7F5F4F34-5C4D-4E02-AA37-295FB25614A3}" = protocol=6 | dir=in | app=c:\users\kenny\appdata\roaming\dropbox\bin\dropbox.exe |
"{82357DA9-7B6E-4658-96C2-88ED62426469}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{82BC96FE-911E-4C6B-95DD-896602F015BC}" = protocol=1 | dir=in | [email protected],-28543 |
"{832CC5AE-2ECF-4E35-B86E-0B1CDB688685}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{842DDBE2-272F-4EC1-8919-1DBBA3526807}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{85093659-7F3C-4EC2-8FC2-00C6BE93F0F3}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{8605A856-5BCA-462F-BD5D-6004A6807DEC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\plants vs zombies\plantsvszombies.exe |
"{92DDCB93-7B7E-4CC7-85C1-69F8ADE3BCE4}" = protocol=6 | dir=out | app=system |
"{9763D631-EF97-42EA-B157-C6879B612ABA}" = protocol=58 | dir=out | [email protected],-28546 |
"{97AEF636-DD2F-4389-BDD9-D176FD611029}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"{983EEEA7-E31D-4F42-B304-A0A95B278BEB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{9CBF59F6-5CF0-4AC2-B288-696E6E5C1CEA}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A018345A-AA57-4C88-9792-F5800A9FDD8B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A0DADDC0-8F17-4EF2-ABAC-5B79D1608E1D}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{A12DCBA2-40BC-4C9A-B257-289B1E4F8C44}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{A27A3C2D-9ED4-45B1-A815-CC46698DCA90}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{A9E7784F-A76E-4879-B53C-5DB8405103B5}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{AA469A04-24D3-47FB-A2AB-CFFFA9916F59}" = protocol=58 | dir=in | [email protected],-28545 |
"{ABBBCB70-6ECD-4B54-A981-DCAC7EDD6E2F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AE8F6158-74C5-4E06-BF66-B42AF5C0581D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{B02686B8-493A-4499-ACBC-8E9BA22ED68D}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii beta\diablo iii.exe |
"{B25B358A-BAAB-4C1D-BFE6-1FA06F289D13}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{BA874EDB-BA3B-4348-A5AA-7CBC089C549E}" = protocol=17 | dir=in | app=c:\users\kenny\appdata\roaming\dropbox\bin\dropbox.exe |
"{BE1CCE76-3BBC-42B2-A5E7-1E337A625EDF}" = protocol=6 | dir=in | app=c:\endofnations\rtsclientg.exe |
"{BF214D5D-0488-44BF-830D-857CDC9149E7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C316001F-0EAB-46C6-934E-5B5F82BDFC31}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{C71F8B89-BA6D-4B13-B31F-382E12EFD94D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CC14F5B9-4391-4008-9617-73759F0252E6}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{CEA6B8F1-2CC0-4EC1-AA4F-555666A9257E}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii beta\diablo iii.exe |
"{D1DB6258-C895-4AAF-ABCB-7155F32B9E77}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DAAAF4CC-27DA-4AEB-95F3-BE0C71638C76}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{DB5436CC-0B01-4938-8DDA-223C43542EDE}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{DC205E21-2DEF-46D9-B89B-DF3492F07041}" = protocol=1 | dir=out | [email protected],-28544 |
"{DD82094E-5560-4773-8756-F107BCC0E09B}" = protocol=6 | dir=out | app=c:\program files\newsbin\newsbinpro64.exe |
"{EA26DABB-A502-4A89-A943-9D5B4B6061F5}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{F5A0FF39-78CF-46AB-B29B-C26A09A6584A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"TCP Query User{17F555E7-23FA-4D6C-A5F1-7F26DC4CFFF5}C:\program files (x86)\world of warcraft\temp\wow-4.2.0.2492-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.0.2492-enus-tools-downloader.exe |
"TCP Query User{1839BBAA-4A45-4A0A-8657-6180723D5A05}C:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe |
"TCP Query User{1ABA5C93-9836-4499-896F-1BCF67C43F7B}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{24E8CDCF-CAA0-47C6-B3CC-6E4B549F17D1}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe |
"TCP Query User{276DD43D-48DD-459A-AB64-6F76BE20D814}C:\programdata\battle.net\agent\agent.749\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.749\agent.exe |
"TCP Query User{29636C15-ED80-4153-AA4B-028FA5A40108}C:\program files (x86)\world of warcraft\temp\wow-4.2.0.2552-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.0.2552-enus-tools-downloader.exe |
"TCP Query User{31ECB98E-67BB-4BE6-8402-CA87D0B9C7A7}C:\program files (x86)\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"TCP Query User{3831B5B6-A911-42C8-8386-A83A08B5EFE6}C:\program files (x86)\world of warcraft\temp\wow-4.0.1.2210-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.0.1.2210-enus-tools-downloader.exe |
"TCP Query User{41E762DE-83E5-4B52-94DD-A293FA5A3E7D}C:\program files (x86)\participatory culture foundation\miro\miro_downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\participatory culture foundation\miro\miro_downloader.exe |
"TCP Query User{56D4EE09-5334-4450-ADE4-151E644DF509}C:\program files (x86)\world of warcraft\temp\wow-4.1.0.2346-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.1.0.2346-enus-tools-downloader.exe |
"TCP Query User{5E4F0F15-2B8A-4C25-8A58-4FF77ED0A53E}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2617-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2617-enus-tools-downloader.exe |
"TCP Query User{87CD4448-FB13-4030-9F1E-C39E99D5E455}C:\program files (x86)\world of warcraft\temp\wow-4.1.0.2317-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.1.0.2317-enus-tools-downloader.exe |
"TCP Query User{9079463A-C27D-4FBB-A9D7-9C0A7C12209D}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2609-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2609-enus-tools-downloader.exe |
"TCP Query User{90AC1C05-6AD0-4677-A066-D62771DB523E}C:\users\kenny\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\kenny\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{959BCA5B-CDF0-4602-BE2F-3F70CC44A048}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{C9CA20F4-2B49-49C3-B1BF-D4FF0D190DFB}C:\program files (x86)\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe |
"TCP Query User{F0A8ADA1-F056-4DD8-B5B7-FD79C2847D8E}C:\program files (x86)\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"UDP Query User{03E54323-DF74-48F6-AD1F-AD5EF9C6658C}C:\program files (x86)\world of warcraft\temp\wow-4.2.0.2552-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.0.2552-enus-tools-downloader.exe |
"UDP Query User{0C683C11-369A-41BF-935D-4045F7FB3FCE}C:\users\kenny\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\kenny\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{2065695E-0EFA-4B3A-B468-C208ACD3D00E}C:\program files (x86)\participatory culture foundation\miro\miro_downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\participatory culture foundation\miro\miro_downloader.exe |
"UDP Query User{25E5F82F-24C7-4254-89D8-CF0ADCCA22ED}C:\program files (x86)\world of warcraft\temp\wow-4.1.0.2317-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.1.0.2317-enus-tools-downloader.exe |
"UDP Query User{3916D017-81C1-45B2-AD14-9C6F56E9E156}C:\program files (x86)\world of warcraft\temp\wow-4.0.1.2210-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.0.1.2210-enus-tools-downloader.exe |
"UDP Query User{3F09436D-49AF-472D-8AB0-62D0691F852B}C:\program files (x86)\world of warcraft\temp\wow-4.2.0.2492-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.0.2492-enus-tools-downloader.exe |
"UDP Query User{6500C197-82D3-4C7D-99C2-E334497E69A2}C:\program files (x86)\world of warcraft\temp\wow-4.1.0.2346-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.1.0.2346-enus-tools-downloader.exe |
"UDP Query User{656E7724-691A-48DF-81A1-138CB9877D92}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2617-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2617-enus-tools-downloader.exe |
"UDP Query User{6A777CE8-8863-4D3F-B54F-69D5F25F24A5}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2609-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2609-enus-tools-downloader.exe |
"UDP Query User{846A4AC9-E7F3-4B03-A617-BA25C30381FD}C:\program files (x86)\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"UDP Query User{8F5B7A54-1907-45CE-8F1A-351462E03AF2}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{9A572543-EC7C-4182-8E39-2305407F4053}C:\programdata\battle.net\agent\agent.749\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.749\agent.exe |
"UDP Query User{9D0BB40C-C2DA-422E-A567-3FCEC84B0492}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe |
"UDP Query User{C466779B-5008-4814-8010-E7E057443E67}C:\program files (x86)\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"UDP Query User{EB935790-4C13-4731-8013-1C113D8CBDE6}C:\program files (x86)\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe |
"UDP Query User{F186210A-5068-4EA4-BA56-EEDB511B056E}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{F7B9294E-635F-407C-8111-3DB3122BB308}C:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{21D0374C-C358-0748-CAF9-7CBE65EB6FFF}" = AMD Fuel
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2D58E228-ACD8-0B8A-E1FF-D3F7020DA30F}" = AMD Media Foundation Decoders
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{47F9B7C3-F172-940F-D0C4-203C7914E5D2}" = AMD Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4E021D2A-16ED-4FFF-87CB-774F4F62A1A1}" = ccc-utility64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6965A8D2-465D-4F98-9FAA-0E9E2348F329}" = Microsoft LifeCam
"{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}" = Microsoft IntelliType Pro 8.2
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0015-0409-1000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-1000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-1000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUSR_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUSR_{1779650B-2E44-4A19-8DF6-3866D645764A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{270CA0B9-9881-44DB-BC3B-37C7E66A044A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2010
"{90140000-0043-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{FCD1C311-8B02-4DBD-BA46-1079C629577E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-1000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-1000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0409-1000-0000000FF1CE}" = Microsoft Outlook Hotmail Connector 64-bit
"{95140000-007D-0409-1000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 64-bit
"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
"{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}" = Logitech GamePanel Software 3.06.109
"{B58BCCB9-03C9-475A-93F5-CB00AB789EC5}" = Replay Media Catcher 4
"{BABA4667-CF82-B330-A8E5-6E8A09B2D911}" = AMD Accelerated Video Transcoding
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA2737A4-B639-96F4-1CC2-30D2919EE1FB}" = AMD Steady Video Plug-In
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F7274D82-C857-4C20-AB1A-D701D64BFD90}" = ESET Smart Security
"{F809FFB5-6F9B-AFDE-6048-5D9E95A85505}" = AMD Drag and Drop Transcoding
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"CCleaner" = CCleaner
"C-Media CM108 Like Sound Driver" = USB PnP Sound Device
"Defraggler" = Defraggler
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"Newsbin6" = Newsbin Pro
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"The Secret World_is1" = The Secret World
"Vim 7.3" = Vim 7.3 (self-installing)
"WinRAR archiver" = WinRAR 4.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{14DDF23F-414A-46DB-4762-56569080292C}" = CCC Help Russian
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{21D6A73A-48E6-2195-C408-2158273A914E}" = Catalyst Control Center Localization All
"{224828D6-DCA7-FDF3-3B85-085298AEC919}" = Catalyst Control Center InstallProxy
"{2596DB11-997F-FC5B-F5C2-737623D9D8B6}" = AMD VISION Engine Control Center
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java™ 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{28904D9A-13A6-ECA2-48D8-21542759D998}" = CCC Help Polish
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2C8BBDA6-79A7-B2DE-3E5B-287E7F667C67}" = CCC Help Danish
"{2E119961-E99B-C147-9AC3-A93683172DC1}" = CCC Help Swedish
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3C982AF3-D4E9-47A6-8D56-E77B9E585535}" = NannyPay 2012
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{3F15E203-BC3E-3597-84CD-EDF99546C917}" = Google Talk Plugin
"{44ED90A1-453B-5C9A-D9ED-80D8AB0258B8}" = CCC Help Thai
"{45E00595-897E-64B6-28F9-5D0927EBA4A5}" = CCC Help Chinese Standard
"{46DE5F4E-BA8B-AC9E-0EED-05B7D93AD215}" = CCC Help Spanish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5B04E832-4530-B8FF-F742-8BE25ADD43BD}" = CCC Help German
"{5ED93D68-5EAA-9343-9B74-B1E276217264}" = CCC Help Dutch
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D185295-DE89-9C39-18E6-310C148836EB}" = CCC Help Chinese Traditional
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71A8F958-D272-E262-7C9A-7B8F713EE0C3}" = CCC Help French
"{71F3A3A2-29B6-4FC4-ACB3-DA8AF3C01E5D}" = Cisco CCNA 640-802
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7513D3F0-55BC-273C-7A53-488394EDBFCC}" = CCC Help Italian
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79AA9BFA-F962-A1E9-71CE-D0887A92444C}" = CCC Help Portuguese
"{7ACEF1BF-9306-5AD7-5F30-ECE72A81E924}" = CCC Help Finnish
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{81F1814D-8658-72CC-D370-A08E1014EF03}" = Pandora
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8B76B8E9-F773-4B75-A08C-120079EB765E}" = RAIDXpert
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{97AE00A8-1336-410F-B467-1C6623127BD6}" = DesignPro 5.0 Limited Edition
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C1EC871-05B9-03B7-96F6-9BD5C0D8F41D}" = Catalyst Control Center Graphics Previews Common
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}" = Mumble 1.2.3
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C4129D57-5C83-3BF0-A11A-3798C008C6C7}" = CCC Help Greek
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D0BC4101-6C30-ECFF-F693-63408134F29B}" = CCC Help Czech
"{D2402DAD-B180-A4A0-261D-4A8933BFBFEE}" = CCC Help Japanese
"{D2750AC7-0045-40BE-B7EA-B26DDF6D5618}" = CramMaster
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7A0A22A-C132-4B6F-8D68-67B95117DE93}" = RIFT
"{DA7E8D81-2B14-415B-8FC5-02CE4CF9F839}" = CCC Help Hungarian
"{DB3FBD3C-A061-34C9-0A2B-6CCDD8C96640}" = CCC Help Turkish
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E086E914-2928-48F9-364B-0C715DFF6A45}" = CCC Help Korean
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E8F30BD6-ABAB-C24E-E9A7-BF67EB96152C}" = CCC Help Norwegian
"{E9A5B6CD-7ABB-F295-2E11-F25BC322FF80}" = CCC Help English
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FAB1F336-1B7C-4057-A7BC-2922CD82A781}" = Ralink Wireless LAN
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"12bbe590-c890-11d9-9669-0800200c9a66_is1" = The Lord of the Rings Online™ v03.02.05.8032
"3GP Player_is1" = 3GP Player 1.1.7
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Combat Tracker" = Advanced Combat Tracker (remove only)
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.15
"BN_DesktopReader" = NOOK for PC
"Cisco CCNA 640-802" = Cisco CCNA 640-802
"com.pandora.desktop.FB9956FD96E03239939108614098AD95535EE674.1" = Pandora
"CramMaster" = CramMaster
"Diablo III" = Diablo III
"DivX Setup.divx.com" = DivX Setup
"Effective File Search" = Effective File Search 6.8
"ERUNT_is1" = ERUNT 1.1j
"FileZilla Client" = FileZilla Client 3.5.2
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{97AE00A8-1336-410F-B467-1C6623127BD6}" = DesignPro 5.0 Limited Edition
"InstallShield_{D7A0A22A-C132-4B6F-8D68-67B95117DE93}" = RIFT
"IrfanView" = IrfanView (remove only)
"Juniper Network Connect 6.5.0" = Juniper Networks Network Connect 6.5.0
"Juniper Network Connect 7.1.0" = Juniper Networks Network Connect 7.1.0
"Juniper_Setup_Client Activex Control" = Juniper Networks Setup Client Activex Control
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NannyPay 2012" = NannyPay 2012
"Picasa 3" = Picasa 3
"QuickPar" = QuickPar 0.9
"RadeonPro_is1" = RadeonPro 1.0 (Build 1.1.0.6)
"RaidCall" = RaidCall
"Steam App 3590" = Plants vs. Zombies: Game of the Year
"The Secret World_is1" = The Secret World
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.2
"Voxatron" = Voxatron 0.1.5
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"Wireshark" = Wireshark 1.6.8 (64-bit)
"World of Warcraft" = World of Warcraft
"World of Warcraft Beta" = World of Warcraft Beta
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"101a9f93b8f0bb6f" = Curse Client
"ActiveTouchMeetingClient" = WebEx
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"HuluDesktop" = Hulu Desktop
"Juniper_Citrix_Services" = Juniper Citrix Services Client
"Juniper_Setup_Client" = Juniper Networks, Inc. Setup Client
"MusicManager" = Music Manager
"Neoteris_Host_Checker" = Juniper Networks Host Checker
"SOE-EverQuest" = EverQuest
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6/14/2012 7:25:05 PM | Computer Name = Office | Source = Application Error | ID = 1000
Description = Faulting application name: plugin-container.exe, version: 12.0.0.4493,
time stamp: 0x4f920759 Faulting module name: NPSWF32_11_3_300_257.dll_unloaded,
version: 0.0.0.0, time stamp: 0x4fc821fc Exception code: 0xc0000005 Fault offset:
0x5a299903 Faulting process id: 0xc20 Faulting application start time: 0x01cd4a7f12abfed2
Faulting
application path: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Faulting
module path: NPSWF32_11_3_300_257.dll Report Id: 2ba3de93-b678-11e1-9cb5-406186c9077d

Error - 6/15/2012 6:39:41 PM | Computer Name = Office | Source = Application Error | ID = 1000
Description = Faulting application name: plugin-container.exe, version: 12.0.0.4493,
time stamp: 0x4f920759 Faulting module name: NPSWF32_11_3_300_257.dll_unloaded,
version: 0.0.0.0, time stamp: 0x4fc821fc Exception code: 0xc0000005 Fault offset:
0x55c79903 Faulting process id: 0xaa8 Faulting application start time: 0x01cd4b3fbeb50d30
Faulting
application path: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Faulting
module path: NPSWF32_11_3_300_257.dll Report Id: fe7c074a-b73a-11e1-9cb5-406186c9077d

Error - 6/18/2012 2:13:58 PM | Computer Name = Office | Source = Application Error | ID = 1000
Description = Faulting application name: FlashPlayerPlugin_11_3_300_257.exe, version:
11.3.300.257, time stamp: 0x4fc82063 Faulting module name: NPSWF32_11_3_300_257.dll,
version: 11.3.300.257, time stamp: 0x4fc821fc Exception code: 0xc0000005 Fault offset:
0x000ccb60 Faulting process id: 0x1a88 Faulting application start time: 0x01cd4d116ff41201
Faulting
application path: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe
Faulting
module path: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll Report
Id: 5edb5bc1-b971-11e1-88fe-406186c9077d

Error - 6/19/2012 10:20:19 AM | Computer Name = Office | Source = Application Error | ID = 1000
Description = Faulting application name: plugin-container.exe, version: 12.0.0.4493,
time stamp: 0x4f920759 Faulting module name: NPSWF32_11_3_300_257.dll_unloaded,
version: 0.0.0.0, time stamp: 0x4fc821fc Exception code: 0xc0000005 Fault offset:
0x5a409903 Faulting process id: 0x5dbc Faulting application start time: 0x01cd4dd7264f8987
Faulting
application path: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Faulting
module path: NPSWF32_11_3_300_257.dll Report Id: e550b719-ba19-11e1-88fe-406186c9077d

Error - 6/23/2012 2:50:11 PM | Computer Name = Office | Source = Application Error | ID = 1000
Description = Faulting application name: TheSecretWorldDX11.exe, version: 1.0.0.0,
time stamp: 0x4fe489d5 Faulting module name: PhysX3_x86.dll, version: 3.2.0.1, time
stamp: 0x4fa18191 Exception code: 0xc0000005 Fault offset: 0x0021da5c Faulting process
id: 0x69c4 Faulting application start time: 0x01cd515d7918949f Faulting application
path: C:\The Secret World-Closed\TheSecretWorldDX11.exe Faulting module path: C:\The
Secret World-Closed\PhysX3_x86.dll Report Id: 424cc0ff-bd64-11e1-88fe-406186c9077d

Error - 6/23/2012 2:52:45 PM | Computer Name = Office | Source = Application Error | ID = 1000
Description = Faulting application name: TheSecretWorldDX11.exe, version: 1.0.0.0,
time stamp: 0x4fe489d5 Faulting module name: PhysX3_x86.dll, version: 3.2.0.1, time
stamp: 0x4fa18191 Exception code: 0xc0000005 Fault offset: 0x0021da5c Faulting process
id: 0xab08 Faulting application start time: 0x01cd51711cb0a0da Faulting application
path: C:\The Secret World-Closed\TheSecretWorldDX11.exe Faulting module path: C:\The
Secret World-Closed\PhysX3_x86.dll Report Id: 9e37ea5c-bd64-11e1-88fe-406186c9077d

Error - 6/23/2012 2:54:29 PM | Computer Name = Office | Source = Application Error | ID = 1000
Description = Faulting application name: TheSecretWorldDX11.exe, version: 1.0.0.0,
time stamp: 0x4fe489d5 Faulting module name: PhysX3_x86.dll, version: 3.2.0.1, time
stamp: 0x4fa18191 Exception code: 0xc0000005 Fault offset: 0x0021da5c Faulting process
id: 0xd5d8 Faulting application start time: 0x01cd51717d1f8e84 Faulting application
path: C:\The Secret World-Closed\TheSecretWorldDX11.exe Faulting module path: C:\The
Secret World-Closed\PhysX3_x86.dll Report Id: dc542d8d-bd64-11e1-88fe-406186c9077d

Error - 6/23/2012 6:21:41 PM | Computer Name = Office | Source = Application Error | ID = 1000
Description = Faulting application name: TheSecretWorldDX11.exe, version: 1.0.0.0,
time stamp: 0x4fe489d5 Faulting module name: PhysX3_x86.dll, version: 3.2.0.1, time
stamp: 0x4fa18191 Exception code: 0xc0000005 Fault offset: 0x0021db52 Faulting process
id: 0x86c4 Faulting application start time: 0x01cd518e51aacfbc Faulting application
path: C:\The Secret World-Closed\TheSecretWorldDX11.exe Faulting module path: C:\The
Secret World-Closed\PhysX3_x86.dll Report Id: ce56a8bb-bd81-11e1-88fe-406186c9077d

Error - 7/7/2012 7:50:01 PM | Computer Name = Office | Source = Application Error | ID = 1000
Description = Faulting application name: Fuel.Service.exe, version: 1.0.0.0, time
stamp: 0x4fd626ed Faulting module name: Device.dll, version: 4.1.0.0, time stamp:
0x4f55e10b Exception code: 0xc0000005 Fault offset: 0x00000000000033c1 Faulting process
id: 0x18ec Faulting application start time: 0x01cd55a449204fbf Faulting application
path: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe Faulting module
path: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll Report Id: 77219dc3-c88e-11e1-911a-406186c9077d

Error - 7/11/2012 11:02:43 AM | Computer Name = Office | Source = Application Error | ID = 1000
Description = Faulting application name: Fuel.Service.exe, version: 1.0.0.0, time
stamp: 0x4fd626ed Faulting module name: Device.dll, version: 4.1.0.0, time stamp:
0x4f55e10b Exception code: 0xc0000005 Fault offset: 0x00000000000033c1 Faulting process
id: 0x620 Faulting application start time: 0x01cd5f6c23914a13 Faulting application
path: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe Faulting module
path: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll Report Id: 76fed483-cb69-11e1-b6ab-406186c9077d

[ System Events ]
Error - 7/20/2012 11:43:41 PM | Computer Name = Office | Source = Service Control Manager | ID = 7023
Description = The Windows Defender service terminated with the following error:
%%126

Error - 7/20/2012 11:43:46 PM | Computer Name = Office | Source = Service Control Manager | ID = 7000
Description = The AODDriver4.1 service failed to start due to the following error:
%%2

Error - 7/21/2012 12:04:15 AM | Computer Name = Office | Source = PCTCore | ID = 327960
Description =

Error - 7/21/2012 12:04:17 AM | Computer Name = Office | Source = PCTCore | ID = 327960
Description =

Error - 7/21/2012 12:04:19 AM | Computer Name = Office | Source = PCTCore | ID = 327960
Description =

Error - 7/21/2012 12:04:20 AM | Computer Name = Office | Source = PCTCore | ID = 327960
Description =

Error - 7/21/2012 12:04:20 AM | Computer Name = Office | Source = PCTCore | ID = 327960
Description =

Error - 7/21/2012 2:44:04 AM | Computer Name = Office | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:00:11 PM on ?7/?20/?2012 was unexpected.

Error - 7/21/2012 2:44:05 AM | Computer Name = Office | Source = Service Control Manager | ID = 7000
Description = The AODDriver4.1 service failed to start due to the following error:
%%2

Error - 7/21/2012 2:44:10 AM | Computer Name = Office | Source = Service Control Manager | ID = 7000
Description = The AODDriver4.1 service failed to start due to the following error:
%%2


< End of report >
  • 0

Advertisements

#2
kraby
Posted 22 July 2012 - 11:50 PM

kraby

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
The solution at

http://productforums.google.com/forum/#!category-topic/chrome/report-a-problem-and-get-troubleshooting-help/eAMUtQjr3t8

Seems to have cleared it up for me.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP