Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Multiple severe trojan infections. [Solved]

Started by Ren12 , Jul 30 2012 09:32 PM

Page 5 of 7
3
4
5
6
7

This topic is locked

#61
Essexboy

Posted 16 August 2012 - 07:09 AM

GeekU Moderator

Retired Staff
69,964 posts

We will check that next but first we need to be sure the redirects are no longer prresent.. Could you check for that please

#62
Ren12

Posted 17 August 2012 - 02:16 PM

Member

Topic Starter
Member
180 posts

Unforutanately the redirects are still happening.

However, they seem pretty harmless.

#63
Essexboy

Posted 17 August 2012 - 03:12 PM

GeekU Moderator

Retired Staff
69,964 posts

Could you give some examples of where you are redirected to please... Also is it all sites or some specific sites

#64
Ren12

Posted 18 August 2012 - 12:07 AM

Member

Topic Starter
Member
180 posts

http://63.209.69.107...n/46251-3482/v5

One example what happens when I google something.

#65
Essexboy

Posted 18 August 2012 - 06:39 AM

GeekU Moderator

Retired Staff
69,964 posts

excellent that now tell me what I am looking for, could you confirm that this is in Firefox only

Restart Firefox in safe mode

Re-enable the addons one at a time checking between each for redirects...
Continue with this untill they return and then disable the last addon that you selected...Let me know which one it was
Do you have one called translate this or something similar ?

#66
Ren12

Posted 18 August 2012 - 12:08 PM

Member

Topic Starter
Member
180 posts

It's not just firefox.

I have switched browser and atm I'm using google chrome because google chrome has a script build in for viruses.

EDIT: My chrome has the translate this thing.

Edited by Ren12, 18 August 2012 - 12:46 PM.

#67
Essexboy

Posted 18 August 2012 - 12:12 PM

GeekU Moderator

Retired Staff
69,964 posts

OK could you run a fresh OTL scan for me please and ensure that all users is selected

#68
Ren12

Posted 20 August 2012 - 07:48 PM

Member

Topic Starter
Member
180 posts

OTL logfile created on: 8/20/2012 9:27:57 PM - Run 1
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\Renato\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.99 Gb Total Physical Memory | 5.01 Gb Available Physical Memory | 62.70% Memory free
15.98 Gb Paging File | 10.79 Gb Available in Paging File | 67.52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 919.67 Gb Total Space | 734.73 Gb Free Space | 79.89% Space Free | Partition Type: NTFS
Drive D: | 11.56 Gb Total Space | 1.58 Gb Free Space | 13.66% Space Free | Partition Type: NTFS

Computer Name: RENATO-PC | User Name: Renato | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/20 21:27:38 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Renato\Downloads\OTL.exe
PRC - [2012/08/14 00:31:01 | 001,229,848 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012/08/08 20:52:26 | 001,294,336 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
PRC - [2012/08/05 20:12:13 | 001,353,080 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2012/08/01 14:19:01 | 000,529,232 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012/07/12 22:31:52 | 000,038,744 | ---- | M] (NCSoft) -- C:\Program Files (x86)\NCSoft\Launcher\NCLauncher.exe
PRC - [2012/06/14 16:21:06 | 003,089,488 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2012/05/29 11:44:58 | 002,693,008 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.91\deploy\LoLLauncher.exe
PRC - [2011/08/30 12:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011/06/06 15:06:12 | 000,251,744 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
PRC - [2011/06/06 14:26:54 | 006,132,576 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/03/28 18:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/01/10 12:56:36 | 000,689,464 | ---- | M] (Radialpoint Inc.) -- C:\Program Files (x86)\Verizon\VSP\ServicepointService.exe
PRC - [2011/01/10 12:56:32 | 004,318,520 | ---- | M] (Verizon) -- C:\Program Files (x86)\Verizon\VSP\VerizonServicepoint.exe
PRC - [2011/01/10 12:56:32 | 000,488,760 | ---- | M] (Radialpoint Inc.) -- C:\Program Files (x86)\Verizon\VSP\VerizonServicepointComHandler.exe
PRC - [2010/11/20 08:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010/10/29 16:06:08 | 005,915,480 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
PRC - [2010/09/02 05:46:18 | 000,185,640 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe
PRC - [2010/09/02 05:46:16 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe
PRC - [2010/09/02 05:46:04 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe
PRC - [2010/03/17 16:53:24 | 000,207,872 | ---- | M] (Alcatel-Lucent) -- C:\Program Files (x86)\Common Files\Motive\McciContextHookShim.exe
PRC - [2009/10/14 16:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009/10/14 16:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2009/10/07 04:47:22 | 000,125,464 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
PRC - [2009/09/19 18:40:54 | 000,122,880 | ---- | M] () -- C:\Windows\SysWOW64\WinMsgBalloonServer.exe
PRC - [2009/09/19 18:40:48 | 000,139,264 | ---- | M] () -- C:\Windows\SysWOW64\WinMsgBalloonClient.exe
PRC - [2009/09/19 18:39:06 | 000,122,880 | ---- | M] (AMD) -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
PRC - [2009/08/24 22:11:15 | 000,656,896 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
PRC - [2009/06/03 16:35:16 | 000,430,080 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
PRC - [2009/04/23 07:29:18 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2009/04/23 07:29:14 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2009/01/08 09:44:06 | 000,070,936 | ---- | M] (Octoshape ApS) -- C:\Users\Renato\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
PRC - [2008/11/20 14:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

========== Modules (No Company Name) ==========

MOD - [2012/08/14 00:30:59 | 000,442,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.79\ppgooglenaclpluginchrome.dll
MOD - [2012/08/14 00:30:58 | 012,235,288 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll
MOD - [2012/08/14 00:30:57 | 003,997,720 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.79\pdf.dll
MOD - [2012/08/14 00:29:41 | 000,526,872 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.79\libglesv2.dll
MOD - [2012/08/14 00:29:39 | 000,104,984 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.79\libegl.dll
MOD - [2012/08/14 00:29:28 | 000,144,424 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.79\avutil-51.dll
MOD - [2012/08/14 00:29:27 | 000,266,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.79\avformat-54.dll
MOD - [2012/08/14 00:29:26 | 002,480,680 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.79\avcodec-54.dll
MOD - [2012/08/08 20:52:26 | 001,294,336 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
MOD - [2012/08/01 14:18:58 | 020,316,496 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/08/01 14:18:49 | 000,900,944 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012/08/01 14:18:48 | 001,099,576 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012/08/01 14:18:48 | 000,190,776 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/08/01 14:18:48 | 000,123,192 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/07/12 22:31:55 | 000,217,088 | ---- | M] () -- C:\Program Files (x86)\NCSoft\Launcher\UnRar.Net.dll
MOD - [2012/07/12 22:31:53 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\NCSoft\Launcher\NC.Logging.dll
MOD - [2012/06/14 16:21:06 | 003,089,488 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2012/06/14 03:31:55 | 010,580,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Design\7c144f89b1f8f292d6940a1b2f8ffbec\System.Design.ni.dll
MOD - [2012/06/14 03:31:40 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
MOD - [2012/06/14 03:31:28 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/14 03:31:23 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/06/14 03:31:20 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
MOD - [2012/05/29 11:44:58 | 002,693,008 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.91\deploy\LoLLauncher.exe
MOD - [2012/05/11 03:38:42 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll
MOD - [2012/05/11 03:35:55 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll
MOD - [2012/05/11 03:35:43 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/11 03:35:42 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll
MOD - [2012/05/11 03:35:18 | 000,185,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\d8af9a65cf0ed85d47360796e2645a06\UIAutomationTypes.ni.dll
MOD - [2012/05/11 03:35:06 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/05/11 03:35:04 | 000,680,448 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\054fcff18035c210487b0888e6461192\System.Security.ni.dll
MOD - [2012/05/11 03:35:02 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/11 03:34:59 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/11 03:34:58 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/11 03:34:48 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/03/08 16:36:24 | 012,290,432 | ---- | M] () -- C:\Users\Renato\AppData\Roaming\PictureMover\Bin\Core.dll
MOD - [2012/03/08 16:36:20 | 001,699,200 | ---- | M] () -- C:\Users\Renato\AppData\Roaming\PictureMover\EN-US\Presentation.dll
MOD - [2012/02/03 10:02:10 | 000,036,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
MOD - [2011/10/23 20:18:06 | 008,007,680 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2011/04/01 15:48:48 | 008,217,088 | ---- | M] () -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\QtGui4.dll
MOD - [2011/04/01 15:41:58 | 002,267,648 | ---- | M] () -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\QtCore4.dll
MOD - [2011/01/10 12:47:40 | 000,158,208 | ---- | M] () -- C:\Program Files (x86)\Verizon\VSP\Windows7Features.dll
MOD - [2010/11/04 21:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/10/29 16:02:38 | 000,751,616 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\vpxmd.dll
MOD - [2010/10/29 16:01:30 | 000,027,472 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\SDL.dll
MOD - [2009/10/14 16:39:58 | 001,421,656 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\videoc.dll
MOD - [2009/10/14 16:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
MOD - [2009/10/14 16:36:34 | 000,181,592 | ---- | M] () -- C:\Program Files (x86)\Common Files\LogiShrd\LvApi11\LvApi11.dll
MOD - [2009/10/14 16:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2009/09/29 19:25:46 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2009/09/29 19:25:44 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
MOD - [2009/09/29 19:25:38 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2009/09/29 19:25:38 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2009/09/29 19:25:38 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2009/09/29 19:25:36 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2009/09/29 19:25:28 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2009/09/29 19:25:18 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
MOD - [2009/07/13 21:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
MOD - [2009/04/22 17:53:56 | 000,969,040 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\QtNetwork4.dll
MOD - [2009/04/16 14:02:16 | 000,970,752 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2009/04/09 19:04:56 | 002,141,008 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\QtCore4.dll
MOD - [2009/03/03 18:18:08 | 000,138,064 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll
MOD - [2009/03/03 18:18:06 | 000,035,152 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qico4.dll
MOD - [2009/03/03 18:18:06 | 000,029,008 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qgif4.dll
MOD - [2009/03/03 18:17:46 | 011,311,952 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\QtWebKit4.dll
MOD - [2009/03/03 18:17:46 | 000,363,856 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\QtXml4.dll
MOD - [2009/03/03 18:17:44 | 000,200,016 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\QtSql4.dll
MOD - [2009/03/03 18:17:40 | 000,475,472 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\QtOpenGL4.dll
MOD - [2009/03/03 18:17:38 | 007,704,400 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\QtGui4.dll
MOD - [2009/03/03 18:17:32 | 000,291,664 | ---- | M] () -- C:\Program Files (x86)\Logitech\Vid HD\phonon4.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/06/01 02:58:10 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/09/24 13:17:16 | 000,467,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:64bit: - [2010/09/24 13:17:16 | 000,306,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV:64bit: - [2010/09/24 13:17:10 | 008,251,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/10/07 04:47:10 | 000,191,000 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/08/14 22:40:58 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/08/01 14:19:01 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/07/20 17:29:44 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/04/05 15:50:06 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Running] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2012/02/16 15:31:12 | 000,131,912 | ---- | M] (Desura Pty Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Desura\desura_service.exe -- (Desura Install Service)
SRV - [2011/09/09 18:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/08/30 12:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011/06/06 14:26:54 | 006,132,576 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/03/28 18:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011/01/10 12:56:36 | 000,689,464 | ---- | M] (Radialpoint Inc.) [Auto | Running] -- C:\Program Files (x86)\Verizon\VSP\ServicepointService.exe -- (ServicepointService)
SRV - [2010/09/02 05:46:18 | 000,185,640 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe -- (tgsrvc_verizondm)
SRV - [2010/09/02 05:46:16 | 000,206,120 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe -- (sprtsvc_verizondm)
SRV - [2010/06/18 21:59:12 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/19 18:39:06 | 000,122,880 | ---- | M] (AMD) [Auto | Running] -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe -- (AMD_RAIDXpert)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/06/01 05:12:38 | 009,320,448 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2011/06/01 05:12:38 | 009,320,448 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/06/01 02:19:14 | 000,306,688 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/29 07:31:18 | 001,579,520 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/01/28 13:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/10/07 11:49:28 | 006,379,288 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2009/10/07 09:47:46 | 000,327,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2009/10/07 04:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2009/10/07 04:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2009/10/06 09:49:14 | 000,230,456 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ahcix64s.sys -- (ahcix64s)
DRV:64bit: - [2009/08/20 20:05:06 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/05 06:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009/04/03 10:39:58 | 000,034,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV - [2010/03/17 16:53:38 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/03/17 16:53:22 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/09/17 21:41:28 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/02/07 10:18:53] [Kernel | Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {C9B3E73D-3E54-4289-821F-DF4FC0BA4351}
IE:64bit: - HKLM\..\SearchScopes\{8365DB78-A617-4110-B550-5E692367EC58}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE:64bit: - HKLM\..\SearchScopes\{C9B3E73D-3E54-4289-821F-DF4FC0BA4351}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE - HKLM\..\SearchScopes,DefaultScope = {C9B3E73D-3E54-4289-821F-DF4FC0BA4351}
IE - HKLM\..\SearchScopes\{8365DB78-A617-4110-B550-5E692367EC58}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKLM\..\SearchScopes\{C9B3E73D-3E54-4289-821F-DF4FC0BA4351}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.alothome.com/en
IE - HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\..\SearchScopes,DefaultScope = {C9B3E73D-3E54-4289-821F-DF4FC0BA4351}
IE - HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\..\SearchScopes\{8365DB78-A617-4110-B550-5E692367EC58}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\..\SearchScopes\{A531D99C-5A22-449b-83DA-872725C6D0ED}: "URL" = http://search.alot.c...on=1.1.3001.0(B)
IE - HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\..\SearchScopes\{C9B3E73D-3E54-4289-821F-DF4FC0BA4351}: "URL" = http://www.gobrs.com...=t&rls=ergWfHzj
IE - HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..keyword.URL: "http://www.gobrs.com...ls=ergWfHzj&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files (x86)\Verizon\VSP\nprpspa.dll (Verizon)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files (x86)\Verizon\VSP\nprpspa.dll (Verizon)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wolfram.com/Mathematica: C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.3.2427702\npmathplugin.dll (Wolfram Research, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll ()
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Renato\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll (OnLive)
FF - HKCU\Software\MozillaPlugins\@powerchallenge.com/PowerLoader: C:\Users\Renato\AppData\LocalLow\POWERC~1\nppowerloader.dll (Power Challenge Sweden AB)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/20 17:29:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/08/15 21:09:27 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/20 17:29:45 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/08/15 21:09:27 | 000,000,000 | ---D | M]

[2010/07/11 17:37:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Renato\AppData\Roaming\Mozilla\Extensions
[2012/06/27 00:21:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Renato\AppData\Roaming\Mozilla\Firefox\Profiles\04uebt4x.default\extensions
[2010/08/24 16:17:24 | 000,002,197 | ---- | M] () -- C:\Users\Renato\AppData\Roaming\Mozilla\Firefox\Profiles\04uebt4x.default\searchplugins\google-search.xml
[2012/01/12 08:09:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/02/27 17:04:07 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[1832/11/29 00:37:17 | 000,004,819 | ---- | M] () (No name found) -- C:\USERS\RENATO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\04UEBT4X.DEFAULT\EXTENSIONS\[email protected]
[2012/07/20 17:29:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/06/19 11:30:33 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/06/19 11:30:33 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.79\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\Renato\AppData\Roaming\Mozilla\plugins\npoctoshape.dll
CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\Renato\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll
CHR - plugin: Motive Plugin (Enabled) = C:\Program Files (x86)\Common Files\Motive\npMotive.dll
CHR - plugin: Wolfram Mathematica (Enabled) = C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.3.2427702\npmathplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: OnLive Game Client Detector (Enabled) = C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Verizon Servicepoint (Enabled) = C:\Program Files (x86)\Verizon\VSP\nprpspa.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: Power Challenge Loader (Enabled) = C:\Users\Renato\AppData\LocalLow\POWERC~1\nppowerloader.dll
CHR - plugin: Hulu Desktop (Enabled) = C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Skype Click to Call = C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: Gmail = C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/08/05 21:57:19 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ALOT Appbar Helper) - {85F5CF95-EC8F-49fc-BB3F-38C79455CBA2} - C:\Program Files (x86)\alotappbar\bin\BHO\ALOTHelperBHO.dll File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (ALOT Appbar) - {A531D99C-5A22-449b-83DA-872725C6D0ED} - C:\Program Files (x86)\alotappbar\bin\ALOTHelper.dll File not found
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [PC-Doctor for Windows localizer] C:\Program Files\PC-Doctor for Windows\localizer.exe (PC-Doctor, Inc.)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe (Alcatel-Lucent)
O4:64bit: - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [Monitor] C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VERIZONDM] C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [VerizonServicepoint.exe] C:\Program Files (x86)\Verizon\VSP\VerizonServicepoint.exe (Verizon)
O4 - HKU\S-1-5-21-3591711946-2265182465-2123470179-1001..\Run: [Desura] C:\Program Files (x86)\Desura\desura.exe (Desura Pty Ltd)
O4 - HKU\S-1-5-21-3591711946-2265182465-2123470179-1001..\Run: [Logitech Vid] C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKU\S-1-5-21-3591711946-2265182465-2123470179-1001..\Run: [NCsoft Launcher] C:\Program Files (x86)\NCSoft\Launcher\NCLauncher.exe (NCSoft)
O4 - HKU\S-1-5-21-3591711946-2265182465-2123470179-1001..\Run: [Octoshape Streaming Services] C:\Users\Renato\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
O4 - HKU\S-1-5-21-3591711946-2265182465-2123470179-1001..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Renato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3591711946-2265182465-2123470179-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5A5AFBFE-0AEC-4C60-BB67-C7A8524E9C34}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C50C78B9-022C-4CA0-8F29-AC858A9CCC9F}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/20 16:59:08 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{A41E38C4-364C-47FE-9542-03E9DA6A4492}
[2012/08/19 16:28:22 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{8BB19A9F-2029-4042-8F32-AAE715F91D1E}
[2012/08/18 15:50:24 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{D976700B-6637-4FFF-8199-40690DDC32CE}
[2012/08/18 15:49:50 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{CF6C1EAD-83C0-40B4-9AD2-10DA1A68933A}
[2012/08/17 20:31:40 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{BABEB1C9-05B7-4320-98E0-2E8549C3D20A}
[2012/08/17 06:32:53 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{AC62A0F2-8F6F-4C64-AE29-269A08A477CA}
[2012/08/17 06:32:19 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{1E2C264A-04E3-4729-8159-0EB4D8D75B58}
[2012/08/16 17:52:39 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{F311ED24-B093-4FBE-8D73-7EA9DD9AC22C}
[2012/08/16 17:52:08 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{5C67FF5A-6EF6-48FC-B2AC-2B6A7BDE5F4F}
[2012/08/15 07:08:08 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{C0F423CC-618C-4698-BF10-B9F428BE4ACA}
[2012/08/15 07:07:34 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{2EB7924B-71ED-413E-8A50-2DEDC684C5B8}
[2012/08/14 23:06:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2012/08/14 23:05:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2012/08/14 06:52:43 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{F00C23E8-7073-4ABF-8771-38F55478569F}
[2012/08/14 06:52:09 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{E82B1958-6967-47FD-A6CC-045238317D4E}
[2012/08/13 09:16:38 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{89C6B375-C303-45F1-82A1-6280B4F701D9}
[2012/08/13 09:16:05 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{FFDB90E6-1F1F-402D-9576-190D561501BD}
[2012/08/12 21:15:40 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{A1CB9B93-329E-4534-A923-7FC589748F97}
[2012/08/12 21:15:07 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{E82B4853-C0D5-4BE1-81E3-5C7343868CB8}
[2012/08/12 08:42:42 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{3746B8D0-75D1-4264-BA3A-376EC295E344}
[2012/08/12 08:42:09 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{EE9BF42C-75FD-4D72-A5F9-F3F82058F9EE}
[2012/08/11 15:11:50 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{DB71F730-D29B-4E80-A0A1-E520DF9957F3}
[2012/08/11 15:11:17 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{46BCF50F-FA72-4FBB-BFBD-E60FE1C2E828}
[2012/08/10 18:22:51 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{284BBD1C-A844-4839-A2E1-C8C2E438C550}
[2012/08/10 18:22:40 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{8326D9F9-ACBA-469D-95E7-19DE8E97CFE3}
[2012/08/10 06:22:15 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{FFD0DB7E-05AE-4633-B061-73F76D2708EB}
[2012/08/10 06:21:42 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{26EB508E-C1CC-4D47-9B03-87A21E180D20}
[2012/08/09 18:32:50 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{86377446-97CD-4476-9B83-FD3FBCAF6434}
[2012/08/09 06:03:40 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{FC1622D1-D010-4EB4-8F0C-F94676B9853F}
[2012/08/09 06:03:07 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{09CE909C-8095-42EE-A8D3-210F3777FF21}
[2012/08/08 17:14:48 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{EB4501DB-B982-4B5F-ABC3-649C4EB9328A}
[2012/08/08 17:14:15 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{6B90DD69-823E-4B40-A1FD-A8A9A9E73C73}
[2012/08/07 19:38:11 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{8F329531-09D5-4620-8FCD-6A44E7C78416}
[2012/08/07 19:37:38 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{3BCE4D65-2C28-46E1-B840-9E604F4C2DDE}
[2012/08/07 07:02:27 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{D04B39BF-03A4-48D8-B7B6-5845414B616D}
[2012/08/07 07:01:54 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{F1C7FA23-9B9F-48F2-96AE-334AC7A0FE90}
[2012/08/06 18:20:46 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{4B146BAE-84AB-45CD-A510-2D40AC07955C}
[2012/08/06 18:20:12 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{4BECC88B-067B-4E7F-B9B3-189F548F8DAA}
[2012/08/06 06:19:45 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{D9179CF3-A842-40EB-B721-D667E078A910}
[2012/08/06 06:19:12 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{6C627950-3F21-42E5-8BEB-378EC8957545}
[2012/08/05 21:57:22 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/08/05 18:18:46 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{AFEE02A6-B5B6-44A4-BDA9-23856B4DC8DB}
[2012/08/05 18:18:13 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{E701B130-A862-431D-872B-FCCD9169819E}
[2012/08/05 06:17:46 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{4F70E0A5-8BA6-43BE-B053-41084B243DC8}
[2012/08/05 06:17:12 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{0A5CA210-E975-4ED5-ABDA-49F84A99E944}
[2012/08/04 16:24:04 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/08/04 15:57:54 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{EE182234-E52C-4C96-86C5-DC47205226B6}
[2012/08/04 15:57:21 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{698CA2AF-1DE7-4358-80DB-1819C3B1BACD}
[2012/08/03 18:35:34 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{9F3F4ED6-EFA1-4893-A773-86572A03D05A}
[2012/08/03 18:35:00 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{3F77F8BB-04F2-4540-8471-73047E106787}
[2012/08/03 06:34:35 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{0D5D6AE2-11F5-4030-81E5-77A7D97B1A73}
[2012/08/03 06:34:01 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{ED9F9C01-9AE7-479B-B445-F7BD3269CFCA}
[2012/08/02 17:27:36 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{81447F91-46B6-4DDF-84A6-C6AF3D35A953}
[2012/08/02 17:27:03 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{1B9BD357-C349-480E-A851-876037E1CD6D}
[2012/08/01 16:10:05 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{1D2A3D58-B41E-40A8-B0B0-C2548071B4A7}
[2012/08/01 16:09:33 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{4733287C-79E1-4FEE-BDE4-AEA5DA268A6A}
[2012/07/31 19:50:25 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{86F58BD0-1F8C-4A2A-BFCA-FA9B99DC654F}
[2012/07/31 19:49:52 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{FD5BF2E8-6702-44B9-BAF5-A2C2EED770D3}
[2012/07/31 17:24:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/07/31 17:24:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012/07/31 16:42:05 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Roaming\Malwarebytes
[2012/07/31 16:41:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/31 16:41:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/07/31 16:41:49 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/07/31 16:41:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/07/31 15:57:15 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/07/31 06:59:59 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{CB3EE67E-EDEE-45A5-ABF5-5C2E584575E6}
[2012/07/31 06:59:50 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{E5309293-9D27-4939-ACB8-409522CFAB66}
[2012/07/29 22:13:53 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{08F194F5-3235-4883-AD00-D0A0CDC3A8C6}
[2012/07/29 22:13:22 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{8DB85C90-DE99-4048-A10C-DEEC2DA01CCB}
[2012/07/29 06:26:55 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{5E4579F1-3058-492D-9B33-672479E869CB}
[2012/07/29 06:26:20 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{C35732E9-3B94-4521-9E93-5F8578CC1BD8}
[2012/07/28 15:34:43 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{2BCA94A2-0A43-4362-B8FC-8BB1BD3B8660}
[2012/07/28 15:34:11 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{EC9CD37B-7426-4A07-8D03-CA6B52B5C847}
[2012/07/27 19:41:04 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{BF878FB7-C29F-4AF1-A5F6-62FBF2D89E48}
[2012/07/27 19:40:54 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{DC5A7017-AA96-4D88-BF29-82804F21F540}
[2012/07/26 18:03:29 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{0953F0B7-F522-467A-8CB0-CE6D36D0810E}
[2012/07/26 18:02:57 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{F1A1A4EA-42C6-4F68-8E7F-AD061D31C214}
[2012/07/25 22:22:43 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{D61D9559-1BB1-4A3A-B764-B85BFF5DA972}
[2012/07/25 22:22:10 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{689C1BE4-1152-4795-8741-CFC3B081A0A1}
[2012/07/25 06:43:05 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{F211A0A0-CE30-473B-8112-871DA9BF7CD4}
[2012/07/25 06:42:32 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{45D7295C-30F6-456A-8CDC-10589DF55B95}
[2012/07/24 11:40:15 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{EE062D01-6EC8-4F05-9F6F-AF78CDE515E5}
[2012/07/24 11:39:43 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{A2225D2D-718E-428C-BD41-A1D9510318F8}
[2012/07/23 20:30:31 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{F993E5D9-46C9-4BF1-AAC7-A3D2B6BD90EB}
[2012/07/23 20:29:58 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{08DCFC46-93FB-4925-B3BF-F98F6D3FC105}
[2012/07/23 06:55:43 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{8F37CA71-D385-434C-A4B7-1FC68DC51C38}
[2012/07/23 06:55:11 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{399341D9-8248-462F-8309-738AE1EF0D9B}
[2012/07/22 08:27:04 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{32DCC184-BBB6-4A61-8663-613231DA7895}
[2012/07/22 08:26:32 | 000,000,000 | ---D | C] -- C:\Users\Renato\AppData\Local\{AFECE737-8979-45F1-A243-687A9BD6C00E}

========== Files - Modified Within 30 Days ==========

[2012/08/20 21:40:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/20 21:31:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/20 20:31:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/20 16:53:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/20 16:53:35 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2012/08/18 04:02:36 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/18 04:02:36 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/17 18:03:26 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/08/16 14:47:30 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRenato.job
[2012/08/16 14:33:31 | 000,425,752 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/08/16 14:32:50 | 2141,106,175 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/14 23:13:59 | 000,001,148 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2012/08/14 17:34:47 | 000,002,346 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/08/05 21:57:19 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/07/31 16:41:54 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/31 15:22:57 | 000,000,512 | ---- | M] () -- C:\Users\Renato\Desktop\MBR.dat
[2012/07/31 13:55:40 | 000,000,544 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job

========== Files Created - No Company Name ==========

[2012/08/17 18:03:26 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/07/31 16:41:54 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/31 15:22:57 | 000,000,512 | ---- | C] () -- C:\Users\Renato\Desktop\MBR.dat
[2011/03/17 18:51:46 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/02/10 17:25:05 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/02/02 19:36:20 | 000,743,538 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/12/09 17:14:28 | 000,000,268 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/08/15 18:18:26 | 000,003,656 | ---- | C] () -- C:\Users\Renato\AppData\Roaming\wklnhst.dat
[2010/07/27 18:12:22 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat

========== LOP Check ==========

[2010/10/24 11:38:02 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\.minecraft
[2010/08/25 18:46:25 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\acccore
[2011/08/17 01:41:25 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\Amazon
[2011/05/23 18:48:09 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\Bioshock
[2011/03/05 14:50:50 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\Braid
[2012/03/01 22:05:08 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\GetRightToGo
[2010/07/13 16:04:08 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\iWin
[2010/07/12 01:35:12 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\Leadertech
[2011/03/15 20:31:07 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\LolClient
[2012/05/23 15:47:02 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\LolClient2
[2010/08/27 20:44:03 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\Octoshape
[2011/07/13 22:35:07 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\OnLive App
[2012/02/01 18:54:49 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\OpenOffice.org
[2010/09/11 14:21:32 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\Panda Security
[2010/07/11 17:30:53 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\PictureMover
[2010/09/11 14:20:09 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\SurfSecret Privacy Suite
[2012/03/16 21:19:24 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\SystemRequirementsLab
[2010/10/11 15:03:45 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\TechWizard
[2010/08/15 18:18:28 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\Template
[2010/08/17 16:48:08 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\Tific
[2011/07/03 18:59:39 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\Tropico 3
[2010/07/12 16:26:43 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\WildTangent
[2010/07/14 10:19:43 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\WinBatch
[2010/09/23 14:08:22 | 000,000,000 | ---D | M] -- C:\Users\Renato\AppData\Roaming\Windows Live Writer
[2012/07/31 13:55:40 | 000,000,544 | ---- | M] () -- C:\Windows\Tasks\PCDRScheduledMaintenance.job
[2012/05/27 18:18:45 | 000,032,560 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Files - Unicode (All) ==========
[2011/09/24 08:42:27 | 000,000,720 | ---- | M] ()(C:\Users\Renato\AppData\Local\PMB Fik?s) -- C:\Users\Renato\AppData\Local\PMB Fik聥s
[2011/09/24 08:42:05 | 000,000,720 | ---- | C] ()(C:\Users\Renato\AppData\Local\PMB Fik?s) -- C:\Users\Renato\AppData\Local\PMB Fik聥s

< End of report >

#69
Ren12

Posted 20 August 2012 - 07:48 PM

Member

Topic Starter
Member
180 posts

OTL Extras logfile created on: 8/20/2012 9:27:57 PM - Run 1
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\Renato\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.99 Gb Total Physical Memory | 5.01 Gb Available Physical Memory | 62.70% Memory free
15.98 Gb Paging File | 10.79 Gb Available in Paging File | 67.52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 919.67 Gb Total Space | 734.73 Gb Free Space | 79.89% Space Free | Partition Type: NTFS
Drive D: | 11.56 Gb Total Space | 1.58 Gb Free Space | 13.66% Space Free | Partition Type: NTFS

Computer Name: RENATO-PC | User Name: Renato | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-3591711946-2265182465-2123470179-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E34CB57-6FE5-41EF-9706-20450999CD9E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{0FB76312-E418-4243-BB38-48934AD124D4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{10C89F00-98B4-4EE4-B7FA-4897EA208B91}" = rport=445 | protocol=6 | dir=out | app=system |
"{24057D89-19BD-4B4E-979B-C11FA08A4D8E}" = rport=139 | protocol=6 | dir=out | app=system |
"{2D713903-810D-40D9-83A1-EEFEB3BE6475}" = rport=10243 | protocol=6 | dir=out | app=system |
"{30850F4C-BAD5-44B7-87A5-23FCC451368E}" = lport=138 | protocol=17 | dir=in | app=system |
"{3FDF9F1F-EDB4-408E-9BC1-D8290C2A6E14}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{47614AB7-4048-47B2-92DF-3A87A020043F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4933C06F-B28A-4321-8ADA-4562B40CA45B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4BFDAB88-9B78-4390-A05F-D2B6317BBB82}" = rport=137 | protocol=17 | dir=out | app=system |
"{562F4D82-9FB2-4BD6-B319-965F72390E4E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{66795A35-C39C-4F36-8FAB-7AB0F879E8DC}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{7A7AD6EF-B32A-40BD-9F5C-7449BF1227C4}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{81C494B5-B2D6-4BE9-A5CF-254267E03B5F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8FE6027E-4032-4429-9864-35829B2AA1AA}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A80D1E67-0305-482A-A95A-4973A8A3B5A0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A9A8D70B-AF6F-4C93-B346-47BE807C53B3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B0B29547-D3A2-4C32-8DA4-87E2265B1206}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B4B0E66E-1A53-4CCD-92B6-B036AE400D38}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C9D8B0AC-1AA4-45F0-B379-C53F2A018B9E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D2FACCC5-08AE-4929-9DD1-C276467590A6}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D84D077A-7317-487A-9082-BA7B3639D94D}" = lport=137 | protocol=17 | dir=in | app=system |
"{D9EDC3D7-907A-4085-839E-E6547618406D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E33D2DB4-24D0-4CBF-9A1C-DBC83F36F872}" = lport=445 | protocol=6 | dir=in | app=system |
"{E6F8CE55-5928-472D-A47D-85C6608EA5FC}" = rport=138 | protocol=17 | dir=out | app=system |
"{FB02BCDB-A8DE-4B7D-A8F3-9D3C2EAEEF6C}" = lport=139 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00765D6A-C6A3-479B-855B-902BDF0882BB}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{017BDE33-C924-475A-8825-D40431347AE3}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{02BBBCC9-6136-4013-8AC2-574C0F5DD32A}" = dir=in | app=c:\program files (x86)\leapfrog\leapfrog connect\leapfrogconnect.exe |
"{04506BF8-3583-4784-B65F-40927A7A8117}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{052AF0E9-911E-40C8-A3D6-32D7F668270C}" = protocol=17 | dir=in | app=c:\nexon\dragonnest\dragonnest.exe |
"{05313F56-7FAD-463B-8E92-B5A6798189B6}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{09657086-50CC-409B-AA1C-2D0D0A1507F5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{09B56CC5-7C56-4258-9A25-C9C3F7C16B5D}" = protocol=6 | dir=in | app=c:\program files (x86)\wolfram research\wolfram cdf player\8.0\wolframcdfplayer.exe |
"{0C958D29-40F2-4CDE-826B-85AA86748317}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{102CDE2B-D8F2-40E6-9737-EBC5CD64AA5E}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\logitech vid\vid.exe |
"{139E4C00-FA03-48BA-A604-3CC015C6A447}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{1A47ED9F-C147-4438-AA4E-0469B0D85FA7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tropico 3\tropico3.exe |
"{1A9DD336-DD04-4D1A-BC08-9E0087555FAE}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{1AC39752-7BDC-45B4-9405-C8A69F2B6262}" = protocol=17 | dir=in | app=c:\program files (x86)\wolfram research\wolfram cdf player\8.0\math.exe |
"{1B4A4B06-356B-43E3-BBF0-9078D9D47BD1}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{1E0C8F43-D46E-4A86-8A01-13CB46C3C13A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{20A506D9-828D-42E9-B0D2-F459A3692360}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\zer012656\counter-strike source\hl2.exe |
"{22F8BBC5-4654-4A18-9979-22EEE02FF15A}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{2CE2389E-9B28-43E6-9ADA-60116D3674FE}" = protocol=6 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"{2D97D17C-6515-4988-AD2A-BF0373E0A30F}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe |
"{2E4C8F74-A761-4064-89E9-E99A87416CA4}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{2EA8913C-1B17-4BFA-A7E5-524FF78EF1D2}" = protocol=6 | dir=in | app=c:\nexon\vindictus\en-us\nmservice.exe |
"{31F71733-3EB8-42D6-94C6-C1BB8E89F189}" = protocol=17 | dir=in | app=c:\program files (x86)\wolfram research\wolfram cdf player\8.0\wolframcdfplayer.exe |
"{32AA8613-5089-4D4F-82EF-D5A6667F2756}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{33F9C235-2C8C-4A0E-A532-6DA7D21EB8B7}" = protocol=17 | dir=in | app=c:\program files (x86)\verizon\vsp\servicepointservice.exe |
"{3467D7AE-CDA0-4C96-879A-0E60CC2D882F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{34757EA6-7779-4AEA-A0EF-4AF6B71EA772}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{36FF0F79-3B4F-4B01-8C3E-4E2BC9A3AC3E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\swarm.exe |
"{3752473D-A56D-4ED0-B221-35445A4C2322}" = protocol=6 | dir=in | app=c:\program files (x86)\ventrilo\ventrilo.exe |
"{37AA5F17-89A1-4219-BC27-422775231526}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\recettear\recettear.exe |
"{3A8EFDCB-351E-4C6A-8270-8D0E932AC481}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\recettear\custom.exe |
"{3AE02962-F4A2-48EB-AEDE-F6BD77F56BDD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{3AE052DD-5568-42CF-ADBC-EB0AA54C97FE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{3F09CBBB-7338-4C2C-88D4-55277F644CFF}" = protocol=17 | dir=in | app=c:\program files (x86)\ventrilo\ventrilo.exe |
"{3F508E28-AF6C-4813-BE9B-D6C280724BFA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4173CC4B-E432-491D-ADEF-D6F84239D7F4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{43411E47-4F5E-4DA7-B555-4AAE53C3C9A3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tropico 3\tropico3.exe |
"{495632AE-0DDD-438D-9F52-3B150F9048FE}" = protocol=6 | dir=in | app=c:\program files (x86)\verizon\vsp\servicepointservice.exe |
"{4AC2A194-1EA2-4C68-9F4F-927D0FBEC3E2}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"{4B8A7293-003A-47AB-AC2B-2DC0B9020F64}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\puzzle agent\grickle101.exe |
"{4B8FF1A3-1C83-4B97-B584-A38569E20604}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{4E1BDC01-1B6C-4118-810B-C7CB95B3E0CF}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{5169019C-74C4-4A0D-ABAC-B4AAAEDC2831}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\logitech vid\vid.exe |
"{53FBA6E5-8031-45DF-8932-4EC3A99E237A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\swarm.exe |
"{56402CD6-45B4-4AA4-8EC3-9271D31FE6F9}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{566DDF8A-127C-4BCB-90CB-B6AF5E0E9DDA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{56E72774-3DB3-4E54-A185-4A0C324B2285}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"{5AEC5F4F-BCED-42B2-A7FF-5DBDD5EFA42C}" = protocol=17 | dir=in | app=c:\nexon\vindictus\en-us\nmservice.exe |
"{6B2B5FDC-9249-47A3-8F26-E885D67F52EA}" = protocol=1 | dir=out | [email protected],-28544 |
"{6B859259-D65D-4305-B6B1-E89A061D4459}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6E2549D7-5071-4C28-87D4-10D8A80A64FF}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{70A6FFB5-AAA0-4F8A-A94A-771CDDA929AF}" = protocol=1 | dir=in | [email protected],-28543 |
"{72C8AE32-7F2A-4ACC-BE88-73B2F0AC295D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gish\gish.exe |
"{7B29E75E-7DA3-491F-934F-9EC4F77E9483}" = protocol=6 | dir=in | app=c:\nexon\dragonnest\dragonnest.exe |
"{7B71896E-2FD5-4D0F-8E95-BA5894212D7C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\srcds.exe |
"{7BBFAA15-47B2-46E3-BA30-D412B2AB3B1F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{805111E3-B7C0-49BC-ACB0-45D662ED86BF}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{84C36B6B-7DE0-425F-981F-D30C7225DE5E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{86F9905E-C5D0-4684-8896-AAC0A5999E48}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\recettear\custom.exe |
"{87714C32-CA8B-41F9-A55C-ACE481D34CF2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{87B177B7-D695-43CB-9E0B-B35641F9F05A}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{88C589BE-22C9-43CE-922C-6E5397DF2703}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{8A3B377E-4C00-490A-AB07-CF1E453C7811}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\quantum conundrum demo\binaries\win32\trygame-win32-shipping.exe |
"{8CCF4C31-597D-4BB9-8511-3BA61EEE8924}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trine\trine_launcher.exe |
"{906F5EA0-8A1C-4C1C-A264-F261624F05D1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\quantum conundrum demo\binaries\win32\trygame-win32-shipping.exe |
"{917AB8F8-552A-4E72-AF16-2197D6CD0D5E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{93B0C12F-48A6-4E1D-9BBC-CF0675523678}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{94455F9A-036B-405A-B299-949BB2C7DBB8}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{9B040973-CF43-41D2-B46E-3723E876C616}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{9F825D1D-360B-478C-883E-7F4F9755F381}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{A10E6282-0831-485B-92AD-F3CF128A358C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trine\trine_launcher.exe |
"{A44F9AA7-E9CF-4D0B-A19C-B6AF3CB18AC8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\zer012656\counter-strike source\hl2.exe |
"{A6EF1009-618C-4675-8474-0FA5A936F89B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A886EE4B-08F9-4839-9F5E-4350CDC2FDCB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A9C93C1B-7FE6-4A09-81D7-36F7B67DBC86}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{AC6D9BBB-DEBF-4ADE-8C64-D2B71CED2B18}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{AE176009-A164-4277-849D-94C9BABAC089}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AEB49197-0C19-4D6E-B380-E01E2C58B547}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amnesia the dark descent demo\launcher.exe |
"{B0A0C7A7-166E-4248-8D33-7C32BB2CFFD0}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{B1EB3420-0EBC-4A7B-8892-0A9B44A99732}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{B827EA86-244B-401D-ADDB-84E9E833C521}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{B8E614F5-7625-47E3-A2CA-E5D66F94E152}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\recettear\recettear.exe |
"{BACBBC65-3097-4ED4-8752-A3665F667083}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BBCE9BE6-6C1B-4123-9E2F-04E12A57B03F}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{C1084DE7-372D-4424-A0C7-7BCD15225311}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\srcds.exe |
"{C10A1EF8-ED7F-4952-B2DE-C9C4FE01B8B2}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{C2168EA1-1050-4027-83C2-3C4B7806B16C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\swkotor\swkotor.exe |
"{C2A153B5-67F1-4E0C-8B7C-5F43800026AE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gish\gish.exe |
"{C2BF4897-19F0-4375-9860-8C97A3CC3CD6}" = protocol=58 | dir=out | [email protected],-28546 |
"{C34DE16B-604D-4E38-A811-6F8F787F710B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C70FA9A3-9FC1-43C1-991A-68A95786FE21}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{C9CC7E3B-8E88-4C67-8446-11E5C148BA28}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{CC046587-C766-479E-A040-EE0FDC912155}" = protocol=17 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"{CCD65957-2095-48E5-B829-72846BCC2BFE}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{CE3FA764-45E3-4BC0-A265-845D4CA3AEEE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\puzzle agent\grickle101.exe |
"{D061EE7D-19F1-424C-9B73-FDD7D195681A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D1326735-503D-4234-BE51-C8B439F9E983}" = protocol=6 | dir=out | app=system |
"{E70D9B3E-DC93-4339-AEB3-210C424B7C51}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\swkotor\swkotor.exe |
"{E9B33C8D-C61D-4123-8C85-707522E1F24F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{ECE1E986-0481-417C-8CD9-92815DBBFF83}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"{ED1A7528-1EE3-4BDC-92AB-01998DFB5470}" = protocol=58 | dir=in | [email protected],-28545 |
"{F50A21C2-3573-421A-BEE2-964469D12C75}" = protocol=6 | dir=in | app=c:\program files (x86)\wolfram research\wolfram cdf player\8.0\math.exe |
"{F7630F39-8FB3-4B82-A349-0454B464BC9C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{F990C05F-F747-434A-BF5D-4C9BDBE5EA0D}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"{FA10D285-A94E-4CEE-A994-2C7079F9183F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{FAA3759B-4CDD-4172-9A76-4CC3C3E930C2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{FACB0F34-F9F1-49CB-9AC3-6C490EE33B1B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amnesia the dark descent demo\launcher.exe |
"{FC99C15E-7889-4153-946A-30574BA6DE2E}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{FD197A84-108B-4E72-A115-AC5CBC65F599}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"TCP Query User{0BDB8447-8AAF-41B6-BDB5-CCF1808F001C}C:\program files (x86)\proun\proun.exe" = protocol=6 | dir=in | app=c:\program files (x86)\proun\proun.exe |
"TCP Query User{14C0B88A-FA38-4175-A8EC-A0C1B272883A}C:\program files (x86)\starcraft ii\versions\base19679\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base19679\sc2.exe |
"TCP Query User{1A95587D-37E5-4398-8971-D9C736AFB6E2}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{1C2471F3-E6AB-49FE-B35D-63A48C809C80}C:\program files (x86)\starcraft ii\starcraft ii.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"TCP Query User{221EFEA2-1AB4-42E5-BBD9-A239538EB326}C:\program files (x86)\starcraft ii\versions\base18092\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base18092\sc2.exe |
"TCP Query User{2DE65A3C-0F30-4C23-87EB-A0BC08A7B67C}C:\program files (x86)\starcraft ii\versions\base18574\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base18574\sc2.exe |
"TCP Query User{353CEBC6-FBBC-4F01-834E-1692032717E9}C:\riot games\league of legends\lol.launcher.exe" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"TCP Query User{43D18E57-3486-4829-BEBD-BFB458D24D05}C:\program files (x86)\steam\steamapps\zer012656\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\zer012656\team fortress 2\hl2.exe |
"TCP Query User{4A98EAE8-3F04-465B-B277-BAEDB8D7F5E7}C:\program files (x86)\starcraft ii\versions\base17326\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base17326\sc2.exe |
"TCP Query User{4B171B3A-F864-4CFF-93E5-63D35401F132}C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base21029\sc2.exe |
"TCP Query User{73F24BA4-4649-484F-8DDD-30C377B6CE08}C:\program files (x86)\aim\aim.exe" = protocol=6 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"TCP Query User{8F243DD4-651B-484C-80E0-F84D4E7AF60B}C:\program files (x86)\starcraft ii\versions\base19132\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base19132\sc2.exe |
"TCP Query User{8FCC4CB9-FA5F-40EB-8C59-4539D50CC19B}C:\program files (x86)\steam\steamapps\zer012656\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\zer012656\counter-strike source\hl2.exe |
"TCP Query User{91693EE4-BF89-48F7-9D68-529CD8F964CC}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"TCP Query User{91858561-DE41-4D9E-AA17-575DBD8FBBEB}C:\nexon\vindictus\en-us\vindictus.exe" = protocol=6 | dir=in | app=c:\nexon\vindictus\en-us\vindictus.exe |
"TCP Query User{95166901-8C39-459C-B275-ED8630F8A4D3}C:\program files (x86)\starcraft ii\versions\base16561\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16561\sc2.exe |
"TCP Query User{9D2321D0-FC4C-48CC-955E-52E2D4AE9445}J:\techwizard.exe" = protocol=6 | dir=in | app=j:\techwizard.exe |
"TCP Query User{C1999ED7-5260-405A-A0E9-F9E51C6D705D}C:\users\renato\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=6 | dir=in | app=c:\users\renato\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"TCP Query User{D0D1438A-C110-4371-A53B-31A3C5E6AF99}C:\program files (x86)\starcraft ii\versions\base16939\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16939\sc2.exe |
"TCP Query User{D626186C-1B82-4E51-A1BE-37B266704D50}C:\program files (x86)\starcraft ii\versions\base16605\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16605\sc2.exe |
"TCP Query User{D7A433CA-10B8-478A-AE9F-3547A0C676A5}C:\program files (x86)\starcraft ii\versions\base16755\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16755\sc2.exe |
"TCP Query User{E87A88EA-8B43-4B4C-8BC9-FE19E3BE55C2}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{EB5813A1-6CFC-4B00-BD51-8C4D000383EB}C:\program files (x86)\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"TCP Query User{F0B675FE-0CD0-4A9F-86C2-F3336C17CB1A}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{F6273FBF-00A3-47E1-8CF7-40F27F2D2907}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base15405\sc2.exe |
"TCP Query User{F6B3DB5C-7980-41D1-B062-A9AC6412DFBB}C:\program files (x86)\hi-rez studios\hirezgames\tribes alpha\binaries\win32\tribesascend.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hi-rez studios\hirezgames\tribes alpha\binaries\win32\tribesascend.exe |
"TCP Query User{FAEA370E-B7EF-4D55-9245-5C7090BBCCDE}C:\program files (x86)\starcraft ii\versions\base16605\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16605\sc2.exe |
"TCP Query User{FCCFA4CE-854F-43D0-BFB3-89FC2BEE5A6A}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{230D7A51-8427-4466-8E3F-86E0470409BA}C:\program files (x86)\starcraft ii\versions\base17326\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base17326\sc2.exe |
"UDP Query User{27E54B2B-7092-4525-BE26-5EFB1DAD0B9A}C:\program files (x86)\starcraft ii\versions\base16755\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16755\sc2.exe |
"UDP Query User{2F55B356-3A85-43F6-9085-813C3889A2F7}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base15405\sc2.exe |
"UDP Query User{3B708B48-D75C-4577-BA91-E198B50660B7}C:\program files (x86)\starcraft ii\versions\base16605\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16605\sc2.exe |
"UDP Query User{40927D50-4E8F-424B-AAAB-3271435BB0E1}C:\program files (x86)\proun\proun.exe" = protocol=17 | dir=in | app=c:\program files (x86)\proun\proun.exe |
"UDP Query User{444E988F-7F61-4B6F-9178-B28F7D41E425}C:\program files (x86)\steam\steamapps\zer012656\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\zer012656\team fortress 2\hl2.exe |
"UDP Query User{4499733E-C0CD-4755-AEEC-17CB6812CECA}C:\program files (x86)\starcraft ii\versions\base16561\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16561\sc2.exe |
"UDP Query User{60A69DDD-C870-4A87-AD61-15A0A6E650B9}C:\program files (x86)\starcraft ii\starcraft ii.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"UDP Query User{65EDBEF0-AB01-4C6A-81FD-C208A882D66A}C:\program files (x86)\hi-rez studios\hirezgames\tribes alpha\binaries\win32\tribesascend.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hi-rez studios\hirezgames\tribes alpha\binaries\win32\tribesascend.exe |
"UDP Query User{7FABC60C-D8EC-49B4-AFAE-7288F004FD43}C:\program files (x86)\starcraft ii\versions\base19679\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base19679\sc2.exe |
"UDP Query User{888EAA69-CAAF-431E-8528-81887F5A660F}C:\riot games\league of legends\lol.launcher.exe" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"UDP Query User{8C7C2DFD-6467-494D-8516-0E20E2EBC327}C:\program files (x86)\starcraft ii\versions\base16939\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16939\sc2.exe |
"UDP Query User{9CE29502-2D82-4C7E-B517-A7438AEC8436}C:\users\renato\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=17 | dir=in | app=c:\users\renato\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"UDP Query User{9F2052DB-5833-4788-AB94-218EBF661D6B}C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base21029\sc2.exe |
"UDP Query User{A470998B-0370-4BEF-9FA0-7AC40D4E1B2B}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{A80805C4-4C70-4421-B062-E3AA9D3134B6}C:\program files (x86)\starcraft ii\versions\base19132\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base19132\sc2.exe |
"UDP Query User{A87A0B1D-1F8D-4FA4-91C6-38742B208E24}C:\program files (x86)\starcraft ii\versions\base16605\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16605\sc2.exe |
"UDP Query User{BE59E2CD-13E2-4900-9103-7C23C5C31CCD}C:\program files (x86)\steam\steamapps\zer012656\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\zer012656\counter-strike source\hl2.exe |
"UDP Query User{C0584400-6CE3-4C99-8D38-121BEE0A51DD}C:\program files (x86)\starcraft ii\versions\base18574\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base18574\sc2.exe |
"UDP Query User{C1464535-06FA-427E-94AA-29A092454ABB}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{C92101FF-5D8F-41AC-9026-AB17C651A5AC}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{D158A674-758D-46EF-A995-7DFAC19BE8DF}J:\techwizard.exe" = protocol=17 | dir=in | app=j:\techwizard.exe |
"UDP Query User{D2564ED2-345D-4A66-B488-82E60A3C7F77}C:\nexon\vindictus\en-us\vindictus.exe" = protocol=17 | dir=in | app=c:\nexon\vindictus\en-us\vindictus.exe |
"UDP Query User{E79D7B68-97A4-469A-8AF9-37F0EAC565BD}C:\program files (x86)\starcraft ii\versions\base18092\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base18092\sc2.exe |
"UDP Query User{E99C1F2A-99E6-4F82-AE42-2D29CBB4FB3F}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{EBFFA6F5-B4B1-41D1-9421-BFEDB8617FCB}C:\program files (x86)\aim\aim.exe" = protocol=17 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"UDP Query User{EEEADD45-7351-4CCA-857D-7C67C4040F5E}C:\program files (x86)\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"UDP Query User{FC7730A6-D2D1-49BB-8875-27DF686B8EE3}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{7006ED29-58F2-40C3-AE87-039287AD20B6}" = Zune
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{88E60521-1E4E-4785-B9F1-1798A4BD0C30}" = HP MediaSmart SmartMenu
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{987FE247-4E69-4A2E-A961-D14F901FDBF6}" = Logitech Webcam Software
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B5CF5995-5E0B-967D-3FC5-325089795937}" = ccc-utility64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F9F4430E-80DE-EC0F-BF8E-476352C8F954}" = ATI Catalyst Install Manager
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
"A-WIN-Extras 8.0.3 2427702_is1" = Mathematica Extras 8.0 (2427702)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"OfficeTrial" = Microsoft Office Home and Student 60 day trial
"PC-Doctor for Windows" = Hardware Diagnostic Tools
"Zune" = Zune

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{09F46E3D-EAFB-9390-B6D9-F6DAA73B3ECB}" = CCC Help Finnish
"{0A172278-5048-3BDA-D318-974ED0AA0B95}" = CCC Help Greek
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B2536F0-8E7A-340F-9031-1AA60BEFBFD8}" = Catalyst Control Center Graphics Full Existing
"{0D526570-6B8F-3CE9-04DB-16FD2E68FCBE}" = CCC Help Danish
"{0E6CE44A-EE07-1C20-72C8-9A24CA2ED2CB}" = Catalyst Control Center HydraVision Full
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{111DB3F0-0C58-4475-9954-1BD5B7B28618}" = League of Legends
"{113F4E2E-416A-33BD-D2A6-39C58AB6ACAC}" = CCC Help Korean
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1688104B-0261-42FC-D796-CB97EA5159A4}" = CCC Help Thai
"{17B4760F-334B-475D-829F-1A3E94A6A4E6}" = HP Setup
"{18812D65-95DB-5482-4CAC-3B3B5E5446B0}" = CCC Help Italian
"{1896E712-2B3D-45eb-BCE9-542742A51032}" = PictureMover
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1D5B3A03-17FD-EC8F-755B-6164ABFF450A}" = CCC Help Turkish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{223CCCD3-2217-9AA1-98F0-2879733549D0}" = CCC Help English
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java™ 7 Update 5
"{2746B4DE-A2EE-4B33-A7CE-B33BAD5EF6FE}" = Vz In Home Agent
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35021DFB-F9CA-402A-89A2-47F91E506465}" = HP MediaSmart/TouchSmart Netflix
"{394F1B21-1FA4-DDE1-C00B-0A3EEA1A94D1}" = ccc-core-static
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF010}" = Tribes Ascend Open Beta
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{40965CEA-43EE-B8D7-09AB-705B5E2A2521}" = CCC Help Hungarian
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{4680D4CC-5220-6AAF-54D3-C1E75C90A69A}" = CCC Help German
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F11AE1B-452A-2A9B-250D-EDB725E39199}" = CCC Help Russian
"{4F9B4C70-F223-B34B-C7D3-55FC1D2BAD2E}" = CCC Help Chinese Standard
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5906DAFF-9370-2B54-D483-343ABB9BE748}" = Catalyst Control Center Graphics Light
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{659F8F13-E8C5-C4B8-85E7-1D3912C06929}" = Catalyst Control Center Localization All
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6C6B8B89-AC64-4B04-DBE1-992B80C83F1A}" = CCC Help Japanese
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0
"{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}" = HP Support Assistant
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7B9D9DC4-EDB9-3181-4D1B-E47C34609E0C}" = CCC Help Portuguese
"{7FC8C210-A319-4835-A87D-B935EFB4C148}" = Microsoft Live Search Toolbar
"{82809116-D1EE-443C-AE31-F19E709DDF7A}" = AMD USB Filter Driver
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8966B8B5-D87A-E689-B370-E79B7691299C}" = Catalyst Control Center Core Implementation
"{89EA759B-B9C8-6CB5-6BF2-248961E68809}" = Catalyst Control Center InstallProxy
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B76B8E9-F773-4B75-A08C-120079EB765E}" = RAIDXpert
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931E11B0-1ACE-438D-90AF-E5D8C64880EF}" = Catalyst Control Center - Branding
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C23A506-3E8B-B91C-4F9B-040518EC792D}" = CCC Help Norwegian
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{9D54290B-CD49-4B36-2EF2-7597FD0D683F}" = CCC Help Swedish
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DEF9686-CCB2-47B7-BF83-B49EA21FA016}" = HP MediaSmart Demo
"{9E23819E-8AF4-4D25-A7FE-7756C9E3DBB9}" = LeapFrog Connect
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A6F42664-73EC-25B0-F3A9-D8CCE53CFB25}" = Catalyst Control Center Graphics Previews Common
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7C0BB1A-1546-44D6-1BE0-FB0F84364787}" = HydraVision
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{B07E4A53-C39E-9BEB-9716-1953F0EE2953}" = CCC Help French
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B439A476-119C-13A9-6FB8-B2B2D566CF63}" = CCC Help Spanish
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{C3DF1C57-780A-DB9C-F30A-68EB45526761}" = Catalyst Control Center InstallProxy
"{C54BBB47-5D1A-5C82-614E-0D75C1AD92B5}" = Catalyst Control Center Graphics Previews Vista
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C611CF88-969D-43E6-A877-D6D6439DD081}" = HP Remote Solution
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C725937A-C6B3-0D07-A765-029FB1FD66B6}" = CCC Help Chinese Traditional
"{C744D147-A439-4684-B9BD-E0A5B60AA792}" = LeapFrog Leapster2 Plugin
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D228187B-0D49-44C6-DEA8-64F180D14DB9}" = CCC Help Polish
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D74B4F5A-28CB-33E4-AFC2-412B8227C582}" = CCC Help Dutch
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF802C05-4660-418c-970C-B988ADB1D316}" = Microsoft Live Search Toolbar
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5492B8D-B6DB-C3D2-8309-1B6A766CAF85}" = Catalyst Control Center Graphics Full New
"{F54E5D65-CB60-4A31-A71B-BCFB0FA0076D}" = Verizon Download Manager
"{F5F38D48-5AF3-EEEC-7E0C-25D516D1DC74}" = CCC Help Czech
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AIM_7" = AIM 7
"alotAppbar" = ALOT Appbar
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-11-11
"Desura" = Desura
"DragonNest" = DragonNest
"Google Chrome" = Google Chrome
"HP Remote Solution" = HP Remote Solution
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{8B76B8E9-F773-4B75-A08C-120079EB765E}" = RAIDXpert
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"Leapster2Plugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster2 Plugin)
"Logitech Vid" = Logitech Vid HD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"M-WIN-D 8.0.3 2427703_is1" = Wolfram CDF Player (M-WIN-D 8.0.3 2427703)
"Office14.SingleImage" = Microsoft Office Home and Business 2010
"OnLive" = OnLive
"Proun" = Proun
"RadialpointClientGateway_is1" = Verizon Servicepoint 3.7.44
"Rybka 3 Aquarium Demo_is1" = Rybka 3 Aquarium Demo
"StarCraft II" = StarCraft II
"Steam App 12900" = Audiosurf
"Steam App 18700" = And Yet It Moves
"Steam App 205700" = Quantum Conundrum Demo
"Steam App 23490" = Tropico 3 - Steam Special Edition
"Steam App 240" = Counter-Strike: Source
"Steam App 26800" = Braid
"Steam App 31270" = Puzzle Agent
"Steam App 32370" = Star Wars: Knights of the Old Republic
"Steam App 35700" = Trine
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 440" = Team Fortress 2
"Steam App 48000" = LIMBO
"Steam App 550" = Left 4 Dead 2
"Steam App 57310" = Amnesia: The Dark Descent Demo
"Steam App 58200" = Jolly Rover
"Steam App 630" = Alien Swarm
"Steam App 70400" = Recettear: An Item Shop's Tale
"Steam App 8980" = Borderlands
"Steam App 9500" = Gish
"Tarrasch Chess GUI_is1" = Tarrasch Chess GUI V1.00a
"TeamViewer 6" = TeamViewer 6
"UPCShell" = LeapFrog Connect
"Verizon FiOS Activation_is1" = Verizon FiOS Activation
"Verizon Help and Support" = Verizon Help and Support Tool
"Vindictus" = Vindictus
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"YTdetect" = Yahoo! Detect

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3591711946-2265182465-2123470179-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"HuluDesktop" = Hulu Desktop
"NCsoft-Aion" = Aion
"Octoshape Streaming Services" = Octoshape Streaming Services
"Power Loader" = Power Challenge Game Plugin

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 8/1/2012 8:23:14 AM | Computer Name = Renato-PC | Source = SideBySide | ID = 16842811
Description = Activation context generation failed for "c:\program files (x86)\microsoft\search
enhancement pack\search helper\searchhelper.dll".Error in manifest or policy file
"c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll"
on line 2. Invalid Xml syntax.

Error - 8/4/2012 3:25:10 PM | Computer Name = Renato-PC | Source = Application Hang | ID = 1002
Description = The program sndvol.exe version 6.1.7601.17514 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 18a4 Start
Time: 01cd7276c0d23771 Termination Time: 8 Application Path: C:\Windows\system32\sndvol.exe

Report
Id: 174112ca-de6a-11e1-a5d3-78e7d188524c

Error - 8/4/2012 3:25:23 PM | Computer Name = Renato-PC | Source = Application Hang | ID = 1002
Description = The program sndvol.exe version 6.1.7601.17514 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1f94 Start
Time: 01cd7276de894f84 Termination Time: 8 Application Path: C:\Windows\system32\sndvol.exe

Report
Id: 2121e791-de6a-11e1-a5d3-78e7d188524c

Error - 8/4/2012 3:37:04 PM | Computer Name = Renato-PC | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 14.0.1.4577 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 12fc Start
Time: 01cd7276fcc1f58c Termination Time: 66 Application Path: C:\Program Files (x86)\Mozilla
Firefox\firefox.exe Report Id:

Error - 8/5/2012 4:51:28 PM | Computer Name = Renato-PC | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 14.0.1.4577 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 2408 Start
Time: 01cd72f908fcb28d Termination Time: 139 Application Path: C:\Program Files (x86)\Mozilla
Firefox\firefox.exe Report Id: 4c6afb54-df3f-11e1-a5d3-78e7d188524c

Error - 8/5/2012 8:15:36 PM | Computer Name = Renato-PC | Source = Application Hang | ID = 1002
Description = The program Skype.exe version 5.10.0.116 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1258 Start
Time: 01cd736848f000b6 Termination Time: 8 Application Path: C:\Program Files (x86)\Skype\Phone\Skype.exe

Report
Id: b854629d-df5b-11e1-a7e6-78e7d188524c

Error - 8/5/2012 8:44:37 PM | Computer Name = Renato-PC | Source = Application Hang | ID = 1002
Description = The program LolClient.exe version 2.0.2.12610 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 13b0 Start
Time: 01cd736c35b8f367 Termination Time: 9 Application Path: C:\Riot Games\League
of Legends\RADS\projects\lol_air_client\releases\0.0.0.186\deploy\LolClient.exe

Report
Id: c0719540-df5f-11e1-a7e6-78e7d188524c

Error - 8/5/2012 10:23:31 PM | Computer Name = Renato-PC | Source = Application Hang | ID = 1002
Description = The program SndVol.exe version 6.1.7601.17514 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 157c Start
Time: 01cd737a473e9868 Termination Time: 6 Application Path: C:\Windows\system32\SndVol.exe

Report
Id: b243876c-df6d-11e1-90dc-78e7d188524c

Error - 8/5/2012 10:38:10 PM | Computer Name = Renato-PC | Source = Application Hang | ID = 1002
Description = The program LolClient.exe version 2.0.2.12610 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 2030 Start
Time: 01cd737c4cbc43f2 Termination Time: 9 Application Path: C:\Riot Games\League
of Legends\RADS\projects\lol_air_client\releases\0.0.0.186\deploy\LolClient.exe

Report
Id: bfe5842a-df6f-11e1-90dc-78e7d188524c

Error - 8/5/2012 10:54:32 PM | Computer Name = Renato-PC | Source = Application Hang | ID = 1002
Description = The program SndVol.exe version 6.1.7601.17514 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1b30 Start
Time: 01cd737ec31a7017 Termination Time: 6 Application Path: C:\Windows\system32\SndVol.exe

Report
Id: 0867d209-df72-11e1-9b00-78e7d188524c

Error - 8/5/2012 10:59:33 PM | Computer Name = Renato-PC | Source = Application Hang | ID = 1002
Description = The program LolClient.exe version 2.0.2.12610 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: c44 Start
Time: 01cd737d2a34aacc Termination Time: 9 Application Path: C:\Riot Games\League
of Legends\RADS\projects\lol_air_client\releases\0.0.0.186\deploy\LolClient.exe

Report
Id: b7af023e-df72-11e1-9b00-78e7d188524c

[ Hewlett-Packard Events ]
Error - 9/21/2010 3:36:07 PM | Computer Name = Renato-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a()

Error - 2/10/2011 5:23:24 PM | Computer Name = Renato-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\021110042315.xml
File not created by asset agent

Error - 6/9/2011 9:45:54 PM | Computer Name = Renato-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\061109094550.xml
File not created by asset agent

Error - 7/7/2011 9:28:32 PM | Computer Name = Renato-PC | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\071107092828.xml
File not created by asset agent

Error - 11/13/2011 9:22:15 AM | Computer Name = Renato-PC | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2146233087 Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0] Message: The server did not provide a meaningful
reply; this might be caused by a contract mismatch, a premature session shutdown
or an internal server error. StackTrace: Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type) at HP.SupportFramework.Communicator.MessengerComm.IMessengerCommunicator.UpdateTimer()

at HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Source: mscorlib

Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: en-US RAM: 8183 Ram Utilization: 20 TargetSite: Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage,
System.Runtime.Remoting.Messaging.IMessage)

Error - 12/13/2011 7:13:29 AM | Computer Name = Renato-PC | Source = HPSF.exe | ID = 4000
Description =

Error - 3/12/2012 1:00:45 AM | Computer Name = Renato-PC | Source = HPSF.exe | ID = 4000
Description =

Error - 3/15/2012 3:27:56 PM | Computer Name = Renato-PC | Source = HPSF.exe | ID = 4000
Description =

Error - 3/29/2012 3:36:37 PM | Computer Name = Renato-PC | Source = HPSF.exe | ID = 4000
Description =

[ System Events ]
Error - 8/11/2012 5:26:27 AM | Computer Name = Renato-PC | Source = DCOM | ID = 10010
Description =

Error - 8/11/2012 10:12:18 PM | Computer Name = Renato-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:10:16 PM on ?8/?11/?2012 was unexpected.

Error - 8/11/2012 10:13:00 PM | Computer Name = Renato-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Hi-Rez
Studios Authenticate and Update Service service to connect.

Error - 8/13/2012 7:02:09 PM | Computer Name = Renato-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 7:00:09 PM on ?8/?13/?2012 was unexpected.

Error - 8/15/2012 9:10:07 PM | Computer Name = Renato-PC | Source = DCOM | ID = 10010
Description =

Error - 8/15/2012 9:12:51 PM | Computer Name = Renato-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 9:11:00 PM on ?8/?15/?2012 was unexpected.

Error - 8/15/2012 10:46:26 PM | Computer Name = Renato-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:44:43 PM on ?8/?15/?2012 was unexpected.

Error - 8/15/2012 10:48:31 PM | Computer Name = Renato-PC | Source = Service Control Manager | ID = 7022
Description = The Internet Connection Sharing (ICS) service hung on starting.

Error - 8/15/2012 11:15:49 PM | Computer Name = Renato-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:14:19 PM on ?8/?15/?2012 was unexpected.

Error - 8/16/2012 2:31:21 PM | Computer Name = Renato-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 3:32:42 AM on ?8/?16/?2012 was unexpected.

< End of report >

#70
Essexboy

Posted 21 August 2012 - 06:58 AM

GeekU Moderator

Retired Staff
69,964 posts

So translate this is in chrome ?

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that

#71
Ren12

Posted 24 August 2012 - 12:15 PM

Member

Topic Starter
Member
180 posts

# AdwCleaner v1.801 - Logfile created 08/24/2012 at 14:09:54
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Renato - RENATO-PC
# Boot Mode : Normal
# Running from : C:\Users\Renato\Downloads\adwcleaner (1).exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

***** [Registry] *****

***** [Registre - GUID] *****

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\Renato\AppData\Roaming\Mozilla\Firefox\Profiles\04uebt4x.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v21.0.1180.83

File : C:\Users\Renato\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [2932 octets] - [15/08/2012 21:09:15]
AdwCleaner[S2].txt - [941 octets] - [24/08/2012 14:09:54]

########## EOF - C:\AdwCleaner[S2].txt - [1068 octets] ##########

#72
Ren12

Posted 24 August 2012 - 12:17 PM

Member

Topic Starter
Member
180 posts

Id rather get around to fixing my sound.

My skype is the problem. Whenever I open it up my sounds goes off and I'm also unable to send messages. Basically my skype isn't functioning right.