A few days ago, I was unlucky enough to get hit with Sirefef and I thought I would be able to remove it myself which unfortunatly wasn't a good idea. This is what happened...
I first ran a full scan with Microsoft Security Essentials which is my main antivirus software. It detected Sirefef.a aswell as a few other things it had dropped such as Medfos.a and Qakbot. I thought I had removed them but it returned later that day and dropped Qakbot again. I then immediatly downloaded MBAM and ran a quick scan with that. It found 63 objects, all of which it said it had cleaned. I then restarted the PC and decided to run the Microsoft Security Scanner on overnight. I usually always leave my PC on every night and the only thing I leave running, besides Speedfan, is IRC. I usually use my iPad and I always check to make sure that I'm still present in the IRC channel before I go to sleep and before I get up. When I checked the next morning, I found I wasn't there anymore and discovered that the PC had either frozen or crashed during the night because my monitor was on standby and I could not get it to respond. This scenario repeated itself again that day. After that, I downloaded Spybot Search & Destroy and ran a scan with that. It had detected a bunch of installed adware aswell as the trojan itself, I believe it was win32.zbot. After reading a little about it, I figured that this must be causing the crashing. It managed to clean everything but I decided to tell it to run another scan at startup just to be on the safe side. Whilst it was scanning, one thing that popped up in the scan box utterly sent shivers down my spine. "Virtumonde.dll" I was really scared now and I don't know what else to do. I've had a huge run in before with Vundo on my previous PC which made my computing experience a total misery.
But the ironic thing is, other than the crashing, I've not experienced any kind of negative behaviour from the computer such as adverts popping up or anything. I know the crashing was caused by the trojan because this PC has never ever frozen -just- like that since I acquired it in late 2010. I'm now worried about any leftovers from Sirefef or if Vundo even really is on the PC. None of the things I've used to scan are detecting anything anymore and are saying my system is clean but I can not figure out why the computer is crashing so SOMETHING must still be inside. Help?
I have attacthed the OTL & Extras logs below. You might notice a few silly names for folders, that's just my level of maturity sometimes when I need to create a quick folder to store something.
Cheers
OTL logfile created on: 3/2/2013 8:56:36 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Reshad\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
6.00 Gb Total Physical Memory | 3.67 Gb Available Physical Memory | 61.24% Memory free
12.00 Gb Paging File | 9.41 Gb Available in Paging File | 78.46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 919.81 Gb Total Space | 445.33 Gb Free Space | 48.42% Space Free | Partition Type: NTFS
Drive D: | 11.61 Gb Total Space | 1.41 Gb Free Space | 12.19% Space Free | Partition Type: NTFS
Drive E: | 973.88 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: EIGHTBALL | User Name: Reshad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/03/02 20:56:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Reshad\Desktop\OTL.exe
PRC - [2013/02/26 22:06:26 | 000,701,808 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_171_ActiveX.exe
PRC - [2012/12/17 19:50:07 | 000,308,368 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/08/16 14:27:36 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/07/24 07:51:16 | 004,334,272 | ---- | M] (Almico Software (www.almico.com)) -- C:\Program Files (x86)\SpeedFan\speedfan.exe
PRC - [2010/01/25 19:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2009/08/25 02:11:16 | 000,656,896 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
PRC - [2009/05/08 23:39:48 | 002,068,992 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe
PRC - [2009/05/08 23:11:00 | 002,068,992 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe
PRC - [2009/03/13 12:13:14 | 001,308,672 | ---- | M] (mIRC Co. Ltd.) -- C:\Program Files (x86)\mIRC\mirc.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/02/28 02:13:04 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
PRC - [2008/11/21 20:07:50 | 000,327,680 | ---- | M] () -- C:\Program Files (x86)\HP Laser Gaming Mouse with VoodooDNA\hid.exe
PRC - [2008/11/20 17:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
========== Modules (No Company Name) ==========
MOD - [2013/03/02 20:51:46 | 000,192,512 | ---- | M] () -- C:\Users\Reshad\AppData\Local\Temp\sfamcc00001.dll
MOD - [2013/03/02 20:51:46 | 000,172,032 | ---- | M] () -- C:\Users\Reshad\AppData\Local\Temp\sfareca00001.dll
MOD - [2009/02/28 02:13:04 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
MOD - [2009/02/20 00:22:50 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\WMINPUT.dll
MOD - [2008/11/21 20:07:50 | 000,327,680 | ---- | M] () -- C:\Program Files (x86)\HP Laser Gaming Mouse with VoodooDNA\hid.exe
========== Services (SafeList) ==========
SRV:64bit: - [2013/01/27 11:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/01/27 11:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2012/12/23 03:55:20 | 001,030,600 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2012/04/26 03:50:18 | 000,237,056 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/03/09 22:00:40 | 000,365,568 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/12/22 02:31:04 | 000,117,584 | ---- | M] (Devguru Co., Ltd.) [Auto | Running] -- C:\Windows\SysNative\dgdersvc.exe -- (dgdersvc)
SRV:64bit: - [2009/10/07 01:47:10 | 000,191,000 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:64bit: - [2009/07/14 01:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/03/12 17:39:54 | 000,086,016 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe -- (mi-raysat_3dsmax2010_64)
SRV - [2013/02/27 18:30:04 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/02/26 23:06:18 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/26 12:23:13 | 003,560,800 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013/02/25 07:39:32 | 000,543,144 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/01/08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/23 03:51:59 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/11/12 18:31:49 | 004,539,712 | ---- | M] () [Disabled | Stopped] -- c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll -- (Akamai)
SRV - [2012/08/16 14:27:36 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/09/09 17:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/08/02 20:33:49 | 003,780,040 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/04 18:03:42 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/12/22 02:31:02 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\dgdersvc.exe -- (dgdersvc)
SRV - [2009/06/10 21:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/12 17:36:24 | 000,086,016 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe -- (mi-raysat_3dsmax2010_32)
SRV - [2008/11/11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/01/20 15:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/12/14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/08/23 14:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 14:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/04/26 05:47:20 | 011,172,864 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/04/26 02:32:46 | 000,339,456 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/03/08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/01 06:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/25 22:59:29 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/11/14 03:00:22 | 000,294,248 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\VMM.sys -- (vmm)
DRV:64bit: - [2011/08/02 17:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/06/24 05:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2011/06/24 05:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.0)
DRV:64bit: - [2010/11/20 13:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010/11/20 13:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010/11/20 13:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 11:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010/11/20 11:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010/09/22 19:19:02 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2010/07/02 10:08:32 | 000,525,040 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SRS_HDAL_amd64.sys -- (SRS_HDAL_Service)
DRV:64bit: - [2010/03/10 16:33:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie)
DRV:64bit: - [2010/03/04 14:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/02/18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010/01/28 05:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/12/22 02:31:26 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2009/12/22 02:31:04 | 000,020,568 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dgderdrv.sys -- (dgderdrv)
DRV:64bit: - [2009/12/19 03:33:34 | 000,852,256 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2009/12/07 13:22:16 | 000,011,520 | ---- | M] (Primax Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\gamingms.sys -- (GamingMsFltr)
DRV:64bit: - [2009/11/13 23:21:22 | 000,543,616 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVer888RC_64.sys -- (AVER_H193)
DRV:64bit: - [2009/11/13 23:20:14 | 000,039,936 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVer888RCIR_64.sys -- (CXCIR)
DRV:64bit: - [2009/10/19 21:45:54 | 000,039,480 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/10/08 00:13:34 | 000,070,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/10/08 00:13:34 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/10/07 01:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2009/10/07 01:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2009/09/19 05:30:14 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV:64bit: - [2009/09/19 05:30:14 | 000,128,000 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bserd.sys -- (ss_bserd)
DRV:64bit: - [2009/09/19 05:30:14 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus)
DRV:64bit: - [2009/09/19 05:30:14 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV:64bit: - [2009/07/14 01:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 01:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 01:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 20:35:36 | 000,867,328 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009/06/10 20:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 20:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 20:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 20:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/04/30 23:01:34 | 000,327,576 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2009/04/30 22:55:56 | 002,755,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LV302V64.SYS -- (PID_PEPI)
DRV:64bit: - [2009/04/30 22:55:46 | 000,015,896 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lv302a64.sys -- (lvpepf64)
DRV:64bit: - [2009/03/18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/08/28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008/07/26 15:26:34 | 000,050,072 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV:64bit: - [2008/02/05 01:50:42 | 000,079,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV:64bit: - [2007/05/14 15:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2007/04/04 11:28:40 | 001,495,936 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbVM302.sys -- (ZSMC301b)
DRV:64bit: - [2007/03/18 07:43:28 | 000,301,824 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vvftav302.sys -- (vvftav302)
DRV:64bit: - [2007/02/08 08:48:04 | 000,051,600 | ---- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dsiarhwprog_x64.sys -- (usbio)
DRV - [2012/07/10 23:00:53 | 000,003,026 | ---- | M] (Logix4u) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\hwinterface.sys -- (hwinterface)
DRV - [2009/12/22 02:31:26 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2009/12/22 02:31:02 | 000,018,136 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2009/07/14 01:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005/01/04 18:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
DRV - [2003/12/01 15:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003/10/10 14:06:26 | 000,062,720 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\prohlp02.sys -- (prohlp02)
DRV - [2003/10/10 13:06:24 | 000,052,128 | ---- | M] (Protection Technology) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003/09/06 12:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\prosync1.sys -- (prosync1)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPDSK/2
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{10804A4C-5AE6-43C3-BC3C-4BB7ABCB8B45}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPDSK/2
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{10804A4C-5AE6-43C3-BC3C-4BB7ABCB8B45}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://msn.co.uk/
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{10804A4C-5AE6-43C3-BC3C-4BB7ABCB8B45}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7GGLL_enGB393
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..extensions.enabledAddons: %7B75656794-AB59-4712-BFBC-5D816D56F3BC%7D:1.1.6
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.8
FF - prefs.js..extensions.enabledAddons: %7B74c841e3-b59f-479e-8d7a-e26a942a87c8%7D:3.0
FF - prefs.js..extensions.enabledAddons: testpilot%40labs.mozilla.com:1.2.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.2
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2
FF - prefs.js..extensions.enabledItems: {75656794-AB59-4712-BFBC-5D816D56F3BC}:1.1.6
FF - prefs.js..extensions.enabledItems: {D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0}:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:10.0.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.8
FF - prefs.js..extensions.enabledItems: {74c841e3-b59f-479e-8d7a-e26a942a87c8}:3.0
FF - prefs.js..keyword.URL: "http://search.babylo...q={SearchTerm}"
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.3.1: C:\Windows\system32\npDeployJava1.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.3.1: C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@winzip.com/Winzip Courier: C:\Program Files (x86)\WinZip Courier\npwzwmc.dll (WinZip Computing, S.L.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Reshad\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Reshad\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Reshad\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{74c841e3-b59f-479e-8d7a-e26a942a87c8}: C:\Program Files (x86)\WinZip Courier\FFExt [2011/07/29 06:43:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/02/04 20:37:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013/03/01 18:19:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/02 14:14:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/02/28 18:19:32 | 000,000,000 | ---D | M]
[2010/08/20 15:51:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Reshad\AppData\Roaming\Mozilla\Extensions
[2013/03/02 15:28:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Reshad\AppData\Roaming\Mozilla\Firefox\Profiles\glq4sg8w.default\extensions
[2010/11/01 19:39:16 | 000,000,000 | ---D | M] (HyperCam Toolbar) -- C:\Users\Reshad\AppData\Roaming\Mozilla\Firefox\Profiles\glq4sg8w.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
[2013/03/02 15:28:53 | 000,615,654 | ---- | M] () (No name found) -- C:\Users\Reshad\AppData\Roaming\Mozilla\Firefox\Profiles\glq4sg8w.default\extensions\[email protected]
[2013/02/28 17:46:05 | 000,269,007 | ---- | M] () (No name found) -- C:\Users\Reshad\AppData\Roaming\Mozilla\Firefox\Profiles\glq4sg8w.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013/03/02 14:14:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/02/28 18:19:32 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/03/02 14:14:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
[2011/07/29 06:43:38 | 000,000,000 | ---D | M] (WinZip Courier) -- C:\PROGRAM FILES (X86)\WINZIP COURIER\FFEXT
[2013/02/27 18:30:20 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2007/02/20 20:52:36 | 001,622,016 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\fluxcore.dll
[2006/07/28 12:29:54 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\fluxcryp.dll
[2007/02/20 20:52:38 | 000,303,104 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\fluxdx8.dll
[2007/02/20 20:52:46 | 000,417,792 | ---- | M] ( ) -- C:\Program Files (x86)\mozilla firefox\plugins\npflux.dll
[2012/05/10 08:32:57 | 000,129,144 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll
[2013/02/27 18:29:44 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/02/27 18:29:44 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://go.microsoft....k/?LinkId=69157
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Reshad\AppData\Local\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Reshad\AppData\Local\Google\Chrome\Application\25.0.1364.97\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Reshad\AppData\Local\Google\Chrome\Application\25.0.1364.97\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
CHR - plugin: WinZip Courier (Enabled) = C:\Users\Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilckobikkmajlmhhdenkhonjkoaneclk\3.0.2_0\wzwmcgc.dll
CHR - plugin: WinZip Courier (Enabled) = C:\Program Files (x86)\WinZip Courier\npwzwmc.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Flux Player (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npflux.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U32 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Reshad\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: WinZip Courier = C:\Users\Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilckobikkmajlmhhdenkhonjkoaneclk\3.0.2_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: TV for Google Chrome\u2122 = C:\Users\Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe\2.0.2_0\
CHR - Extension: TV for Google Chrome\u2122 = C:\Users\Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe\2.0.4_0\
CHR - Extension: Skype Click to Call = C:\Users\Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Reshad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
O1 HOSTS File: ([2013/03/02 15:55:40 | 000,446,020 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.123fporn.info
O1 - Hosts: 15316 more lines...
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (HyperCam Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (HyperCam Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll ()
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [MSC] "c:\Program Files\Microsoft Security Client\mssecex.exe" -hide -runkey File not found
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [BATINDICATOR] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe (Hewlett-Packard)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP VoodooDNA Mouse] C:\Program Files (x86)\HP Laser Gaming Mouse with VoodooDNA\hid.exe ()
O4 - HKLM..\Run: [LaunchHPOSIAPP] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe (Hewlett-Packard)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe (SONIX)
O4 - HKLM..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" File not found
O4 - HKCU..\Run: [BitTorrent] C:\Program Files (x86)\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe (Hewlett-Packard)
O4 - HKCU..\Run: [KiesTrayAgent] File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SRSHDAudioLab] "C:\Program Files\SRS Labs\SRS HD Audio Lab\HDAL.exe" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: modthesims.info ([www] https in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.3.1)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_03)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A2F4B0B3-9ED0-4568-83F4-3C38BB1CF5A4}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O28 - HKLM ShellExecuteHooks: UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/01/12 05:31:08 | 000,000,000 | R--D | M] - E:\AutoRun -- [ UDF ]
O32 - AutoRun File - [2008/01/12 05:40:28 | 000,703,552 | R--- | M] (Electronic Arts Inc.) - E:\AutoRun.exe -- [ UDF ]
O32 - AutoRun File - [2008/01/11 15:17:04 | 000,662,592 | R--- | M] (Electronic Arts Inc.) - E:\AutoRunGUI.dll -- [ UDF ]
O32 - AutoRun File - [2008/01/12 05:40:09 | 000,000,150 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{04bb96f9-0c37-11e0-b346-78e7d1c2cdb4}\Shell - "" = AutoRun
O33 - MountPoints2\{04bb96f9-0c37-11e0-b346-78e7d1c2cdb4}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O33 - MountPoints2\{60c9ba16-16dc-11e0-8e78-78e7d1c2cdb4}\Shell - "" = AutoRun
O33 - MountPoints2\{60c9ba16-16dc-11e0-8e78-78e7d1c2cdb4}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O33 - MountPoints2\{936236c3-164b-11e0-bd62-78e7d1c2cdb4}\Shell - "" = AutoRun
O33 - MountPoints2\{936236c3-164b-11e0-bd62-78e7d1c2cdb4}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O33 - MountPoints2\{a8a3c7de-4a55-11e0-a396-78e7d1c2cdb4}\Shell - "" = AutoRun
O33 - MountPoints2\{a8a3c7de-4a55-11e0-a396-78e7d1c2cdb4}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O33 - MountPoints2\{dafc8200-60f8-11e0-844b-78e7d1c2cdb4}\Shell - "" = AutoRun
O33 - MountPoints2\{dafc8200-60f8-11e0-844b-78e7d1c2cdb4}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O33 - MountPoints2\{dfa8418b-8628-11df-9242-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{dfa8418b-8628-11df-9242-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2008/01/12 05:40:28 | 000,703,552 | R--- | M] (Electronic Arts Inc.)
O33 - MountPoints2\{fa76598b-c1ac-11df-b826-78e7d1c2cdb4}\Shell - "" = AutoRun
O33 - MountPoints2\{fa76598b-c1ac-11df-b826-78e7d1c2cdb4}\Shell\AutoRun\command - "" = J:\StartClickFreeBackup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/03/02 20:56:09 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Reshad\Desktop\OTL.exe
[2013/03/02 13:29:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2013/03/02 13:29:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013/03/02 13:29:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2013/03/02 13:14:10 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{4CEB9B59-3086-4792-A511-B859C2491538}
[2013/03/01 18:26:24 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{DB375633-1865-4A3E-97E7-D8E86B5AE31A}
[2013/03/01 17:37:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Symantec
[2013/03/01 17:13:31 | 000,000,000 | ---D | C] -- C:\Users\Reshad\Documents\Symantec.Endpoint.Protection.v11.0.5002.333-ZWT x32-x64
[2013/03/01 14:22:46 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{70738295-BEC0-4ED0-9F25-1FFD3E490CEA}
[2013/03/01 01:13:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Recovery
[2013/02/28 18:19:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/02/28 17:23:44 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Roaming\Malwarebytes
[2013/02/28 17:23:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/02/28 17:23:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/02/28 17:23:31 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/02/28 17:23:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/02/28 17:18:40 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{63C8D894-956A-4475-AAFF-91BFF246A7D7}
[2013/02/28 15:30:59 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{6CAB9168-0C03-4707-9B92-E260BF7E986F}
[2013/02/27 17:56:35 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{AE7B6F1E-AF64-47BF-9AA3-02DF193851A9}
[2013/02/27 00:07:24 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{DC0F4C4C-03CD-4C6C-AE16-E8157135EB31}
[2013/02/25 22:35:16 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{7B391CD9-14FC-441E-A8CE-23B87AD61C78}
[2013/02/25 17:21:10 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{F8137E39-DD29-4B44-8213-03160AF920DF}
[2013/02/24 20:36:56 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{D2690FF9-2A38-48B7-8832-C870257B3252}
[2013/02/24 19:44:23 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{752B2857-B79C-4D95-907D-41CAFE338A34}
[2013/02/24 14:51:13 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{76E3492C-2DB5-45E5-B9D6-A008FC62429F}
[2013/02/23 20:14:07 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{19D03541-CE99-4ABE-8065-EBAAA8893D1D}
[2013/02/23 00:00:23 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{95828E23-EF36-4F3D-9BD3-56D39106A94B}
[2013/02/22 21:45:48 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{D410E71C-F08A-4079-A7A8-5BA7AA249445}
[2013/02/22 20:04:10 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{AAA6CB6B-8AB0-4891-8812-77C518C0148E}
[2013/02/22 18:33:59 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{CC15CFBA-4BCB-4B14-B9A3-203D663F79A7}
[2013/02/22 18:08:22 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{CC5022FE-5AF6-4F1E-B7F0-E7488BF086C1}
[2013/02/21 22:03:53 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{3A966A84-9B82-423B-AB20-170DC710299A}
[2013/02/21 17:53:45 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{9B4F6571-0659-4BC7-A96C-38FF7BA3B320}
[2013/02/20 11:14:51 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{38F6E176-B4F8-4BA8-91D0-2A040975A98E}
[2013/02/20 10:39:19 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/02/19 19:53:45 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{4CA4DE27-BCA5-434A-BB4D-14D3BE93EEE7}
[2013/02/19 19:39:27 | 000,000,000 | ---D | C] -- C:\Users\Reshad\Documents\ZR
[2013/02/19 14:43:23 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{0E499D2D-F915-4A5A-9F8B-8E2D6D50B42C}
[2013/02/18 13:56:17 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{0C46FCC5-0FCE-45BE-8D33-6CD048DC3154}
[2013/02/17 00:18:10 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{6E816E08-0629-49EF-8382-221FEAADCD22}
[2013/02/16 13:34:06 | 000,000,000 | ---D | C] -- C:\Users\Reshad\Documents\XNALara
[2013/02/16 12:24:39 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{0BABDF9B-9817-458E-8977-0FBDD5846DF2}
[2013/02/15 22:30:29 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{33907458-078E-4556-BBA4-C2B7A26EA392}
[2013/02/14 16:27:50 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{09BE8731-4776-450A-86E1-75A2675C6C10}
[2013/02/14 09:05:54 | 000,000,000 | ---D | C] -- C:\Users\Reshad\Documents\SCGT
[2013/02/13 18:41:00 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{483AA026-DFCA-4589-AABA-96F305D813D6}
[2013/02/12 17:40:43 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{44018A8E-B092-4F40-8633-585E75902FF0}
[2013/02/11 15:31:20 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{05188486-0E1F-4205-8B35-D81D06810D24}
[2013/02/10 22:02:33 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{083D23FF-B2DB-4F0E-B327-57FCC533A101}
[2013/02/10 13:01:50 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{22AB2E57-48BB-4781-8418-66263018492F}
[2013/02/10 12:42:22 | 000,000,000 | ---D | C] -- C:\Users\Reshad\Documents\mIRCStats
[2013/02/10 01:07:37 | 000,000,000 | ---D | C] -- C:\Users\Reshad\Desktop\BALLS
[2013/02/10 01:07:26 | 000,000,000 | ---D | C] -- C:\Users\Reshad\Desktop\ARSE
[2013/02/09 17:19:07 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{D04F68FE-E207-4160-B12D-EE395EBBAF97}
[2013/02/08 20:10:49 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{1613BE59-8C67-4945-9A7F-CA9C70398943}
[2013/02/07 22:25:21 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{6FBB0C97-4A66-4F52-8E86-EDFEFF3F848B}
[2013/02/07 10:05:16 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{3AFD4B2B-F2BB-47F6-B572-11C0ABA5A334}
[2013/02/06 11:43:51 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{46A4B172-67AA-47D7-B6CE-89223081BC3F}
[2013/02/05 17:25:17 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{4C106C1B-E826-4632-A072-DF3509D6F88C}
[2013/02/05 12:23:31 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{AF2E6EF2-050A-4218-9BB4-78BC4C7E0929}
[2013/02/05 08:02:13 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{D221F27E-EC9E-4D2D-9D79-20768932D73A}
[2013/02/04 18:54:05 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{D728624B-B564-4226-8C1A-B0406E5B4E1A}
[2013/02/04 17:15:23 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{A893AE44-521D-44D5-B09F-E38D01C2D3D8}
[2013/02/04 16:53:41 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{486F199F-A132-4006-9723-B36FE947FEB3}
[2013/02/04 13:10:12 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{90AB7D6E-87A1-4CD7-9177-36EBBD52D516}
[2013/02/04 00:38:33 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{34DA3ACE-8DCE-4D69-A0F0-02FB5AD0B517}
[2013/02/03 12:38:09 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{F4588D2E-7794-4FA1-832F-B781C776F9EE}
[2013/02/03 11:00:02 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{60843937-56B6-4473-9BFA-5DEB1F536FE3}
[2013/02/02 17:45:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3D Ripper DX
[2013/02/02 17:45:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\3DRipperDX
[2013/02/02 13:33:35 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{AD3EA710-3203-4D73-A975-7AE07B1DAB70}
[2013/02/02 00:25:59 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{49A6E310-AAAC-4A5C-B53D-7DAF8653D6B7}
[2013/02/01 16:47:44 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{A4309DA3-2F3A-42FA-B6AE-36F0F995A248}
[2013/01/31 22:33:55 | 000,000,000 | ---D | C] -- C:\Users\Reshad\AppData\Local\{529A7D2B-EF87-4495-A029-41123D1A2676}
[2011/04/20 14:47:57 | 000,694,064 | ---- | C] (Red Hat) -- C:\Users\Reshad\cygwin1.dll
[2011/02/15 18:55:12 | 509,192,096 | ---- | C] (Acresso Software Inc.) -- C:\Users\Reshad\PSPP_X3_TBYB.exe
[6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[11 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/03/02 20:57:20 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/02 20:57:20 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/02 20:56:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Reshad\Desktop\OTL.exe
[2013/03/02 20:55:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/02 20:49:45 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/02 20:49:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForReshad.job
[2013/03/02 20:49:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/02 20:49:00 | 536,305,663 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/02 20:09:01 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2160701367-3649218657-2307139725-1000UA.job
[2013/03/02 20:06:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/02 18:12:13 | 000,779,266 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/03/02 18:12:13 | 000,669,104 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/03/02 18:12:13 | 000,127,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/03/02 16:09:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2160701367-3649218657-2307139725-1000Core.job
[2013/03/02 15:55:40 | 000,446,020 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/03/02 15:51:08 | 000,000,938 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20130302-155540.backup
[2013/03/02 14:14:39 | 000,002,050 | ---- | M] () -- C:\Users\Reshad\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/03/02 13:18:26 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013/03/01 17:37:37 | 000,219,795 | ---- | M] () -- C:\ProgramData\LUInstall.LiveUpdate
[2013/02/27 20:13:43 | 000,000,024 | ---- | M] () -- C:\Users\Reshad\random.dat
[2013/02/27 20:11:44 | 000,000,045 | ---- | M] () -- C:\Users\Reshad\jagex_cl_runescape_LIVE.dat
[2013/02/20 11:11:18 | 000,481,992 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/02/20 10:39:48 | 000,002,155 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/02/19 19:38:50 | 000,166,608 | ---- | M] () -- C:\Users\Reshad\Documents\watmarvlawl.jpg
[2013/02/19 18:49:36 | 000,384,289 | ---- | M] () -- C:\Users\Reshad\Documents\proj-3.jpg
[2013/02/19 18:39:20 | 001,346,448 | ---- | M] () -- C:\Users\Reshad\Documents\moi desk.jpg
[2013/02/19 18:10:25 | 000,336,808 | ---- | M] () -- C:\Users\Reshad\Documents\IMG_1768.jpg
[2013/02/19 16:41:58 | 000,066,764 | ---- | M] () -- C:\Users\Reshad\Documents\kv.jpg
[2013/02/13 01:45:07 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForEIGHTBALL$.job
[2013/02/06 16:49:24 | 000,007,596 | ---- | M] () -- C:\Users\Reshad\AppData\Local\Resmon.ResmonCfg
[2013/02/03 17:58:08 | 000,012,589 | ---- | M] () -- C:\Users\Reshad\Documents\Mount.and.Blade.Warband-SKIDROW.torrent
[2013/02/03 16:31:40 | 000,064,295 | ---- | M] () -- C:\Users\Reshad\Documents\Total_War_Shogun_2_READNFO-FLT.torrent
[6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[11 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/03/01 17:37:20 | 000,219,795 | ---- | C] () -- C:\ProgramData\LUInstall.LiveUpdate
[2013/02/19 19:38:47 | 000,166,608 | ---- | C] () -- C:\Users\Reshad\Documents\watmarvlawl.jpg
[2013/02/19 18:49:30 | 000,384,289 | ---- | C] () -- C:\Users\Reshad\Documents\proj-3.jpg
[2013/02/19 18:38:45 | 001,346,448 | ---- | C] () -- C:\Users\Reshad\Documents\moi desk.jpg
[2013/02/19 18:10:20 | 000,336,808 | ---- | C] () -- C:\Users\Reshad\Documents\IMG_1768.jpg
[2013/02/19 16:41:50 | 000,066,764 | ---- | C] () -- C:\Users\Reshad\Documents\kv.jpg
[2013/02/03 17:58:07 | 000,012,589 | ---- | C] () -- C:\Users\Reshad\Documents\Mount.and.Blade.Warband-SKIDROW.torrent
[2013/02/03 16:31:38 | 000,064,295 | ---- | C] () -- C:\Users\Reshad\Documents\Total_War_Shogun_2_READNFO-FLT.torrent
[2012/10/31 14:50:19 | 000,000,050 | ---- | C] () -- C:\Users\Reshad\jagex_cl_runescape_LIVE_BETA.dat
[2012/05/24 09:44:27 | 012,183,380 | ---- | C] () -- C:\Users\Reshad\Plutonic_BP2_textures.utx
[2012/05/24 09:43:56 | 016,272,400 | ---- | C] () -- C:\Users\Reshad\PlayerSkins.utx
[2012/05/06 15:31:45 | 000,000,024 | ---- | C] () -- C:\Users\Reshad\random.dat
[2012/04/26 02:52:40 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/04/26 02:52:40 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/04/02 20:48:21 | 000,011,349 | ---- | C] () -- C:\Users\Reshad\wkColorFix.zip
[2012/02/21 12:57:50 | 000,000,906 | ---- | C] () -- C:\Windows\DC.ini
[2012/02/18 22:29:06 | 000,081,673 | ---- | C] () -- C:\Users\Reshad\AM-Bio_Sever.png
[2012/01/18 16:13:50 | 000,000,008 | ---- | C] () -- C:\Windows\SysWow64\PROTOCOL.INI
[2011/12/27 04:45:33 | 000,000,046 | ---- | C] () -- C:\Users\Reshad\jagex_cl_runescape_LIVE1.dat
[2011/11/11 22:07:36 | 000,090,739 | ---- | C] () -- C:\Users\Reshad\al_080726_1240(2).bin.out.jpg
[2011/11/11 22:06:34 | 000,003,951 | ---- | C] () -- C:\Users\Reshad\VCAH8JF2MCA6Y61YNCAN5TYUPCAW07GYSCAOBFHT6CAIYTBWWCALMKHXQCAMGRBFTCA2IYE3ECA0X9Z85CA9N3LUFCAIT9JIVCAOTT43ECA4JSX6VCABXIWDHCAK9KPLZCA3W0N4ACAA2WB7ICAPH3ZOJ.jpg
[2011/11/11 22:05:26 | 000,010,426 | ---- | C] () -- C:\Users\Reshad\koe.png
[2011/11/11 21:46:13 | 000,735,190 | ---- | C] () -- C:\Users\Reshad\Menu 2.mp3
[2011/10/26 23:34:03 | 000,000,045 | ---- | C] () -- C:\Users\Reshad\jagex_cl_runescape_LIVE.dat
[2011/10/13 15:53:18 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011/10/13 15:53:02 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011/09/12 21:06:18 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/08/24 01:28:46 | 000,003,353 | ---- | C] () -- C:\Users\Reshad\AppData\Roaming\glide_wrapper.zbag.ini
[2011/08/06 19:24:53 | 000,095,232 | R--- | C] () -- C:\Windows\SysWow64\SMACKW32.DLL
[2011/08/06 19:24:53 | 000,019,968 | R--- | C] () -- C:\Windows\SysWow64\Cpuinf32.dll
[2011/08/06 19:24:53 | 000,007,680 | R--- | C] () -- C:\Windows\SysWow64\CPUINFO.DLL
[2011/07/31 16:23:53 | 000,007,596 | ---- | C] () -- C:\Users\Reshad\AppData\Local\Resmon.ResmonCfg
[2011/07/29 06:15:57 | 000,000,000 | ---- | C] () -- C:\Windows\Zillions.INI
[2011/07/13 18:55:06 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/07/11 04:40:37 | 034,063,984 | ---- | C] () -- C:\Users\Reshad\Thief2Patch107-118.exe
[2011/07/11 03:48:08 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2011/06/23 07:23:58 | 001,330,636 | ---- | C] () -- C:\Users\Reshad\zmodeler_v107.zip
[2011/06/23 07:23:38 | 001,359,355 | ---- | C] () -- C:\Users\Reshad\zmodeler_v107.exe
[2011/06/20 17:09:28 | 000,001,854 | ---- | C] () -- C:\Users\Reshad\AppData\Roaming\GhostObjGAFix.xml
[2011/05/18 11:48:27 | 002,294,272 | ---- | C] () -- C:\Users\Reshad\astudio.msi
[2011/04/27 18:55:52 | 010,133,388 | ---- | C] () -- C:\Users\Reshad\revolt 2011-04-27 19-30-38-03.avi
[2011/04/22 17:19:52 | 000,167,936 | ---- | C] () -- C:\Users\Reshad\SerialNumber.exe
[2011/04/20 15:57:50 | 000,009,108 | ---- | C] () -- C:\Users\Reshad\wheelr.i-p
[2011/04/20 15:57:50 | 000,008,962 | ---- | C] () -- C:\Users\Reshad\wheelr.ncp
[2011/04/20 15:57:50 | 000,008,452 | ---- | C] () -- C:\Users\Reshad\wheelr.prm
[2011/04/20 15:57:40 | 000,028,823 | ---- | C] () -- C:\Users\Reshad\wheelr.ase
[2011/04/20 15:52:58 | 000,009,108 | ---- | C] () -- C:\Users\Reshad\wheel.i-p
[2011/04/20 15:52:58 | 000,008,962 | ---- | C] () -- C:\Users\Reshad\wheel.ncp
[2011/04/20 15:52:58 | 000,008,452 | ---- | C] () -- C:\Users\Reshad\wheel.prm
[2011/04/20 15:52:28 | 000,029,006 | ---- | C] () -- C:\Users\Reshad\wheel.ase
[2011/04/20 14:50:31 | 000,109,874 | ---- | C] () -- C:\Users\Reshad\body.ncp
[2011/04/20 14:50:31 | 000,103,784 | ---- | C] () -- C:\Users\Reshad\body.i-p
[2011/04/20 14:50:31 | 000,095,920 | ---- | C] () -- C:\Users\Reshad\body.prm
[2011/04/20 14:44:53 | 000,155,648 | ---- | C] () -- C:\Users\Reshad\ase2w.exe
[2011/04/20 14:44:53 | 000,155,648 | ---- | C] () -- C:\Users\Reshad\ase2prm.exe
[2011/04/20 14:41:13 | 000,598,602 | ---- | C] () -- C:\Users\Reshad\body.ase
[2011/04/10 12:43:18 | 008,445,716 | ---- | C] () -- C:\Users\Reshad\packingCWCP.rar
[2011/03/09 14:20:07 | 000,767,342 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/02/24 01:57:14 | 409,155,201 | ---- | C] () -- C:\Users\Reshad\KEEPER FX 0.38b.exe
[2011/02/13 00:51:10 | 000,003,584 | ---- | C] () -- C:\Users\Reshad\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/30 18:00:17 | 000,018,984 | ---- | C] () -- C:\Users\Reshad\AppData\Roaming\UserTile.png
[2011/01/10 02:03:12 | 001,705,789 | ---- | C] () -- C:\Users\Reshad\ceruleantalon_cas2.pdf
[2011/01/09 20:07:47 | 000,000,627 | ---- | C] () -- C:\Users\Reshad\1980 class list.rar
[2011/01/07 11:48:58 | 001,882,254 | ---- | C] () -- C:\Users\Reshad\Delta.rar
[2010/12/28 03:54:41 | 000,000,020 | ---- | C] () -- C:\Program Files (x86)\Sims2Pack Clean Installer.ini
[2010/12/23 19:43:12 | 000,944,640 | ---- | C] () -- C:\Users\Reshad\revolt.exe
[2010/12/19 11:13:32 | 019,574,828 | ---- | C] () -- C:\Users\Reshad\Sonic - Marble Zone.wav
[2010/10/28 17:34:12 | 000,000,780 | ---- | C] () -- C:\Users\Reshad\AppData\Roaming\wklnhst.dat
[2010/08/25 21:04:39 | 650,369,885 | ---- | C] () -- C:\Users\Reshad\Luna_Online_100302_1.exe
[2010/08/20 16:54:58 | 000,000,129 | ---- | C] () -- C:\Users\Reshad\jagex_runescape_preferences2.dat
[2010/08/20 16:54:58 | 000,000,000 | ---- | C] () -- C:\Users\Reshad\jagex__preferences3.dat
[2010/08/20 16:53:54 | 000,000,046 | ---- | C] () -- C:\Users\Reshad\jagex_runescape_preferences.dat
[2010/01/31 11:06:18 | 000,008,046 | ---- | C] () -- C:\Program Files (x86)\Common Files\setupBanner.jpg
[2009/04/14 16:07:42 | 000,037,607 | ---- | C] () -- C:\Program Files (x86)\Common Files\license.rtf
========== ZeroAccess Check ==========
[2009/07/14 04:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 05:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 04:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 01:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 12:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 01:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012/03/17 22:16:50 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\.doomseeker
[2013/02/25 00:16:22 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\.minecraft
[2013/02/25 00:19:15 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\.techniclauncher
[2011/05/18 12:18:34 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\Anvil Studio
[2013/01/29 18:45:31 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\Armagetron
[2012/12/08 07:48:30 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\Autodesk
[2013/03/02 20:49:46 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\BitTorrent
[2013/03/01 17:48:16 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\FileZilla
[2011/08/24 01:28:40 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\fltk.org
[2013/01/15 02:04:59 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\Gyazo
[2011/03/06 12:35:57 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\ImgBurn
[2012/12/29 10:27:52 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\Kongregate
[2011/02/08 17:33:45 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\Leadertech
[2013/01/29 02:20:39 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\Minecraft Skin Viewer
[2012/10/20 16:33:30 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\Mumble
[2012/01/17 04:47:34 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\PC Suite
[2012/10/31 17:12:43 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\Publish Providers
[2010/10/12 18:29:59 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\Registry Mechanic
[2012/01/17 04:36:32 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\Samsung
[2011/07/13 10:57:44 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\ScummVM
[2012/11/10 15:40:18 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\Sony
[2013/02/11 15:34:06 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\TeamViewer
[2010/10/28 17:34:13 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\Template
[2011/08/02 12:25:28 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\Thinstall
[2010/08/29 13:16:18 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\Tific
[2010/08/20 15:12:42 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\WildTangent
[2010/08/29 02:37:05 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\WinBatch
[2012/07/08 10:04:58 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\Windows Live Writer
[2013/01/31 07:01:23 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\WinFF
[2012/10/10 05:42:30 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\Wings3D
[2011/03/13 20:10:55 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\Xilisoft Corporation
[2013/01/24 18:49:28 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\yang
[2011/05/29 02:38:20 | 000,000,000 | ---D | M] -- C:\Users\Reshad\AppData\Roaming\_MDLogs
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2011/12/10 07:20:35 | 000,001,858 | ---- | M] ()(C:\Users\Reshad\Documents\?????2.txt) -- C:\Users\Reshad\Documents\リードミー2.txt
[2011/12/10 07:20:35 | 000,001,858 | ---- | C] ()(C:\Users\Reshad\Documents\?????2.txt) -- C:\Users\Reshad\Documents\リードミー2.txt
[2011/07/20 13:43:25 | 000,003,683 | ---- | M] ()(C:\Users\Reshad\Documents\?????.txt) -- C:\Users\Reshad\Documents\リードミー.txt
[2011/07/20 10:15:56 | 000,003,683 | ---- | C] ()(C:\Users\Reshad\Documents\?????.txt) -- C:\Users\Reshad\Documents\リードミー.txt
========== Alternate Data Streams ==========
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:D1B5B4F1
< End of report >
OTL Extras logfile created on: 3/2/2013 8:56:36 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Reshad\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
6.00 Gb Total Physical Memory | 3.67 Gb Available Physical Memory | 61.24% Memory free
12.00 Gb Paging File | 9.41 Gb Available in Paging File | 78.46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 919.81 Gb Total Space | 445.33 Gb Free Space | 48.42% Space Free | Partition Type: NTFS
Drive D: | 11.61 Gb Total Space | 1.41 Gb Free Space | 12.19% Space Free | Partition Type: NTFS
Drive E: | 973.88 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: EIGHTBALL | User Name: Reshad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with Corel PaintShop Photo Pro X3] -- "c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\Corel Paint Shop Pro Photo.exe" "%L" (Corel, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OtsMedia.Surf] -- "C:\OtsLabs\OTSPLAY.EXE" "%1" /play /surf ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with Corel PaintShop Photo Pro X3] -- "c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\Corel Paint Shop Pro Photo.exe" "%L" (Corel, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OtsMedia.Surf] -- "C:\OtsLabs\OTSPLAY.EXE" "%1" /play /surf ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02133AB9-A106-4156-B631-430B6700560A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{04E4FB87-F1B3-4A8E-80CF-B0C612FD49E9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{0BC0DBD2-BEE7-4222-AF4F-084555BE5266}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0C52A96E-B80E-445B-B21F-BD804E3DB633}" = rport=138 | protocol=17 | dir=out | app=system |
"{0D13496C-4B01-4E2B-AC78-9B5D039709BF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{16334D7E-1227-498D-9824-29B731BBFAAC}" = lport=137 | protocol=17 | dir=in | app=system |
"{1C3144DA-A636-42E5-9F90-552198FDD17D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3BA53B8A-11A4-42B3-8D75-A6B89F6B8EDE}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{4811534B-7DE8-42C8-8623-FAF09CC2E4B3}" = rport=137 | protocol=17 | dir=out | app=system |
"{6340152D-76A0-4674-AB3C-3073190D710F}" = lport=49164 | protocol=6 | dir=in | name=akamai netsession interface |
"{694286EA-7E12-4FB7-9501-5A6F849DAA31}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{72EBA375-25F9-4D9A-AC5C-26B1A04C8901}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{77050A46-35B5-451C-86AC-8350F8CEFF8E}" = lport=139 | protocol=6 | dir=in | app=system |
"{77992EA8-DA3F-4B1F-9760-60D1CA668138}" = lport=10243 | protocol=6 | dir=in | app=system |
"{7D355C80-1858-4AE4-A8C5-9291BDE06653}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{85DE656F-06C7-4265-A506-D843F17C15CD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{87BA00AA-87F5-4096-A08B-F6BDC4DE7716}" = lport=138 | protocol=17 | dir=in | app=system |
"{9F4C56A6-CE37-4FB5-8286-EADB74A45107}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A36291D7-FE05-48D1-B2C3-EFBE08141996}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A386A379-F9E7-4757-9EAE-1E1164FE19ED}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A5CB5DC0-23DD-4139-B036-1931B808F34C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B0A624EC-2292-4A3A-8D76-492F9CC1D7C7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B3CA2EDA-CA47-4664-A311-79DD8FD16034}" = lport=49167 | protocol=6 | dir=in | name=akamai netsession interface |
"{B3F280B6-7D97-47ED-ACBE-C601BD171544}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{B444F4BC-AE52-4AC7-8232-9D7B2ABC796C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B5B7D191-F88C-4F05-8913-AFFED33DC5BA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B6B7F9B1-FF7A-4A38-8ECF-221BF038C222}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B7B64BC0-B936-415C-9B78-448A304B427D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B9278451-5081-4F1A-B12D-53C4BC4F7B9D}" = rport=445 | protocol=6 | dir=out | app=system |
"{C2B8FEA0-EAF4-4F9E-89B8-049018F57766}" = rport=139 | protocol=6 | dir=out | app=system |
"{C388B153-84C5-4DD1-9F4E-0A825207F9D7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CC191A18-B1BE-4226-A7B7-4B526A98F63B}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{D478B1D9-05EA-45E6-8C20-C8171815BACF}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{DEDB8F8B-676B-4C48-A239-310E1863C384}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E69ABC62-4A7A-4933-AE67-C1FBB8892631}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E79479C1-963C-47B2-8999-C98CB2096FB1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E8155BF9-FEFE-4323-B595-18F7A5400DCE}" = lport=445 | protocol=6 | dir=in | app=system |
"{F708A3B2-6936-411A-A559-1922EA9A1EFF}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F9E2135F-523E-44F2-B74C-F0485333B1E1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FA4E10AF-DC67-4B9D-AB1A-D1BEC6EB4556}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01111474-7F82-40DA-B632-A3DA54B0F19E}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32.exe |
"{012A1E62-131D-45A7-8B2D-C8DAD1EB64FA}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{016C45AD-93A4-4EE5-ACD2-CF61623D8762}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{03EFA5F1-B518-4D99-A2A6-D5587E64EB7F}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{059BE911-7141-49AD-A94C-10D94D9E4D3B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0D87FD4C-A873-40D4-BDEE-F6771469D2D2}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{0DAC815E-04C3-4509-BB0C-B6E7D258B238}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\need for speed road challenge\nfshsgame.exe |
"{10925AB8-2608-4C9D-91E0-9235A0985171}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{11B09947-882D-4C26-BC5C-F0477A2936E6}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{13A26FC7-3B00-44AF-B3E9-502BA1B97ADD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{13DF6CC3-80A7-4C66-9014-10B41D1EE0DF}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{14B04210-48CA-4250-A657-780E10BC5502}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32.exe |
"{14D18E35-AA2C-4C51-841D-3D7E25B66294}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe |
"{156277DF-6F1C-45ED-B772-46F4666C4870}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{16F4818D-FC5E-4A9B-B524-333428833036}" = protocol=6 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe |
"{198E6407-34DC-4C80-A583-BF426E4C7B16}" = protocol=17 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\apb.exe |
"{1A2780CF-3772-4AFE-9648-FF79D0BE14DC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age of empires 3\bin\age3.exe |
"{1B5214CF-9F41-401E-929C-D08ECC75FB05}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1DE7B5BD-254C-4CA8-855E-F9EAE6327FC4}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe |
"{1FB44DA3-4B23-45CB-B299-AD5D143CF03A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{23217BF4-4BBC-4505-BBCF-12D87F57D21E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"{23D01FDE-0FB7-405E-8009-0B624A90E562}" = protocol=17 | dir=in | app=c:\users\reshad\appdata\local\microsoft\windows\temporary internet files\content.ie5\87tiso84\crossfire_downloader[1].exe |
"{24BBBE56-6A2C-4F06-9A8E-7FC99D12C5FB}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{27854824-EDDB-4074-B412-245E0CC26886}" = protocol=6 | dir=in | app=c:\users\reshad\appdata\local\microsoft\windows\temporary internet files\content.ie5\87tiso84\crossfire_downloader[2].exe |
"{2DC107E4-8342-4174-A1AB-26C9C96B25BA}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe |
"{2F83D893-120C-4A5B-A0F9-B14C8E1A1F9B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\quake\glqwcl.exe |
"{2FD3C71D-20CA-4F5E-B907-647CCDF9B365}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{31B2037F-2491-4CD0-AA4E-D28D10C2C7D5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{34397F7D-F154-4B09-BAC2-C5E82CC578FF}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3A823C3E-E19F-4C43-A47D-44F029FCC65A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\quake\qwcl.exe |
"{3AEF5189-A84A-473F-AECA-328387CACCEF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\commandos 2 men of courage\readme.rtf |
"{3AFDEF6B-3F69-4B57-81B9-8102D56725F6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age of empires 3\bin\age3y.exe |
"{3C216226-245D-430F-96EF-ABEA7F4BA7E8}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |
"{3F3A43A2-3975-421D-B2C9-6E99EE374227}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{4037F81C-A041-45CD-B253-2E36198641CB}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{42A727D5-395C-47F4-93AF-9FA716B676BD}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |
"{4300EEED-D67D-4751-8A05-629524570E5F}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |
"{4481BD64-3BE5-46D4-92C2-0080FD33E70E}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{4F8BE8D7-1D57-4E2F-A4BA-CEF9068CB7CD}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{522E66B9-3DED-4F77-BD7E-EC6EABA52672}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{52B08C98-1D70-4459-AC0A-E2C793B1F997}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\3ds max 2010\3dsmax.exe |
"{5607D531-C0AB-4382-B01D-730A8A5073A8}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{56E8FB55-9098-47A0-8596-492ED0C4C161}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{582F8AA6-98FA-416E-B535-5765DF807BDB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\commandos 2 men of courage\comm2.exe |
"{5860118E-A383-472D-BD1C-BE339B46F31E}" = protocol=17 | dir=in | app=c:\program files (x86)\easybits for kids\programs\my first browser\myfirstbrowser.exe |
"{5AAE3D55-8E1B-4612-B936-A934A5077250}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{5AC2CA72-2A64-4302-AF0B-FA99705FD58A}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"{5AD7FF37-6A5B-4E6E-B299-538FA0B7C03C}" = protocol=6 | dir=in | app=c:\users\reshad\appdata\local\microsoft\windows\temporary internet files\content.ie5\87tiso84\crossfire_downloader[1].exe |
"{5B991B8F-9B66-4448-B3C5-85CEC51DA58D}" = protocol=58 | dir=out | [email protected],-28546 |
"{5D713D43-1B24-45F8-BC78-2C9696E03253}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird.exe |
"{603CA051-C93C-4DF3-AE7C-BF602F3D296B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\game_launcher.exe |
"{606106A0-822B-42CE-8342-28AADB396794}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"{60BBE589-1D50-45D2-951A-5C819BF0FC28}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird.exe |
"{62E43582-E6CF-43BB-8B47-7FD97F388E91}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{64BB1E41-2ACF-4B14-B320-C5AE3DDADB73}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age of empires 3\bin\age3x.exe |
"{6719A1B1-8D47-4246-BEF4-4B5656B1E731}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{67BE90A2-AC13-4F7E-BABF-F9CA3A95A348}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{69DB7C96-8245-4817-BD9C-3203D179400D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\commandos 2 men of courage\comm2.exe |
"{69F7384E-4AC8-4753-9B15-4BC1CE271F41}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6B0287EB-BBCC-433F-B238-EB90CC4A21B0}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{6B9B9AFA-9309-4C4A-866E-FA88F8102714}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{7079D77E-FD28-4C40-AEFC-CA74BE4E5679}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{749DD724-C1FB-4F71-BC85-48953FECDEB9}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7977FCAB-079B-422B-B93B-8F364FC7C277}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age of empires 3\bin\age3.exe |
"{79FDD5C2-B0E2-4394-8EA6-732B35F0B1AE}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{7BBF8FCB-6D6E-4517-8DA0-C034DB0216E1}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{7D702266-1051-451A-B05B-671B2AC65266}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\game_launcher.exe |
"{7DFFA870-FEBE-492C-80B5-1BDEC01F5DB3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\quake\winquake.exe |
"{7FD40D2B-F457-43A6-B21B-58A5067F7914}" = protocol=17 | dir=in | app=c:\users\reshad\appdata\local\microsoft\windows\temporary internet files\content.ie5\opfc1hfg\crossfire_downloader[2].exe |
"{8013578C-BEFD-4BAC-B43F-B372F4403E26}" = protocol=6 | dir=in | app=c:\program files (x86)\z8games\crossfire\cf_g4box.exe |
"{8252A333-E3E1-46E7-958B-083686D4A5D1}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{867AB9D0-8669-4FF5-A971-49076CA7D4D4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{87B36C4A-21D9-4C10-A25D-180BDF919EEB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{883F3285-B41B-4EAF-813F-3493696FAF32}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"{894B0026-3BEE-4545-8CA9-60694968AA85}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{89E1FD13-EE52-488F-8525-F47F7102095D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\quake\qwcl.exe |
"{89FB11A1-5868-4481-8553-C31A31E935F8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe |
"{8B3383A1-91E8-4C82-A989-9DB82203AF0F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{8C6B228C-3FF1-4690-9B1A-C7C8569C7AC0}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |
"{8D6BE650-4DC4-4E5F-A740-70531972D2C4}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{8D7721D4-32E9-481B-B1C3-820B7D60FA32}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{8E6B26EC-D040-4B53-A6F0-AB591C134975}" = protocol=6 | dir=in | app=c:\program files (x86)\easybits for kids\programs\my first browser\myfirstbrowser.exe |
"{8FA7971A-A47E-4F7F-8E98-30E242982273}" = protocol=17 | dir=in | app=c:\users\reshad\appdata\local\akamai\netsession_win.exe |
"{9083EA8C-6FD3-48C4-877D-199C6AEEFA3D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sleepingdogs\hkship.exe |
"{96D75D55-9B01-431B-913A-4CF06C9230F4}" = protocol=17 | dir=in | app=c:\users\reshad\appdata\local\microsoft\windows\temporary internet files\content.ie5\87tiso84\crossfire_downloader[2].exe |
"{987A3831-86E3-4DCD-8B41-6757E1A2455F}" = protocol=17 | dir=in | app=c:\program files (x86)\z8games\crossfire\cf_g4box.exe |
"{998CA827-46DA-4626-B181-F2D10DF2F1E9}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |
"{9A4F9908-FA0D-4374-832A-4B1A1A3E564E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\heretic shadow of the serpent riders\base\dosbox.exe |
"{9D57E212-41C4-4B37-8065-C49710734159}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\heretic shadow of the serpent riders\base\dosbox.exe |
"{9E923921-1F9B-49C1-965A-9E8904FBE017}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{A25D621C-D591-4022-B2F7-DAB0EC2F7B4F}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2010\3dsmax.exe |
"{A2BB4BF2-4D44-4DE1-831E-9C24A1C73A49}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |
"{A4F4AC9C-92C8-424C-ADBF-68C72B4F1D70}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age of empires 3\bin\age3y.exe |
"{A6C53380-29F3-4E6E-A09D-D39F8939B16C}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\3ds max 2010\3dsmax.exe |
"{A8487D04-8C7E-41C7-940C-8E72729DD72A}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_64.exe |
"{A9194D51-2900-4CCB-A0E1-B13073CD9E3C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A9B64A90-BB3D-45C9-86C2-4C8A8A59D812}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{AB2C5027-567E-4FC1-936D-527D4181839E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{ABB9CA84-224A-47D1-8B97-4E2B45981B01}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{ABF295E7-33F6-49A9-B681-FCC39CA50B46}" = protocol=6 | dir=in | app=c:\users\reshad\appdata\local\microsoft\windows\temporary internet files\content.ie5\opfc1hfg\crossfire_downloader[2].exe |
"{AE4EC760-F529-4DD5-AA8B-8721DA8B2F4C}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\music\hptouchsmartmusic.exe |
"{AFB86513-60EB-41EF-B5DB-C187B9265996}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\commandos 2 men of courage\readme.rtf |
"{B0159ABD-1E45-40A4-B2A5-F3B61D6EBCB5}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{B0A8891D-A406-4867-AF57-84D516F8AE2B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\quake\glqwcl.exe |
"{B319741C-3F67-49F9-A2F3-08487A96931A}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{B415662C-00AD-4959-85EB-1E1DF90F90AC}" = protocol=17 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe |
"{B43ECC48-5880-4446-BA51-27D0FB416450}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_64.exe |
"{B60343CF-2E87-4423-8907-AFF025A100D8}" = protocol=6 | dir=in | app=c:\users\reshad\appdata\local\akamai\netsession_win.exe |
"{B650A5B8-843D-4D49-804B-02925F051FD9}" = protocol=1 | dir=in | [email protected],-28543 |
"{B67C87A0-8A4E-41FC-8D49-0692C58CAA4B}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{B82C8F4A-DB38-440A-8EE6-3D05C6545158}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2010\3dsmax.exe |
"{B8CFAA48-3B42-435B-B31B-3FAD8347BB66}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{B93BB26F-63F8-47F0-AF61-6226B2332F1F}" = protocol=6 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\apb.exe |
"{BD734750-8A5F-48E9-9461-2F824E3C285B}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{BE1BEC97-96F6-4A31-BD83-42B9078A16D3}" = protocol=58 | dir=in | [email protected],-28545 |
"{BFD05EDE-646E-4F54-ABC8-57B93AA55DCC}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{C03FC927-4062-4BDC-897B-0E781C79603A}" = protocol=1 | dir=out | [email protected],-28544 |
"{C1202633-15B9-446B-ABAC-5923894520DE}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C741304A-FB6B-4936-933D-2FC9AB6263BE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sleepingdogs\hkship.exe |
"{C782BAC7-3715-46FA-A3F3-4ACC7842F7D7}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{C7E4CB12-2E4E-4EAD-9E64-E1ED7448B8A4}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{C922D3F8-8592-4012-BF79-F356B32A2A26}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CBDC627C-4338-453B-A702-7DD1649365C7}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{D0ABE6C6-966A-474B-8C65-677979B67331}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\quake\winquake.exe |
"{D4E88AC8-B8B8-4C94-9209-AC6718E3B06C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{D61019E2-676F-4505-944D-B50414120C7A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D8472BBB-A414-48E1-9576-FC34DC208D9A}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{D999F023-FDA6-4F53-A445-A1F0FE1C08E4}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{DBEA0082-7EA1-41F1-B6C9-3966F6FA4F3D}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe |
"{DC1BC9B5-3AF8-48D7-BD0B-DAA77D228FA7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age of empires 3\bin\age3x.exe |
"{DEF35CBB-9FF9-406E-8636-20155F7EE05C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{DEF653ED-CD39-4689-A0E6-EA078B19F4CF}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe |
"{E057DD9C-0083-4404-8B47-D5D4BA6EF745}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{E0AF2B37-6C2A-4A91-B0D4-7E43574D755F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{E2BA3F7E-E562-46BA-89B8-7BAA913B183F}" = protocol=6 | dir=out | app=system |
"{E329471C-844B-4E27-BD9F-25450AFC9A11}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"{E5FACB9D-1EA9-4862-94BC-9CE4F4A62581}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{EA07C846-054F-41FF-90EA-3B59038A0888}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{EB5EFC58-E3D7-45FB-81BC-D391B86E9D8A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{EBB1C6DE-F064-4E85-984D-0960E07B77E9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{EF04B23D-F947-472F-9AA5-63DCC73B7C4F}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"{EF476445-B8D6-40FE-A0D8-AAF99BF80ACC}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F1A044CA-D872-4D29-A6F7-CDA4E1EF8575}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\need for speed road challenge\nfshsgame.exe |
"{F45767DF-B5A1-4E42-A05A-732379BCEBD5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\quake\glquake.exe |
"{F7086BE1-E047-49A9-B858-9B9C0112DE89}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\quake\glquake.exe |
"{FB5322B6-CDB6-423A-99FD-3473DE8B3D9E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"TCP Query User{0776F777-6259-49FC-9C6C-0F1469C0522B}C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe |
"TCP Query User{0902F915-5562-47AC-A3EB-0979751D023F}C:\program files (x86)\keyholevideo\keyholevideo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\keyholevideo\keyholevideo.exe |
"TCP Query User{17DB49EF-92BF-49A6-960A-306CED05F095}C:\program files (x86)\rv housefart2\rv_house.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rv housefart2\rv_house.exe |
"TCP Query User{1FD89CA8-DCE0-4E16-8653-A8B8765F87C7}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{26D311C2-B7DB-4D13-B679-467E8981433B}C:\clickfree restored files\resh-bda5544bd7\c\unrealtournament\system\unrealtournament.exe" = protocol=6 | dir=in | app=c:\clickfree restored files\resh-bda5544bd7\c\unrealtournament\system\unrealtournament.exe |
"TCP Query User{2B349792-2CAB-4B7C-A9DE-9FFCBB57F108}C:\users\reshad\appdata\roaming\boyzkoe\oqteli.exe" = protocol=6 | dir=in | app=c:\users\reshad\appdata\roaming\boyzkoe\oqteli.exe |
"TCP Query User{30E4E67E-33D4-4782-B1A6-117FA9124396}C:\zdaemon\zlauncher.exe" = protocol=6 | dir=in | app=c:\zdaemon\zlauncher.exe |
"TCP Query User{38A50DC0-E7EA-485A-84EF-BDB6AF7CBED4}C:\program files (x86)\rv housefart2\rv_house.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rv housefart2\rv_house.exe |
"TCP Query User{55606395-62A9-4184-BBD0-A421934E9F20}C:\program files (x86)\steam\steamapps\skarminater\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\skarminater\team fortress 2\hl2.exe |
"TCP Query User{5F78B567-E4E6-41CA-93C6-9CC4A5852D4D}C:\zdaemon\zserv32.exe" = protocol=6 | dir=in | app=c:\zdaemon\zserv32.exe |
"TCP Query User{61109C90-5C5C-40E3-978A-F322A0E2C6CA}C:\program files (x86)\rv house\rv_house.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rv house\rv_house.exe |
"TCP Query User{6F3C0C86-ACF3-4247-B766-508F4AEF5C4C}C:\program files (x86)\yang\yang.exe" = protocol=6 | dir=in | app=c:\program files (x86)\yang\yang.exe |
"TCP Query User{7352169F-81C0-4174-A6EF-80B9703881C9}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{8ADC7C3F-5DA2-4FC8-828F-C95B7F0FB55B}C:\users\reshad\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\reshad\appdata\local\akamai\netsession_win.exe |
"TCP Query User{9479172A-4F60-4BF9-8839-A3087372D98A}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x2.exe |
"TCP Query User{97BCCA99-B320-4E0E-83A0-C41A6B61F752}C:\clickfree restored files\resh-bda5544bd7\c\team17\worms armageddon\wa.exe" = protocol=6 | dir=in | app=c:\clickfree restored files\resh-bda5544bd7\c\team17\worms armageddon\wa.exe |
"TCP Query User{A15A1ED4-F6A2-41C9-883A-69EF2740AFD5}C:\re-volt\revolt1207.exe" = protocol=6 | dir=in | app=c:\re-volt\revolt1207.exe |
"TCP Query User{A964C31D-52D2-4442-8C4E-D269A0C7C4FF}C:\ut2004\system\ut2004.exe" = protocol=6 | dir=in | app=c:\ut2004\system\ut2004.exe |
"TCP Query User{ADD7E7C7-5DF4-40BC-8FD8-851B4FBCEDF8}C:\re-volt\revolt.exe" = protocol=6 | dir=in | app=c:\re-volt\revolt.exe |
"TCP Query User{AF8CEC38-BF15-4B9C-A825-611925340050}C:\gog games\duke nukem 3d\eduke32.exe" = protocol=6 | dir=in | app=c:\gog games\duke nukem 3d\eduke32.exe |
"TCP Query User{AFDAE9B3-8E3C-4850-AF6C-9C55715B4056}C:\clickfree restored files\resh-bda5544bd7\c\re-volt\revolt.exe" = protocol=6 | dir=in | app=c:\clickfree restored files\resh-bda5544bd7\c\re-volt\revolt.exe |
"TCP Query User{BBF9EECB-847E-4D5F-96AF-29371516D294}C:\program files (x86)\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"TCP Query User{BC1DEAC7-443B-4C56-B36E-A379066CA517}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd |
"TCP Query User{BDF5A6DE-816E-435A-8F5C-7EF81DB135C3}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{C0A68BC1-1B30-48D8-B464-A105750F1B54}C:\users\reshad\documents\mm8\skulltag.exe" = protocol=6 | dir=in | app=c:\users\reshad\documents\mm8\skulltag.exe |
"TCP Query User{C5C20B13-5D67-4ADF-B83D-AB2BE8E0277F}C:\program files (x86)\rv house\rv_house.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rv house\rv_house.exe |
"TCP Query User{C705EE11-4FA9-48FC-B43C-70E60996BEB2}C:\program files (x86)\logitech\vid hd\vid.exe" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"TCP Query User{C870ABF9-1F96-42EA-9B2D-67BE7706CCF9}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{CD776622-9949-41F3-B551-088B06EE37F8}C:\program files (x86)\keyholetv\keyholetv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\keyholetv\keyholetv.exe |
"TCP Query User{D2C9BAF6-87C4-45A0-940A-44CC742ABB6B}C:\program files (x86)\keeper fx\keeperfx.exe" = protocol=6 | dir=in | app=c:\program files (x86)\keeper fx\keeperfx.exe |
"TCP Query User{D4215923-DF19-4F15-A0BE-C8236715DBD8}C:\program files (x86)\steam\steamapps\common\worms reloaded\wormsreloaded.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\worms reloaded\wormsreloaded.exe |
"TCP Query User{DC204D8B-C0D0-44BF-B85F-E27FAF208D38}C:\gog games\duke nukem 3d\eduke322.exe" = protocol=6 | dir=in | app=c:\gog games\duke nukem 3d\eduke322.exe |
"TCP Query User{E299FB14-7F5C-4145-BA9D-DE43631639E5}C:\program files (x86)\rv housefart\rv_house.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rv housefart\rv_house.exe |
"TCP Query User{EB17B036-C39E-4474-9F69-EC8BA9F6F71A}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe |
"TCP Query User{F202EBDE-E821-4C5E-A5CF-303150939CAA}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"TCP Query User{F924CA7C-1321-40C4-AE0E-A390A78E40FC}C:\program files (x86)\sof platinum\sof.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sof platinum\sof.exe |
"UDP Query User{15A8EC8B-47F6-4E6F-A870-E7BBE6C4A28A}C:\program files (x86)\sof platinum\sof.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sof platinum\sof.exe |
"UDP Query User{190EAF61-B9CE-498B-B9B9-D81358EDCF61}C:\users\reshad\appdata\roaming\boyzkoe\oqteli.exe" = protocol=17 | dir=in | app=c:\users\reshad\appdata\roaming\boyzkoe\oqteli.exe |
"UDP Query User{1C9425E2-6B4C-4A00-BCD4-E60100E437A2}C:\zdaemon\zserv32.exe" = protocol=17 | dir=in | app=c:\zdaemon\zserv32.exe |
"UDP Query User{1F3F891C-0914-40B0-B3FA-E0CD06015CCE}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{29F3CE6B-FD55-44DF-9D51-86849AD84B4A}C:\gog games\duke nukem 3d\eduke322.exe" = protocol=17 | dir=in | app=c:\gog games\duke nukem 3d\eduke322.exe |
"UDP Query User{29FFBE33-4457-4C5C-9919-7E597C41376B}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{2DF37669-8E38-4532-B7CC-A9F22CB1DC9D}C:\clickfree restored files\resh-bda5544bd7\c\team17\worms armageddon\wa.exe" = protocol=17 | dir=in | app=c:\clickfree restored files\resh-bda5544bd7\c\team17\worms armageddon\wa.exe |
"UDP Query User{2E1350CD-C291-494D-B2B6-1DDE116B5254}C:\program files (x86)\keeper fx\keeperfx.exe" = protocol=17 | dir=in | app=c:\program files (x86)\keeper fx\keeperfx.exe |
"UDP Query User{3EA19D7E-413A-4CD8-9023-57283AC7E344}C:\program files (x86)\rv house\rv_house.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rv house\rv_house.exe |
"UDP Query User{45BBBD91-ABFE-4C91-9EEC-B802B8FA3CBE}C:\ut2004\system\ut2004.exe" = protocol=17 | dir=in | app=c:\ut2004\system\ut2004.exe |
"UDP Query User{499BD28C-49E7-4CF9-A1B3-AD359DBE5B2A}C:\program files (x86)\rv housefart2\rv_house.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rv housefart2\rv_house.exe |
"UDP Query User{5528A41A-A69C-48B3-83E6-12BDA8787478}C:\clickfree restored files\resh-bda5544bd7\c\unrealtournament\system\unrealtournament.exe" = protocol=17 | dir=in | app=c:\clickfree restored files\resh-bda5544bd7\c\unrealtournament\system\unrealtournament.exe |
"UDP Query User{66E84823-9CA1-445D-B2CB-61839EEC8276}C:\program files (x86)\steam\steamapps\common\worms reloaded\wormsreloaded.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\worms reloaded\wormsreloaded.exe |
"UDP Query User{6BF7FE86-A8BE-4C30-987F-1AD1EDACE6A4}C:\program files (x86)\logitech\vid hd\vid.exe" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"UDP Query User{6E46CB7C-323E-4995-91EC-6CD7D7F47E29}C:\users\reshad\documents\mm8\skulltag.exe" = protocol=17 | dir=in | app=c:\users\reshad\documents\mm8\skulltag.exe |
"UDP Query User{71CB78FD-5DF4-47E8-9725-CEE0309234FD}C:\program files (x86)\keyholevideo\keyholevideo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\keyholevideo\keyholevideo.exe |
"UDP Query User{768440AF-35E7-4CEB-B726-DDEC2E253B04}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.icd |
"UDP Query User{80029621-0C89-427E-9430-8FE180046972}C:\users\reshad\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\reshad\appdata\local\akamai\netsession_win.exe |
"UDP Query User{8F6677D5-8B15-460E-81F0-097ADA22D852}C:\program files (x86)\steam\steamapps\skarminater\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\skarminater\team fortress 2\hl2.exe |
"UDP Query User{988B01CA-95DB-4A36-9B06-92DD34B76FAE}C:\gog games\duke nukem 3d\eduke32.exe" = protocol=17 | dir=in | app=c:\gog games\duke nukem 3d\eduke32.exe |
"UDP Query User{A2073E3E-6801-44C7-A2EB-02C66BF55CB0}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"UDP Query User{A694AF23-3C9D-444A-A520-4EBB934CE73C}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{A6F149CB-EE67-48BC-9D0A-18CF1071DF40}C:\program files (x86)\rv house\rv_house.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rv house\rv_house.exe |
"UDP Query User{AD2DB83F-9A73-4A53-A3BB-D6F945161AB3}C:\zdaemon\zlauncher.exe" = protocol=17 | dir=in | app=c:\zdaemon\zlauncher.exe |
"UDP Query User{B74BE9AE-A0BF-46A8-AF51-1394D80C2CEC}C:\program files (x86)\rv housefart2\rv_house.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rv housefart2\rv_house.exe |
"UDP Query User{BDC43D8C-EECA-49D4-81C6-EF46C7522F26}C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe |
"UDP Query User{C066E277-22AF-4717-A7C9-A6C00578C24F}C:\re-volt\revolt1207.exe" = protocol=17 | dir=in | app=c:\re-volt\revolt1207.exe |
"UDP Query User{C100CBCB-525B-476E-B976-F89912C9C1D4}C:\clickfree restored files\resh-bda5544bd7\c\re-volt\revolt.exe" = protocol=17 | dir=in | app=c:\clickfree restored files\resh-bda5544bd7\c\re-volt\revolt.exe |
"UDP Query User{C5D9C598-B895-486A-AFE2-1406E828C391}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{CB5838CC-8190-4126-B932-75D4CEB51447}C:\program files (x86)\yang\yang.exe" = protocol=17 | dir=in | app=c:\program files (x86)\yang\yang.exe |
"UDP Query User{CD453E08-2747-4E8E-A248-C6F8652D53E0}C:\program files (x86)\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"UDP Query User{D5B8ECFD-8362-47D2-957D-20FC4616DEDA}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x2.exe |
"UDP Query User{DF7F9022-C5A7-4C3C-A973-345FD54D8AE8}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe |
"UDP Query User{F5C5C652-164C-41B5-944B-105514CF4E93}C:\program files (x86)\keyholetv\keyholetv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\keyholetv\keyholetv.exe |
"UDP Query User{FC2A7D8B-9F81-41B1-8A03-9D32221A6ECD}C:\re-volt\revolt.exe" = protocol=17 | dir=in | app=c:\re-volt\revolt.exe |
"UDP Query User{FCEB47D0-B102-42E1-B77D-2D424652D272}C:\program files (x86)\rv housefart\rv_house.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rv housefart\rv_house.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{1111706F-666A-4037-7777-203648764D10}" = JavaFX 2.0.3 (64-bit)
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D33EC42-4787-56CD-8137-95D8418FFEE8}" = AMD Problem Report Wizard
"{217428D1-0614-4CF0-2A11-D7D56BB8CCDE}" = AMD Fuel
"{2222706F-666A-4037-7777-203648764D10}" = JavaFX 2.0.3 SDK (64-bit)
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417003FF}" = Java™ 7 Update 3 (64-bit)
"{28D77718-AB40-E3B0-E8B3-FC116733A8EC}" = AMD Fuel
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5113dde6-60b6-4164-b1ad-ec8106b34906}.sdb" = work
"{56F26668-13DA-497A-883F-61434A10CBAB}" = MobileMe Control Panel
"{5B08AF35-B699-4A44-BB89-3E51E70611E8}" = HP MediaSmart SmartMenu
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0170030}" = Java™ SE Development Kit 7 Update 3 (64-bit)
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{69ebe133-29a9-4c62-ae28-1509b988d81e}.sdb" = Mercury
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6CFB1B20-ECAE-488F-9FFB-6AD420882E71}" = iTunes
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6F483F38-6162-7606-1D0B-054852C8E011}" = AMD Catalyst Install Manager
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{7BB73073-D580-213A-E05E-7B5714364F66}" = ccc-utility64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{987FE247-4E69-4A2E-A961-D14F901FDBF6}" = Logitech Webcam Software
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB3}" = Paint.NET v3.5.8
"{A7500970-FE98-11E1-B560-F04DA23A5C58}" = Vegas Pro 12.0 (64-bit)
"{A9F1B5F6-0EE6-0409-BADD-F8BD360FACC3}" = Autodesk 3ds Max 2010 64-bit
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{AB085680-FE98-11E1-A232-F04DA23A5C58}" = MSVCRT Redists
"{AD483998-2E9A-4405-83FF-6E503AF49CBB}" = Microsoft Virtual PC 2007 SP1
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B5CF5995-5E0B-967D-3FC5-325089795937}" = ccc-utility64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B9E591DD-DAAC-0409-B1B8-5667E359170B}" = Autodesk 3ds Max 2010 64-bit Components
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EC68FF2E-B3B9-5FE3-7CEA-EB9F11E35C80}" = ccc-utility64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Autodesk FBX Plugin 2009.4 - 3ds Max 2010 64-bit" = Autodesk FBX Plugin 2009.4 - 3ds Max 2010 64-bit
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"HyperCam 2 (64 bit)" = HyperCam 2 (64 bit)
"lvdrivers_12.10" = Logitech Webcam Software Driver Package
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"PC-Doctor for Windows" = Hardware Diagnostic Tools
"Speccy" = Speccy
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01521746-02A6-4A72-00BD-A285DF6B80C6}" = The Sims 2 University
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B2536F0-8E7A-340F-9031-1AA60BEFBFD8}" = Catalyst Control Center Graphics Full Existing
"{0BDC5DC9-153C-4862-BB17-616570687AD6}" = Livestream for Producers
"{0E6CE44A-EE07-1C20-72C8-9A24CA2ED2CB}" = Catalyst Control Center HydraVision Full
"{0F5AEBB0-43F3-4571-ACE7-A7942E8AA179}" = Microsoft Application Compatibility Toolkit 5.6
"{0FBFA28A-C373-53BD-C553-58D6F6553D92}" = CCC Help Hungarian
"{113F4E2E-416A-33BD-D2A6-39C58AB6ACAC}" = CCC Help Korean
"{11E875AA-DF42-811E-96D9-5054A5A474B5}" = CCC Help English
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1688104B-0261-42FC-D796-CB97EA5159A4}" = CCC Help Thai
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1D5B3A03-17FD-EC8F-755B-6164ABFF450A}" = CCC Help Turkish
"{1E4062A9-EC7A-A6E9-348E-58B30D6EEADA}" = CCC Help Spanish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{245F6C7A-0C22-4DE0-8202-2AAA620A1D3A}" = Microsoft XNA Framework Redistributable 2.0
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = MPC-HC 1.6.5.6366
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java™ 6 Update 32
"{27DB7300-9E75-FE1C-E2D0-0D22BB6175E0}" = CCC Help Danish
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{30C57796-858D-AA2B-85E4-AE805D68DC4D}" = CCC Help Korean
"{317AC0C7-FEBF-0409-87A3-4FC70D0ED900}" = Autodesk 3ds Max 2010 32-bit
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}" = PC Connectivity Solution
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{39C45959-76CF-A998-48BE-B49468D6C22F}" = CCC Help Thai
"{3A73C1A2-67B0-FFA3-50DC-A20F1108C08C}" = CCC Help Greek
"{3C61B7BD-981C-DFCF-C77D-F852A7D08DD9}" = CCC Help Spanish
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{3FA7A919-87DA-42B1-814B-86DE8DCA17C2}" = gmax
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{42082D6A-7C60-4CD9-B6FC-81E6F1FA96EF}" = Theme Park World Fix
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{456A5815-604D-4D72-94DF-346D2B978A59}_is1" = GOG.com Downloader version 3.3.5
"{47E3E895-A798-433E-C440-A4805A5FDA10}" = CCC Help English
"{4817189D-1785-4627-A33C-39FD90919300}" = The Sims 2 Pets
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{4F01D33E-6FDF-2A63-8AD9-CBDC4735E80D}" = CCC Help Danish
"{4F11AE1B-452A-2A9B-250D-EDB725E39199}" = CCC Help Russian
"{4F9B4C70-F223-B34B-C7D3-55FC1D2BAD2E}" = CCC Help Chinese Standard
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{50BFCE80-042B-E53F-05EF-ACA0CC16A0DF}" = Catalyst Control Center Graphics Previews Common
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5906DAFF-9370-2B54-D483-343ABB9BE748}" = Catalyst Control Center Graphics Light
"{5932BF1B-BD27-D808-7D5C-B9C0CD9063B3}" = AMD VISION Engine Control Center
"{597D764C-00A1-B174-33C2-93C9A4E73E21}" = CCC Help Russian
"{59BF122E-4B7D-C1E7-EED3-8DF7E4DAD238}" = Catalyst Control Center Localization All
"{5BDA2F58-1F21-4D10-9910-92B01EBCC958}" = AMD USB Filter Driver
"{5C648FDB-0138-4619-B66E-230EF53E8E2C}" = The Sims™ 2 Teen Style Stuff
"{60A08432-00DD-0409-AC2C-143C75460878}" = Autodesk 3ds Max 2010 32-bit Components
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{6446F083-76CD-553B-8261-0E1297A7214C}" = CCC Help Finnish
"{6522C636-B04C-4333-9BEB-9E0C0B6350D6}" = The Sims™ 2 Kitchen & Bath Interior Design Stuff
"{65761BAE-11E8-48FE-B30F-1F01011AB906}" = The Sims™ 3 Create a World Tool - Beta
"{659F8F13-E8C5-C4B8-85E7-1D3912C06929}" = Catalyst Control Center Localization All
"{67E88DA1-E3B7-AED7-AF6C-5D5FB7BC47CB}" = CCC Help Finnish
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1" = Poedit
"{69945725-C01C-475E-A768-886DD523350A}" = NFS Wizard Launcher
"{6BDD9CE6-D0A6-478A-BAD3-BA6945E89EB0}" = The Sims 2 Family Fun Stuff
"{6C4AD4F5-8560-4F1E-BC0C-7A883B695F6E}" = CCC Help Swedish
"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1" = Gyazo 1.0
"{6E17F9751-F056-4335-B718-8AF1B1092AFB}" = The Sims™ 2 IKEA® Home Stuff
"{6E594B4E-D394-BDEE-E9FF-4E6EBC30FB3A}" = CCC Help Greek
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0
"{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}" = HP Support Assistant
"{7041C0CA-92D9-5E56-0CAD-552A3250652D}" = CCC Help French
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{722D6A37-C815-1945-1EE8-091348F3D388}" = CCC Help Chinese Standard
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72E5C6B2-59C3-694C-27B7-21C910F24428}" = CCC Help Norwegian
"{76341DEA-A1BC-F84F-58CD-1D0FAFDD2301}" = Catalyst Control Center Localization All
"{768A7F56-650B-F84F-DF95-EB1926AB5A8F}" = CCC Help Portuguese
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = The Sims 2 Open For Business
"{7B9D9DC4-EDB9-3181-4D1B-E47C34609E0C}" = CCC Help Portuguese
"{81E970B6-6615-82B4-AC79-26EFB0749E3E}" = CCC Help Hungarian
"{82159924-85AB-EF31-6A3B-862897A4CD20}" = Catalyst Control Center InstallProxy
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}" = The Sims™ 2 H&M® Fashion Stuff
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86FAA380-5CB7-4D55-029B-32AD650CB142}" = CCC Help Italian
"{87156DCA-AF4C-5F12-94A7-BCB5D9E92E13}" = CCC Help German
"{8795CBED-55E2-4693-9F14-84EC446935BE}" = SpeechRedist
"{87F17692-2C1A-429C-9A77-7DB1E16F6EF9}" = Catalyst Control Center - Branding
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = The Sims™ 2 FreeTime
"{8966B8B5-D87A-E689-B370-E79B7691299C}" = Catalyst Control Center Core Implementation
"{89EA759B-B9C8-6CB5-6BF2-248961E68809}" = Catalyst Control Center InstallProxy
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A368DA6-3814-A344-BB1E-C8EB69B865B6}" = CCC Help Chinese Traditional
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CFACA27-1CE9-4E90-BCAD-666BA09A048B}" = Anvil Studio 2011
"{8D1F8068-D0AD-B84C-AD8A-3E97A98BCCB1}" = CCC Help Swedish
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}" = Ralink RT2860 Wireless LAN Card
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90BA5BAB-4108-5CC7-8421-00EEAD6D51DF}" = CCC Help Czech
"{90D3946F-869E-5B31-1590-7669700FB37B}" = CCC Help Turkish
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"{91E8293B-C357-D092-8CCB-E19DA083D86C}" = CCC Help Turkish
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931E11B0-1ACE-438D-90AF-E5D8C64880EF}" = Catalyst Control Center - Branding
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9527450C-64B3-11D5-9B31-000021116B62}" = SmartCamera Ver 2.1
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A200E68-D5F4-4E70-910F-2871753A0E2B}" = Worms World Party
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A372D11-5C46-4A78-B9D9-510968EF4D2D}" = HP Laser Gaming Mouse with VoodooDNA
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C23A506-3E8B-B91C-4F9B-040518EC792D}" = CCC Help Norwegian
"{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}" = The Sims 2 Glamour Life Stuff
"{9D54290B-CD49-4B36-2EF2-7597FD0D683F}" = CCC Help Swedish
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9D7E098D-5693-D2F9-BBE5-4F5A56032FB4}" = CCC Help Thai
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A1BBB15D-7A76-A03F-1593-8237E0BC0F63}" = CCC Help French
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A6F42664-73EC-25B0-F3A9-D8CCE53CFB25}" = Catalyst Control Center Graphics Previews Common
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.0
"{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9
"{ACA45C32-8432-2058-BE80-006E7908D804}" = CCC Help Italian
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B199030E-1082-F3BF-2BB9-0080D72876BD}" = CCC Help Dutch
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}" = HP MAINSTREAM KEYBOARD
"{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}" = Mumble 1.2.3
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7B3C4FA-98FE-FEC7-073E-00677B8F0978}" = CCC Help Norwegian
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9770421-CF21-4742-9531-79F77F1C3F06}" = Flux Studio 2.0
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C54BBB47-5D1A-5C82-614E-0D75C1AD92B5}" = Catalyst Control Center Graphics Previews Vista
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C5A75273-F01A-4E87-B64F-66F7163C99CA}" = CCC Help Japanese
"{C611CF88-969D-43E6-A877-D6D6439DD081}" = HP Remote Solution
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C725937A-C6B3-0D07-A765-029FB1FD66B6}" = CCC Help Chinese Traditional
"{C8E3F3C9-AC0C-43A2-1AB7-D2D83EF68211}" = CCC Help Portuguese
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB491E58-DE63-17A9-1992-78DF639A88D5}" = CCC Help Russian
"{CD95F661-A5C4-11AF-B2CC-ABCD21A325B4}" = WinZip Courier
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C3}" = WinZip 15.5
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D228187B-0D49-44C6-DEA8-64F180D14DB9}" = CCC Help Polish
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D42498FB-9561-9575-C2AC-766F737F4ACF}" = CCC Help Japanese
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D74B4F5A-28CB-33E4-AFC2-412B8227C582}" = CCC Help Dutch
"{DC5FF599-AFB0-EF94-5786-C49B138B106B}" = CCC Help Chinese Traditional
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DD6905D5-6B2A-1088-FDB2-77E4FBD7BB9D}" = CCC Help Chinese Standard
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE159A8E-3D90-4E91-8906-D078CCAE4DED}" = Catalyst Control Center - Branding
"{DE4BF4BE-3CDC-43B5-BBDA-DDDA73103111}" = Corel PaintShop Photo Pro X3
"{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update
"{DE89F007-B75E-368D-47D2-ADE9AF616261}" = HydraVision
"{DE8B9311-ADE7-4EDE-B121-326CAA3D225D}" = PSPPContent
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = The Sims™ 2 Seasons
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E17141A6-211D-5854-61D9-69827A430D82}" = EA Download Manager UI
"{E23FC608-7808-6573-FBC3-47F3F78F07E8}" = CCC Help Czech
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4BB2289-65F7-28A8-D0D5-26CB389EC688}" = CCC Help Polish
"{E551D82D-4D56-4AF7-A2C9-8897D7A0CB00}" = Autodesk 3ds Max 2010 Tutorials Files
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EAA38532-7AD0-4f78-918A-4F4F02096ECE}" = The Sims™ 2 Celebration! Stuff
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = USB PC Camera Plus
"{EE7DF38A-750E-FF7E-44FB-6335009442CB}" = CCC Help Polish
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = The Sims™ 2 Bon Voyage
"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
"{F44C5224-EACA-EED8-143D-7240B2FE9322}" = CCC Help Dutch
"{F5492B8D-B6DB-C3D2-8309-1B6A766CAF85}" = Catalyst Control Center Graphics Full New
"{F5C7FD70-2C0A-401E-95E9-916363567DDA}" = HP Setup
"{F62C60A3-2E8A-8108-2F87-5CDD5A4E3162}" = CCC Help Korean
"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = The Sims 2 Nightlife
"{FA8BFB25-BF48-4F8B-8859-B30810745190}" = LightScribe System Software
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FD9C31B6-F572-414D-81E3-89368C97A125}_is1" = CamStudio OSS Desktop Recorder
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FFCF34B9-A0B1-2E2B-7D7E-8FAB4A781CC9}" = CCC Help German
"3D Ripper DX_is1" = 3D Ripper DX v1.8.2
"AC3Filter" = AC3Filter (remove only)
"Action Replay DSi Code Manager_is1" = Action Replay DSi Code Manager
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires Gold 1.0" = Microsoft Age of Empires Gold
"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion
"Akamai" = Akamai NetSession Interface Service
"APB Reloaded" = APB Reloaded
"Armagetron Advanced" = Armagetron Advanced 0.2.8.3.2
"Audacity_is1" = Audacity 1.2.6
"Autodesk FBX Plugin 2009.4 - 3ds Max 2010" = Autodesk FBX Plugin 2009.4 - 3ds Max 2010
"BitTorrent" = BitTorrent
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"Cross Fire_is1" = Cross Fire En
"Demonstar by www.mavioyun.org" = Demonstar by www.mavioyun.org
"DivX Setup" = DivX Setup
"DOOM Collector's Edition" = DOOM Collector's Edition
"Dungeon Siege Legends of Aranna 1.0" = Dungeon Siege Legends of Aranna
"EA Download Manager" = EA Download Manager
"EasyBits Magic Desktop" = Magic Desktop
"EasyIDF_is1" = Easy IDF
"ENTERPRISER" = Microsoft Office Enterprise 2007
"Flux Player" = Flux Player
"Fraps" = Fraps (remove only)
"Gadwin PrintScreen Professional" = Gadwin PrintScreen Professional
"GamersFirst LIVE!" = GamersFirst LIVE!
"Gangsters" = Gangsters
"GOGPACKDUKE3D_is1" = Duke Nukem 3D
"GoldWave v5.58" = GoldWave v5.58
"Grand Theft Auto" = Grand Theft Auto
"GTACars3_1" = GTACars3_1
"Gubble CD" = Gubb
"Half-Life" = Half-Life
"HP Remote Solution" = HP Remote Solution
"HyperCam Toolbar" = HyperCam Toolbar
"ImgBurn" = ImgBurn
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"iploungev4_is1" = iplounge V4.00 (Beta)
"Jazz Jackrabbit 2 Christmas Chronicles 99" = Jazz Jackrabbit 2 Christmas Chronicles 99
"Jazz Jackrabbit 2 Holiday Hare 98" = Jazz Jackrabbit 2 Holiday Hare 98
"JellyCar Level Editor_is1" = JellyCar Level Editor 1.1
"JellyCar_is1" = JellyCar 1.1.1
"KeyHoleTV" = KeyHoleTV
"KeyHoleVideo" = KeyHoleVideo
"LithUnwrap 1.3_is1" = version 1.3
"Logitech Vid" = Logitech Vid HD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"Messenger Plus!" = Messenger Plus! 5
"Midtown Madness 2.0" = Microsoft Midtown Madness 2
"mIRC" = mIRC
"Mozilla Firefox 20.0 (x86 en-US)" = Mozilla Firefox 20.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MusicStationNetstaller" = MusicStation
"My HP Game Console" = HP Game Console
"Need For Speed High Stakes" = Need For Speed Road Challenge
"NFS HS Expansion Pack" = NFS HS Expansion Pack
"NFS Wizard v0.5.0.79_is1" = NFS Wizard v0.5.0.79
"OfficeTrial" = Microsoft Office Home and Student 60 day trial
"OtsTurntables Free" = OtsTurntables Free 1.00.047
"pcsx2-r4600" = PCSX2 - Playstation 2 Emulator
"Pharaoh" = Pharaoh
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 15.0" = RealPlayer
"Recover Data for FAT & NTFS_is1" = Recover Data for FAT & NTFS
"Re-Volt" = Re-Volt patch 12.07
"RV House_is1" = RV House 0.93.4
"s3pe" = Sims3 Package Editor
"ScummVM_is1" = ScummVM 1.3.1
"Sean O'Connor's Windows Games_is1" = Sean O'Connor's Windows Games
"SimPE_is1" = SimPE 0.72 (alpha)
"Sims2Pack Clean Installer" = Sims2Pack Clean Installer
"SouthParkMario2.1" = SouthPark Mario Bros 2.1
"SpeedFan" = SpeedFan (remove only)
"SShockDeinstallKey" = System Shock2
"ST5UNST #1" = RVOrganise
"ST5UNST #2" = RVOrganise (c:\RVOrganise\)
"ST5UNST #3" = RVOrganise (c:\RVOrganise\) #3
"ST5UNST #4" = RVOrganise (c:\RVOrganise\) #4
"ST6UNST #1" = Car Manager 1.0
"Steam App 105450" = Age of Empires® III: Complete Collection
"Steam App 105600" = Terraria
"Steam App 200001" = Saints Row The Third Prima Official Strategy Guide
"Steam App 202170" = Sleeping Dogs™
"Steam App 22600" = Worms Reloaded
"Steam App 2310" = Quake
"Steam App 2390" = Heretic: Shadow of the Serpent Riders
"Steam App 440" = Team Fortress 2
"Steam App 55230" = Saints Row: The Third
"Steam App 65800" = Dungeon Defenders
"Steam App 6830" = Commandos 2: Men of Courage
"TeamViewer 8" = TeamViewer 8
"Theme Park World" = Theme Park World
"Thief2DeinstallKey" = Thief 2
"ThiefDeinstallKey" = Thief:The Dark Project
"TS3 Install Helper Monkey" = TS3 Install Helper Monkey
"UT2004" = Unreal Tournament 2004
"WildTangent hp Master Uninstall" = HP Games
"WinFF_is1" = WinFF 1.3.2
"Wings 3D 1.4.1" = Wings 3D 1.4.1
"WinLiveSuite" = Windows Live Essentials
"WinMaze" = WinMaze
"WinRAR archiver" = WinRAR archiver
"World of Warcraft" = World of Warcraft
"WT082124" = Blasterball 3
"WT082141" = FATE
"WT082168" = Penguins!
"WT082172" = Polar Bowler
"WT082192" = Bejeweled 2 Deluxe
"WT082200" = Chuzzle Deluxe
"WT082222" = Insaniquarium Deluxe
"WT082241" = Virtual Villagers - The Secret City
"WT082246" = Zuma Deluxe
"WT082396" = Diner Dash 2 Restaurant Rescue
"WT082409" = Mahjongg Artifacts
"WT082414" = Mystery P.I. - The Vegas Heist
"WT082422" = Wedding Dash
"WT082427" = Slingo Deluxe
"WT082439" = Bus Driver
"WT083492" = Agatha Christie - Death on the Nile
"WT083510" = Jewel Quest Solitaire
"WT083514" = Jewel Quest II
"WT083521" = Dream Chronicles
"WT083529" = Gem Shop
"Xfire" = Xfire (remove only)
"Xilisoft Video Converter Ultimate" = Xilisoft Video Converter Ultimate
"Xvid_is1" = Xvid 1.2.1 final uninstall
"YANG" = YANG (Yet Another Netplay Guider)
"ZDaemon" = ZDaemon (remove only)
"ZModeler" = ZModeler (remove only)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"a43c7d0c4e204b38" = Car_Load
"Akamai" = Akamai NetSession Interface
"FileZilla Client" = FileZilla Client 3.5.3
"Google Chrome" = Google Chrome
"SwiftKit" = SwiftKit
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 3/1/2013 8:31:26 PM | Computer Name = Eightball | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.
Error - 3/1/2013 9:37:00 PM | Computer Name = Eightball | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.
Error - 3/2/2013 6:21:17 AM | Computer Name = Eightball | Source = SideBySide | ID = 16842827
Description = Activation context generation failed for "C:\Program Files (x86)\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe".Error in manifest or policy file "C:\Program
Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe" on line 2.
Multiple
requestedPrivileges elements are not allowed in manifest.
Error - 3/2/2013 9:14:34 AM | Computer Name = Eightball | Source = Application Error | ID = 1000
Description = Faulting application name: Fuel.Service.exe, version: 1.0.0.0, time
stamp: 0x4d783ed6 Faulting module name: ntdll.dll, version: 6.1.7601.17725, time
stamp: 0x4ec4aa8e Exception code: 0xc0000374 Fault offset: 0x00000000000c40f2 Faulting
process id: 0x780 Faulting application start time: 0x01ce17479d6e04e8 Faulting application
path: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe Faulting module
path: C:\Windows\SYSTEM32\ntdll.dll Report Id: 1fea8ee3-833b-11e2-a804-78e7d1c2cdb4
Error - 3/2/2013 9:20:45 AM | Computer Name = Eightball | Source = MsiInstaller | ID = 10005
Description =
Error - 3/2/2013 9:21:16 AM | Computer Name = Eightball | Source = MsiInstaller | ID = 10005
Description =
Error - 3/2/2013 9:21:28 AM | Computer Name = Eightball | Source = MsiInstaller | ID = 10005
Description =
Error - 3/2/2013 10:16:29 AM | Computer Name = Eightball | Source = Application Error | ID = 1000
Description = Faulting application name: Fuel.Service.exe, version: 1.0.0.0, time
stamp: 0x4d783ed6 Faulting module name: ntdll.dll, version: 6.1.7601.17725, time
stamp: 0x4ec4aa8e Exception code: 0xc0000374 Fault offset: 0x00000000000c40f2 Faulting
process id: 0x6c0 Faulting application start time: 0x01ce175078bad7fa Faulting application
path: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe Faulting module
path: C:\Windows\SYSTEM32\ntdll.dll Report Id: c62e64f8-8343-11e2-b870-78e7d1c2cdb4
Error - 3/2/2013 11:26:00 AM | Computer Name = Eightball | Source = Application Error | ID = 1000
Description = Faulting application name: Fuel.Service.exe, version: 1.0.0.0, time
stamp: 0x4d783ed6 Faulting module name: ntdll.dll, version: 6.1.7601.17725, time
stamp: 0x4ec4aa8e Exception code: 0xc0000374 Fault offset: 0x00000000000c40f2 Faulting
process id: 0x6c0 Faulting application start time: 0x01ce175a35548e62 Faulting application
path: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe Faulting module
path: C:\Windows\SYSTEM32\ntdll.dll Report Id: 7c758348-834d-11e2-a370-78e7d1c2cdb4
Error - 3/2/2013 3:59:11 PM | Computer Name = Eightball | Source = Application Error | ID = 1000
Description = Faulting application name: hpasset.exe, version: 3.0.0.7, time stamp:
0x4f4667f7 Faulting module name: hpasset.exe, version: 3.0.0.7, time stamp: 0x4f4667f7
Exception
code: 0xc0000005 Fault offset: 0x0000bee1 Faulting process id: 0x3a60 Faulting application
start time: 0x01ce17806666a88c Faulting application path: C:\Program Files (x86)\Hewlett-Packard\HP
Health Check\HPAsset\hpasset.exe Faulting module path: C:\Program Files (x86)\Hewlett-Packard\HP
Health Check\HPAsset\hpasset.exe Report Id: a659e03d-8373-11e2-a370-78e7d1c2cdb4
Error - 3/2/2013 4:50:59 PM | Computer Name = Eightball | Source = Application Error | ID = 1000
Description = Faulting application name: Fuel.Service.exe, version: 1.0.0.0, time
stamp: 0x4d783ed6 Faulting module name: ntdll.dll, version: 6.1.7601.17725, time
stamp: 0x4ec4aa8e Exception code: 0xc0000374 Fault offset: 0x00000000000c40f2 Faulting
process id: 0x6b4 Faulting application start time: 0x01ce17876390fad0 Faulting application
path: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe Faulting module
path: C:\Windows\SYSTEM32\ntdll.dll Report Id: e2714302-837a-11e2-983d-78e7d1c2cdb4
[ Hewlett-Packard Events ]
Error - 6/16/2012 2:52:33 PM | Computer Name = Eightball | Source = HPSF.exe | ID = 4000
Description =
Error - 6/16/2012 2:54:50 PM | Computer Name = Eightball | Source = HPSF.exe | ID = 4000
Description =
Error - 6/16/2012 2:55:11 PM | Computer Name = Eightball | Source = HPSF.exe | ID = 4000
Description =
Error - 6/16/2012 2:56:01 PM | Computer Name = Eightball | Source = HPSF.exe | ID = 4000
Description =
Error - 6/16/2012 2:56:51 PM | Computer Name = Eightball | Source = HPSF.exe | ID = 4000
Description =
Error - 6/16/2012 2:57:20 PM | Computer Name = Eightball | Source = HPSF.exe | ID = 4000
Description =
Error - 8/15/2012 2:58:16 PM | Computer Name = Eightball | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2146233088 at HPSFConfigReader.ConfigHelper.loadXML()
at HPSFConfigReader.ConfigHelper..ctor() at HP.SupportAssistant.Engine.Resources.ResourceTasks.LoadApplicationResources(Boolean
isOnAppLoad) Message: Exception of type 'System.Exception' was thrown. StackTrace:
at HPSFConfigReader.ConfigHelper.loadXML() at HPSFConfigReader.ConfigHelper..ctor()
at HP.SupportAssistant.Engine.Resources.ResourceTasks.LoadApplicationResources(Boolean
isOnAppLoad) Source: HPSFConfigReader Name: HPSF.exe Version: 06.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 6143
Ram
Utilization: 30 TargetSite: Void loadXML()
Error - 12/5/2012 3:46:28 PM | Computer Name = Eightball | Source = HPSF.exe | ID = 4000
Description =
Error - 2/6/2013 3:20:13 PM | Computer Name = Eightball | Source = HPSF.exe | ID = 4000
Description =
Error - 3/2/2013 10:18:58 AM | Computer Name = Eightball | Source = HPSFMsgr.exe | ID = 4000
Description = HP Error ID: -2147221164 at System.RuntimeTypeHandle.CreateInstance(RuntimeType
type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle&
ctor, Boolean& bNeedSecurityCheck) at System.RuntimeType.CreateInstanceSlow(Boolean
publicOnly, Boolean fillCache) at System.RuntimeType.CreateInstanceImpl(Boolean
publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) at System.Activator.CreateInstance(Type
type, Boolean nonPublic) at HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed()
StackTrace:
at System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly,
Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck)
at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache)
at System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks,
Boolean fillCache) at System.Activator.CreateInstance(Type type, Boolean nonPublic)
at HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed() Source: mscorlib
Name:
HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: en-US RAM: 6143 Ram
Utilization: 20 TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean,
Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef)
[ System Events ]
Error - 3/2/2013 4:50:43 PM | Computer Name = Eightball | Source = Service Control Manager | ID = 7031
Description = The TeamViewer 8 service terminated unexpectedly. It has done this
2 time(s). The following corrective action will be taken in 2000 milliseconds:
Restart the service.
Error - 3/2/2013 4:50:48 PM | Computer Name = Eightball | Source = Service Control Manager | ID = 7034
Description = The TeamViewer 8 service terminated unexpectedly. It has done this
3 time(s).
Error - 3/2/2013 4:50:51 PM | Computer Name = Eightball | Source = Service Control Manager | ID = 7034
Description = The Skype Updater service terminated unexpectedly. It has done this
1 time(s).
Error - 3/2/2013 4:51:01 PM | Computer Name = Eightball | Source = Service Control Manager | ID = 7034
Description = The AMD FUEL Service service terminated unexpectedly. It has done
this 1 time(s).
Error - 3/2/2013 4:51:02 PM | Computer Name = Eightball | Source = Service Control Manager | ID = 7034
Description = The mental ray 3.7 Satellite for Autodesk 3ds Max 2010 64-bit 64-bit
service terminated unexpectedly. It has done this 1 time(s).
Error - 3/2/2013 4:51:02 PM | Computer Name = Eightball | Source = Service Control Manager | ID = 7034
Description = The mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit
service terminated unexpectedly. It has done this 1 time(s).
Error - 3/2/2013 4:51:07 PM | Computer Name = Eightball | Source = Service Control Manager | ID = 7034
Description = The Bonjour Service service terminated unexpectedly. It has done
this 1 time(s).
Error - 3/2/2013 4:51:09 PM | Computer Name = Eightball | Source = Service Control Manager | ID = 7034
Description = The Process Monitor service terminated unexpectedly. It has done
this 1 time(s).
Error - 3/2/2013 4:51:11 PM | Computer Name = Eightball | Source = Service Control Manager | ID = 7034
Description = The LightScribeService Direct Disc Labeling Service service terminated
unexpectedly. It has done this 1 time(s).
Error - 3/2/2013 4:51:16 PM | Computer Name = Eightball | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
< End of report >
Edited by Skarma, 02 March 2013 - 04:12 PM.
Sign In
Create Account
