OTL logfile created on: 12/11/23 11:59:34 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = D:\AntiVi
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: yy/MM/dd
3.00 Gb Total Physical Memory | 1.96 Gb Available Physical Memory | 65.45% Memory free
5.99 Gb Paging File | 4.73 Gb Available in Paging File | 78.99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 287.68 Gb Free Space | 61.77% Space Free | Partition Type: NTFS
Drive D: | 461.06 Gb Total Space | 34.69 Gb Free Space | 7.52% Space Free | Partition Type: NTFS
Drive E: | 634.73 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: XPS_2008-PC | User Name: XPS_2008 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012/11/22 17:34:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\AntiVi\OTL.exe
PRC - [2012/11/13 04:57:45 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/10/28 13:15:11 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/10/19 21:04:11 | 001,259,880 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/10/19 17:58:32 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/10/19 17:01:16 | 001,821,032 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012/10/19 17:00:57 | 000,865,128 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012/10/16 17:06:12 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012/10/16 16:57:04 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/09/19 18:20:40 | 000,079,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012/05/21 08:10:48 | 005,092,152 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech Gaming Software\LCore.exe
PRC - [2012/05/09 14:25:58 | 000,152,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\EMET\EMET_notifier.exe
PRC - [2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/25 21:48:46 | 000,619,288 | ---- | M] (
http://tortoisesvn.net) -- C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
PRC - [2010/11/20 05:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/05/05 18:56:42 | 000,025,600 | ---- | M] (Creative Technology Ltd) -- C:\Windows\System32\Ctxfihlp.exe
PRC - [2010/05/05 18:51:56 | 001,212,928 | ---- | M] (Creative Technology Ltd) -- C:\Windows\System32\CTxfispi.exe
PRC - [2009/02/23 10:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2006/12/12 18:46:52 | 000,019,456 | ---- | M] (Creative Technology Ltd) -- C:\Windows\System32\CtHelper.exe
========== Modules (No Company Name) ========== MOD - [2012/11/15 16:05:58 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
MOD - [2012/11/15 16:05:51 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
MOD - [2012/11/15 16:05:28 | 007,988,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
MOD - [2012/11/15 16:05:19 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
MOD - [2012/10/28 13:15:11 | 002,295,264 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/03/16 23:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 14:45:26 | 008,801,120 | ---- | M] () -- D:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/05/05 18:56:46 | 000,002,560 | ---- | M] () -- C:\Windows\CTXFIRES.DLL
MOD - [2009/03/26 13:46:42 | 000,148,480 | ---- | M] () -- C:\Windows\System32\APOMngr.DLL
========== Services (SafeList) ========== SRV - [2012/10/28 13:15:11 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/19 21:04:11 | 001,259,880 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/10/19 17:58:32 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/10/16 17:06:12 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/10/16 16:57:04 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/10/02 11:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/09/20 13:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2012/07/27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 13:14:14 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/07/12 17:32:22 | 001,239,952 | ---- | M] (Lavasoft Limited) [Disabled | Stopped] -- C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe -- (Ad-Aware Service)
SRV - [2012/07/09 17:10:10 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/12/19 12:20:06 | 003,289,032 | ---- | M] (GFI Software) [Disabled | Stopped] -- C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe -- (SBAMSvc)
SRV - [2011/05/08 13:13:57 | 000,079,360 | ---- | M] (Creative Labs) [Disabled | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2011/05/08 13:06:53 | 000,079,360 | ---- | M] (Creative Labs) [Disabled | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010/11/19 05:39:51 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/09/13 17:18:32 | 000,308,656 | ---- | M] (Eastman Kodak Company) [Disabled | Stopped] -- C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe -- (Kodak AiO Network Discovery Service)
SRV - [2010/04/02 21:34:12 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe -- (Sony SCSI Helper Service)
SRV - [2009/07/13 18:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 18:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 18:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/02/23 10:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys -- (Lavasoft Kernexplorer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\XPS_2008\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2012/11/23 10:54:14 | 000,014,336 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\TrueSight.sys -- (TrueSight)
DRV - [2012/11/22 18:24:52 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012/11/13 04:58:10 | 000,133,824 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/11/13 04:58:10 | 000,083,432 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012/11/13 04:58:10 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012/10/19 21:04:11 | 009,356,136 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012/08/27 14:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2012/07/03 08:25:17 | 000,149,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2012/06/24 21:24:46 | 000,046,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d)
DRV - [2011/12/19 11:44:24 | 000,093,816 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sbhips.sys -- (sbhips)
DRV - [2011/11/29 05:59:52 | 000,077,816 | ---- | M] (GFI Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\sbapifs.sys -- (sbapifs)
DRV - [2011/10/26 13:23:40 | 000,101,112 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\SBREDrv.sys -- (SBRE)
DRV - [2010/11/20 05:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 05:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 05:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 03:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 03:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 02:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 02:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 02:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/05/05 21:24:04 | 001,324,120 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)
DRV - [2010/05/05 21:24:04 | 001,324,120 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV - [2010/05/05 21:23:52 | 000,072,792 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)
DRV - [2010/05/05 21:23:52 | 000,072,792 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV - [2010/05/05 21:23:46 | 000,171,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CT20XUT.sys -- (CT20XUT.SYS)
DRV - [2010/05/05 21:23:46 | 000,171,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CT20XUT.sys -- (CT20XUT)
DRV - [2010/05/05 20:29:18 | 001,178,200 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ha20x2k.sys -- (ha20x2k)
DRV - [2010/05/05 20:29:10 | 000,095,832 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emupia2k.sys -- (emupia)
DRV - [2010/05/05 20:29:02 | 000,158,808 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2010/05/05 20:28:54 | 000,014,424 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2010/05/05 20:24:44 | 000,130,136 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2010/05/05 20:24:34 | 000,347,144 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2010/05/05 20:24:24 | 000,526,296 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctaud2k.sys -- (ctaud2k)
DRV - [2010/05/05 20:24:14 | 000,511,064 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2009/11/23 17:37:18 | 000,014,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LGVirHid.sys -- (LGVirHid)
DRV - [2009/11/23 17:37:08 | 000,019,720 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV - [2009/03/18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2001/08/17 21:06:20 | 000,100,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Icam5USB.sys -- (ICAM5USB)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2046201742-2579986617-2449524958-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2046201742-2579986617-2449524958-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-2046201742-2579986617-2449524958-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 40 E3 56 C0 8C A2 CB 01 [binary data]
IE - HKU\S-1-5-21-2046201742-2579986617-2449524958-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2046201742-2579986617-2449524958-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...Box&FORM=IE8SRCIE - HKU\S-1-5-21-2046201742-2579986617-2449524958-1001\..\SearchScopes\{A9C475D2-0D39-C58A-F73C-57614B472EAC}: "URL" =
http://www.bing.com/...UGO&form=ZGAIDFIE - HKU\S-1-5-21-2046201742-2579986617-2449524958-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2046201742-2579986617-2449524958-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
IE - HKU\S-1-5-21-2046201742-2579986617-2449524958-1013\..\SearchScopes,DefaultScope =
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "
http://www.wundergro... Fruitland, ID"FF - prefs.js..extensions.enabledAddons:
[email protected]:2.8.3
FF - prefs.js..extensions.enabledAddons:
[email protected]:1.3
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}:6.0.37
FF - prefs.js..extensions.enabledAddons:
[email protected]:2.7.1
FF - prefs.js..extensions.enabledAddons: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.6.2
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: D:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: D:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files\Battlelog Web Plugins\1.110.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@sony.com/eBookLibrary: D:\Program Files\Sony\Reader\Data\bin\npebldetectmoz.dll (Sony Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: D:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/01/24 21:42:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: D:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/01/24 21:42:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/11/07 18:33:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/11/07 18:33:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/11/07 18:33:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/11/07 18:33:09 | 000,000,000 | ---D | M]
[2012/09/03 20:35:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XPS_2008\AppData\Roaming\Mozilla\Extensions
[2012/06/03 10:03:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XPS_2008\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012/11/22 18:13:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XPS_2008\AppData\Roaming\Mozilla\Firefox\Profiles\46yfsu9z.default\extensions
[2012/09/11 09:41:57 | 000,000,000 | ---D | M] (Ad-Aware Security Toolbar) -- C:\Users\XPS_2008\AppData\Roaming\Mozilla\Firefox\Profiles\46yfsu9z.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
[2012/09/20 04:09:02 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\XPS_2008\AppData\Roaming\Mozilla\Firefox\Profiles\46yfsu9z.default\extensions\
[email protected][2012/09/11 09:41:59 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Users\XPS_2008\AppData\Roaming\Mozilla\Firefox\Profiles\46yfsu9z.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2012/10/31 19:32:26 | 000,000,000 | ---D | M] (Youtube MP3 Podcaster) -- C:\Users\XPS_2008\AppData\Roaming\Mozilla\Firefox\Profiles\46yfsu9z.default\extensions\
[email protected][2012/10/06 07:03:31 | 000,041,896 | ---- | M] () (No name found) -- C:\Users\XPS_2008\AppData\Roaming\Mozilla\Firefox\Profiles\46yfsu9z.default\extensions\
[email protected][2012/11/22 18:13:05 | 000,530,519 | ---- | M] () (No name found) -- C:\Users\XPS_2008\AppData\Roaming\Mozilla\Firefox\Profiles\46yfsu9z.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2012/10/28 13:15:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/10/31 18:21:07 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/10/28 13:15:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/10/28 13:15:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012/10/28 13:15:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2012/10/28 13:15:11 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/08/24 19:00:22 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/03/23 21:02:16 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml.old
[2012/10/13 06:42:57 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ========== O1 HOSTS File: ([2012/11/23 10:29:18 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - D:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - D:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll ()
O3 - HKLM\..\Toolbar: (no name) - {97ab88ef-346b-4179-a0b1-7445896547a5} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BCSSync] D:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CTHelper] C:\Windows\System32\CtHelper.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\System32\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CtxfiReg] C:\Windows\System32\CTxfiReg.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [EMET Notifier] C:\Program Files\EMET\EMET_notifier.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4 - HKU\S-1-5-21-2046201742-2579986617-2449524958-1001..\Run: [SetDefaultMIDI] C:\Windows\MIDIDEF.EXE (Creative Technology Ltd)
O4 - HKU\S-1-5-21-2046201742-2579986617-2449524958-1013..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2046201742-2579986617-2449524958-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2046201742-2579986617-2449524958-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2046201742-2579986617-2449524958-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2046201742-2579986617-2449524958-1013\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - D:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} - Reg Error: Key error. File not found
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{75D5DEA9-9E2F-4048-8506-1A5C9D5549AB}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 14:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/08/16 03:43:04 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2003/02/07 06:12:06 | 000,000,026 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2012/11/23 11:53:43 | 000,000,000 | ---D | C] -- C:\Program Files\WhoCrashed
[2012/11/23 11:53:02 | 002,043,928 | ---- | C] (Resplendence Software Projects Sp. ) -- C:\Users\XPS_2008\Desktop\whocrashedSetup.exe
[2012/11/23 11:51:33 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/11/23 11:28:17 | 000,000,000 | ---D | C] -- C:\Users\XPS_2008\Desktop\Virus, Spyware, Malware Removal - Geeks to Go Forums_files
[2012/11/23 10:35:43 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/11/23 10:29:17 | 000,000,000 | ---D | C] -- C:\Users\XPS_2008\AppData\Local\temp
[2012/11/22 21:33:19 | 000,000,000 | ---D | C] -- C:\Users\XPS_2008\Desktop\RK_Quarantine
[2012/11/22 18:24:16 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012/11/22 17:31:56 | 000,000,000 | ---D | C] -- C:\Users\XPS_2008\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Enhanced Mitigation Experience Toolkit
[2012/11/22 17:31:55 | 000,000,000 | ---D | C] -- C:\Program Files\EMET
[2012/11/22 17:03:14 | 000,000,000 | ---D | C] -- C:\VundoFix Backups
[2012/11/17 10:49:57 | 000,000,000 | ---D | C] -- C:\Users\XPS_2008\Documents\logs
[2012/11/17 10:49:56 | 000,000,000 | ---D | C] -- C:\Users\XPS_2008\Documents\appcache
[2012/11/17 10:49:53 | 008,018,080 | ---- | C] (Valve Corporation) -- C:\Users\XPS_2008\Documents\steamclient64.dll
[2012/11/17 10:49:53 | 000,688,464 | ---- | C] (Valve Corporation) -- C:\Users\XPS_2008\Documents\GameOverlayRenderer64.dll
[2012/11/17 10:49:53 | 000,279,376 | ---- | C] (Valve Corporation) -- C:\Users\XPS_2008\Documents\tier0_s64.dll
[2012/11/17 10:49:53 | 000,278,352 | ---- | C] (Valve Corporation) -- C:\Users\XPS_2008\Documents\crashhandler.dll
[2012/11/17 10:49:53 | 000,250,704 | ---- | C] (Valve Corporation) -- C:\Users\XPS_2008\Documents\vstdlib_s64.dll
[2012/11/17 10:49:53 | 000,202,576 | ---- | C] (Valve Corporation) -- C:\Users\XPS_2008\Documents\steamerrorreporter.exe
[2012/11/17 10:49:52 | 006,839,632 | ---- | C] (Valve Corporation) -- C:\Users\XPS_2008\Documents\steamclient.dll
[2012/11/17 10:49:52 | 000,587,088 | ---- | C] (Valve Corporation) -- C:\Users\XPS_2008\Documents\GameOverlayRenderer.dll
[2012/11/17 10:49:52 | 000,563,536 | ---- | C] (Valve Corporation) -- C:\Users\XPS_2008\Documents\AppOverlay64.dll
[2012/11/17 10:49:52 | 000,539,472 | ---- | C] (Valve Corporation) -- C:\Users\XPS_2008\Documents\AppOverlay.dll
[2012/11/17 10:49:52 | 000,237,904 | ---- | C] (Valve Corporation) -- C:\Users\XPS_2008\Documents\tier0_s.dll
[2012/11/17 10:49:52 | 000,212,304 | ---- | C] (Valve Corporation) -- C:\Users\XPS_2008\Documents\vstdlib_s.dll
[2012/11/17 10:49:52 | 000,122,864 | ---- | C] (Valve) -- C:\Users\XPS_2008\Documents\CSERHelper.dll
[2012/11/17 10:49:52 | 000,071,464 | ---- | C] (Valve Corporation) -- C:\Users\XPS_2008\Documents\GameOverlayUI.exe
[2012/11/17 10:49:52 | 000,000,000 | ---D | C] -- C:\Users\XPS_2008\Documents\skins
[2012/11/17 10:49:52 | 000,000,000 | ---D | C] -- C:\Users\XPS_2008\Documents\resource
[2012/11/17 10:49:52 | 000,000,000 | ---D | C] -- C:\Users\XPS_2008\Documents\Graphics
[2012/11/17 10:49:51 | 004,061,008 | ---- | C] (Valve Corporation) -- C:\Users\XPS_2008\Documents\SteamUI.dll
[2012/11/17 10:49:51 | 002,975,568 | ---- | C] (Valve Corporation) -- C:\Users\XPS_2008\Documents\Steam.dll
[2012/11/17 10:49:51 | 001,039,192 | ---- | C] (Microsoft Corporation) -- C:\Users\XPS_2008\Documents\dbghelp.dll
[2012/11/17 10:49:51 | 000,284,456 | ---- | C] (Valve Corporation) -- C:\Users\XPS_2008\Documents\WriteMiniDump.exe
[2012/11/17 10:49:51 | 000,000,000 | ---D | C] -- C:\Users\XPS_2008\Documents\Public
[2012/11/17 10:49:51 | 000,000,000 | ---D | C] -- C:\Users\XPS_2008\Documents\old
[2012/11/17 10:49:51 | 000,000,000 | ---D | C] -- C:\Users\XPS_2008\Documents\bin
[2012/11/15 06:07:50 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2012/11/15 06:07:50 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2012/11/15 06:07:26 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2012/11/15 06:07:25 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2012/11/15 06:07:25 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2012/11/15 06:07:01 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/11/15 06:07:00 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/11/15 06:07:00 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/11/15 06:07:00 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/11/15 06:07:00 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/11/15 06:06:59 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/11/15 06:06:59 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/11/15 06:06:58 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/11/15 05:18:37 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2012/11/15 05:18:36 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll
[2012/11/15 05:18:35 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2012/11/15 05:18:33 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2012/11/15 05:18:32 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/11/15 05:18:31 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcore6.dll
[2012/11/15 05:18:31 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2012/11/11 15:36:28 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2012/11/11 15:35:55 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012/11/11 15:35:49 | 003,984,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll
[2012/11/11 15:35:49 | 002,868,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll
[2012/11/11 15:35:49 | 000,108,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll
[2012/11/11 15:35:49 | 000,062,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll
[2012/11/11 15:35:31 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012/11/11 15:33:47 | 020,332,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2012/11/11 15:33:47 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2012/11/11 15:33:47 | 015,115,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2012/11/11 15:33:47 | 012,542,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2012/11/11 15:33:47 | 009,356,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2012/11/11 15:33:47 | 007,815,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2012/11/11 15:33:47 | 006,147,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvopencl.dll
[2012/11/11 15:33:47 | 002,605,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2012/11/11 15:33:47 | 002,492,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2012/11/11 15:33:47 | 001,873,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2012/11/11 15:33:47 | 001,011,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco32.dll
[2012/11/11 15:33:47 | 000,889,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco32.dll
[2012/11/11 15:33:47 | 000,884,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvhdagenco3220103.dll
[2012/11/11 15:33:47 | 000,839,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvumdshim.dll
[2012/11/11 15:33:47 | 000,199,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvinit.dll
[2012/11/11 15:33:47 | 000,149,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvhda32v.sys
[2012/11/11 15:33:47 | 000,028,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvhdap32.dll
[2012/11/11 10:03:32 | 000,052,584 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2012/11/11 09:59:56 | 000,000,000 | ---D | C] -- C:\Users\XPS_2008\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Driver Cleaner Pro
[2012/11/11 09:59:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Cleaner Pro
[2012/11/11 09:59:55 | 000,000,000 | ---D | C] -- C:\Program Files\Driver Cleaner Pro
[2012/11/07 18:33:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/11/07 18:32:51 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012/11/03 22:46:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012/11/03 22:46:01 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2012/11/03 08:53:43 | 000,000,000 | ---D | C] -- C:\Users\XPS_2008\AppData\Roaming\Avira
[2012/11/03 08:48:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012/11/03 08:48:13 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012/11/03 08:48:12 | 000,133,824 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012/11/03 08:48:12 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012/11/03 08:48:11 | 000,083,432 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2012/11/03 08:48:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012/11/03 08:48:09 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2012/11/01 17:12:24 | 000,000,000 | ---D | C] -- C:\Users\XPS_2008\Documents\Nathan Old Flashdrive
[2012/10/29 14:58:23 | 000,000,000 | ---D | C] -- C:\Users\XPS_2008\AppData\Local\WinZip
[2012/10/29 14:58:01 | 000,000,000 | ---D | C] -- C:\Users\XPS_2008\Documents\Add-in Express
[2012/10/29 14:57:49 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2012/10/29 14:57:46 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2012/10/28 13:15:05 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/10/25 03:12:26 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
[2012/10/25 03:12:26 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts
[2011/12/17 02:35:29 | 000,980,616 | ---- | C] (Skype Technologies S.A.) -- C:\Program Files\SkypeSetup.exe
[2011/12/13 19:22:39 | 000,840,864 | ---- | C] (Amazon Services LLC) -- C:\Program Files\Battlefield_3_Downloader.exe
[2010/12/06 16:49:10 | 2105,058,298 | ---- | C] (Nexon) -- C:\Program Files\VindictusSetupV113.exe
========== Files - Modified Within 30 Days ========== [2012/11/23 11:53:43 | 000,001,032 | ---- | M] () -- C:\Users\XPS_2008\Desktop\WhoCrashed.lnk
[2012/11/23 11:53:05 | 002,043,928 | ---- | M] (Resplendence Software Projects Sp. ) -- C:\Users\XPS_2008\Desktop\whocrashedSetup.exe
[2012/11/23 11:47:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/23 11:29:22 | 000,021,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/23 11:29:22 | 000,021,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/23 11:28:17 | 000,117,140 | ---- | M] () -- C:\Users\XPS_2008\Desktop\Virus, Spyware, Malware Removal - Geeks to Go Forums.htm
[2012/11/23 11:26:36 | 000,746,308 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2012/11/23 11:26:36 | 000,746,152 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
[2012/11/23 11:26:36 | 000,714,632 | ---- | M] () -- C:\Windows\System32\prfh0416.dat
[2012/11/23 11:26:36 | 000,663,200 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/11/23 11:26:36 | 000,480,070 | ---- | M] () -- C:\Windows\System32\perfh001.dat
[2012/11/23 11:26:36 | 000,158,198 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
[2012/11/23 11:26:36 | 000,149,166 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2012/11/23 11:26:36 | 000,147,354 | ---- | M] () -- C:\Windows\System32\prfc0416.dat
[2012/11/23 11:26:36 | 000,122,068 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/11/23 11:26:36 | 000,094,664 | ---- | M] () -- C:\Windows\System32\perfc001.dat
[2012/11/23 11:21:58 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/23 11:21:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/11/23 11:21:40 | 2413,834,240 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/23 10:54:14 | 000,014,336 | ---- | M] () -- C:\Windows\System32\drivers\TrueSight.sys
[2012/11/23 10:51:33 | 000,054,928 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000002-00000000-00000004-00001102-00000005-10031102}.rfx
[2012/11/23 10:51:33 | 000,054,928 | ---- | M] () -- C:\Windows\System32\BMXState-{00000002-00000000-00000004-00001102-00000005-10031102}.rfx
[2012/11/23 10:51:33 | 000,000,788 | ---- | M] () -- C:\Windows\System32\DVCState-{00000002-00000000-00000004-00001102-00000005-10031102}.rfx
[2012/11/23 10:29:18 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/11/22 18:24:52 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012/11/17 11:11:43 | 000,004,554 | ---- | M] () -- C:\Users\XPS_2008\Documents\ClientRegistry.blob
[2012/11/17 10:49:53 | 008,018,080 | ---- | M] (Valve Corporation) -- C:\Users\XPS_2008\Documents\steamclient64.dll
[2012/11/17 10:49:53 | 000,688,464 | ---- | M] (Valve Corporation) -- C:\Users\XPS_2008\Documents\GameOverlayRenderer64.dll
[2012/11/17 10:49:53 | 000,279,376 | ---- | M] (Valve Corporation) -- C:\Users\XPS_2008\Documents\tier0_s64.dll
[2012/11/17 10:49:53 | 000,278,352 | ---- | M] (Valve Corporation) -- C:\Users\XPS_2008\Documents\crashhandler.dll
[2012/11/17 10:49:53 | 000,250,704 | ---- | M] (Valve Corporation) -- C:\Users\XPS_2008\Documents\vstdlib_s64.dll
[2012/11/17 10:49:53 | 000,202,576 | ---- | M] (Valve Corporation) -- C:\Users\XPS_2008\Documents\steamerrorreporter.exe
[2012/11/17 10:49:53 | 000,123,232 | ---- | M] () -- C:\Users\XPS_2008\Documents\avutil-51.dll
[2012/11/17 10:49:53 | 000,025,521 | ---- | M] () -- C:\Users\XPS_2008\Documents\SteamUI_2026.mst
[2012/11/17 10:49:52 | 006,839,632 | ---- | M] (Valve Corporation) -- C:\Users\XPS_2008\Documents\steamclient.dll
[2012/11/17 10:49:52 | 000,587,088 | ---- | M] (Valve Corporation) -- C:\Users\XPS_2008\Documents\GameOverlayRenderer.dll
[2012/11/17 10:49:52 | 000,563,536 | ---- | M] (Valve Corporation) -- C:\Users\XPS_2008\Documents\AppOverlay64.dll
[2012/11/17 10:49:52 | 000,539,472 | ---- | M] (Valve Corporation) -- C:\Users\XPS_2008\Documents\AppOverlay.dll
[2012/11/17 10:49:52 | 000,237,904 | ---- | M] (Valve Corporation) -- C:\Users\XPS_2008\Documents\tier0_s.dll
[2012/11/17 10:49:52 | 000,212,304 | ---- | M] (Valve Corporation) -- C:\Users\XPS_2008\Documents\vstdlib_s.dll
[2012/11/17 10:49:52 | 000,122,864 | ---- | M] (Valve) -- C:\Users\XPS_2008\Documents\CSERHelper.dll
[2012/11/17 10:49:52 | 000,071,464 | ---- | M] (Valve Corporation) -- C:\Users\XPS_2008\Documents\GameOverlayUI.exe
[2012/11/17 10:49:51 | 004,061,008 | ---- | M] (Valve Corporation) -- C:\Users\XPS_2008\Documents\SteamUI.dll
[2012/11/17 10:49:51 | 002,975,568 | ---- | M] (Valve Corporation) -- C:\Users\XPS_2008\Documents\Steam.dll
[2012/11/17 10:49:51 | 001,039,192 | ---- | M] (Microsoft Corporation) -- C:\Users\XPS_2008\Documents\dbghelp.dll
[2012/11/17 10:49:51 | 000,284,456 | ---- | M] (Valve Corporation) -- C:\Users\XPS_2008\Documents\WriteMiniDump.exe
[2012/11/17 10:49:11 | 001,353,080 | ---- | M] (Valve Corporation) -- C:\Users\XPS_2008\Documents\Steam.exe
[2012/11/17 10:49:11 | 000,000,014 | ---- | M] () -- C:\Users\XPS_2008\Documents\Steam_68.mst
[2012/11/15 16:33:00 | 000,001,080 | ---- | M] () -- C:\Windows\System32\settingsbkup.sfm
[2012/11/15 16:33:00 | 000,001,080 | ---- | M] () -- C:\Windows\System32\settings.sfm
[2012/11/13 04:58:10 | 000,133,824 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012/11/13 04:58:10 | 000,083,432 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2012/11/13 04:58:10 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012/11/11 21:33:26 | 000,011,466 | ---- | M] () -- C:\Users\XPS_2008\Documents\cc_20121111_213322.reg
[2012/11/11 21:05:57 | 000,003,360 | ---- | M] () -- C:\Users\XPS_2008\Documents\cc_20121111_210554.reg
[2012/11/11 21:01:49 | 000,000,687 | ---- | M] () -- C:\Users\XPS_2008\Desktop\Photographs.lnk
[2012/11/09 19:35:32 | 000,005,720 | ---- | M] () -- C:\Users\XPS_2008\Documents\cc_20121109_193529.reg
[2012/11/09 19:06:23 | 000,007,601 | ---- | M] () -- C:\Users\XPS_2008\AppData\Local\Resmon.ResmonCfg
[2012/11/09 05:18:48 | 000,001,865 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2012/11/07 18:39:03 | 000,001,110 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/07 18:35:50 | 000,000,682 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/11/07 18:33:01 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/11/03 08:48:21 | 000,001,979 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012/11/01 18:23:23 | 000,223,752 | ---- | M] () -- C:\Users\XPS_2008\Documents\Floater_TicketFly_099065438424.pdf
[2012/11/01 17:08:25 | 004,410,054 | ---- | M] () -- C:\Windows\ACD Wallpaper.bmp
[2012/10/25 03:12:26 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
[2012/10/25 03:12:26 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts
========== Files Created - No Company Name ========== [2012/11/23 11:53:43 | 000,001,032 | ---- | C] () -- C:\Users\XPS_2008\Desktop\WhoCrashed.lnk
[2012/11/23 11:28:16 | 000,117,140 | ---- | C] () -- C:\Users\XPS_2008\Desktop\Virus, Spyware, Malware Removal - Geeks to Go Forums.htm
[2012/11/23 10:54:14 | 000,014,336 | ---- | C] () -- C:\Windows\System32\drivers\TrueSight.sys
[2012/11/17 10:49:53 | 000,123,232 | ---- | C] () -- C:\Users\XPS_2008\Documents\avutil-51.dll
[2012/11/17 10:49:53 | 000,025,521 | ---- | C] () -- C:\Users\XPS_2008\Documents\SteamUI_2026.mst
[2012/11/17 10:49:11 | 000,000,014 | ---- | C] () -- C:\Users\XPS_2008\Documents\Steam_68.mst
[2012/11/17 10:49:05 | 000,004,554 | ---- | C] () -- C:\Users\XPS_2008\Documents\ClientRegistry.blob
[2012/11/15 06:07:51 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/11/15 06:07:25 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/11/11 21:33:24 | 000,011,466 | ---- | C] () -- C:\Users\XPS_2008\Documents\cc_20121111_213322.reg
[2012/11/11 21:05:55 | 000,003,360 | ---- | C] () -- C:\Users\XPS_2008\Documents\cc_20121111_210554.reg
[2012/11/11 21:01:49 | 000,000,687 | ---- | C] () -- C:\Users\XPS_2008\Desktop\Photographs.lnk
[2012/11/11 15:35:49 | 003,544,134 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2012/11/11 15:33:47 | 000,011,545 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2012/11/09 19:35:30 | 000,005,720 | ---- | C] () -- C:\Users\XPS_2008\Documents\cc_20121109_193529.reg
[2012/11/07 18:33:01 | 000,001,854 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/11/03 08:48:21 | 000,001,979 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012/11/01 18:23:23 | 000,223,752 | ---- | C] () -- C:\Users\XPS_2008\Documents\Floater_TicketFly_099065438424.pdf
[2012/07/04 17:44:50 | 003,130,440 | ---- | C] () -- C:\Windows\System32\pbsvc_blr.exe
[2012/06/02 11:54:58 | 000,000,312 | ---- | C] () -- C:\Windows\System32\msexcr.ini
[2012/05/28 16:02:19 | 000,480,070 | ---- | C] () -- C:\Windows\System32\perfh001.dat
[2012/05/28 16:02:19 | 000,289,060 | ---- | C] () -- C:\Windows\System32\perfi001.dat
[2012/05/28 16:02:19 | 000,094,664 | ---- | C] () -- C:\Windows\System32\perfc001.dat
[2012/05/28 16:02:19 | 000,042,056 | ---- | C] () -- C:\Windows\System32\perfd001.dat
[2012/03/04 14:59:04 | 000,000,040 | ---- | C] () -- C:\Users\XPS_2008\jagex_cl_runescape_LIVE.dat
[2012/01/26 20:14:36 | 000,139,136 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012/01/26 20:14:18 | 000,233,920 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2012/01/26 20:14:17 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2012/01/25 19:37:57 | 002,580,552 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2011/09/29 23:09:22 | 000,138,056 | ---- | C] () -- C:\Users\XPS_2008\AppData\Roaming\PnkBstrK.sys
[2011/09/25 12:49:02 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2011/08/10 10:37:45 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011/08/10 10:37:45 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011/06/14 19:43:29 | 000,000,023 | ---- | C] () -- C:\Users\XPS_2008\jagexappletviewer.preferences
[2011/05/26 19:18:45 | 000,000,129 | ---- | C] () -- C:\Users\XPS_2008\jagex_runescape_preferences2.dat
[2011/05/26 19:16:55 | 000,000,035 | ---- | C] () -- C:\Users\XPS_2008\jagex_runescape_preferences.dat
[2011/04/09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011/02/23 06:33:42 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011/02/23 06:33:00 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/01/02 21:10:51 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/01/01 12:57:15 | 000,009,728 | ---- | C] () -- C:\Users\XPS_2008\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/31 01:03:47 | 000,065,252 | ---- | C] () -- C:\Windows\System32\claptn.ini
[2010/12/31 01:03:36 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CTBURST.DLL
[2010/12/31 01:03:36 | 000,037,888 | ---- | C] () -- C:\Windows\PSCONV.EXE
[2010/12/26 09:41:08 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2010/12/26 09:41:08 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2010/12/26 09:41:08 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/12/26 09:41:08 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/12/26 09:41:08 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/12/26 08:44:58 | 000,000,035 | ---- | C] () -- C:\Users\XPS_2008\AppData\Roaming\SetValue.bat
[2010/12/24 02:28:22 | 000,007,601 | ---- | C] () -- C:\Users\XPS_2008\AppData\Local\Resmon.ResmonCfg
[2010/12/17 20:21:22 | 000,189,736 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
========== ZeroAccess Check ========== [2009/07/13 21:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 21:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 18:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ========== [2011/07/19 11:35:06 | 000,000,000 | ---D | M] -- C:\Users\Bleh\AppData\Roaming\Subversion
[2011/07/19 11:33:04 | 000,000,000 | ---D | M] -- C:\Users\Testing\AppData\Roaming\Subversion
[2012/09/15 23:30:22 | 000,000,000 | ---D | M] -- C:\Users\XPS_2008\AppData\Roaming\.minecraft
[2012/09/09 14:31:58 | 000,000,000 | ---D | M] -- C:\Users\XPS_2008\AppData\Roaming\25Assist
[2012/11/09 05:49:09 | 000,000,000 | ---D | M] -- C:\Users\XPS_2008\AppData\Roaming\Ad-Aware Antivirus
[2010/11/29 12:49:17 | 000,000,000 | ---D | M] -- C:\Users\XPS_2008\AppData\Roaming\Amazon
[2011/12/02 17:30:47 | 000,000,000 | ---D | M] -- C:\Users\XPS_2008\AppData\Roaming\BANDISOFT
[2010/12/24 14:57:57 | 000,000,000 | ---D | M] -- C:\Users\XPS_2008\AppData\Roaming\Bioshock
[2011/01/13 19:29:57 | 000,000,000 | ---D | M] -- C:\Users\XPS_2008\AppData\Roaming\Bioshock2
[2011/07/09 08:47:15 | 000,000,000 | ---D | M] -- C:\Users\XPS_2008\AppData\Roaming\calibre
[2012/04/15 09:05:05 | 000,000,000 | ---D | M] -- C:\Users\XPS_2008\AppData\Roaming\IObit
[2010/11/20 11:40:16 | 000,000,000 | ---D | M] -- C:\Users\XPS_2008\AppData\Roaming\Leadertech
[2011/12/17 00:57:51 | 000,000,000 | ---D | M] -- C:\Users\XPS_2008\AppData\Roaming\LolClient
[2012/05/23 20:39:52 | 000,000,000 | ---D | M] -- C:\Users\XPS_2008\AppData\Roaming\LolClient2
[2012/08/27 17:42:51 | 000,000,000 | ---D | M] -- C:\Users\XPS_2008\AppData\Roaming\Origin
[2010/12/12 12:16:30 | 000,000,000 | ---D | M] -- C:\Users\XPS_2008\AppData\Roaming\Subversion
[2010/11/19 20:34:37 | 000,000,000 | ---D | M] -- C:\Users\XPS_2008\AppData\Roaming\SystemRequirementsLab
[2010/11/21 11:11:28 | 000,000,000 | ---D | M] -- C:\Users\XPS_2008\AppData\Roaming\Temp
[2012/06/03 10:03:24 | 000,000,000 | ---D | M] -- C:\Users\XPS_2008\AppData\Roaming\Thunderbird
[2011/08/03 06:42:57 | 000,000,000 | ---D | M] -- C:\Users\XPS_2008\AppData\Roaming\Tific
[2011/01/01 14:11:07 | 000,000,000 | ---D | M] -- C:\Users\XPS_2008\AppData\Roaming\WindSolutions
[2012/09/02 12:57:06 | 000,000,000 | ---D | M] -- C:\Users\XPS_2008\AppData\Roaming\ZalmanInstaller_otshot
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < %systemdrive%\$Recycle.Bin|@;true;true;true > < MD5 for: EXPLORER.EXE >[2011/02/25 22:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2010/11/20 05:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\ERDNT\cache\explorer.exe
[2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
< MD5 for: SERVICES >[2009/06/10 14:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\System32\drivers\etc\services
[2009/06/10 14:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_045b589158ae90da\services
< MD5 for: SERVICES.CFG >[2012/07/27 13:51:34 | 000,586,083 | ---- | M] () MD5=6DE4EA437EC1FE6DB27CADB0A7EA8DC2 -- C:\Program Files\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2011/06/06 12:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\services.cfg
< MD5 for: SERVICES.EXE >[2009/07/13 18:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\ERDNT\cache\services.exe
[2009/07/13 18:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/13 18:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
< MD5 for: SERVICES.EXE.MUI >[2009/07/13 19:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\System32\en-US\services.exe.mui
[2009/07/13 19:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_69d39d3a8748c332\services.exe.mui
[2009/07/26 22:50:21 | 000,019,456 | ---- | M] (Microsoft Corporation) MD5=5A88324C60F26F58323B87B498CDAC7B -- C:\Windows\System32\es-ES\services.exe.mui
[2009/07/26 22:50:21 | 000,019,456 | ---- | M] (Microsoft Corporation) MD5=5A88324C60F26F58323B87B498CDAC7B -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_es-es_699efa1e876fb4d7\services.exe.mui
[2009/07/26 22:57:10 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=665623741B4E3A3701871FCEFD1C9192 -- C:\Windows\System32\fr-FR\services.exe.mui
[2009/07/26 22:57:10 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=665623741B4E3A3701871FCEFD1C9192 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_0c56701d7a41cb39\services.exe.mui
[2009/07/13 17:44:10 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=6D8E63A4DB8C1761AD4440C7D1818CF4 -- C:\Windows\System32\ar-SA\services.exe.mui
[2009/07/13 17:44:10 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=6D8E63A4DB8C1761AD4440C7D1818CF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_ar-sa_d533f9bac2463952\services.exe.mui
[2009/07/26 23:04:10 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=DF8309CE62330C8D8AFBAA936531DA93 -- C:\Windows\System32\pt-BR\services.exe.mui
[2009/07/26 23:04:10 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=DF8309CE62330C8D8AFBAA936531DA93 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_6b6fd3bef3fcc0d1\services.exe.mui
< MD5 for: SERVICES.INI >[2005/09/26 06:16:00 | 000,003,813 | ---- | M] () MD5=34E5D0BEBEF501D89F3266DA0FC92A83 -- C:\Users\XPS_2008\AppData\Roaming\25Assist\armyops\System\Services.ini
< MD5 for: SERVICES.LNK >[2009/07/13 21:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/13 21:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
< MD5 for: SERVICES.MOF >[2009/06/10 14:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2009/06/10 14:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.mof
< MD5 for: SERVICES.MSC >[2009/07/26 22:57:06 | 000,092,751 | ---- | M] () MD5=1E203CFA3C6C7661317793BEEBA3423B -- C:\Windows\System32\fr-FR\services.msc
[2009/07/26 22:57:06 | 000,092,751 | ---- | M] () MD5=1E203CFA3C6C7661317793BEEBA3423B -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_4698400950ab652c\services.msc
[2009/07/13 19:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc
[2009/06/10 14:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2009/07/13 19:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 14:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc
[2009/07/13 17:40:10 | 000,092,781 | ---- | M] () MD5=8AE3EDA71772B6C307111DCC9336F8C8 -- C:\Windows\System32\ar-SA\services.msc
[2009/07/13 17:40:10 | 000,092,781 | ---- | M] () MD5=8AE3EDA71772B6C307111DCC9336F8C8 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_ar-sa_0f75c9a698afd345\services.msc
[2009/07/26 22:50:16 | 000,092,751 | ---- | M] () MD5=C7B99872B5170E37AF24905BEE772844 -- C:\Windows\System32\es-ES\services.msc
[2009/07/26 22:50:16 | 000,092,751 | ---- | M] () MD5=C7B99872B5170E37AF24905BEE772844 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_es-es_a3e0ca0a5dd94eca\services.msc
[2009/07/26 23:04:08 | 000,092,750 | ---- | M] () MD5=D2C49D7047664C51A9183D4A34C9008C -- C:\Windows\System32\pt-BR\services.msc
[2009/07/26 23:04:08 | 000,092,750 | ---- | M] () MD5=D2C49D7047664C51A9183D4A34C9008C -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_pt-br_a5b1a3aaca665ac4\services.msc
< MD5 for: SERVICES.PTXML >[2009/07/13 13:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\System32\wdi\perftrack\Services.ptxml
[2009/07/13 13:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\Services.ptxml
< MD5 for: SVCHOST.EXE >[2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache\svchost.exe
[2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012/09/29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
< MD5 for: USERINIT.EXE >[2010/11/20 05:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache\userinit.exe
[2010/11/20 05:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 05:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
< MD5 for: WINLOGON.EXE >[2010/11/20 05:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\ERDNT\cache\winlogon.exe
[2010/11/20 05:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 05:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2012/09/29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
< HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Local\AutoProxyCache /s > < %systemroot%\*. /mp /s > < %Temp%\smtmp\*.* /s > < hklm\software\clients\startmenuinternet|command /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/10/28 13:15:11 | 000,889,848 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/10/28 13:15:11 | 000,889,848 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/10/28 13:15:11 | 000,889,848 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/10/28 13:15:11 | 000,917,984 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/10/28 13:15:11 | 000,917,984 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/10/28 13:15:11 | 000,917,984 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/04/27 18:25:45 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/04/27 18:25:45 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/04/27 18:25:45 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2012/10/08 01:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2012/10/08 01:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/10/28 13:15:11 | 000,889,848 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/10/28 13:15:11 | 000,889,848 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/10/28 13:15:11 | 000,889,848 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/10/28 13:15:11 | 000,917,984 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/10/28 13:15:11 | 000,917,984 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/10/28 13:15:11 | 000,917,984 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/04/27 18:25:45 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/04/27 18:25:45 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/04/27 18:25:45 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2012/10/08 01:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2012/10/08 01:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation)
< End of report >
OTL Extras logfile created on: 12/11/23 11:59:34 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = D:\AntiVi
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: yy/MM/dd
3.00 Gb Total Physical Memory | 1.96 Gb Available Physical Memory | 65.45% Memory free
5.99 Gb Paging File | 4.73 Gb Available in Paging File | 78.99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 287.68 Gb Free Space | 61.77% Space Free | Partition Type: NTFS
Drive D: | 461.06 Gb Total Space | 34.69 Gb Free Space | 7.52% Space Free | Partition Type: NTFS
Drive E: | 634.73 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: XPS_2008-PC | User Name: XPS_2008 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-2046201742-2579986617-2449524958-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with ACDSee] -- "D:\ACDEESEE\ACDSee32.exe" "%1" (ACD Systems, Ltd.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06FD6118-CE15-4903-A310-68CD028208EA}" = rport=138 | protocol=17 | dir=out | app=system |
"{093DA6A0-60DD-466C-AC47-698AB6115A25}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0B8BCE56-60F6-43F6-BAE2-45C2249AD90A}" = lport=58502 | protocol=17 | dir=in | name=pando media booster |
"{0B93042F-DA19-47C6-9015-21CD2FB501A6}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{1A791AC4-980C-488B-8DDB-3B415D785B14}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1F5237A3-5D0C-44C2-A3FA-5F57D0C5661A}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
"{2572D889-CC07-4180-9AB4-ED277E5F1FFB}" = lport=58502 | protocol=6 | dir=in | name=pando media booster |
"{2AE4F043-5123-446E-86B7-CBBA2BA524D6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2ED015F6-61C7-4398-A94F-B567BACF5BCC}" = lport=57069 | protocol=6 | dir=in | name=pando media booster |
"{353F449C-CE74-4EAC-974F-3C5D69E8D1F6}" = lport=10243 | protocol=6 | dir=in | app=system |
"{373634EB-421C-4F99-96E5-7CF198171330}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{39D5843B-F02B-4BDE-8F78-B9C8D09DA3A5}" = lport=445 | protocol=6 | dir=in | app=system |
"{43A7BDA3-C470-413E-9282-17904F899E73}" = lport=58502 | protocol=17 | dir=in | name=pando media booster |
"{4B434D4A-5652-4B3E-B1C2-194F129B0078}" = lport=137 | protocol=17 | dir=in | app=system |
"{4D3B1A8A-C9D2-4D7C-AA36-2B0246BFA971}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{5143401C-2C9D-47F9-A8FC-37B3D8BDB835}" = lport=57069 | protocol=6 | dir=in | name=pando media booster |
"{5E28CCEB-D3F1-4B90-8B28-C36DF0A7E229}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{69B1C79B-1CCD-4223-99AE-F87F4E3D4588}" = lport=58925 | protocol=17 | dir=in | name=pando media booster |
"{6E01029A-CB31-4645-8308-FF30CB3FE357}" = lport=58925 | protocol=6 | dir=in | name=pando media booster |
"{6F78BD2A-E870-4B0B-85FE-CCC8340D7082}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7318334B-7739-4512-9130-CA71061BF466}" = lport=6004 | protocol=17 | dir=in | app=d:\program files\microsoft office\office14\outlook.exe |
"{74D38858-7A48-42FB-9D07-D0FA24F7B50A}" = lport=58925 | protocol=17 | dir=in | name=pando media booster |
"{74E4C7A8-E2EB-4174-B2BC-1B99B099813C}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7B46C8B4-A66C-4050-ABD3-25243193AACD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7C176382-5DCD-42D3-9F00-C21C76A99026}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{82034B30-5E86-4968-A719-E0F0EA73147D}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{8C43F671-12F5-4FCF-ACAB-B994A1478CC5}" = lport=57069 | protocol=17 | dir=in | name=pando media booster |
"{8D1D9A0E-8E03-4FB8-805A-495F1050FF34}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{92374203-1759-457F-8589-C029DAEF7074}" = rport=445 | protocol=6 | dir=out | app=system |
"{926189F1-5583-49A8-B78A-EE415A48B4B2}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{92895828-0F83-4665-BBE8-7BD84DEB3805}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A0116BC4-D0D4-42C9-9068-0E8323731764}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{AD8B28BA-9E7F-41F1-9F6C-B0C9F4F711A8}" = lport=58502 | protocol=6 | dir=in | name=pando media booster |
"{AE72B521-2A44-4268-9479-FC490E7507C9}" = lport=139 | protocol=6 | dir=in | app=system |
"{AF161743-4DC3-494E-8B0D-6C543BA0D8FB}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{AFE1D7A2-0C64-47A5-A25D-052C055FC9DB}" = lport=138 | protocol=17 | dir=in | app=system |
"{B0112B0E-02DB-47BB-9C6D-93FCB0E4EBBA}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{B34AD448-3A94-4394-831A-2C96876FDA81}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BB7EC4D6-9B17-439C-8A1B-18E7E36B56FB}" = rport=137 | protocol=17 | dir=out | app=system |
"{CC8CD3F8-7481-49F5-A2B1-DE9FC4C376F7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D636F76C-F609-40C9-ABE8-88B551AAD9D8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss |
[email protected],-28539 |
"{D7A2A972-D9EB-4290-92BC-CC8D5A7F3E09}" = rport=139 | protocol=6 | dir=out | app=system |
"{DC32C3B2-1C54-45E3-822B-C65C9DFE62EB}" = lport=57069 | protocol=17 | dir=in | name=pando media booster |
"{E20AB5D6-C2FB-4FF6-A175-C10CE86DFF5E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EF702181-E049-42D6-8F25-C6CBEB26E139}" = lport=58925 | protocol=6 | dir=in | name=pando media booster |
"{EFA74F04-D50C-4460-8457-850064CEBCAC}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F57FE0C9-4AC5-4B2C-B26B-BB1BF4C3E38B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F7CB9AD5-4CC7-4B66-BABF-380CAAA62314}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F92095B5-1BAE-48C1-8F3D-D4AB3479E5EB}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{033D0874-F9A5-4807-B524-BEBA3ADDDB06}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{04C50CCA-9C4E-407B-A862-E044BBC0DFE6}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\ulargila\diprip warm up\hl2.exe |
"{06486BFD-2E8D-46AC-B07C-FB1C787C2CB0}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{06D7CFEE-7ED2-43D9-8BED-1CD1E9948F09}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\c9\c9mappingaccount.exe |
"{06DB26D9-8030-4E8A-B0D1-BC071F7BDE94}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{07F69E10-5405-4C8F-9A20-4FBCA52363C3}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{09F1F0D6-7DAE-4B10-810D-8453AC723F26}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0CB73F6E-7878-43D2-B115-FBD1F1266923}" = protocol=6 | dir=in | app=c:\nexon\vindictus\en-us\nmservice.exe |
"{0EA9F321-FB22-4EBF-A962-6E9477801386}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\microsoft flight\flight.exe |
"{0F2522E4-C810-42F2-BF57-FA680C52A9CF}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\left 4 dead\left4dead.exe |
"{0FF9DA42-BE41-487C-B85B-D716A4275BB7}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{114BF5DC-26A5-4ECA-B8C7-3E1AFC1CD863}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\ulargila\source sdk base 2007\hl2.exe |
"{17723E10-53E7-4DCC-95FB-DA8C85B5636F}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\ulargila\diprip warm up\hl2.exe |
"{179C18E4-DAD6-4CC6-A368-59118DE81AFD}" = protocol=6 | dir=in | app=d:\program files\2k games\bioshock 2\sp\builds\binaries\bioshock2.exe |
"{1D3052A8-739E-4683-B33C-EAFC71102BA1}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{1D45FEF8-8EDB-4937-A68C-885EE84C3BE5}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\left 4 dead\left4dead.exe |
"{1DA011C0-E886-410A-BD48-9C3A2D477212}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\jonathanwestfall\synergy\hl2.exe |
"{1F5CF539-86C5-4CBB-A138-AEFEA7D684D3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1FA17D9C-18C2-4921-AF24-0A4D8BDD1E31}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1FE932FE-1D79-45EE-80FE-099F85C186A5}" = protocol=17 | dir=in | app=c:\nexon\vindictus\en-us\nmservice.exe |
"{203470F7-A2BB-4B99-BE3C-B9BB3F2A706A}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\vindictus\en-us\vslauncher.exe |
"{21E1CE2F-0498-42D8-9A5C-C2675BDF1CBC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{25735851-4FD2-49A7-A12D-570766AA800D}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\call of duty black ops\blackops.exe |
"{25C54A52-8A26-42CC-8A69-F91B82785D20}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\blacklightretribution\blacklight retribution.exe |
"{2B420A15-F312-4B62-AC5E-ED67F62EA889}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\portal 2\portal2.exe |
"{2B7C5567-D5EB-4637-9FE9-F4D7EC84D7E1}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{2B81E100-2D49-4165-80DF-F2B588F10AC1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2BCB1347-0907-43D1-A79D-7222C95B4B1D}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{2C58382A-09C8-4F79-8318-88A04E1D8A09}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\ulargila\zombie panic! source dedicated server\srcds.exe |
"{2DF86C74-7814-4D37-83E3-B1D581CEC94F}" = protocol=17 | dir=in | app=d:\program files\starcraft ii\starcraft ii.exe |
"{2EBA03FC-6136-4A29-9C26-A0B70047853F}" = protocol=17 | dir=in | app=d:\program files\microsoft office\office14\groove.exe |
"{321D5AD0-7342-40AB-A939-4E391262F42D}" = protocol=6 | dir=in | app=d:\program files\starcraft ii\versions\base17326\sc2.exe |
"{32C86AE7-7956-4CC7-BC59-585AD8916E71}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{33C2A1C9-4302-4AAA-9546-AA141369B8DD}" = protocol=1 | dir=out |
[email protected],-28544 |
"{3425F2B6-CA02-4C21-99CA-215E830C184D}" = protocol=17 | dir=in | app=c:\program files\origin\games\battlefield 3\bf3.exe |
"{354070F7-C415-49B0-8051-82BB06194EFA}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{36D58490-FD79-4424-9CAB-B9B35CA3B6D2}" = protocol=6 | dir=in | app=d:\program files\starcraft ii\starcraft ii.exe |
"{42AD1378-68FE-4FF0-8969-7894337AEE65}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{43DF1FA3-29D1-4605-89CC-87BF86492E2E}" = protocol=6 | dir=in | app=c:\program files\diablo iii\diablo iii.exe |
"{453C9504-0340-4B39-83CE-CDD0283A686C}" = protocol=6 | dir=in | app=c:\nexon\dragonnest\dragonnest.exe |
"{46049BF0-1804-4DFC-BFFE-49A9E480C8DC}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{472AC751-B4FB-4107-87D9-BCAB395B09BB}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\c9\c9mappingaccount.exe |
"{475D6B31-8544-4F08-932F-D5E9DC5091F0}" = protocol=17 | dir=in | app=c:\nexon\dragonnest\dragonnest.exe |
"{483B5CDB-BB20-49B6-8134-4E8D6CA8CD38}" = protocol=6 | dir=in | app=c:\nexon\vindictus\en-us\nmservice.exe |
"{4BA97CFE-CFF2-4472-9473-8850793B78E5}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{4CB431FC-E030-424A-B617-7D98EF810A99}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{4D338D89-06C7-49A4-AE36-CAC8F44BFDC7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{547C2ACD-9090-4F64-AA30-7DDD7A480735}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{54F3A73F-4C2A-44A1-8726-5113DB73CBF6}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{586AA23A-E339-4B7D-BF89-8548462C541F}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\terraria\terraria.exe |
"{5A2C59F0-4406-404C-899C-E232AEB06C01}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\vindictus\en-us\vslauncher.exe |
"{63D58A9A-96EF-425D-A1A0-882B7FD9BE6D}" = protocol=6 | dir=in | app=d:\program files\microsoft office\office14\groove.exe |
"{688720F8-7104-4F85-A632-9E53E177716D}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{6B44D3E7-7ED4-4D3F-B167-36565713F8C4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6C3863B6-54CE-42E5-9927-A53BB9490BD5}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\ulargila\dystopia dedicated server\srcds.exe |
"{6EB03A79-9E66-4EFA-93E8-7242569FCD83}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\ulargila\age of chivalry\hl2.exe |
"{6EFB0434-2901-4B20-8895-0BF441430E62}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{7399B4AA-82AC-4ABE-8033-06E492C4DA24}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{753DF0C2-5292-47AF-90A3-86345924B10C}" = protocol=58 | dir=in |
[email protected],-28545 |
"{75DE2A56-793B-47B4-B4A1-D7115DC3E64B}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{762B832B-56D0-4DEA-A6EA-63F7F33290B5}" = protocol=17 | dir=in | app=d:\program files\steam\steam.exe |
"{76E7FEFD-AC92-4AA9-9926-67DA209CE6A0}" = protocol=17 | dir=in | app=c:\program files\adawaretb\dtuser.exe |
"{7798AA93-183B-40AC-B8E9-30EEDDCE10FA}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\ulargila\dystopia\hl2.exe |
"{7871DA24-CC0D-46CB-BFC8-8D9475E19FFB}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\jonathanwestfall\synergy\hl2.exe |
"{790EE04F-6B04-45A1-A1A8-C636F0F72537}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{794F03CD-89EF-4A72-B8EE-4F1838DAD6F1}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\aliens vs predator\avp_launcher.exe |
"{7998634B-182C-4AB6-A9E9-A0BF4BBA4CC3}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\ulargila\zombie panic! source\hl2.exe |
"{7D09355A-0B08-4884-A69D-489E25B99E85}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{7D93D5F5-83A6-4C41-8628-24A17E189325}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{7E62F0AE-BFED-4A44-BAF6-4C7866D0C1CB}" = protocol=17 | dir=in | app=d:\program files\microsoft office\office14\onenote.exe |
"{7ECC9909-6E14-4B40-913A-711CB9028221}" = protocol=6 | dir=in | app=d:\program files\microsoft office\office14\onenote.exe |
"{7EE31596-E853-4F2E-AD97-3B7760627AF7}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{7EFD1E02-EC67-44AA-BB28-73342C9C1EC5}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\aliens vs predator\avp.exe |
"{7F60E00A-E44D-48F6-B8EB-389C9A51F282}" = protocol=1 | dir=in |
[email protected],-28543 |
"{7FA07FCC-914B-401E-BF50-119BF2D9D993}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\ulargila\smashball\hl2.exe |
"{7FDCE025-ACA6-40E6-A345-B6FF9B6ACE0F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7FFB4A8D-1F6E-45F1-A96B-36305C147895}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{807D6FAB-77E6-475B-8ECF-EF7D1F866746}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\ulargila\source sdk base 2007\hl2.exe |
"{81CF0D31-B8C6-45C7-AB34-3F03CD7ED807}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{85DA1CBE-215A-4F68-9BF8-26C7BB861566}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\ulargila\dystopia\hl2.exe |
"{88C57905-A15F-4BFA-A747-83BBD4DF8424}" = protocol=17 | dir=in | app=d:\program files\starcraft ii\versions\base18092\sc2.exe |
"{88C680BE-A384-4080-9302-819612EC917B}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\ulargila\synergy dedicated server\srcds.exe |
"{899B8B43-F699-45AE-819F-36204B359220}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8C8E5BCB-75B2-4657-8456-B8FB75EE8619}" = protocol=17 | dir=in | app=d:\program files\2k games\bioshock 2\mp\builds\binaries\bioshock2.exe |
"{8DD734AE-10A7-4B63-9D9E-C141569CB191}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\universe at war earth assault\launchuaw.exe |
"{8E9339AF-B279-4826-8F25-F61FE2A80CED}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{99022340-46E7-484E-B9E1-06825290A567}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\call of duty black ops\blackops.exe |
"{9A21D081-B055-4D47-99B9-97D2BB973A63}" = protocol=58 | dir=out |
[email protected],-28546 |
"{9C343F14-DF4B-440F-B9FB-466A80C39728}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{A0E21EB4-8989-4B41-92DA-B1F7A5B15195}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\ulargila\synergy\hl2.exe |
"{A12D116B-8DCB-4C4C-AF04-34DDDF8E8C4C}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\vindictus\en-us\nmservice.exe |
"{A3DAE14D-3E83-4BAE-87A9-144CB0DA4DF3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A54D2A3C-34BF-44D1-A8CA-532F842C4DFD}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{A6B70B17-3A5D-49BF-93B4-990AC12AEC6B}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\aliens vs predator\avp.exe |
"{AA218BF2-139D-4501-8790-91F4FF233BE1}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\universe at war earth assault\launchuaw.exe |
"{ABAF8559-18C4-4133-A996-60FCCDFB72C8}" = protocol=17 | dir=in | app=c:\nexon\vindictus\en-us\nmservice.exe |
"{ABD75300-0BF0-4791-AFD6-83133A7F98A2}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{AC860760-C3DC-4B02-949C-FB146C4078B6}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{AD81CC22-4E97-475B-8158-884DEEE0C558}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{AE3F9FEC-D0F2-48EE-9580-5FCF40AB8F40}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{B44F2898-2CAF-4B65-81C7-B70438FAE31F}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\skyrim\creationkit.exe |
"{B5CBB317-91EF-4134-B29C-241F9D658EB0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B6ABAD15-C515-4BD0-8FB3-5A819F46AACA}" = protocol=6 | dir=in | app=d:\program files\steam\steam.exe |
"{B8D6E9FA-4F15-4A28-B80D-4B43049523E3}" = protocol=6 | dir=in | app=d:\program files\2k games\bioshock 2\mp\builds\binaries\bioshock2.exe |
"{BF29C39B-58E9-4FDF-9E0F-78CD370585FD}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{C05F2C7A-6DCE-4413-A9F6-1D7A0D6D11CC}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\blacklightretribution\blacklight retribution.exe |
"{C0C139E2-47D1-4488-890D-5968A158EB55}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{C41580A8-130E-4005-BAB5-A4DFD5914EF2}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\darwinia\darwinia.exe |
"{C5D43390-53DD-415D-9440-E09EA40CCA4C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C78617EC-1A38-4CE8-BC45-D42B99C0DD78}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\microsoft flight\flight.exe |
"{C7A47717-4E5F-43A8-8A39-85AC764B7D79}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{C7A64FAD-A442-4AFC-AC8D-0E5574344644}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\ulargila\synergy dedicated server\srcds.exe |
"{C95458CC-D2EA-4281-B21E-2040ECEBB8A3}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\aliens vs predator\avp_dx11.exe |
"{CA8622B6-1E3F-483B-B10F-0FE5DD634F2E}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\ulargila\dystopia dedicated server\srcds.exe |
"{CC3D817F-6863-4AD6-8E55-A3345C7673CC}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\vindictus\en-us\nmservice.exe |
"{CE10B8BA-60C0-47B0-837D-2586E11290BF}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{CE831D0B-D023-40F0-9AEC-3B678E31E318}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{D34C428D-B81F-4BA2-9BD2-42DBD61D0C81}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\darwinia\darwinia.exe |
"{D4F248BD-2F94-4B22-A43C-C1F0573B52DC}" = protocol=6 | dir=out | app=system |
"{D70913BE-92CB-4EC6-B12C-EC769A4AD72D}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\ulargila\smashball\hl2.exe |
"{D8890E60-C159-47E3-BF10-A3CB00B4F37F}" = protocol=6 | dir=in | app=d:\program files\starcraft ii\versions\base18092\sc2.exe |
"{DC5E2B86-8666-414D-8ED1-75E4A7E2F265}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\skyrim\creationkit.exe |
"{DF17FCD6-1667-4128-A051-C6143D057DBC}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{DF601269-513B-410A-A9CF-95B82466A3D6}" = protocol=6 | dir=in | app=c:\program files\origin\games\battlefield 3\bf3.exe |
"{E39BFDCA-FA82-4951-842C-300655E9ED15}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{E39D151E-8CE2-4AB8-B065-06CF3AFF44FA}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\ulargila\synergy\hl2.exe |
"{E4ECBB41-D15B-4DC3-9A4D-74AAD1BE0030}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\aliens vs predator\avp_launcher.exe |
"{E8ADBE6E-8800-451A-BE8B-34F246E52959}" = protocol=17 | dir=in | app=c:\program files\diablo iii\diablo iii.exe |
"{ECCA9013-213E-429F-A390-7FB376DB841B}" = protocol=17 | dir=in | app=d:\program files\starcraft ii\versions\base17326\sc2.exe |
"{ED002646-7326-43AE-A3B8-C763DC993DCA}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\portal 2\portal2.exe |
"{EE0FF0DF-EEBA-44BD-9062-338395BA8192}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\ulargila\zombie panic! source dedicated server\srcds.exe |
"{F1DF42A4-C4CE-4BB3-8CAA-4ACB12B5C85B}" = protocol=6 | dir=in | app=c:\program files\adawaretb\dtuser.exe |
"{F1EAE59D-D442-451F-BEF9-D0C7D61CC694}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{F365A62F-0A94-4BE8-8DD1-B70F10FCA0E6}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\ulargila\zombie panic! source\hl2.exe |
"{F79EEDBB-4955-4310-AC61-3F0C97FCE28A}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\aliens vs predator\avp_dx11.exe |
"{F9E87F64-EABB-41A1-8929-56A8F418EBAC}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\terraria\terraria.exe |
"{FB0FDE48-E810-4097-8127-856A9622AE2D}" = protocol=17 | dir=in | app=d:\program files\2k games\bioshock 2\sp\builds\binaries\bioshock2.exe |
"{FB767F00-52CA-49FB-A466-C223F0BFEB76}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{FB7AFCAB-BE88-4D3E-89F3-DF256152FB7F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{FDD3AAEC-6C91-4051-90EF-03F13B9B3691}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\ulargila\age of chivalry\hl2.exe |
"TCP Query User{1FF1A796-C735-4FE1-A164-D1146112B639}D:\program files\steam\steamapps\ulargila\source sdk base\hl2.exe" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\ulargila\source sdk base\hl2.exe |
"TCP Query User{435B47F9-A771-4E69-8C71-CC031316F40F}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{793BBFEC-17CD-4826-98C8-A188F386C75C}D:\program files\microsoft office\office14\groove.exe" = protocol=6 | dir=in | app=d:\program files\microsoft office\office14\groove.exe |
"TCP Query User{88436482-6858-4156-9028-DD24F11149F2}D:\program files\steam\steam.exe" = protocol=6 | dir=in | app=d:\program files\steam\steam.exe |
"TCP Query User{8E067C9C-53B3-48F3-81D3-327F0FE68DB1}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{955751F7-E70D-4B71-B810-644835724FF8}C:\users\xps_2008\documents\my games\terraria\terrariaserver.exe" = protocol=6 | dir=in | app=c:\users\xps_2008\documents\my games\terraria\terrariaserver.exe |
"TCP Query User{9A92D0A3-340C-42A0-B014-E3C903BF7DB8}C:\guildwars2\gw2.exe" = protocol=6 | dir=in | app=c:\guildwars2\gw2.exe |
"TCP Query User{9B2E3E3C-1D9F-4467-AD2C-2FCACA238A4B}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{A8F8AD19-1885-4A91-A3B4-8511CD131166}D:\program files\steam\steamapps\common\terraria\terrariaserver.exe" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\terraria\terrariaserver.exe |
"TCP Query User{CA32B49E-70C7-4363-A509-49ADF11654B6}D:\program files\steam\steamapps\common\universe at war earth assault\uawea.exe" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\universe at war earth assault\uawea.exe |
"TCP Query User{CB567EAE-8CE3-4224-9D3A-1AA52CC3B32F}D:\program files\steam\steamapps\ulargila\insurgency\hl2.exe" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\ulargila\insurgency\hl2.exe |
"TCP Query User{CEE3322A-217F-4A87-A2CA-12DCAB6D2424}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{DC288FC7-868D-4035-91C3-7A7DE99F2E63}C:\users\xps_2008\appdata\roaming\25assist\armyops\system\armyops.exe" = protocol=6 | dir=in | app=c:\users\xps_2008\appdata\roaming\25assist\armyops\system\armyops.exe |
"TCP Query User{E791C3B4-9267-4986-BE84-BEEF1D176852}D:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"UDP Query User{0D3ADC09-B21F-4FB7-9EDB-EB9E12BC39D9}D:\program files\steam\steamapps\ulargila\insurgency\hl2.exe" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\ulargila\insurgency\hl2.exe |
"UDP Query User{2C59707C-7707-4D4A-AD10-203E5AC43D64}D:\program files\microsoft office\office14\groove.exe" = protocol=17 | dir=in | app=d:\program files\microsoft office\office14\groove.exe |
"UDP Query User{429DD8AC-1FE9-47A2-A8DE-D8CC799227B9}C:\users\xps_2008\documents\my games\terraria\terrariaserver.exe" = protocol=17 | dir=in | app=c:\users\xps_2008\documents\my games\terraria\terrariaserver.exe |
"UDP Query User{5D9D3CFA-93D1-4746-8B7E-2F0D6ABC8541}D:\program files\steam\steamapps\common\universe at war earth assault\uawea.exe" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\universe at war earth assault\uawea.exe |
"UDP Query User{6D3246D5-479F-48F9-83B4-8004824A3169}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{9C546C9F-3672-4060-A796-C54719B49131}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{B00EE251-C157-494F-8519-F4F6B8FD7B66}C:\users\xps_2008\appdata\roaming\25assist\armyops\system\armyops.exe" = protocol=17 | dir=in | app=c:\users\xps_2008\appdata\roaming\25assist\armyops\system\armyops.exe |
"UDP Query User{BEA06BEB-061B-4CF0-8E20-45826D993393}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{C9AADC4D-CB5D-481E-87E8-18D6F77E4525}D:\program files\steam\steamapps\common\terraria\terrariaserver.exe" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\terraria\terrariaserver.exe |
"UDP Query User{C9D1C4A6-4B2C-4179-840A-5D86A5C86A97}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{DC8264D7-4477-44BF-B44A-7F0EE0A6BB6F}D:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"UDP Query User{DD01ED18-E152-4E45-8233-86B797E00980}D:\program files\steam\steam.exe" = protocol=17 | dir=in | app=d:\program files\steam\steam.exe |
"UDP Query User{F4E441F9-EB45-4294-A749-34322FA4D00B}C:\guildwars2\gw2.exe" = protocol=17 | dir=in | app=c:\guildwars2\gw2.exe |
"UDP Query User{FB036B3B-74A9-4B4B-9F81-5B7EC96218CF}D:\program files\steam\steamapps\ulargila\source sdk base\hl2.exe" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\ulargila\source sdk base\hl2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0645A454-AD44-4F0D-99CF-6B762735AD1F}" = aioprnt
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java 6 Update 37
"{2b12a4e9-c782-45ef-801e-abd0a08d3d8d}" = Ad-Aware Antivirus
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A8B461A-9336-4CF9-98F4-14DD38E673F0}" = BioShock 2
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{5454085C-840F-4070-8FAA-441000038301}" = BioShock 2
"{56BA241F-580C-43D2-8403-947241AAE633}" = center
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5D87C09F-512F-474A-A306-0FE3B89C396F}" = RuneScape Launcher 1.0.4
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}" = VoiceOver Kit
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{887868A2-D6DE-3255-AA92-AA0B5A59B874}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93FF055C-7E0B-4E26-AAFB-2C4333E2D7D0}" = Logitech Gaming Software
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A212E6C2-20F7-4A8E-BD8E-DC3EE7483FA2}" = PRS-500 USB driver
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW version 2010.07.14
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{ACCEB7C3-4F3A-4C43-93CA-644951D08B0D}" = TortoiseSVN 1.6.12.20536 (32 bit)
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 310.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 310.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 310.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 310.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0904
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B70E5793-F912-4C62-AFE2-C4F0B078FD31}" = Reader Library by Sony
"{C22E50B4-B9D0-4A07-B1F3-12362514FEA7}" = The Sims™ 2 Double Deluxe
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C963C417-CFE3-4950-8B83-466AED0C1599}" = NVIDIA PhysX
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240D6}" = WinZip 17.0
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{DE6B7599-D3EF-4436-8836-BAA0B0D7768D}" = aiofw
"{DE7A5DDF-47B3-42FF-A082-E158DEA37392}" = EMET
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK AiO Home Center
"{E280923D-C5D9-4728-8C79-AC9A0DC75875}" = BioShock
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE24086F-3B0C-4C47-A874-97A7B8E2FBBE}" = aioscnnr
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"75070B1806113224B16C70296B90DD1AD8A53479" = Windows Driver Package - Sony Corporation (PRSUSB) USB (08/08/2006 1.0.03.08080)
"7-Zip" = 7-Zip 9.20
"Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection
"adawaretb" = Ad-Aware Security Toolbar
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"ALchemy" = Creative ALchemy
"AudioCS" = Creative Audio Control Panel
"Avira AntiVir Desktop" = Avira Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"CCleaner" = CCleaner
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties" = Creative Sound Blaster Properties
"Diablo III" = Diablo III
"DivX Setup.divx.com" = DivX Setup
"Driver Cleaner Pro" = DH Driver Cleaner Professional Edition
"Guild Wars" = Guild Wars
"Logitech Gaming Software" = Logitech Gaming Software 8.30
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000
"MapleStory" = MapleStory
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 16.0.2 (x86 en-US)" = Mozilla Firefox 16.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"mp3parse" = MP3 Parser DirectShow Filter (remove only)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"OpenAL" = OpenAL
"Origin" = Origin
"Plants vs. Zombies™" = Plants vs. Zombies™
"PunkBusterSvc" = PunkBuster Services
"StarCraft II" = StarCraft II
"Steam App 105600" = Terraria
"Steam App 1500" = Darwinia
"Steam App 1840" = Source Filmmaker
"Steam App 202480" = Creation Kit
"Steam App 203850" = Microsoft Flight
"Steam App 209870" = Blacklight: Retribution
"Steam App 212160" = Vindictus
"Steam App 212390" = C9
"Steam App 22380" = Fallout: New Vegas
"Steam App 240" = Counter-Strike: Source
"Steam App 28050" = Deus Ex: Human Revolution
"Steam App 380" = Half-Life 2: Episode One
"Steam App 42680" = Call of Duty: Modern Warfare 3
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 620" = Portal 2
"Steam App 72850" = The Elder Scrolls V: Skyrim
"SystemRequirementsLab" = System Requirements Lab
"Vindictus" = Vindictus
"WhoCrashed_is1" = WhoCrashed 4.01
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-bit)
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2046201742-2579986617-2449524958-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 12/11/17 06:10:41 | Computer Name = XPS_2008-PC | Source = Windows Search Service | ID = 3083
Description =
Error - 12/11/17 13:48:50 | Computer Name = XPS_2008-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.1.7601.17567,
time stamp: 0x4d6727a7 Faulting module name: GROOVEEX.DLL, version: 0.0.0.0, time
stamp: 0x502c877c Exception code: 0xc0000006 Fault offset: 0x00240738 Faulting process
id: 0x4c8 Faulting application start time: 0x01cdc4a05581d560 Faulting application
path: C:\Windows\Explorer.EXE Faulting module path: D:\PROGRA~1\MI1933~1\Office14\GROOVEEX.DLL
Report
Id: 0b265148-30df-11e2-8579-001e4fa80d89
Error - 12/11/17 13:48:50 | Computer Name = XPS_2008-PC | Source = Application Error | ID = 1005
Description = Windows cannot access the file for one of the following reasons: there
is a problem with the network connection, the disk that the file is stored on,
or the storage drivers installed on this computer; or the disk is missing. Windows
closed the program Windows Explorer because of this error. Program: Windows Explorer
File:
The error value is listed in the Additional Data section. User Action 1. Open the
file again. This situation might be a temporary problem that corrects itself when
the program runs again. 2. If the file still cannot be accessed and - It is on the
network, your network administrator should verify that there is not a problem with
the network and that the server can be contacted. - It is on a removable disk, for
example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the
computer. 3. Check and repair the file system by running CHKDSK. To run CHKDSK,
click Start, click Run, type CMD, and then click OK. At the command prompt, type
CHKDSK /F, and then press ENTER. 4. If the problem persists, restore the file from
a backup copy. 5. Determine whether other files on the same disk can be opened.
If not, the disk might be damaged. If it is a hard disk, contact your administrator
or computer hardware vendor for further assistance. Additional Data Error value: C000026E
Disk
type: 0
Error - 12/11/17 14:16:31 | Computer Name = XPS_2008-PC | Source = Application Error | ID = 1000
Description = Faulting application name: aswMBR.exe, version: 0.9.9.1665, time stamp:
0x4f5f9c86 Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp:
0x4ec49b60 Exception code: 0xc0000005 Fault offset: 0x00052cc7 Faulting process id:
0xfe8 Faulting application start time: 0x01cdc4ef2e455928 Faulting application path:
C:\Users\XPS_2008\Desktop\aswMBR.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: e8f85c48-30e2-11e2-8579-001e4fa80d89
Error - 12/11/20 20:12:13 | Computer Name = XPS_2008-PC | Source = Bonjour Service | ID = 100
Description = ERROR: mDNSPlatformReadTCP - recv: 10053
Error - 12/11/20 20:12:13 | Computer Name = XPS_2008-PC | Source = Bonjour Service | ID = 100
Description = 468: ERROR: read_msg errno 0 (The operation completed successfully.)
Error - 12/11/20 23:24:58 | Computer Name = XPS_2008-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.1.7601.17567,
time stamp: 0x4d6727a7 Faulting module name: GROOVEEX.DLL, version: 0.0.0.0, time
stamp: 0x502c877c Exception code: 0xc0000006 Fault offset: 0x0023c210 Faulting process
id: 0x908 Faulting application start time: 0x01cdc784d6974220 Faulting application
path: C:\Windows\Explorer.EXE Faulting module path: D:\PROGRA~1\MI1933~1\Office14\GROOVEEX.DLL
Report
Id: 06a84550-338b-11e2-913d-001e4fa80d89
Error - 12/11/20 23:24:58 | Computer Name = XPS_2008-PC | Source = Application Error | ID = 1005
Description = Windows cannot access the file for one of the following reasons: there
is a problem with the network connection, the disk that the file is stored on,
or the storage drivers installed on this computer; or the disk is missing. Windows
closed the program Windows Explorer because of this error. Program: Windows Explorer
File:
The error value is listed in the Additional Data section. User Action 1. Open the
file again. This situation might be a temporary problem that corrects itself when
the program runs again. 2. If the file still cannot be accessed and - It is on the
network, your network administrator should verify that there is not a problem with
the network and that the server can be contacted. - It is on a removable disk, for
example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the
computer. 3. Check and repair the file system by running CHKDSK. To run CHKDSK,
click Start, click Run, type CMD, and then click OK. At the command prompt, type
CHKDSK /F, and then press ENTER. 4. If the problem persists, restore the file from
a backup copy. 5. Determine whether other files on the same disk can be opened.
If not, the disk might be damaged. If it is a hard disk, contact your administrator
or computer hardware vendor for further assistance. Additional Data Error value: C000026E
Disk
type: 0
Error - 12/11/20 23:27:53 | Computer Name = XPS_2008-PC | Source = MsiInstaller | ID = 11706
Description =
Error - 12/11/21 01:19:24 | Computer Name = XPS_2008-PC | Source = SideBySide | ID = 16842761
Description = Activation context generation failed for "C:\Program Files\WinZip\adxloader.dll.Manifest".Error
in manifest or policy file "C:\Program Files\WinZip\adxloader.dll.Manifest" on
line 2. The manifest file root element must be assembly.
[ System Events ]
Error - 12/11/23 13:34:12 | Computer Name = XPS_2008-PC | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Provider
Host service which failed to start because of the following error: %%1058
Error - 12/11/23 13:34:48 | Computer Name = XPS_2008-PC | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Provider
Host service which failed to start because of the following error: %%1058
Error - 12/11/23 13:41:12 | Computer Name = XPS_2008-PC | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Provider
Host service which failed to start because of the following error: %%1058
Error - 12/11/23 13:45:18 | Computer Name = XPS_2008-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy5.
Error - 12/11/23 13:45:21 | Computer Name = XPS_2008-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy5.
Error - 12/11/23 13:52:55 | Computer Name = XPS_2008-PC | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Provider
Host service which failed to start because of the following error: %%1058
Error - 12/11/23 13:54:23 | Computer Name = XPS_2008-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy5.
Error - 12/11/23 13:54:27 | Computer Name = XPS_2008-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolumeShadowCopy5.
Error - 12/11/23 14:21:49 | Computer Name = XPS_2008-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:16:57 AM on ?11/?23/?2012 was unexpected.
Error - 12/11/23 14:22:21 | Computer Name = XPS_2008-PC | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Provider
Host service which failed to start because of the following error: %%1058
< End of report >