Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Lost account, and general concern [Solved]

Started by Mayko , Mar 12 2013 04:19 AM

  • This topic is locked This topic is locked

#1
Mayko
Posted 12 March 2013 - 04:19 AM

Mayko

    Member

  • Member
  • PipPip
  • 67 posts
I have recently lost control of an account of mine. From then I got a little concerned. I have done Malwarebytes scans as well as Avira as my real time protection. Both scans have come up clean, but the password I was using for the account is rather hard in my opinion to brute force with multiple punctuations. Any help would be much appreciated. Here is my OTL log, and Thank you for any help you can give.

OTL logfile created on: 3/12/2013 5:08:18 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Aaron Long\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.92 Gb Total Physical Memory | 4.62 Gb Available Physical Memory | 58.29% Memory free
15.84 Gb Paging File | 10.93 Gb Available in Paging File | 69.02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1862.92 Gb Total Space | 920.09 Gb Free Space | 49.39% Space Free | Partition Type: NTFS
Drive D: | 148.16 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 465.76 Gb Total Space | 17.50 Gb Free Space | 3.76% Space Free | Partition Type: NTFS

Computer Name: AARONLONG-PC | User Name: Aaron Long | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/03/12 05:05:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Aaron Long\Desktop\OTL.exe
PRC - [2013/03/08 22:04:02 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/03/07 16:35:30 | 000,527,016 | R--- | M] (iRacing.com Motorsport Simulations, LLC
Bedford, MA 01730) -- C:\Program Files (x86)\iRacing\iRacingService.exe
PRC - [2013/03/06 20:07:47 | 001,103,768 | ---- | M] (Spotify Ltd) -- C:\Users\Aaron Long\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2013/03/05 21:33:38 | 003,494,992 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\Origin.exe
PRC - [2013/02/25 08:39:34 | 001,602,984 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\steam.exe
PRC - [2013/02/12 19:26:30 | 003,560,320 | ---- | M] (Xfire Inc.) -- C:\Program Files (x86)\Xfire\Xfire.exe
PRC - [2012/12/29 03:53:20 | 000,383,416 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/12/20 17:03:24 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/12/18 14:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/12/10 21:24:44 | 000,338,864 | ---- | M] (Razer USA Ltd) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
PRC - [2012/11/13 22:53:40 | 000,800,176 | ---- | M] (Razer USA Ltd) -- C:\Program Files (x86)\Razer\Razer Game Booster\FPSClient.exe
PRC - [2012/11/13 22:53:04 | 000,905,344 | ---- | M] (Razer USA Ltd) -- C:\Program Files (x86)\Razer\Razer Game Booster\gbtray.exe
PRC - [2012/08/08 08:29:11 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/05/08 05:19:58 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/05/08 05:19:58 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012/03/26 12:05:04 | 004,656,632 | ---- | M] (Almico Software (www.almico.com)) -- C:\Program Files (x86)\SpeedFan\speedfan.exe
PRC - [2012/01/16 06:26:26 | 000,216,064 | ---- | M] (uWebb Software) -- C:\Users\Aaron Long\Desktop\Temp\RealTemp.exe
PRC - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/10/06 00:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/10/06 00:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/03/10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009/11/10 19:05:34 | 000,248,320 | ---- | M] () -- C:\Program Files (x86)\Razer\Lachesis\razerhid.exe
PRC - [2009/11/04 17:28:00 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Razer\Lachesis\razertra.exe
PRC - [2007/08/16 18:05:16 | 000,274,432 | ---- | M] (razercfg MFC Application) -- C:\Program Files (x86)\Razer\Lachesis\OSD.exe
PRC - [2007/06/05 11:37:12 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Lachesis\razerofa.exe


========== Modules (No Company Name) ==========

MOD - [2013/03/08 22:04:02 | 003,069,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/03/05 23:46:21 | 000,192,512 | ---- | M] () -- C:\Users\Aaron Long\AppData\Local\Temp\sfamcc00001.dll
MOD - [2013/03/05 23:46:21 | 000,158,720 | ---- | M] () -- C:\Users\Aaron Long\AppData\Local\Temp\sfareca00001.dll
MOD - [2013/03/05 21:33:38 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Origin\tufao.dll
MOD - [2013/03/05 21:05:55 | 014,718,320 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll
MOD - [2013/02/28 18:08:19 | 000,459,728 | ---- | M] () -- C:\Users\Aaron Long\AppData\Local\Google\Chrome\Application\25.0.1364.152\ppgooglenaclpluginchrome.dll
MOD - [2013/02/28 18:08:16 | 004,050,896 | ---- | M] () -- C:\Users\Aaron Long\AppData\Local\Google\Chrome\Application\25.0.1364.152\pdf.dll
MOD - [2013/02/28 18:07:25 | 000,596,944 | ---- | M] () -- C:\Users\Aaron Long\AppData\Local\Google\Chrome\Application\25.0.1364.152\libglesv2.dll
MOD - [2013/02/28 18:07:24 | 000,124,368 | ---- | M] () -- C:\Users\Aaron Long\AppData\Local\Google\Chrome\Application\25.0.1364.152\libegl.dll
MOD - [2013/02/28 18:07:21 | 001,552,848 | ---- | M] () -- C:\Users\Aaron Long\AppData\Local\Google\Chrome\Application\25.0.1364.152\ffmpegsumo.dll
MOD - [2013/02/25 08:39:32 | 000,988,584 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2013/02/25 08:39:32 | 000,111,016 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\audio.dll
MOD - [2013/02/19 12:48:10 | 020,340,648 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2013/02/13 18:33:40 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\39f4c7717661667c68f9af8c4f6402b9\System.Windows.Forms.ni.dll
MOD - [2013/01/17 22:14:17 | 000,214,528 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\mssvoice.asi
MOD - [2013/01/09 08:22:38 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\ac9e3eca6c148504588e7c6d09fe83e3\System.Management.ni.dll
MOD - [2013/01/09 08:21:32 | 000,096,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\a1b65a602c75409c0c1ce7fa1f2a0983\UIAutomationProvider.ni.dll
MOD - [2013/01/09 08:21:23 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\e7b4706dfe18f29486dbaf5d35e01765\System.Runtime.DurableInstancing.ni.dll
MOD - [2013/01/09 08:21:22 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\910fe53ec2122cf3a2ad11c2b2f5cbfd\System.Runtime.Serialization.ni.dll
MOD - [2013/01/09 08:21:22 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\ef7642a4f2724135d445e2ea36582e78\SMDiagnostics.ni.dll
MOD - [2013/01/09 08:21:20 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\d01a925ecd339eae8ea1da8488eb2283\System.Xml.Linq.ni.dll
MOD - [2013/01/09 08:21:06 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dll
MOD - [2013/01/09 08:21:03 | 000,044,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Accessibility\e290208a6d4ea4451ac118f1e0c3b488\Accessibility.ni.dll
MOD - [2013/01/09 08:12:30 | 018,002,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\14f511c47523f19ca591eb207e9e2084\PresentationFramework.ni.dll
MOD - [2013/01/09 08:12:20 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e10fd15441d278c04a03302880a3e231\PresentationCore.ni.dll
MOD - [2013/01/09 08:12:15 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\27dcf04ed7a3506045597c02a5a1fc31\System.Core.ni.dll
MOD - [2013/01/09 08:12:13 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll
MOD - [2013/01/09 08:12:12 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\7a9ff5ce3a909d075179a2ac70d8f388\WindowsBase.ni.dll
MOD - [2013/01/09 08:12:12 | 000,309,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\82f376255a9523982c52cf58b13268d3\PresentationFramework.Classic.ni.dll
MOD - [2013/01/09 08:12:11 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll
MOD - [2013/01/09 08:12:11 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5de5d8c1c02e33789e3cf7e3f54c0ec9\System.Configuration.ni.dll
MOD - [2013/01/09 08:12:10 | 009,094,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll
MOD - [2013/01/09 08:12:06 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll
MOD - [2012/12/18 19:28:50 | 000,647,168 | ---- | M] () -- C:\Program Files (x86)\Steam\sdl.dll
MOD - [2012/12/11 10:51:10 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012/12/11 10:51:10 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/12/11 10:51:10 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/11/13 22:53:36 | 000,244,136 | ---- | M] () -- C:\Program Files (x86)\Razer\Razer Game Booster\M_FPS.dll
MOD - [2012/11/13 22:53:06 | 007,477,262 | ---- | M] () -- C:\Program Files (x86)\Razer\Razer Game Booster\avcodec-54.dll
MOD - [2012/11/13 22:53:06 | 001,191,950 | ---- | M] () -- C:\Program Files (x86)\Razer\Razer Game Booster\avformat-54.dll
MOD - [2012/11/13 22:53:04 | 000,117,888 | ---- | M] () -- C:\Program Files (x86)\Razer\Razer Game Booster\Mpeg2Video.dll
MOD - [2012/11/13 22:53:04 | 000,062,256 | ---- | M] () -- C:\Program Files (x86)\Razer\Razer Game Booster\PowerConfig.dll
MOD - [2012/11/13 22:53:02 | 000,271,400 | ---- | M] () -- C:\Program Files (x86)\Razer\Razer Game Booster\D3DX8Wrapper.dll
MOD - [2012/11/13 22:53:00 | 000,333,326 | ---- | M] () -- C:\Program Files (x86)\Razer\Razer Game Booster\swscale-2.dll
MOD - [2012/11/13 22:53:00 | 000,156,174 | ---- | M] () -- C:\Program Files (x86)\Razer\Razer Game Booster\avutil-51.dll
MOD - [2012/09/07 16:37:02 | 000,095,744 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\mssmp3.asi
MOD - [2012/02/09 23:13:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2012/01/08 08:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2011/12/28 20:18:05 | 002,931,024 | -HS- | M] () -- \\?\C:\ProgramData\Microsoft\PlayReady\Cache\S-1-5-21-2136970789-3445424151-3781644325-1002\MSPRindiv01.key
MOD - [2009/11/10 19:05:34 | 000,248,320 | ---- | M] () -- C:\Program Files (x86)\Razer\Lachesis\razerhid.exe
MOD - [2009/11/04 17:28:00 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Razer\Lachesis\razertra.exe


========== Services (SafeList) ==========

SRV:64bit: - [2012/04/10 05:17:16 | 000,097,552 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV:64bit: - [2011/12/26 15:33:26 | 000,289,792 | ---- | M] (Puran Software) [Disabled | Stopped] -- C:\Windows\SysNative\PuranDefragS.exe -- (PuranDefrag)
SRV:64bit: - [2010/04/06 19:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/03/08 22:04:02 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/03/07 16:35:30 | 000,527,016 | R--- | M] (iRacing.com Motorsport Simulations, LLC
Bedford, MA 01730) [Auto | Running] -- C:\Program Files (x86)\iRacing\iRacingService.exe -- (iRacingService)
SRV - [2013/03/05 21:14:21 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/01/17 22:14:19 | 000,541,608 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/01/11 17:35:46 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Running] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2012/12/29 05:34:47 | 001,260,472 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/12/29 03:53:20 | 000,383,416 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/12/20 17:03:24 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/12/18 14:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/11/09 12:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/08 05:19:58 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/05/08 05:19:58 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/11/13 07:53:40 | 000,946,032 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Citrix\GoToMyPC\g2svc.exe -- (GoToMyPC)
SRV - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/03/28 14:51:25 | 004,323,256 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2011/03/01 21:29:58 | 000,130,976 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2010/10/06 00:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/10/06 00:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/11/07 02:49:46 | 000,113,664 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzudd.sys -- (rzudd)
DRV:64bit: - [2012/11/07 02:49:46 | 000,022,016 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzendpt.sys -- (rzendpt)
DRV:64bit: - [2012/08/23 09:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 09:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 09:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/03 10:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/05/08 05:19:58 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012/05/08 05:19:58 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012/04/10 05:17:14 | 000,164,528 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/01/01 01:31:46 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011/12/31 20:52:55 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2011/10/01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/09/21 10:25:54 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2011/09/16 00:55:03 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011/06/09 22:16:08 | 012,230,912 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/05/25 06:19:00 | 000,076,160 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011/05/25 06:19:00 | 000,052,608 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2011/05/16 09:55:28 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/10 21:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/10/14 12:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/09/21 12:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/04/27 17:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010/04/27 17:57:14 | 000,036,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmHidLo.sys -- (WmHidLo)
DRV:64bit: - [2010/04/27 17:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010/04/27 15:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010/04/27 15:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2009/10/16 22:09:14 | 000,029,952 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Lachesis.sys -- (VaneFltr)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 16:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/06/10 15:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/02/02 17:50:43 | 000,004,774 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008/07/26 17:30:36 | 000,014,544 | ---- | M] (OpenLibSys.org) [Kernel | On_Demand | Running] -- C:\Users\Aaron Long\Desktop\Temp\WinRing0x64.sys -- (WinRing0_1_2_0)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {21A51130-7285-49FE-B3F6-2385CC71CDEA}
IE:64bit: - HKLM\..\SearchScopes\{21A51130-7285-49FE-B3F6-2385CC71CDEA}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {21A51130-7285-49FE-B3F6-2385CC71CDEA}
IE - HKLM\..\SearchScopes\{21A51130-7285-49FE-B3F6-2385CC71CDEA}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
IE - HKCU\..\SearchScopes,DefaultScope = {786DCDF6-3515-4b3e-BDAD-A8CE5F13214D}
IE - HKCU\..\SearchScopes\{786DCDF6-3515-4b3e-BDAD-A8CE5F13214D}: "URL" = http://search.yahoo....evm&type=IEBDSV
IE - HKCU\..\SearchScopes\{995A88D4-2CBD-4e39-9822-B0DD04AEEFCC}: "URL" = http://www.bing.com/...=SPLBR1&pc=SPLH
IE - HKCU\..\SearchScopes\{C507F525-7AE3-4757-A1BE-653AAB24D4D2}: "URL" = http://www.google.co...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.138.0: C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.2: C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Aaron Long\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Aaron Long\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Aaron Long\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/08 22:04:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/03/08 22:04:00 | 000,000,000 | ---D | M]

[2011/12/28 20:03:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aaron Long\AppData\Roaming\Mozilla\Extensions
[2012/10/23 02:32:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aaron Long\AppData\Roaming\Mozilla\Firefox\Profiles\npz930rf.default\extensions
[2013/03/08 22:03:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/03/08 22:04:02 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/12/09 12:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012/09/03 14:02:18 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/03/08 22:04:02 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Aaron Long\AppData\Local\Google\Chrome\Application\25.0.1364.152\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Aaron Long\AppData\Local\Google\Chrome\Application\25.0.1364.152\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Aaron Long\AppData\Local\Google\Chrome\Application\25.0.1364.152\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Battlefield Play4Free Updater (Enabled) = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\npBP4FUpdater.dll
CHR - plugin: Battlefield Play4Free Updater (Enabled) = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\BP4FUpdater.exe
CHR - plugin: Heroes & Generals (Enabled) = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcdbmojodailncinonfdhpafgopelmbj\1.0.3.4_0\plugins/npretoxlive.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Aaron Long\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: FilePlanet: Free PC Games, Downloads, Mods, Demos, Patches & Maps = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnoghbolbbogfjhdhphboehngjkobekd\2012.1.25.24106_0\
CHR - Extension: Battlefield Play4Free = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\
CHR - Extension: Facebook = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnknkgccldocdogpnhbaddbdhhjiindo\2012.1.25.24069_0\
CHR - Extension: LastPass = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.20_0\
CHR - Extension: Watch TV. Watch Movies. | Online | Free | Hulu = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhgbkjbpjkpdkbbalmaggmmlcffjaaae\2012.1.25.24120_0\
CHR - Extension: YouTurn = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\icphmmimmfdlgaaglejeokffekamhplg\2.2_0\
CHR - Extension: Yahoo! = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\inhalmiddnkoaejbelacfdaellglafkk\2012.1.25.24110_0\
CHR - Extension: Heroes & Generals updater (live) = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcdbmojodailncinonfdhpafgopelmbj\1.0.3.4_0\
CHR - Extension: Pandora Radio - Listen to Free Internet Radio, Find New Music = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcgjkdnkaikofglpiokiobahklcacdfb\2012.1.25.24057_0\
CHR - Extension: Awesome New Tab Page = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgmiemnjjchgkmgbeljfocdjjnpjnmcg\2013.107.6.0_0\
CHR - Extension: Google Mail Checker = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: CoreofGreymane's Channel - YouTube = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdaeemjmpffjlgeckaaadgfglmbpgbmo\2012.1.25.24115_0\
CHR - Extension: Minecraft Forum - News, Forums, Mods, and Texture Packs = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\pglelkkdopeeibjojindnmdcijkpfaai\2012.1.25.24118_0\
CHR - Extension: Gmail = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Lachesis] C:\Program Files (x86)\Razer\Lachesis\razerhid.exe ()
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer USA Ltd)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [PlayNC Launcher] File not found
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKCU..\Run: [Spotify] C:\Users\Aaron Long\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Aaron Long\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [InstallShieldSetup] C:\Program Files (x86)\InstallShield Installation Information\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}\setup.exe (Acresso Software Inc.)
O4 - Startup: C:\Users\Aaron Long\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Aaron Long\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Aaron Long\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.17.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{19656C68-C0DE-4BE3-BD04-B51A081E8BD1}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/11/16 19:53:50 | 000,000,131 | R--- | M] () - D:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{13c26bb7-5acc-11e2-8606-50e5494cb46a}\Shell - "" = AutoRun
O33 - MountPoints2\{13c26bb7-5acc-11e2-8606-50e5494cb46a}\Shell\AutoRun\command - "" = F:\TL_Bootstrap.exe
O33 - MountPoints2\{f384af06-256c-11e1-870b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{f384af06-256c-11e1-870b-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup.exe -- [2010/11/16 19:53:50 | 000,297,832 | R--- | M] (Hewlett-Packard Co.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/03/12 05:05:21 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Aaron Long\Desktop\OTL.exe
[2013/03/11 20:19:26 | 000,000,000 | ---D | C] -- C:\Users\Aaron Long\AppData\Roaming\.minecraft
[2013/03/11 16:15:27 | 001,393,736 | ---- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Users\Aaron Long\gotomypc_635.exe
[2013/03/11 15:50:59 | 000,000,000 | ---D | C] -- C:\ProgramData\CitrixLogs
[2013/03/11 15:50:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix
[2013/03/11 15:50:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Citrix
[2013/03/11 15:45:46 | 011,881,936 | ---- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Users\Aaron Long\gosetup.exe
[2013/03/08 22:03:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/03/08 20:27:21 | 000,000,000 | ---D | C] -- C:\Users\Aaron Long\AppData\Roaming\com.stoicstudio.TheBannerSagaFactions
[2013/03/08 20:27:18 | 000,000,000 | ---D | C] -- C:\Users\Aaron Long\tbs_logs
[2013/03/06 23:55:09 | 000,000,000 | ---D | C] -- C:\Users\Aaron Long\AppData\Local\Targem
[2013/03/05 21:45:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™
[2013/02/25 08:37:12 | 000,000,000 | ---D | C] -- C:\Users\Aaron Long\AppData\Roaming\HpUpdate
[2013/02/25 08:36:50 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2013/02/25 08:36:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2013/02/25 08:36:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2013/02/25 08:35:13 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2013/02/25 08:34:24 | 000,000,000 | ---D | C] -- C:\Users\Aaron Long\AppData\Local\HP
[2013/02/23 19:32:23 | 000,000,000 | ---D | C] -- C:\Users\Aaron Long\AppData\Local\signal studios
[2013/02/16 16:53:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McLaren Electronic Systems
[2013/02/16 16:53:25 | 000,000,000 | ---D | C] -- C:\Users\Aaron Long\Documents\McLaren Electronic Systems
[2013/02/16 16:53:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McLaren Electronic Systems
[2013/02/16 16:36:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™ Closed Beta 2
[2013/02/15 15:31:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSpeed
[2013/02/15 15:31:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iSpeed
[2013/02/15 15:31:14 | 000,000,000 | ---D | C] -- C:\Users\Aaron Long\AppData\Roaming\Downloaded Installations
[2013/02/13 19:33:30 | 000,000,000 | ---D | C] -- C:\Users\Aaron Long\Documents\iRacing
[2013/02/13 19:15:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iRacing
[2013/02/13 19:15:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iRacing
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/03/12 05:05:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Aaron Long\Desktop\OTL.exe
[2013/03/12 04:36:00 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2136970789-3445424151-3781644325-1002UA.job
[2013/03/12 04:14:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/12 03:36:00 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2136970789-3445424151-3781644325-1002Core.job
[2013/03/10 18:10:13 | 000,000,000 | -H-- | M] () -- C:\Users\Aaron Long\Documents\Default.rdp
[2013/03/08 17:04:50 | 000,000,000 | ---- | M] () -- C:\Users\Aaron Long\__ng3d.lock
[2013/03/05 23:54:06 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/05 23:54:06 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/05 23:45:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/05 23:45:08 | 2082,299,903 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/05 23:39:56 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf
[2013/03/05 21:45:56 | 000,001,236 | ---- | M] () -- C:\Users\Public\Desktop\SimCity™.lnk
[2013/03/05 21:08:19 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_rzudd_01009.Wdf
[2013/03/05 21:07:58 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_rzendpt_01009.Wdf
[2013/02/24 22:05:38 | 000,793,136 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/02/24 22:05:38 | 000,669,288 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/02/24 22:05:38 | 000,125,216 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/02/22 13:49:37 | 000,401,072 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/02/21 21:49:57 | 000,000,024 | ---- | M] () -- C:\Users\Aaron Long\random.dat
[2013/02/21 21:32:45 | 000,000,049 | ---- | M] () -- C:\Users\Aaron Long\jagex_cl_runescape_LIVE.dat
[2013/02/16 16:53:36 | 000,002,743 | ---- | M] () -- C:\Users\Public\Desktop\Data Server.lnk
[2013/02/16 16:53:36 | 000,002,659 | ---- | M] () -- C:\Users\Public\Desktop\ATLAS.lnk
[2013/02/12 19:26:34 | 000,042,880 | ---- | M] () -- C:\Windows\SysWow64\xfcodec.dll
[2013/02/12 19:26:34 | 000,028,544 | ---- | M] () -- C:\Windows\SysNative\xfcodec64.dll
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/03/10 18:10:13 | 000,000,000 | -H-- | C] () -- C:\Users\Aaron Long\Documents\Default.rdp
[2013/03/08 17:04:50 | 000,000,000 | ---- | C] () -- C:\Users\Aaron Long\__ng3d.lock
[2013/03/05 23:39:56 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf
[2013/03/05 21:45:56 | 000,001,236 | ---- | C] () -- C:\Users\Public\Desktop\SimCity™.lnk
[2013/03/05 21:08:19 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_rzudd_01009.Wdf
[2013/03/05 21:07:58 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_rzendpt_01009.Wdf
[2013/02/16 16:53:36 | 000,002,743 | ---- | C] () -- C:\Users\Public\Desktop\Data Server.lnk
[2013/02/16 16:53:36 | 000,002,659 | ---- | C] () -- C:\Users\Public\Desktop\ATLAS.lnk
[2013/02/12 19:26:34 | 000,042,880 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2013/02/12 19:26:34 | 000,028,544 | ---- | C] () -- C:\Windows\SysNative\xfcodec64.dll
[2013/01/13 14:28:59 | 000,000,050 | ---- | C] () -- C:\Users\Aaron Long\jagex_cl_runescape_LIVE1.dat
[2012/12/15 15:04:52 | 000,281,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/12/15 15:04:43 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/12/01 20:35:05 | 000,017,717 | ---- | C] () -- C:\Users\Aaron Long\AppData\Local\recently-used.xbel
[2012/11/11 04:59:38 | 000,000,051 | ---- | C] () -- C:\Users\Aaron Long\jagex_cl_loginapplet_LIVE.dat
[2012/11/04 21:54:23 | 000,172,840 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/04/25 14:40:56 | 000,001,838 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2012/04/06 02:19:30 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2012/03/03 19:55:38 | 000,068,212 | ---- | C] () -- C:\Users\Aaron Long\AppData\Roaming\icarus-dxdiag.xml
[2012/02/28 21:12:45 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012/02/21 16:26:23 | 000,000,049 | ---- | C] () -- C:\Users\Aaron Long\jagex_cl_runescape_LIVE.dat
[2012/02/21 16:26:23 | 000,000,024 | ---- | C] () -- C:\Users\Aaron Long\random.dat
[2012/02/07 15:35:57 | 000,000,005 | ---- | C] () -- C:\Windows\SysWow64\SySAVI2WMV.dat
[2012/02/07 15:35:51 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2012/01/12 15:34:57 | 000,786,860 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/01/12 04:10:07 | 003,123,272 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012/01/03 20:31:21 | 002,601,752 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_moh.exe
[2011/12/28 14:06:31 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2011/12/13 04:49:09 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011/12/13 04:46:55 | 013,906,944 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/12/13 04:46:55 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/12/13 04:46:55 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/12/13 04:46:55 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/12/13 04:46:55 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/12/13 04:41:40 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011/09/28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/05/31 01:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2011/05/31 01:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/03/11 20:19:26 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\.minecraft
[2012/05/09 20:43:07 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\.techniclauncher
[2012/01/14 20:53:30 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Atari
[2013/03/06 16:34:00 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Audacity
[2012/07/27 15:04:11 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Beat Hazard
[2012/01/18 07:25:36 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\BigHugeEngine
[2012/04/06 23:31:15 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\bizarre creations
[2012/11/09 21:39:59 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Blockscape
[2012/04/04 21:19:32 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Carbon
[2012/04/16 11:45:25 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Cobra Mobile
[2013/03/08 20:27:21 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\com.stoicstudio.TheBannerSagaFactions
[2012/04/13 19:55:45 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Crayon Physics Deluxe
[2012/11/05 05:26:40 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\DefendersQuestDemo
[2012/04/15 17:14:26 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Doctor Who
[2013/02/15 15:31:14 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Downloaded Installations
[2013/03/11 19:22:53 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Dropbox
[2012/11/06 05:36:29 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Dwarfs
[2012/11/06 02:27:00 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Dynamite Jack
[2012/02/07 15:29:05 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\EnMasse
[2012/07/30 15:23:40 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\EoN
[2012/04/24 17:12:42 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Fatshark
[2012/06/15 01:27:15 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\FileZilla
[2012/04/06 20:54:14 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Firefly Studios
[2012/11/28 19:25:27 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Fortix
[2012/04/15 16:32:52 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\GameFly
[2012/12/18 20:37:46 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\GetRightToGo
[2012/04/28 20:12:04 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\gtk-2.0
[2012/05/10 22:50:42 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Kalypso Media
[2012/01/19 04:24:42 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Lionhead Studios
[2011/12/28 23:39:20 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\LolClient
[2012/06/14 00:55:21 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\LolClient2
[2012/02/13 18:00:26 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\MAGIX
[2012/04/06 02:19:56 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\MinMaxGames
[2012/04/22 17:33:04 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Mount&Blade Warband
[2012/04/19 21:25:44 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Mount&Blade With Fire and Sword
[2012/10/09 19:21:49 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Mumble
[2012/01/21 01:56:17 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Need for Speed World
[2012/01/19 07:22:03 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Notepad++
[2012/05/31 23:48:19 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Opera
[2012/12/22 21:42:53 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Origin
[2012/02/07 15:52:29 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Publish Providers
[2012/02/17 21:32:38 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\PunkBuster
[2011/12/28 17:27:20 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Razer
[2012/04/29 19:32:40 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\RenPy
[2012/03/02 18:17:01 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\RotMG.Production
[2012/05/10 23:06:34 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\runic games
[2012/06/09 23:12:06 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\six-updater
[2012/06/07 01:29:56 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\six-zsync
[2012/03/31 03:49:58 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\SoftGrid Client
[2012/02/07 16:09:56 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Sony
[2011/12/31 21:03:14 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Splashtop
[2012/03/03 04:26:37 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\SplitMediaLabs
[2013/03/08 15:20:37 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Spotify
[2012/08/10 04:42:04 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\System
[2012/04/29 20:59:14 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\The Creative Assembly
[2012/03/15 22:37:50 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\TP
[2012/01/27 07:10:32 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Trine2
[2012/05/06 02:59:12 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Tropico 3
[2012/08/27 12:38:19 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Tropico 4
[2012/06/25 19:54:10 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Tryst
[2012/08/14 03:33:16 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\TS3Client
[2012/12/25 00:27:28 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Ubisoft
[2012/12/01 11:53:04 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Ulead Systems
[2012/06/17 03:09:17 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Unity
[2012/03/24 19:45:35 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\wargaming.net
[2012/04/03 00:56:13 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Waveform
[2012/04/19 11:18:37 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Windows Live Writer
[2012/01/27 00:35:51 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Wizards of the Coast
[2012/08/10 04:42:39 | 000,000,000 | -HSD | M] -- C:\Users\Aaron Long\AppData\Roaming\wyUpdate AU
[2012/04/08 04:46:57 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\X-Chat 2
[2012/12/26 15:43:08 | 000,000,000 | ---D | M] -- C:\Users\Aaron Long\AppData\Roaming\Zeal Game Studio

========== Purity Check ==========



< End of report >

**EDIT** Forgot the extras log.

OTL Extras logfile created on: 3/12/2013 5:08:18 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Aaron Long\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.92 Gb Total Physical Memory | 4.62 Gb Available Physical Memory | 58.29% Memory free
15.84 Gb Paging File | 10.93 Gb Available in Paging File | 69.02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1862.92 Gb Total Space | 920.09 Gb Free Space | 49.39% Space Free | Partition Type: NTFS
Drive D: | 148.16 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 465.76 Gb Total Space | 17.50 Gb Free Space | 3.76% Space Free | Partition Type: NTFS

Computer Name: AARONLONG-PC | User Name: Aaron Long | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\xchat\xchat.exe" = C:\Program Files (x86)\xchat\xchat.exe:*:Enabled:XChat IRC Client -- ()
"C:\Program Files (x86)\xchat\xchat.exe" = C:\Program Files (x86)\xchat\xchat.exe:*:Enabled:XChat IRC Client -- ()


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03412B8B-9CAC-482B-BD2F-9B2A57B8B20D}" = lport=138 | protocol=17 | dir=in | app=system |
"{111D3E0B-F55C-46E4-9EA8-41ED3EB1EBC9}" = rport=138 | protocol=17 | dir=out | app=system |
"{16CE0510-A8EB-41AF-9CED-B3A841F06E27}" = lport=445 | protocol=6 | dir=in | app=system |
"{1C93830E-B259-42FA-BF67-3F923C6EEF6B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{20382880-ECE2-4A48-9E63-B6BB6AED6CFA}" = rport=139 | protocol=6 | dir=out | app=system |
"{298AE27E-9E46-4196-8A3E-5CFCA36DBF7F}" = lport=139 | protocol=6 | dir=in | app=system |
"{3E7AE865-B3D5-46DD-B0FA-F8635D2E3A8A}" = rport=137 | protocol=17 | dir=out | app=system |
"{54D41C35-21CC-4F09-8670-4CA439C6B656}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{596030A4-C9F9-49CC-B470-E9CBD61C716F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{5D058CA5-2E85-44E5-91C7-8EC256BDEB9B}" = rport=445 | protocol=6 | dir=out | app=system |
"{5FFF281D-E519-4A76-9D68-D8B81DC62288}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{B0CC8793-1018-485F-97C7-630CB4FA3698}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D780D2D3-2C6E-4A4B-808C-291839ED713A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{EF7D677D-AFDB-4C52-B5DC-5E0F189C0DDF}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F4E06BD8-A902-4AC4-9051-7D722F27C928}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F91697D0-7080-435C-8EDA-68A25869A88F}" = lport=137 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{002936D1-F6EB-4795-9913-105757BBECFF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stronghold3\bin\win32_release\stronghold3.exe |
"{00E3D890-BF23-40B2-9D78-6ACC0674EE3C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\simcity 4 deluxe\apps\simcity 4.exe |
"{023EB0C1-859B-4DC8-884B-11D8E2C3052E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cabela's hunting expedition\bin\csa2_main.exe |
"{0285220A-906D-4848-8648-09D3D5B19BAF}" = protocol=6 | dir=in | app=c:\users\aaron long\appdata\local\apps\2.0\6t5m4a6y.8gr\jrbphbw3.9tt\curs..tion_9e9e83ddf3ed3ead_0005.0001_f98d05d4713e76ec\curseclient.exe |
"{02F0FDA3-AC60-49F3-93C4-25155C9DC035}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\medal of honor\binaries\moh.exe |
"{03A323D8-CADE-473B-B32D-C1ADB219B826}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the binding of isaac\isaac.exe |
"{0412EA54-AF42-4A85-939F-D390975A6113}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\agricultural simulator 2011\farm.exe |
"{04EEF94F-09E9-44C8-A14E-CC7784DEE606}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{05616296-A5E3-4298-A11B-C17062015886}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\fc3updatersteam.exe |
"{057BEC9C-2FAF-4A27-8BA3-472F9448B880}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\sonic generations\configurationtool.exe |
"{05927E6C-2C78-47A5-8289-F215F4214A7A}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{0621BCCA-CC22-4C05-9C22-90C65774DFAE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0627DDD2-90FA-4F3C-9727-01F2B79C4972}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\medal of honor\binaries\moh.exe |
"{0674130E-A40A-4E6D-BEF4-BDDF6B116B1F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\i am alive\src\system\iamalive_game.exe |
"{07032AB2-76D4-4274-8CB1-28675D71D73C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magicka\magicka.exe |
"{08CD5CA2-1A80-4B08-A23F-A200A38E16EC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hitman absolution\hma.exe |
"{0940F095-850C-414D-8122-AC9D4A20EB89}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\x3 - reunion\x3.exe |
"{09EF21F6-1059-4259-9966-EE35FCCE363C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{0CA3142B-8047-45F1-8A9B-2A8D1118AC66}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{0DCA181D-8AA6-4C03-B391-72CB5EAD83BC}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\far cry 2\bin\fc2editor.exe |
"{0DE9F753-DB6F-4511-BA83-EF2C6A909923}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe |
"{0EC0135A-FA2B-4413-A0B2-F4178B96AF10}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\solar 2\solar2.exe |
"{0F1D9E67-C516-4EA1-BEE7-547D1190039E}" = protocol=6 | dir=in | app=c:\program files (x86)\end of nations beta\rtsclientg.exe |
"{0F813B02-43F6-45FB-855A-316B600BA303}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\snuggle truck\snuggle truck.exe |
"{0FC96234-1835-49FF-8B28-87324A05332B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\civ_v_xp_demo\launcher.exe |
"{11235494-4EED-433D-861F-B5D9D7D4742D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeons of dredmor\dungeons of dredmor.exe |
"{1201BCDF-0366-49C9-B2F3-269260973BAC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\fallennerd\source sdk base 2007\hl2.exe |
"{123A47A6-E5E8-482A-ABF6-CD229B923F77}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cogs\cogs.exe |
"{128BE3F0-1173-4C40-94AD-87E0E4F416B3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 2\bin\farcry2.exe |
"{12B9B23F-1BEC-4A51-A637-DFCB6F08B84D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\virtua tennis 2009\virtua tennis 2009.exe |
"{14186A0E-5F42-423B-98EC-FBC37092E31D}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\assassinscreed3.exe |
"{14701333-2A6C-45E2-BC23-B5E4ACFA4646}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{14A88BDC-9577-44CB-9DA8-5D588F801AE1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe |
"{14B0F55A-ED4A-4F9E-9855-3676E1E6451C}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\dawn of war 2\dow2.exe |
"{1619B0DF-CBF0-4BB7-9D07-8674A7F7721C}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{161C97B0-0399-4FA7-A1EB-A483F1CFF1A4}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{16A6944E-1695-4EF7-B8F0-8BB8EB924BCC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{17419366-BEEA-4B40-9183-1E29C4DE3F75}" = protocol=58 | dir=in | [email protected],-28545 |
"{186D1BCB-0807-4075-9B5B-6D1C146F8999}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\virtua tennis 2009\config.exe |
"{18D03025-7BA4-4796-A537-43D576E2D863}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magic 2013\dotp_d13.exe |
"{18F98F00-8151-47CE-BB6B-967C7169CCC9}" = protocol=6 | dir=in | app=c:\users\aaron long\appdata\roaming\dropbox\bin\dropbox.exe |
"{194DAADD-C672-44FE-ABD2-02C09793E1CA}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{1A95DA97-41ED-4B9E-93BD-5D2E7A512812}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{1AB8F5C1-7079-4CDF-9BB1-DDDB8373E5EE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\test drive unlimited 2\uplauncher.exe |
"{1AC528EA-BBA3-4352-AD2D-F766BDDC049E}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{1AE54A9A-4F86-4105-AAB1-F335FC148C7F}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{1AE70124-DBCB-4DCC-B880-CF6FA6306D86}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\assassins creed\assassinscreed_game.exe |
"{1B914FB4-E2E2-476A-BDA1-5A96A5C70F11}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{1B9FD9EC-217B-489D-9029-38AEAB45CF56}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{1BF79AD3-58AB-4191-B99C-2FA7759214FF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{1C597ED6-7176-47D1-A739-FB9DE9F01D79}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{1CAFE669-AA8F-4CC1-A374-01FBC577D3CD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{1D0C8A5C-36F4-4831-B5BB-360C9EE36DF4}" = protocol=17 | dir=in | app=c:\users\aaron long\appdata\roaming\dropbox\bin\dropbox.exe |
"{1D4F574E-D8B6-4D1F-A823-42D7200E6282}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops rcon\blackopsrcon.exe |
"{1D5CCC97-1D77-44BB-8279-E90CDC4F67E0}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\spacechem\spacechem.exe |
"{1D66AEF5-166C-4584-9D5F-F46FEB29C64C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age of empires online\aoeonline.exe |
"{1D9C580F-1C49-474B-8F99-A22425D1945A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{1DA3F52E-2B69-41BD-8D31-1CB1838FBACC}" = protocol=6 | dir=in | app=c:\users\aaron long\appdata\local\apps\2.0\6t5m4a6y.8gr\jrbphbw3.9tt\curs..tion_9e9e83ddf3ed3ead_0005.0001_31b318dc2771b66c\curseclient.exe |
"{1DB73BB7-2CC9-43E2-A41F-BA65CB495B8E}" = protocol=17 | dir=in | app=c:\program files (x86)\farming simulator 2013\farmingsimulator2013.exe |
"{1EF0A6C5-7884-478D-98FF-709AD261902E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1F087F49-CDD2-4A3D-9ADF-9AD4FB45C422}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{1F4AE5F5-AA8E-431E-9134-0C0F6F95D2C1}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{1F8360BB-6672-40C5-896B-30C816821A1F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1FB8DA06-4F1F-45C5-8EB4-4F55829517D8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mount & blade with fire and sword\mb_wfas.exe |
"{1FBA4984-2969-4FD3-BB87-DA937F056B79}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stronghold3\bin\win32_release\mapeditor.exe |
"{20E45BC6-788D-4C17-AF5B-FEC5889D21E2}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\far cry 2\bin\fc2serverlauncher.exe |
"{21E1C0AB-683C-4512-AB1C-7E35AB71C67C}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\the sims medieval\game\bin\tsm.exe |
"{223962C0-F2E5-4C71-92AD-4CABC7ED358C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\space pirates and zombies\spazgame.exe |
"{224F44DE-DE78-454A-923E-0A8294D21156}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{240EC2B8-4611-46D4-B9D2-91570CBC56B3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\waves demo\binaries\win32\waves.exe |
"{24A65ECE-C22B-4F44-B30B-EE60B14D5300}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe |
"{24B74DBE-F5CB-497D-88E6-2550B9883F9B}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{24EB588D-090B-4473-A18D-A5FC3A83D5EF}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\far cry 2\bin\fc2editor.exe |
"{25189B58-EAEA-45BF-80CB-E0C0D29C9615}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\x3 terran conflict\x3ap.exe |
"{2564C3C1-DC4C-4764-9D0B-1FE6100014D9}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\assassinscreed3.exe |
"{261D77A1-4324-4736-9CAD-19F828E46C8F}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\assassins creed brotherhood\acbsp.exe |
"{26438A79-198A-4072-8940-5CED9FF9E598}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{267953F4-0E5C-408B-BF28-9712D1A833D3}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe |
"{2698AA7D-9C6E-42B4-B9DA-BA6E8987F4E6}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\overlord ii\config.exe |
"{26BB7841-E3AD-4098-8B9F-8966EA446BAF}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\bastion\bastion.exe |
"{27CAE2CA-E0D0-483B-BBF2-A38CC242EDD7}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrsp.exe |
"{28D54CE2-13A1-4D6A-A7AA-B4377BB6AB26}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\oblivion\oblivionlauncher.exe |
"{28F4CC8C-0866-4B5B-9048-156D6C4C4A58}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{2952DC68-076D-4526-A210-4878321A6C54}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 1000 j110 series\bin\usbsetup.exe |
"{297DBF42-6843-43DE-99DA-634B0C865170}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{2AE3B1EF-2227-4A9D-B907-957363B8193C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\frozen synapse\frozensynapse.exe |
"{2B65BA15-273E-4769-8BCD-1BE1C901250B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\x3 - reunion\x3_reunion_quickstart.pdf |
"{2B8597CC-C900-4070-BD06-3AF02AC552D8}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\far cry 2\bin\fc2serverlauncher.exe |
"{2BCCB8ED-7E67-4FA2-ABA7-C46B6C61084A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stronghold3\bin\win32_release\mapeditor.exe |
"{2C2BB87A-F90C-4DE4-A2CA-A9D33B1DFD4B}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{2C480DCE-CF9F-4F92-946C-9532DA978D8E}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\assassin's creed 2\assassinscreediigame.exe |
"{2C843BAB-F2EF-4EC9-AE1A-2D41CC773194}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\medal of honor\support\ea help\electronic_arts_technical_support.htm |
"{2ED3EE7D-E3C6-4381-AF7D-4DF890136B83}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\darksouls.exe |
"{2F770962-6ECF-44ED-B4A7-EE8A7E9637D3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\simcity 4 deluxe\support\ea help\electronic_arts_technical_support.htm |
"{305A3D7A-8AB0-4210-95FE-C00C128AFC5D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\snapshot\snapshot.exe |
"{307594B7-ADD8-4110-88AB-C76005E95CB8}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\medal of honor\mp\mohmpgame.exe |
"{31B4D989-A150-4D2E-B263-FF3C75F8D378}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{32192151-F492-4659-929A-B72734F4BCD7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magic 2012 demo\magic_2012.exe |
"{32C5C645-B6C1-4E7E-8165-B39FDADBD6B8}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\cogs\cogs.exe |
"{34B4ABA1-E46A-43FD-B4E6-575823ABED51}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout 3 goty\falloutlauncher.exe |
"{35E45215-6367-4BCB-81C8-F4DEB954F61A}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\dragon age ii\bin_ship\dragonage2.exe |
"{35FF9658-9F17-4130-83B3-47ACE66E8FD1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\super meat boy\supermeatboy.exe |
"{362379EA-FD5F-4455-A21A-170821571012}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{366E1188-71F9-49FB-83F1-6D29D8764AAD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{38E44B8B-2B67-49DD-83FC-1700FB98B6EE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\solar 2\solar2.exe |
"{392D08CE-27CB-4714-BA95-255FF56A7744}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\dragon age ii\dragonage2launcher.exe |
"{39CAC31E-641E-4366-BF3D-15D179CB9580}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\x3 terran conflict\x3ap.exe |
"{3A603DAB-250A-4028-82F6-0E259ED2A1C7}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\x3 - reunion\x3.exe |
"{3ACF3867-AC5D-4A47-989A-91DA0F6BDB55}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 2\bin\fc2serverlauncher.exe |
"{3B651EB1-5148-438E-ABE3-E740AE8D5D74}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{3B871008-E9D9-4951-9374-3FF8CE657A55}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{3BB498D8-6BE1-4F2B-84F0-5F784659606B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magic 2013\dotp_d13.exe |
"{3C60CC5B-D075-4197-88E2-57074EB4310F}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\need for speed shift 2\support\ea help\electronic_arts_technical_support.htm |
"{3CA37D77-71E0-4AA8-B9D2-27D062E5D909}" = protocol=17 | dir=in | app=c:\program files (x86)\8ballclub\gamedirector.exe |
"{3D8F6E09-0434-4BBA-BA9F-D2AB4DFDA111}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brink\brink.exe |
"{3F51AE79-9EE2-4BC5-B539-7D899C0BB75A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{3F7C62C9-A027-4B64-A22D-831003EF9B0F}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\ac3sp.exe |
"{3FB96649-5107-4113-B420-017E6E388202}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\dragon age ii\dragonage2launcher.exe |
"{40252E0B-3A5F-4B2E-9247-3062FA8530A0}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\ac3mp.exe |
"{409ECD36-CA7A-4DCD-88F6-5A784B84ACCE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ridge racer unbounded demo\rru_demo.exe |
"{4167C70C-BFC4-476A-B598-44BC51103B7E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\creationkit.exe |
"{4215973C-8705-44A3-9D1D-3E33D5AC46EB}" = dir=in | app=c:\users\aaron long\documents\the war z\warz.exe |
"{4265469F-895B-4867-807F-FEAEEBD96773}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\medal of honor\binaries\moh.exe |
"{427E9CFE-898E-4599-8459-B346AD0AD724}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\dxhrml\dxhrml.exe |
"{437DB121-C746-476F-91C4-51E417F94097}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 test\dota.exe |
"{43F178B6-E22C-4C84-B51E-7BFF81D9A24D}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{4439A45D-A1CC-426D-847E-08F7ADAAF498}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hacker evolution duality\hacker evolution duality.exe |
"{44E9A13A-86B7-41C9-9E9B-9B13AE6B4B34}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{45AE897F-1BB1-4B3E-93C2-E4CD032FC2B8}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe |
"{45BF3117-938A-4E47-86A9-1C7215434119}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\a game of dwarves\a game of dwarves.exe |
"{45C6A3F2-C6F5-4F5C-B5A2-684EC10DB052}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\need for speed™ most wanted\nfs13.exe |
"{45E6C481-BCCC-4F2D-A7AC-64299189D2B1}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{45FC1E56-93CE-4A2E-82B3-99204C453D05}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{467C9FE4-A309-4F45-8BC9-92B520D94A26}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\magic the gathering dotp 2012\magic_2012.exe |
"{46CCD197-C3B8-477C-818E-7F8529DE854A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\creationkit.exe |
"{470403E1-1B86-41F6-B9AF-9DA1D5238494}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\trine 2\trine2_launcher.exe |
"{47A25FEE-1D62-45F9-A408-D68236A417F5}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{47B4F237-DE3F-43BE-ACEF-798770F855C8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\beathazard.exe |
"{47DFAC6D-CA0F-4193-8113-E6499F3BCC28}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\need for speed shift\shift.exe |
"{47EACB4B-50C9-45BF-893F-DB9B3D41C67E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cities xl 2011\citiesxl_2011.exe |
"{48309F87-44E8-4137-9580-132E3110BF8D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\flyn demo\source\flyn.exe |
"{483EBB35-EF33-4518-9750-3FB21A6689DB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{489815E9-D963-4894-BDF2-C39737023A43}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\wizorb\wizorb.exe |
"{49CEAF2D-5129-431A-9FEB-2D26F9C6EEE7}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\solar 2\solar2.exe |
"{4A86720F-C92B-4DEB-ADF2-EE0EFF9140F9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sins of a solar empire rebellion\sins of a solar empire rebellion.exe |
"{4BF80A14-DEC0-46FF-A6DF-AC181B50F39D}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\fable 3\fablelauncher.exe |
"{4C2157CE-414C-478C-8F4A-87BD60E4DE28}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gratuitous space battles\gsb.exe |
"{4CA35190-9E05-469E-9BBD-B5CD0A57E2E9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\darksouls.exe |
"{4D277DE5-FA7B-4111-A421-4D3F24FCF0AC}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\overlord ii\overlord2.exe |
"{4D4B7231-C728-40BF-B275-1AD6647F1E25}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeons of dredmor\dungeons of dredmor.exe |
"{4D51AD9B-4B32-4792-BFEC-37F63B1A2F37}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\orcs must die!\build\release\orcsmustdie.exe |
"{4D636680-26AD-452B-8AF1-334B6C0BE30D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sins of a solar empire trinity\sins of a solar empire.exe |
"{4D9AB0B9-AFCF-4773-814A-76A4C36CF146}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\dead island\deadislandgame.exe |
"{4DAFE513-D2F7-4E98-B297-FD4C56939B91}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{4DFF50AC-A98D-4541-8229-B68E5884B6D0}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{4EC64C1C-704A-4CF7-A7EE-12EE980E7CFB}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe |
"{4FA1B5EB-FD2D-4817-A79C-242438AEE587}" = protocol=17 | dir=in | app=c:\users\aaron long\appdata\roaming\spotify\spotify.exe |
"{5044D5A1-CE77-467D-8945-8557C8FCCBB5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe |
"{50864138-DDF7-439B-B3B3-E900696ACC59}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\universe sandbox\universe sandbox.exe |
"{50BC1C9C-F7B3-4E62-9F48-81133539A65D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trine 2\trine2_launcher.exe |
"{50D88F56-234E-4B90-B342-D243AFFCEA7C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\space pirates and zombies\spazgame.exe |
"{5193573A-9F88-4867-BA0A-57FAC6EEB087}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trine 2\trine2_launcher.exe |
"{523CA2FE-42AF-4480-B90D-1582415EF06B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\defensegridtheawakening\defensegrid.exe |
"{53D89AB8-EB2F-48F1-B120-2A3919FA77FB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{53F14F2D-8027-4D5A-9D42-0A2DB2B1A423}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{54990045-F3BC-4704-BD10-1159736F9312}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{555B5DCE-699A-4F5E-99C3-3428CCD2A156}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{55DCDF18-3371-404B-975E-7248B2D8EB07}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ftl faster than light\ftlgame.exe |
"{56242C04-794A-47B6-9926-24FA31960FBD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{566D44B4-5FD6-4756-8C8E-1B3481BEA378}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{56BEC33D-650C-42A3-80FC-8BE888FB1F84}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{56C654E1-F6F6-4733-917B-E0E6DB271B7A}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\overlord ii\config.exe |
"{56E99D9E-33BC-4484-8491-7F699982EB45}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\far cry 2\bin\fc2benchmarktool.exe |
"{576E990B-575A-4CC3-B3ED-DAF360CDD531}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{57A16241-6167-48B4-A484-4E2CD056D93C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\x3 - reunion\x3_reunion_quickstart.pdf |
"{58161F02-E1DF-4358-8F05-3C202D15BB36}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\x3 terran conflict\x3ap.exe |
"{584FCFB7-D2A1-4949-86E3-F7DA386F833C}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\call of duty black ops\blackops.exe |
"{58E31537-8E52-421B-B12F-01E707036FB3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sega classics\segagenesisclassics.exe |
"{596226CE-B5EF-40C2-A907-FDE21F13FEA6}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\need for speed shift 2\shift2u.exe |
"{59B4930D-0573-4077-A06D-41A421D19239}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\the sims medieval\game\bin\tsm.exe |
"{59BC73FA-466C-42DB-8533-3C50F9B2AC14}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{5AD5333F-5579-4013-BCCF-8FD586EB40BF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\toy soldiers\gamesw.exe |
"{5C4D855F-E33E-4AEB-B561-435F4B7C3E7E}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe |
"{5C8A43C2-4C32-495F-8D50-A9A2A42ACD04}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mountblade warband\mb_warband.exe |
"{5D1D4D3E-5A0A-4E59-9BDB-B3DFF0EEF1D3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe |
"{5DA39393-3AD0-4A0E-AC46-E75502E4F0F5}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5DB14201-3233-4184-BE6A-944D7543AC8E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\simcity 4 deluxe\apps\simcity 4.exe |
"{5DF4025F-6AD9-463C-9DFD-012E1F1C3EE1}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{5E0CAD29-93F5-49C8-8B86-859449E5321C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\super house of dead ninjas\shodn.exe |
"{6013E8D8-B928-4FD3-A39E-55305A3F8684}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{61501F7F-0ACD-4EB4-9056-CBD8B2703CA7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sega classics\segagenesisclassics.exe |
"{61D8A944-F147-4470-B687-447C2C8F7D04}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\cogs\cogs.exe |
"{62E3FD40-AF12-4AEF-903F-CD444C96442F}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\the sims medieval\support\ea help\electronic_arts_technical_support.htm |
"{636EBC63-A4C4-48B7-80DA-4185C2218305}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\mafia ii\pc\mafia2.exe |
"{63B941A7-63F2-40EF-B70B-9ED4E07CA402}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird.exe |
"{63C5016B-E1FC-4075-987A-48630E524494}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{63FEA589-929F-4E61-B93B-7A6ABEE7D96E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\toy soldiers\gamesw.exe |
"{6437696F-471E-4394-8422-F611B89283EA}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{648D60B9-C2B8-4E58-9E80-FC998B2DA716}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{64A0A6AB-E696-4FBB-9381-6597D3421A3A}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{64DE50E1-DAE7-4E28-9827-3F2B284CF48A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird.exe |
"{654DB3B2-35AE-4DC3-908D-CB26899E15A6}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{65AF8A93-CB12-47DB-B1D2-B6F6594ECE0C}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\bastion\bastion.exe |
"{663515A9-2ACF-4F54-BF3C-22723FCF8F74}" = protocol=1 | dir=out | [email protected],-28544 |
"{671EFC71-BBFD-48B9-93CC-682C18A6D149}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\dead island\deadislandgame.exe |
"{677070A3-2814-47DD-BC87-2E9E07754760}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sins of a solar empire rebellion\sins of a solar empire rebellion.exe |
"{68A6FFE4-F2CF-4F6F-9EFC-7AF3BD157CDF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\virtua tennis 2009\config.exe |
"{69413E98-26F6-4CD4-A20D-8960803F3134}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe |
"{69971E92-E9FC-4210-B82C-A9CDBF641DE8}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\trine 2\trine2_launcher.exe |
"{69BDD624-3C7D-44BD-833B-006F81E9955F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{6A268672-E259-47A4-93BB-D9FFB5DDBD40}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\from dust\from_dust.exe |
"{6AEFC208-2A1E-4B05-B4F0-E1DC5F01E2E1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ftl faster than light\ftlgame.exe |
"{6B342666-2F75-4BE5-BC15-1E8F72959F8F}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\simcity closed beta\simcity\simcity.exe |
"{6CD47C0B-7DB4-4C14-BF27-769423EA87A0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\scribblenauts\scribble.exe |
"{6CEC2C01-ECDF-47CF-83BE-4F3A798779A7}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\trauma\trauma.exe |
"{6DF4AB0E-7DA0-4B68-96A7-0959A28C6096}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\assassins creed brotherhood\acbsp.exe |
"{6EE0627D-1C0D-47C1-978A-42FA3101797E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"{6EE5B710-5166-4C64-89BF-4D166FC4FA3D}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\x3 - reunion\x3_reunion_quickstart.pdf |
"{6F4DF93A-52C8-45D4-8E8F-EA3194A0746F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magic 2012 demo\magic_2012.exe |
"{701A8B23-9187-473C-A34D-05FB4A9EA792}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\super meat boy\supermeatboy.exe |
"{708B5D19-5301-42C0-AAA2-A4C91340156C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cities xl 2011\citiesxl.exe |
"{73165B9A-2389-4231-8A6B-B3986FE16C7B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\universe sandbox\universe sandbox.exe |
"{736614AD-7BFC-465B-B01E-D93D57679C39}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\anno 2070\anno5.exe |
"{73E1D55A-8D8B-4A66-9B2B-8C1AE71DAA42}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\dawn of war 2\dow2.exe |
"{73F8B2A5-BA73-40EC-AA87-673A81B4AF00}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{74111B7D-F2EC-4EE7-8EA8-B45D1E89BED7}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{7501E59A-03E2-41DF-B1B1-8FB024D0F663}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\medal of honor\support\ea help\electronic_arts_technical_support.htm |
"{754CA11B-EC5B-4F4D-A31E-BEC4392F6FEA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 2\bin\fc2editor.exe |
"{76396947-346C-44BE-883D-721D22620BA1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magicka\magicka.exe |
"{767AA3B0-4618-466F-A3DA-4E3B7C29775B}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\assassin's creed 2\assassinscreediigame.exe |
"{779A1162-F469-44FF-9038-676993D6DD9D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{77AACF1A-462C-4CF8-9F56-CBD0144956C0}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\magic the gathering dotp 2012\magic_2012.exe |
"{78450AB6-E147-432C-8C9F-08184A3A6BB0}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{78DD7385-BA87-4D67-9476-69788EB58C41}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{791DC652-534F-4A03-A3D1-D5AA545B28A7}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{795AE85F-8B8A-462B-8A06-7BD2F99FAA51}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{7992D4B8-A39D-4C13-90E3-966547F8021C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{79A81C53-1ACF-45A4-A924-C1707FCCA86E}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\medal of honor\mp\mohmpgame.exe |
"{7A01AE58-DDB9-4ACF-9FF5-B9E7554D0B58}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\waves\binaries\win32\waves.exe |
"{7A18F265-8335-47A9-99EA-A7942B3E981E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\assassins creed brotherhood\acbsp.exe |
"{7A218545-6A3C-443A-9020-3A464988901F}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\from dust\from_dust.exe |
"{7AF7A17C-5ED9-4A4A-B509-A5DC96B12EEF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\runme.exe |
"{7B0A5C3E-0F5D-4E58-A77D-066BA4D6DF3E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\adventures of shuggy\shuggy.exe |
"{7B82B79F-24FB-4C84-BD35-0EA57B688BEE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\towns\towns.exe |
"{7C20E53D-4B27-4D20-BD14-88270F296E73}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops rcon\blackopsrcon.exe |
"{7C9F8071-0B67-49A0-90CC-F0C0CDB5F86E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age of empires online\aoeonline.exe |
"{7CF4B352-C4EB-4084-81F3-45432FD3DEE8}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{7E175795-CF40-4D5A-A742-E184B0588343}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dwarfs\dwarfs.exe |
"{7F1A1712-9F4F-464B-8CA9-50965AE737BF}" = protocol=17 | dir=in | app=c:\users\aaron long\appdata\local\apps\2.0\6t5m4a6y.8gr\jrbphbw3.9tt\curs..tion_9e9e83ddf3ed3ead_0005.0001_f98d05d4713e76ec\curseclient.exe |
"{800908CB-62F8-415F-A3A3-C35286A91F9E}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{80722018-9D1E-4B47-84A5-B5EA5AC7D768}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe |
"{81016BFE-5787-4556-900A-60B4DE3513B3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cities xl\runme.exe |
"{812381C5-C06B-4F26-9CB1-5917C1F43E81}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\ac3mp.exe |
"{8159D80A-614C-4E5E-9679-8794DF81099D}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{816ADABD-18C3-4A3B-AB5A-69EB3D3F75FA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 2\bin\fc2benchmarktool.exe |
"{8367AA56-9DA0-47B2-8D9F-68EAF6690BCE}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\solar 2\solar2.exe |
"{83A95BEB-7748-41C3-8A1A-1CC7F6CB9A60}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\assassins creed brotherhood\acbsp.exe |
"{8456BB18-886B-47CD-86CA-DBCDF6E4DB64}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\the sims medieval\support\ea help\electronic_arts_technical_support.htm |
"{846B8E9A-571A-42D4-96B0-627935408C34}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\thief deadly shadows\system\runme.exe |
"{84899084-FB97-4B0B-989A-53AB17C6CFBA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe |
"{8540E4ED-EDE4-4822-BACC-376E082458F8}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{85890F06-EA0A-44BB-8273-79A1F94FD6E5}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{86187980-3950-4BED-9AB4-EED7C2AB042A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gratuitous space battles\gsb.exe |
"{86B2887C-9ED5-4748-A405-F43ACC2C85A4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\super house of dead ninjas\shodn.exe |
"{86C3CFE0-EB1F-4666-9E85-E7BD875C54BC}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\red faction guerrilla\rfg_launcher.exe |
"{86E0C599-A5F1-4507-B1CB-D5E9B46135BF}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{870A5995-1A5E-431F-976F-2CA12EAC0917}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"{88F22DD1-6E83-4CDD-B937-0A4D486494F4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sins of a solar empire trinity\sins of a solar empire entrenchment.exe |
"{88F871C0-8FAC-4ABD-A2FB-BA8D8869F8D2}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\need for speed™ most wanted\nfs13.exe |
"{891CBB73-CFF8-415E-A0FC-1114E3C1BEA7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dwarfs\dwarfs.exe |
"{89A5CCA7-1073-48BE-B17F-553CD069F92C}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{8A109946-5DC7-4462-BA23-8DEE6BC49C76}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{8BBF4DBC-8441-4163-AC4A-408353C8F96A}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\mass effect 3\binaries\win32\masseffect3.exe |
"{8C8BB532-0C63-40D6-BC85-48D6233DE972}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\need for speed shift\support\ea help\electronic_arts_technical_support.htm |
"{8D272F78-19AF-47CD-A70D-B4B997B3406A}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\brink\brink.exe |
"{8D7E218B-9EB2-420F-B701-DE5990E3D7D3}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\simcity\simcity\simcity.exe |
"{8E6DFBC0-200C-43A1-A560-C54F3BC0DC3B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\toy soldiers\game.exe |
"{8E74966E-A277-4228-A355-0F88B51E4861}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\king arthur - the role-playing wargame\kingarthur.exe |
"{8E967D6C-820E-4984-8CE9-DF3F63B8385E}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\sid meier's civilization iv\civilization4.exe |
"{8FB4E56B-E435-4A39-9B0C-EEEC918BFD76}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\snapshot\snapshot.exe |
"{902FAFF7-5271-46C7-B50F-EB6B08F620B0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 2\bin\farcry2.exe |
"{915254AB-7C4F-4C02-952A-7AC0E1353266}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe |
"{91FDDBB4-151E-49DF-AB2A-EB978E923B85}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\simcity\simcity\simcity.exe |
"{923AA2E8-57EE-427D-BDA7-FCD7706587BF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{9245F083-D9F8-4D6F-86E6-BBCA2ED5A53D}" = protocol=6 | dir=in | app=e:\program files\world of warcraft\launcher.exe |
"{92860819-F523-4AE1-9664-5B24A98323FA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{934E9360-39C9-45DB-ADC0-BA2BF6FA17EC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\x3 - reunion\x3.exe |
"{93BEBF8D-A3EF-4EE4-B445-D7C4B5D3574A}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\need for speed shift\shift.exe |
"{9461CC00-786F-481A-A335-A02E14941A24}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{94737D19-75CC-49F2-9692-FAA6C1707EA3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\civ_v_xp_demo\launcher.exe |
"{9495A6E5-C3E1-495C-AF67-5216D838C6CF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\need for speed shift 2\shift2u.exe |
"{95367E00-2E7B-44B1-B20B-B63783BB19D1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{95497BAA-103F-497B-BCEC-1127D5413ED3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\anno 2070\anno5.exe |
"{961A5063-8C4B-4830-B75A-050AC2BD7812}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{9735D2FA-7449-486B-9201-04767C528FA0}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{983190F1-6E7F-480D-9556-CAAE6FF03184}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{98ADB225-648E-43C9-BF2F-874F0B126A07}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{9BFCC60C-2F42-453E-8884-B278369EF586}" = dir=in | app=c:\program files (x86)\ispeed\ispeed.exe |
"{9C5EBB47-8F3B-4933-A599-F77BF3038BAF}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{A01AAFB6-1A34-4B17-9C93-B4484B0FB8C5}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\simcity closed beta 2\simcity\simcity.exe |
"{A04CCFD3-E95A-48A4-8A3D-BA9614226124}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{A072BEAA-4A01-4C86-88EF-B7BD63535700}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{A138507D-791C-44BE-901A-893BDE3A29CA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\king arthur - the role-playing wargame\kingarthurmulti.exe |
"{A28EE997-BEEF-46C9-AD92-472B840086F9}" = protocol=6 | dir=in | app=c:\program files (x86)\farming simulator 2013\farmingsimulator2013.exe |
"{A2E17FC9-E388-47D5-8F96-7299D8B18844}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hitman absolution\hma.exe |
"{A3AECDCD-C4FC-4E3C-A91A-5A858CEF78D0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead island\deadislandgame.exe |
"{A43E480E-072C-49DC-AE71-54DE13969650}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\need for speed shift 2\shift2u.exe |
"{A4438CF7-8A77-4250-A070-B79D1CD5D0EA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sleepingdogs\hkship.exe |
"{A48DE78A-9206-4A20-8543-12AB9C272FEE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe |
"{A4F62766-12E9-446B-BA3E-820466C19436}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\need for speed shift 2\support\ea help\electronic_arts_technical_support.htm |
"{A545FF6B-3D1E-49A9-826F-55BE66E57CB3}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\mafia ii\pc\mafia2.exe |
"{A57FC514-597B-49F6-B53B-4897AF41AD1A}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\crayon physics deluxe\launcher.exe |
"{A6665126-5D34-42D1-8F16-EBC5D6940614}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\need for speed shift 2\shift2u.exe |
"{A6D9C7C2-6635-4369-9F33-2B2AB83F7341}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{A792041E-AE33-42A6-B0E5-C3A54D8147E6}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\dxhrml\dxhrml.exe |
"{A7A14D62-0273-4D8C-894B-31A8F9448F58}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\oblivion\oblivionlauncher.exe |
"{A7D6ED01-9D51-4C8E-9AFE-EE5A11646DF1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\fc3updatersteam.exe |
"{A7D9703F-DABD-49F9-A40E-26341F1AA89B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"{A8430838-7970-404A-AC04-1BCBB7CE5065}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\agricultural simulator 2011\farm.exe |
"{AA486609-E40E-4978-BD2C-660B57035941}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{AA759CDD-2FEA-4838-BB87-3C904A3EE59A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ai war fleet command\aiwar.exe |
"{AA9D45B9-B22D-4B43-BC22-C5F1ABA0D4E1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AABD8EF9-0D1B-4FBB-AAE7-A58A02B45A1D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sins of a solar empire trinity\sins of a solar empire.exe |
"{AAD43134-8978-4F9F-8590-8211BEADE592}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{AB616709-4FB7-477E-918C-EE9B79344E1E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\waves\binaries\win32\waves.exe |
"{AB896787-A741-4A68-9DB2-D326198EF107}" = protocol=17 | dir=in | app=c:\users\aaron long\appdata\local\apps\2.0\6t5m4a6y.8gr\jrbphbw3.9tt\curs..tion_9e9e83ddf3ed3ead_0005.0001_31b318dc2771b66c\curseclient.exe |
"{AB8D8E12-0424-4872-A573-54F22374A0AC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\closure\closure.exe |
"{AB9C8A64-C289-47E4-9C55-6A21B2186AE3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 test\dota.exe |
"{AC8092A3-15E2-44AB-826F-3486510DAE73}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\trine\trine_launcher.exe |
"{AD3C36AB-5941-4C38-B120-5023ADB031A4}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\far cry 2\bin\farcry2.exe |
"{AD432CB5-A91C-40B5-95C8-AC030B190540}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{AD85BC23-2F70-4656-BADA-1CDB2B76C630}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bastion\bastion.exe |
"{AD978652-93C9-4F91-9060-2E1E96EFAD0E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\king arthur - the role-playing wargame\kingarthurmulti.exe |
"{AE292383-FE1A-4556-A47E-66893BB1D026}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\magic 2012 demo\magic_2012.exe |
"{AF00E331-FCF9-4F23-85CC-107B05B6987E}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\magicka\magicka.exe |
"{AF6105F3-C5B6-484F-9FEA-01D568A2523D}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\orcs must die!\build\release\orcsmustdie.exe |
"{AFC4FF29-0935-4EF4-AB47-0D377CD097B4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\game_launcher.exe |
"{B043833C-A19D-4D2C-B422-821F4F26CE88}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ridge racer unbounded demo\rru_demo.exe |
"{B1594013-CA04-4E88-8C5D-14E3EFD19BE1}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B221FB3E-6E1C-4BAA-B439-1E421640A047}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\mass effect 3\binaries\win32\masseffect3.exe |
"{B28A553D-75FE-4F2D-832D-E07420C20871}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\fallennerd\source sdk base 2007\hl2.exe |
"{B31C98E3-0CFC-4354-BF4A-53C5A1298912}" = protocol=6 | dir=in | app=e:\program files\steam\steam.exe |
"{B31CEBEF-D40D-4749-9D48-E93D43FC4EB4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\men of war assault squad\mow_assault_squad.exe |
"{B3F9F146-FEEB-4815-BE68-DB788E9D555D}" = protocol=6 | dir=in | app=c:\program files (x86)\farming simulator 2013\farmingsimulator2013game.exe |
"{B4769380-656B-485E-957B-89AE6A29ECD7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B47CC750-3200-4CDC-8A89-37996931222D}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\need for speed shift 2\support\ea help\electronic_arts_technical_support.htm |
"{B5818335-0353-4171-9C4B-16E12D06714C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\defensegridtheawakening\defensegrid.exe |
"{B583ECA1-8690-49F4-A3BB-2B13B47BB78F}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{B6C61D7C-B816-482B-9F64-DBB6024A02F7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\need for speed shift 2\support\ea help\electronic_arts_technical_support.htm |
"{B6D05A70-391D-4F25-A474-F4EEC9B5F3CE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3.exe |
"{B7B85897-D6C5-40BE-B542-FA83AD111CC0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B7D73BE9-44A4-402D-93EC-C4245B48E6AC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\thief deadly shadows\system\runme.exe |
"{B7DAFBA0-5F13-4AE0-B20E-7C307DFD179A}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\waves\binaries\win32\waves.exe |
"{B7EA50B4-9BC6-45B1-B683-81DDBCB64A6A}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\assassins creed\assassinscreed_game.exe |
"{B7EC301F-4E2A-4740-A3F1-FE6F73D17EDE}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\x3 terran conflict\x3tc.exe |
"{B85DE572-57C5-4895-B53F-8F6020A6A4FB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sins of a solar empire trinity\sins of a solar empire entrenchment.exe |
"{B8915A97-AB38-4C3A-8352-18ECDABE7268}" = protocol=17 | dir=in | app=e:\program files\steam\steam.exe |
"{B8B3FE8C-3447-4D42-9D7D-2898CA0BBAA1}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{B9840C1A-4C30-467F-B585-A0E4620E70E1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\flyn demo\source\flyn.exe |
"{BA172FE4-CF05-4B1E-9DB4-0A2A148AD6DA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bastion\bastion.exe |
"{BC2A38D2-754A-4956-836C-09EB980C1E64}" = protocol=17 | dir=in | app=c:\program files (x86)\farming simulator 2013\farmingsimulator2013game.exe |
"{BD313A04-223E-4BE6-AC52-08CE24DDB4C5}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{BD4207A9-B97F-499C-AE2A-192745357235}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\toy soldiers\game.exe |
"{BE990D8D-54D4-49F2-88D5-310D75BE537C}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\far cry 2\bin\fc2benchmarktool.exe |
"{BF83337B-5B96-458F-9181-90429B1D8B60}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\snuggle truck\snuggle truck.exe |
"{BFCC5E93-2D8B-4A83-9D29-A2B62A662743}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{C02F93B8-83F4-4560-B780-7934A583A75D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 2\bin\fc2editor.exe |
"{C0F006AC-1157-402D-ADA9-B6BA1840C77C}" = protocol=6 | dir=in | app=c:\users\aaron long\appdata\roaming\spotify\spotify.exe |
"{C1165EDA-7E5C-49C8-B017-CC8A9A932E79}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\defensegridtheawakening\defensegrid.exe |
"{C1EC0271-EAB2-4493-A739-6449AFFB83CF}" = protocol=17 | dir=in | app=e:\program files\steam\steam.exe |
"{C29ACD15-4B90-4DD8-B08F-DF9333C0034F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ai war fleet command\aiwar.exe |
"{C2F8C800-4570-4893-9A4B-79D064BC5D8E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sins of a solar empire trinity\sins of a solar empire diplomacy.exe |
"{C3499530-4BE9-4E50-9146-591B124E810E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{C35302F7-0F1C-4ED8-AB13-F999E2E89E74}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{C3C68A4A-CA6C-431C-807F-7AB70447C23B}" = protocol=17 | dir=in | app=e:\program files\world of warcraft\launcher.exe |
"{C465F68B-8A82-4DC3-B78D-DA9AC019C864}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cities xl\runme.exe |
"{C47853D8-9D3A-461E-8987-1BF5BEC00D5A}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\sid meier's civilization iv\civilization4.exe |
"{C4C702C2-DEFA-4D2A-8DE2-8D53C58E04B9}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\trine\trine_launcher.exe |
"{C55138E4-66C1-4083-83D3-3A2BCF7A53D7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\medal of honor\support\ea help\electronic_arts_technical_support.htm |
"{C5E89597-47C0-4CA3-B6A3-DAF76484698D}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\spacechem\spacechem.exe |
"{C601F67A-5EA1-4ABF-A4CC-AEC184728F9D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead island\deadislandgame.exe |
"{C64070D1-413A-4502-AC2D-4C0BAB919F37}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{C65105ED-3B72-4C54-BFA5-1E8D1F136B01}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the binding of isaac\isaac.exe |
"{C6DB830A-E85B-406C-91F1-2F86F1734E6E}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\sonic generations\sonicgenerations.exe |
"{C777AB57-19CE-4F4E-A87C-8A3FBFDB899A}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{C858A195-3EA6-4ACE-8E33-B231AA4F5A2E}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{C8CD6760-3424-400A-970F-40F0B64D848F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C993F10F-1B47-41C6-869C-90751CE1A921}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 2\bin\fc2benchmarktool.exe |
"{C9B63053-381A-47E2-9DBA-6662486B24DA}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{C9BAC02B-0B80-4105-839E-7A97807201D8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cities xl 2011\citiesxl.exe |
"{CA33FB9C-28A3-487D-A6D6-71D08DFFF220}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"{CA39CC10-0E4C-4AF7-AE63-386549E3EDF2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\x3 terran conflict\x3tc.exe |
"{CA539B70-7D6E-48CE-9A15-858DEE7A5234}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrsp.exe |
"{CADB4341-BB17-4623-B65C-039609633B4F}" = protocol=58 | dir=out | [email protected],-28546 |
"{CB625522-BB1A-4E39-8412-80D6F87C23A1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sleepingdogs\hkship.exe |
"{CCF2235E-4055-4D12-9BE5-850639A4F51B}" = protocol=6 | dir=in | app=c:\program files (x86)\funcom\the secret world\clientpatcher.exe |
"{CD00B00C-0F08-44E0-9BB9-18B1BBDF77BC}" = protocol=6 | dir=in | app=e:\program files\steam\steam.exe |
"{CD26F249-A9C7-448D-AC71-A9D7C415019D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\maniaplanet_tmstadium\maniaplanetlauncher.exe |
"{CD7E848F-98F4-46B7-9F63-F3A9816E5194}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\x3 - reunion\x3_reunion_manual_steam_english.pdf |
"{CDF17569-1777-4F06-980B-39439B507BF3}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 1000 j110 series\bin\usbsetup.exe |
"{CE055FBB-A7F2-43B8-9106-CAA987C773AF}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\simcity closed beta\simcity\simcity.exe |
"{CEFBAB06-955A-4A2A-90A0-B198B3487D70}" = protocol=17 | dir=in | app=c:\users\aaron long\appdata\roaming\spotify\spotify.exe |
"{D045ED79-2872-4922-BC98-42B04EBA383D}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{D0DAC894-867C-4D78-A707-AAB519BC67A3}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\need for speed shift\support\ea help\electronic_arts_technical_support.htm |
"{D26A94F5-0B05-4241-AA45-52BA02225E02}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\wizorb\wizorb.exe |
"{D27E068D-AE06-4D22-90B7-18DAD68DCE79}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{D35DAAAF-D5EF-46B3-A0AE-C14E3BA1FD44}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\call of duty black ops\blackops.exe |
"{D3AFBF98-A076-4EF3-8C0D-602093C8774C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the banner saga factions\win32\the banner saga factions.exe |
"{D3E76781-3762-4C89-81DA-949F6652114C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\x3 terran conflict\x3tc.exe |
"{D40F068E-D3C8-4CD8-983E-78A0C382E5E0}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{D6F0ADAC-214B-47CE-BA1F-3036CB6CDB54}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\defensegridtheawakening\defensegrid.exe |
"{D97BE3E8-7AE9-46B8-B85B-7E938F55AB61}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\dragon age ii\bin_ship\dragonage2.exe |
"{DA412DBD-F835-4A00-A7AE-9ADCC403A8EC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hacker evolution duality\hacker evolution duality.exe |
"{DAE3A25A-C631-457E-8DA1-E86BBB72584D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stronghold3\bin\win32_release\stronghold3.exe |
"{DB15BDCF-0DC3-42D0-BA85-6697D4BC1003}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight\torchlight.exe |
"{DB5571B9-D23E-474E-8168-8EA27DB63DC3}" = protocol=6 | dir=in | app=c:\users\aaron long\appdata\roaming\spotify\spotify.exe |
"{DC16F3CE-D7DC-4EEE-9258-FE89C0C4844C}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\far cry 2\bin\farcry2.exe |
"{DCB43375-AFFA-4DEE-81E0-BEDCA3DA2161}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout 3 goty\falloutlauncher.exe |
"{DCCFC61B-77EC-4AE3-9A90-7ACFF01A88A3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{DCE840ED-17D9-4910-9655-945608F0ACD7}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\trauma\trauma.exe |
"{DDA131BB-6259-4B50-B348-AEDF4EFDE940}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3.exe |
"{DE310E32-4ED5-4318-B95A-DBC3BFC77587}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cortex command\cortex command.exe |
"{DE3323CC-5815-4435-A9BB-CBD924528567}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{DEFE7D3A-7B21-4B38-920A-D54EFF6E80E2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{DF741A61-606A-43A6-A4BF-4518E3D68FB7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\beathazard.exe |
"{E0C5125B-DF9C-4A72-806D-93BE9EAA6D93}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight\torchlight.exe |
"{E0C6235B-C1A3-4C94-A479-FCAA262D3798}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\medal of honor\support\ea help\electronic_arts_technical_support.htm |
"{E1A62E55-0BFF-4649-91D9-1E7D2C159EA8}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\red faction guerrilla\rfg_launcher.exe |
"{E20C163C-A58A-44E2-B66E-D17960DB1DC0}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\x3 terran conflict\x3tc.exe |
"{E24CAF2E-0D26-4183-AEF9-285582079B86}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{E37DCDE3-0CC3-42D7-A700-391B7DF521D1}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\ac3sp.exe |
"{E3B5E928-7D5E-4032-82F1-FFCB685E7169}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\brink\brink.exe |
"{E3C380C8-0AE9-498A-BF22-6E7C477CE3D4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\x3 - reunion\x3_reunion_manual_steam_english.pdf |
"{E4237FC9-A3AA-4E1D-9F7D-A769F59FCC32}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe |
"{E43E49D1-C956-43C0-9DE1-DCC094F0DD5D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sins of a solar empire trinity\sins of a solar empire diplomacy.exe |
"{E4CAF53F-5938-443D-9D6D-881760EEEE63}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\x3 - reunion\x3_reunion_manual_steam_english.pdf |
"{E541625B-E9C0-4DD8-87E5-0A86AE80552F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\assassins creed iii trailer\smp.exe |
"{E555A79A-8CF7-4F3E-A028-5A267D6E6881}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\medal of honor\binaries\moh.exe |
"{E55CB6E9-BD99-49A8-BCBE-0C77AC4304D2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\i am alive\src\system\iamalive_game.exe |
"{E585CCF5-3A0B-4C5A-A5A5-BCE1A7997A90}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\x3 - reunion\x3_reunion_quickstart.pdf |
"{E5C8B103-9B42-46EA-A000-F983EE75ED56}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cogs\cogs.exe |
"{E5D2EB5C-2097-4188-B6C7-7895EE872C4C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\waves demo\binaries\win32\waves.exe |
"{E69E0CEF-0C2B-4F9C-B76F-719C0F5FBF31}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{E6A2C6A7-2EB6-444F-ABBA-79FF20F3F6B5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brink\brink.exe |
"{E6D4C7D9-8121-4036-9413-D7C4963468A1}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\overlord ii\overlord2.exe |
"{E7445862-C301-4A81-BEE9-59582A0AB18B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\assassins creed iii trailer\smp.exe |
"{E75C4363-1AF4-4670-9151-536975C4B065}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\game_launcher.exe |
"{E78FD385-FE4F-4A4E-839E-64B2114F1427}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\virtua tennis 2009\virtua tennis 2009.exe |
"{E82CD4BC-A6F3-466E-B8D3-43CAC925FCE2}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\fable 3\fablelauncher.exe |
"{E85476BF-CCBE-4E8E-BC1C-138D1A260087}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\x3 - reunion\x3.exe |
"{E8C1597F-B64A-4370-9A15-1603359DE053}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\towns\towns.exe |
"{E9214D92-B03A-441C-9C37-B06AF100ECC2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tropico 4\tropico4.exe |
"{EA24A18E-3B48-4E5D-BA16-C525BC479A3C}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\sonic generations\sonicgenerations.exe |
"{EA2B7BD2-A70D-4548-9142-C5C6652E981B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mountblade warband\mb_warband.exe |
"{EA7AEA0A-33CD-41F6-9255-AAC7B42EF5DF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\scribblenauts\scribble.exe |
"{EB8A8934-0BE2-4E2B-A4FC-2E3AD77B6AE2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\king arthur - the role-playing wargame\kingarthur.exe |
"{EC8C3245-ED1F-4E5E-85CD-2FBE74856B35}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 2\bin\fc2serverlauncher.exe |
"{ED696A91-1677-49EB-90F9-CB6910EB13E5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the banner saga factions\win32\the banner saga factions.exe |
"{EDF65D91-AC94-44C5-99BE-CAF11620ADE6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tropico 4\tropico4.exe |
"{EE1A8948-2037-4365-B411-F51F854D2643}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\maniaplanet_tmstadium\maniaplanetlauncher.exe |
"{EF1CD9A1-889F-488E-B01F-042414211AAE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cortex command\cortex command.exe |
"{EF3801B1-FA45-465E-8C4A-95F296E6FF43}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\closure\closure.exe |
"{EF54C744-6150-4656-ABB7-B65835EB0304}" = protocol=1 | dir=in | [email protected],-28543 |
"{F060EBC3-A5A5-4463-B925-F2B563BDCFCB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\test drive unlimited 2\uplauncher.exe |
"{F1153343-C64F-46E0-BD89-1374AF0B7727}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cabela's hunting expedition\bin\csa2_main.exe |
"{F13B16B6-943A-4F36-ACCF-33AC13FC7EA7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{F2121829-5AC5-48B7-84B3-23E5B5E850FB}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\crayon physics deluxe\launcher.exe |
"{F3690E87-613D-4F02-ADA6-6DBCFF0DBF81}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{F3A3DCAE-31EE-4475-BF1A-618751E0880A}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe |
"{F3E8A057-799E-45CC-989A-7F93688BB547}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{F43613E4-B8D6-402E-89EE-5526CBD77BE9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\simcity 4 deluxe\support\ea help\electronic_arts_technical_support.htm |
"{F4C4EA10-E6B1-4033-BABA-A8A9ADD89E57}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\frozen synapse\frozensynapse.exe |
"{F5A60136-F72F-4824-BC62-B4A12DC82ADC}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\magicka\magicka.exe |
"{F5A78CEF-A433-4FE5-8347-CB3A8E51711A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F6000EFC-288F-458C-8D86-C683CFB5E411}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F60420C5-CA9C-4ADB-BF30-85187BCDE202}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{F6C27DDA-9649-4344-A722-5F1ADA1383EB}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{F72215DB-63E3-4EC0-862F-AE2CCE7AAAE7}" = protocol=17 | dir=in | app=c:\program files (x86)\funcom\the secret world\clientpatcher.exe |
"{F72D1336-3779-4B6E-98AE-375025794175}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\runme.exe |
"{F7F4ACE6-ACB9-4316-A90B-48BE2E1636E2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F82E8BBC-9992-4362-99B7-D47780BC7AC7}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\magic 2012 demo\magic_2012.exe |
"{F88FE966-DFF9-4DCA-AC41-F09A93E05272}" = protocol=17 | dir=in | app=c:\program files (x86)\end of nations beta\rtsclientg.exe |
"{F89B2E94-7FC9-497A-B1F0-BF562D86AAB2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\a game of dwarves\a game of dwarves.exe |
"{F8F0301F-16B9-405A-8395-84E0F4E63FE5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\x3 - reunion\x3_reunion_manual_steam_english.pdf |
"{F90042C4-EBE9-469F-B885-8E966729A359}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\waves\binaries\win32\waves.exe |
"{FA401303-909A-437A-9731-81213D9CB56B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mount & blade with fire and sword\mb_wfas.exe |
"{FA8E2F77-9DF5-43EF-8617-B2E9E8A5223A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{FAB3C71B-62B6-455A-8504-BAC30F912F6A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\x3 terran conflict\x3ap.exe |
"{FC5229DE-6488-4EEC-A36E-9790A59D1110}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\dead rising 2\deadrising2.exe |
"{FCCB1541-261F-4E7F-9B82-236BBB9BBF90}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{FCD432EE-92C9-46CE-86CC-5C5099598943}" = protocol=6 | dir=in | app=c:\program files (x86)\8ballclub\gamedirector.exe |
"{FD1B98AC-9B11-4FD0-905F-386B418D9ACE}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\dead rising 2\deadrising2.exe |
"{FD470D2D-897E-48A7-9050-A1A934A4B3EB}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\simcity closed beta 2\simcity\simcity.exe |
"{FE1F4311-686E-4FDD-97E7-21FA90CD5D82}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\sonic generations\configurationtool.exe |
"{FE917382-2498-4E30-BD07-32A91833150F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\adventures of shuggy\shuggy.exe |
"{FEBDE4F8-1509-448A-AD50-B7E09C433AF3}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{FECD9B34-A0A9-4107-9E34-C1A6ECFE6245}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\men of war assault squad\mow_assault_squad.exe |
"{FED5FAD1-5D34-47D9-B274-9E7833A85EC7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cities xl 2011\citiesxl_2011.exe |
"{FF5413EC-ED1A-4B42-9FFC-A47176568AC6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe |
"TCP Query User{03E8D28D-7FCD-4C9F-ABC6-3C169BB6706D}C:\users\aaron long\appdata\local\temp\hng\live\hng.exe" = protocol=6 | dir=in | app=c:\users\aaron long\appdata\local\temp\hng\live\hng.exe |
"TCP Query User{185E055E-3EFA-47A7-B780-488EE4292BE7}C:\program files (x86)\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe |
"TCP Query User{18776F69-2205-4891-902F-61C65D507DDC}C:\program files (x86)\steam\steamapps\common\test drive unlimited 2\testdrive2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\test drive unlimited 2\testdrive2.exe |
"TCP Query User{1AFBDA97-4951-44B8-91B8-FF8230865F68}C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe" = protocol=6 | dir=in | app=c:\program files (x86)\six projects\six updater\tools\bin\rsync.exe |
"TCP Query User{1C86BE44-53F6-4A18-B91E-A9F3AD7FA34A}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{221F5069-B63D-4724-8D77-1923D9CECAE2}C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe |
"TCP Query User{22C45D7D-C2D9-4EE3-98FE-F254471D033A}C:\program files (x86)\steam\steamapps\goobnuts\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\goobnuts\counter-strike source\hl2.exe |
"TCP Query User{26E7C9A1-4F5A-4BF2-9415-35137392E628}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\@dayz\addons\expansion\beta\arma2oa.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\@dayz\addons\expansion\beta\arma2oa.exe |
"TCP Query User{2B799DBE-4426-4E73-9707-A166160C1BF1}C:\program files (x86)\meteorentertainment\hawken\installedhawkenfiles\binaries\win32\hawkengame-win32-shipping.exe" = protocol=6 | dir=in | app=c:\program files (x86)\meteorentertainment\hawken\installedhawkenfiles\binaries\win32\hawkengame-win32-shipping.exe |
"TCP Query User{34B7FAFE-4BEB-458C-B47D-E1AC9C57AF02}C:\program files (x86)\steam\steamapps\common\assassins creed brotherhood\acbmp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\assassins creed brotherhood\acbmp.exe |
"TCP Query User{39C9CEE1-DB31-42DF-94C0-C01336693FCD}E:\users\public\games\world of warcraft public test\launcher.exe" = protocol=6 | dir=in | app=e:\users\public\games\world of warcraft public test\launcher.exe |
"TCP Query User{3AECED93-1ACD-47CF-AC51-4F0791CE9FEB}C:\program files (x86)\steam\steamapps\common\agricultural simulator 2011\farm.dll" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\agricultural simulator 2011\farm.dll |
"TCP Query User{3BECB2AB-F704-4B5E-8167-DCEE4DC5AFD4}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"TCP Query User{4091D90B-31A2-4C15-8E67-E421034F4872}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"TCP Query User{41CB1D9B-8EE3-4014-BBEF-70882EF0376D}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"TCP Query User{4312194B-356D-4230-92F8-B0064B73CAA1}C:\program files (x86)\steam\steamapps\common\blur\blur.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\blur\blur.exe |
"TCP Query User{47AFF697-D02A-47BA-B70F-B3A37054D236}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{47FEC695-66AE-4D0B-96B7-C4E095DD1592}E:\program files\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=e:\program files\world of warcraft\backgrounddownloader.exe |
"TCP Query User{4ACA62E6-6552-4764-BA9D-209129B78385}C:\users\aaron long\appdata\local\temp\g2_635\g2viewer.exe" = protocol=6 | dir=in | app=c:\users\aaron long\appdata\local\temp\g2_635\g2viewer.exe |
"TCP Query User{4DB35F7E-DCE9-4823-BAC0-DEE12AC4A4B7}C:\users\aaron long\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\aaron long\appdata\local\temp\gw2.exe |
"TCP Query User{5F8B5D3B-1CE7-4873-A596-565186F57A04}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"TCP Query User{61792EB4-AD99-485C-B64A-398DF329E1AF}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe |
"TCP Query User{64A9CC39-0EDE-4EED-BD81-7405824DE8D5}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=6 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe |
"TCP Query User{652E45D3-5C7F-40BF-9449-54F0C8CAC09E}C:\program files (x86)\ubisoft\assassin's creed revelations\acrpr.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrpr.exe |
"TCP Query User{67047B4E-FE7A-40B9-983E-2259936CF78F}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe |
"TCP Query User{6A7237D1-3CDF-4685-BBC4-04A3981D7818}C:\program files (x86)\steam\steamapps\common\age of empires online\spartan.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age of empires online\spartan.exe |
"TCP Query User{7D989FD3-115B-45A3-84F7-36BAEC146DB9}C:\program files (x86)\star wars-the old republic\launcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\star wars-the old republic\launcher.exe |
"TCP Query User{7EC51C3A-535D-459C-B13F-3386012368B2}E:\program files\steam\steamapps\common\red faction guerrilla\rfg.exe" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\red faction guerrilla\rfg.exe |
"TCP Query User{815A4584-F8F5-49DA-818D-D6A5A020792B}C:\program files (x86)\gamespy\comrade\comrade.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gamespy\comrade\comrade.exe |
"TCP Query User{85AA4E19-9A10-464A-9409-9E8EB2859932}C:\ubisoft\gro\ncsa-live\yeti_release.exe" = protocol=6 | dir=in | app=c:\ubisoft\gro\ncsa-live\yeti_release.exe |
"TCP Query User{87570FEC-49CB-483C-86D6-095ADD67C95D}C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe |
"TCP Query User{88F1F846-F655-48B9-BF1A-7B62C76098F0}E:\program files\steam\steamapps\common\assassins creed brotherhood\uplaybrowser.exe" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\assassins creed brotherhood\uplaybrowser.exe |
"TCP Query User{89406F6B-D018-4E24-A072-6060967847F2}C:\program files (x86)\steam\steamapps\common\medal of honor\mp\mohmpgame.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\medal of honor\mp\mohmpgame.exe |
"TCP Query User{8DE4AF4A-8A7D-450B-AD6C-E6CB4DF10EAF}C:\program files\java\jdk1.7.0_02\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.7.0_02\bin\javaw.exe |
"TCP Query User{9B0E83A7-401C-4FC4-84C3-BB0C3DC5C70E}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"TCP Query User{9C017704-E4DF-4095-BC95-1E67B2209D71}C:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe |
"TCP Query User{A5C41B26-F1EB-49BE-848F-D24748A3C083}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe |
"TCP Query User{B59C306C-973D-41DF-9E39-9B1DF44666D5}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"TCP Query User{B7E56413-171D-4C5E-8AB1-DB2AE2F4EA25}C:\ubisoft\ghost recon online\ncsa-live\ghostrecononline.exe" = protocol=6 | dir=in | app=c:\ubisoft\ghost recon online\ncsa-live\ghostrecononline.exe |
"TCP Query User{BBC7C1BA-41AA-48D9-B7E3-7E8C81A03902}C:\users\aaron long\appdata\local\apps\2.0\6t5m4a6y.8gr\jrbphbw3.9tt\laun...app_59711684aa47878d_0001.001b_8b53c7f014211b93\launcher.exe" = protocol=6 | dir=in | app=c:\users\aaron long\appdata\local\apps\2.0\6t5m4a6y.8gr\jrbphbw3.9tt\laun...app_59711684aa47878d_0001.001b_8b53c7f014211b93\launcher.exe |
"TCP Query User{CE1984CE-3846-43D2-BF1C-24224A786978}C:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"TCP Query User{CE5286E1-5DFC-4897-A899-EAE94EC57804}E:\program files\steam\steamapps\common\fable 3\fable3.exe" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\fable 3\fable3.exe |
"TCP Query User{D0710699-9DEF-4966-B1FD-2E8094706FF2}C:\program files (x86)\xchat\xchat.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xchat\xchat.exe |
"TCP Query User{D2287515-7D9C-4B69-A17C-11223F6178AB}C:\program files (x86)\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"TCP Query User{D4E83D99-5EEA-4B9D-B1EA-C54E690E1A84}C:\program files (x86)\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe |
"TCP Query User{D59398CA-6649-46C8-8076-49A7B0F5FA2C}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{D8132666-BEEB-4F3F-AE62-1E91B16A3F66}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"TCP Query User{DED6C46F-7407-4C87-8A94-261113827FC3}C:\program files (x86)\steam\steamapps\common\assassin's creed 2\assassinscreediigame.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\assassin's creed 2\assassinscreediigame.exe |
"TCP Query User{DFED834A-9128-4022-B9F9-EF92E855C340}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{E35AFE93-D06C-4552-B518-4014AF2C4989}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{E88961E5-740B-4C27-87E2-98B87C15C6DC}C:\users\aaron long\appdata\local\apps\2.0\6t5m4a6y.8gr\jrbphbw3.9tt\laun...app_59711684aa47878d_0001.001a_5005ad36fe6b9561\launcher.exe" = protocol=6 | dir=in | app=c:\users\aaron long\appdata\local\apps\2.0\6t5m4a6y.8gr\jrbphbw3.9tt\laun...app_59711684aa47878d_0001.001a_5005ad36fe6b9561\launcher.exe |
"TCP Query User{E912F20F-EDC8-4183-8230-C72F4F83E867}C:\program files (x86)\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"TCP Query User{EA3430D0-8078-44E1-AB92-8C6B069B578E}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe |
"TCP Query User{EB3B023D-B74A-484A-A750-202CC29CE0AC}C:\users\public\sony online entertainment\installed games\planetside 2 beta\planetside2.exe" = protocol=6 | dir=in | app=c:\users\public\sony online entertainment\installed games\planetside 2 beta\planetside2.exe |
"TCP Query User{F47D97DC-7D47-4A9D-BE51-3D1EB607830B}C:\program files (x86)\savage xr\silverback.exe" = protocol=6 | dir=in | app=c:\program files (x86)\savage xr\silverback.exe |
"TCP Query User{F7C0DB55-5D7F-4CEA-900F-9E97C2FEC426}C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"TCP Query User{F8D2D839-3601-4EAD-ADC7-C1DF972F732D}C:\program files (x86)\steam\steamapps\common\overlord ii\overlord2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\overlord ii\overlord2.exe |
"TCP Query User{FEB6BCC6-FA47-45E5-8DD2-7A5A938CA5BE}C:\program files (x86)\maniaplanet\maniaplanet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\maniaplanet\maniaplanet.exe |
"UDP Query User{0AC7A16A-B4C7-4F06-AF5E-79179930449F}C:\users\aaron long\appdata\local\apps\2.0\6t5m4a6y.8gr\jrbphbw3.9tt\laun...app_59711684aa47878d_0001.001a_5005ad36fe6b9561\launcher.exe" = protocol=17 | dir=in | app=c:\users\aaron long\appdata\local\apps\2.0\6t5m4a6y.8gr\jrbphbw3.9tt\laun...app_59711684aa47878d_0001.001a_5005ad36fe6b9561\launcher.exe |
"UDP Query User{1281CBF2-6328-413D-955D-2EFCED486742}C:\program files (x86)\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe |
"UDP Query User{1734579B-CF4E-439A-9E22-A7A2E680AAC5}C:\ubisoft\gro\ncsa-live\yeti_release.exe" = protocol=17 | dir=in | app=c:\ubisoft\gro\ncsa-live\yeti_release.exe |
"UDP Query User{1A460434-D5FA-4929-A9AE-B6FC46321B63}C:\program files (x86)\gamespy\comrade\comrade.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gamespy\comrade\comrade.exe |
"UDP Query User{1C5234C4-5436-4480-B58D-2CD16A6CA32F}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{1D238B86-274F-4228-8890-AF68625C3CF7}C:\program files (x86)\steam\steamapps\common\age of empires online\spartan.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age of empires online\spartan.exe |
"UDP Query User{1ECDA4E8-F56E-4DFF-A38C-7590ACAF5804}C:\users\public\sony online entertainment\installed games\planetside 2 beta\planetside2.exe" = protocol=17 | dir=in | app=c:\users\public\sony online entertainment\installed games\planetside 2 beta\planetside2.exe |
"UDP Query User{24E94747-ACB8-4689-91E5-E86A04897ADA}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe |
"UDP Query User{2C7A9826-ECB9-498F-BE19-75E2982D6598}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe |
"UDP Query User{2CC81AC8-B5FF-4742-86D1-16E5E4610840}E:\program files\steam\steamapps\common\red faction guerrilla\rfg.exe" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\red faction guerrilla\rfg.exe |
"UDP Query User{316FB23E-FE4D-45E9-ADCE-64FD4D8BBFF7}E:\program files\steam\steamapps\common\assassins creed brotherhood\uplaybrowser.exe" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\assassins creed brotherhood\uplaybrowser.exe |
"UDP Query User{358B2F4F-70EF-44A5-BECB-2D7AAC483136}C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"UDP Query User{391808A7-5BF7-4932-A1C6-41C095A8BB0B}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"UDP Query User{399ABF53-3C16-4707-89B4-66F18CFBE9EC}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe |
"UDP Query User{3C642208-3E28-4A2C-8338-8BDDCC2FE64D}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{3D5421F0-4B26-43E2-ACEB-282563A56446}C:\program files (x86)\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"UDP Query User{45239A35-57E4-45F1-B552-8E4E870B81A8}C:\program files (x86)\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"UDP Query User{521975FA-4832-4225-B07B-B6003836582E}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"UDP Query User{57868B8C-B501-413C-A178-CBD074A5CC35}C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe" = protocol=17 | dir=in | app=c:\program files (x86)\six projects\six updater\tools\bin\rsync.exe |
"UDP Query User{619BC773-DA36-43BB-9330-177C013FDFC5}C:\program files (x86)\xchat\xchat.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xchat\xchat.exe |
"UDP Query User{6EB6A246-3E6F-4B19-8AC5-D9BFC46C600E}C:\program files (x86)\steam\steamapps\common\overlord ii\overlord2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\overlord ii\overlord2.exe |
"UDP Query User{7616E484-D5ED-4D7C-ACCD-0E93117CA1C3}C:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"UDP Query User{7636A7D5-67A0-4662-B35E-ECCA520C87A0}C:\users\aaron long\appdata\local\apps\2.0\6t5m4a6y.8gr\jrbphbw3.9tt\laun...app_59711684aa47878d_0001.001b_8b53c7f014211b93\launcher.exe" = protocol=17 | dir=in | app=c:\users\aaron long\appdata\local\apps\2.0\6t5m4a6y.8gr\jrbphbw3.9tt\laun...app_59711684aa47878d_0001.001b_8b53c7f014211b93\launcher.exe |
"UDP Query User{7C12B6B2-525D-4EF4-93DB-C72BC765914B}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"UDP Query User{7CFEDF35-34D6-4AA7-A7A6-FBE883E253A5}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"UDP Query User{7D0C2080-6D4C-4B71-AFDF-4DE780D60C36}C:\program files (x86)\steam\steamapps\common\agricultural simulator 2011\farm.dll" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\agricultural simulator 2011\farm.dll |
"UDP Query User{7DEE9052-5765-415A-ABEC-183030025774}C:\program files (x86)\steam\steamapps\common\assassin's creed 2\assassinscreediigame.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\assassin's creed 2\assassinscreediigame.exe |
"UDP Query User{80A2C6A5-0294-4F27-B92E-26309767CD1A}C:\program files (x86)\star wars-the old republic\launcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\star wars-the old republic\launcher.exe |
"UDP Query User{81E363ED-7117-4FA5-B5C6-E29649521304}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"UDP Query User{83CEF8C4-4911-4109-84BF-BA904CA49BF1}C:\users\aaron long\appdata\local\temp\g2_635\g2viewer.exe" = protocol=17 | dir=in | app=c:\users\aaron long\appdata\local\temp\g2_635\g2viewer.exe |
"UDP Query User{873BCA67-3818-4CA2-9CD7-F149D7034C41}C:\users\aaron long\appdata\local\temp\hng\live\hng.exe" = protocol=17 | dir=in | app=c:\users\aaron long\appdata\local\temp\hng\live\hng.exe |
"UDP Query User{89F4F1C8-6C26-4379-B2DA-55400B2F68A0}E:\users\public\games\world of warcraft public test\launcher.exe" = protocol=17 | dir=in | app=e:\users\public\games\world of warcraft public test\launcher.exe |
"UDP Query User{8A5EF277-7CF3-4C33-A203-BEF05DEE7082}E:\program files\steam\steamapps\common\fable 3\fable3.exe" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\fable 3\fable3.exe |
"UDP Query User{8B33B96A-5244-408B-878B-B4011E461B0D}C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe |
"UDP Query User{8B4066D6-4F09-428F-90A9-318CB41DBF49}C:\program files (x86)\steam\steamapps\common\assassins creed brotherhood\acbmp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\assassins creed brotherhood\acbmp.exe |
"UDP Query User{8FC5166A-072E-4B6E-A84C-E668B94B525A}C:\program files\java\jdk1.7.0_02\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.7.0_02\bin\javaw.exe |
"UDP Query User{92069329-D96F-4B00-B5CF-DCF1D32C7A65}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{98750FE0-D9A5-481B-B87C-56F8AF04A971}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=17 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe |
"UDP Query User{9E6311BB-4D23-46CA-BE75-FA373E9C2147}C:\users\aaron long\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\aaron long\appdata\local\temp\gw2.exe |
"UDP Query User{9FCDE4AF-06E4-483A-A2B7-52E787FAC4E1}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{A25FE224-D0AA-4161-95F8-1CFBF54FE1A0}C:\program files (x86)\savage xr\silverback.exe" = protocol=17 | dir=in | app=c:\program files (x86)\savage xr\silverback.exe |
"UDP Query User{A8908AB7-47C9-498B-9FF5-4563FB8E35D2}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"UDP Query User{AE23C6BE-76B7-463E-B7CF-4108F466460A}C:\ubisoft\ghost recon online\ncsa-live\ghostrecononline.exe" = protocol=17 | dir=in | app=c:\ubisoft\ghost recon online\ncsa-live\ghostrecononline.exe |
"UDP Query User{AF49EDFB-5176-41FD-A19A-F6FAC2302856}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe |
"UDP Query User{B1DB9444-0F89-4E62-A8A4-0BBA63E00E21}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\@dayz\addons\expansion\beta\arma2oa.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\@dayz\addons\expansion\beta\arma2oa.exe |
"UDP Query User{B5F1F634-21ED-4A9F-89FA-F58D833C429D}C:\program files (x86)\steam\steamapps\common\test drive unlimited 2\testdrive2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\test drive unlimited 2\testdrive2.exe |
"UDP Query User{B7EFAFE3-E76E-484E-9D83-DC854822207D}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{BB17115B-878E-4C60-B06E-A978EB9CEFF2}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{C11714CE-61D2-4A14-BB4D-AE5C33D9E1FC}C:\program files (x86)\ubisoft\assassin's creed revelations\acrpr.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrpr.exe |
"UDP Query User{C4E4F3F7-DA70-477C-8C03-378373C61E52}C:\program files (x86)\steam\steamapps\goobnuts\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\goobnuts\counter-strike source\hl2.exe |
"UDP Query User{DCCEEAD6-7CF8-4695-B3F7-FBC6D9382434}C:\program files (x86)\steam\steamapps\common\medal of honor\mp\mohmpgame.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\medal of honor\mp\mohmpgame.exe |
"UDP Query User{E6E6D428-DC5F-463B-A8AA-B91C158EB26E}C:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe |
"UDP Query User{E958744A-BF41-4F01-BB6C-F6E66B8666E5}C:\program files (x86)\meteorentertainment\hawken\installedhawkenfiles\binaries\win32\hawkengame-win32-shipping.exe" = protocol=17 | dir=in | app=c:\program files (x86)\meteorentertainment\hawken\installedhawkenfiles\binaries\win32\hawkengame-win32-shipping.exe |
"UDP Query User{EB12FAD7-73C3-4CF3-8E51-23002A4664E5}C:\program files (x86)\steam\steamapps\common\blur\blur.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\blur\blur.exe |
"UDP Query User{F7297270-64B6-440A-98A5-D26A7E1073FE}C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe |
"UDP Query User{F7D17B02-8C08-4F45-935F-53B10DA636B3}C:\program files (x86)\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\test drive unlimited 2\_uplauncher.exe |
"UDP Query User{F88BA941-4106-41BB-A1F1-22D243BB1D32}C:\program files (x86)\maniaplanet\maniaplanet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\maniaplanet\maniaplanet.exe |
"UDP Query User{FCF041A0-2338-43AA-A927-0922B5FE00E6}E:\program files\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=e:\program files\world of warcraft\backgrounddownloader.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1111706F-666A-4037-7777-202648764D10}" = JavaFX 2.0.2 (64-bit)
"{1444D2EE-C7AD-44A8-844F-2634B49353D1}" = Logitech Gaming Software 5.10
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{1A570BFA-D775-47EE-8071-06E9559C14F5}" = HP Deskjet 1000 J110 series Product Improvement Study
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2222706F-666A-4037-7777-202648764D10}" = JavaFX 2.0.2 SDK (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86416030FF}" = Java™ 6 Update 30 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit)
"{331F3940-4093-11E1-9565-F04DA23A5C58}" = MSVCRT Redists
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0170020}" = Java™ SE Development Kit 7 Update 2 (64-bit)
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{883B114D-BD3E-498F-9DAD-5E4A8E1C43BA}" = HP Deskjet 1000 J110 series Basic Device Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D000D1C0-6E80-4FC4-BE4E-A88872C0616F}" = Share64
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.62
"GIMP-2_is1" = GIMP 2.8.2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Puran Defrag Free Edition_is1" = Puran Defrag Free Edition 7.3
"Sandboxie" = Sandboxie 3.68 (64-bit)
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.10 beta 5 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{1A1BD41E-9854-4957-8959-F9559A8862A7}" = Corel VideoStudio Pro X5
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0659E943-DDF4-44FC-9FEE-A13B09F8BB08}" = Adobe Flash Media Live Encoder 3.2
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse 2.0
"{1002A380-2026-11E1-A67B-F04DA23A5C58}" = MSVCRT Redists
"{117B6BF6-82C3-420C-B284-9247C8568E53}" = The Sims™ 3 Outdoor Living Stuff
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1A1BD41E-9854-4957-8959-F9559A8862A7}" = ICA
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{26FDF89A-FA65-4FA2-8522-37CC84DFDCEE}" = Mercenaries 2 World in Flames™
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}" = Six Updater
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{2FFBF70A-9D40-4C3C-8F6C-6C3237B419BA}" = Scrolls
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations 1.03
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}" = Smite Closed Beta
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.0110.1
"{40296377-CCB2-D0F9-6DCB-99713C846B4D}" = GameFly
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Late Night
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D565319-8B91-41CB-961C-0DDC86101AC5}" = Dragon Age II
"{534A31BD-20F4-46b0-85CE-09778379663C}" = Mass Effect™ 3
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{58F4D4FD-1814-4068-B316-C28FC776C6DD}" = GoToMyPC
"{5BB655D4-07D7-45E3-B852-FF869EA628A1}" = VSPro
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}" = GameSpy Comrade
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{65761BAE-11E8-48FE-B30F-1F01011AB906}" = The Sims™ 3 Create a World Tool - Beta
"{66C70B5F-730F-4C5D-9FC5-8E56D0FE7D53}" = IPM_VS_Pro
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A6F7B28-E178-47AC-8654-A654ADA6C777}" = VSHelp
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = The Sims™ 3 High-End Loft Stuff
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{779D8CA1-03DD-4AD4-B21F-3E20BFE7BEDE}" = SketchUp 8
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79B1FF35-9EA8-48ED-98D6-19ABE004BE89}" = DefianceRuntimes
"{7B11296A-F894-449C-8DF6-6AAAA7D4D118}" = The Sims™ 3 Town Life Stuff
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{8087CB28-83A3-4EAE-A529-6B72CF2A4545}" = ATLAS
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{88F0F4FF-B514-4E32-9C17-CAF96D60EAFC}" = Razer Game Booster
"{8AA4F966-EF4B-44D8-99AA-C4EA93B46863}" = VSClassic
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Ambitions
"{915726DF-7891-444A-AA03-0DF1D64F561A}" = L.A. Noire
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B430D9F-FFDF-4400-AF49-34DC412EFD0C}" = Path of Exile
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}" = Assassin's Creed® III v1.03
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8887C7B-0BCC-4FBF-BCEB-9BB4D4B14999}" = Setup
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.02)
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF7733C1-FB0B-4FED-9730-E0433AF7A2EF}" = Magic Online
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}" = Mumble 1.2.3
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 World Adventures
"{BAB1A557-02A6-468f-BC5A-D8180C882DC4}" = SimCity™ Closed Beta 2
"{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1" = The War Z version alpha
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = The Sims™ 3 Pets
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CA486743-5F44-40D5-A38B-77911FB27579}" = Contents
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB4532F7-A1BD-46D2-9938-3E7D4656FB18}" = Razer Lachesis
"{CB6284F3-308A-4c0b-B2CF-401F78AA8881}" = SimCity™ Closed Beta
"{CBBB3C80-76F5-42B5-92A6-C4BF84796DCB}" = iRacing.com Race Simulation
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D0D4560A-2BB0-4A35-AD7C-0DE686E9AE87}" = iSpeed 3.3.2.0
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D68006E1-F774-4504-9ECF-03B67793C475}" = XSplit
"{DCDC6934-7428-489E-8651-90B53191488B}" = ISCOM
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}" = HP Deskjet 1000 J110 series Help
"{DEAD48E5-E36C-431E-B83C-E61CE71AA13F}" = Livestream Procaster
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = The Sims™ 3 Generations
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = The Sims™ 3 Fast Lane Stuff
"{EEBEF66A-70FD-4DF6-B173-82D07E61853E}" = Share
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}" = SimCity™
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FB0127F3-985B-44CE-AE29-378CAF60B361}" = Need for Speed™ Most Wanted
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.14 (Unicode)
"Audacity_is1" = Audacity 2.0.2
"Avira AntiVir Desktop" = Avira Free Antivirus
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"Battlelog Web Plugins" = Battlelog Web Plugins
"BattlEye for OA" = BattlEye for OA Uninstall
"Diablo III" = Diablo III
"ESN Sonar-0.70.4" = ESN Sonar
"FarmingSimulator2013INT_is1" = Farming Simulator 2013
"FileHippo.com" = FileHippo.com Update Checker
"FileZilla Client" = FileZilla Client 3.5.3
"Fraps" = Fraps (remove only)
"GameFly" = GameFly
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"Men of War" = Men of War
"mIRC" = mIRC
"Mozilla Firefox 19.0.2 (x86 en-US)" = Mozilla Firefox 19.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"OpenAL" = OpenAL
"Opera 12.12.1707" = Opera 12.12
"Origin" = Origin
"Picasa 3" = Picasa 3
"PunkBusterSvc" = PunkBuster Services
"Rockstar Games Social Club" = Rockstar Games Social Club
"Scrolls 1.0.0" = Scrolls
"SpeedFan" = SpeedFan (remove only)
"StarCraft II" = StarCraft II
"Steam App 102820" = The Sims™ Medieval
"Steam App 105430" = Age of Empires Online
"Steam App 10690" = Virtua Tennis 2009
"Steam App 107100" = Bastion
"Steam App 107200" = Space Pirates and Zombies
"Steam App 111100" = Snuggle Truck
"Steam App 113200" = The Binding of Isaac
"Steam App 15620" = Warhammer® 40,000™: Dawn of War® II
"Steam App 19900" = Far Cry 2
"Steam App 200370" = A Game of Dwarves
"Steam App 201280" = Deus Ex: Human Revolution - The Missing Link
"Steam App 201290" = Sins of a Solar Empire: Trinity
"Steam App 202170" = Sleeping Dogs™
"Steam App 202480" = Creation Kit
"Steam App 203140" = Hitman: Absolution
"Steam App 204220" = Snapshot
"Steam App 204880" = Sins of a Solar Empire: Rebellion
"Steam App 20500" = Red Faction: Guerrilla
"Steam App 207420" = Wizorb
"Steam App 209040" = Ridge Racer™ Unbounded Demo
"Steam App 209670" = Cortex Command
"Steam App 211420" = Dark Souls: Prepare to Die Edition
"Steam App 211440" = Adventures of Shuggy
"Steam App 212680" = FTL: Faster Than Light
"Steam App 214210" = Cabela's® Hunting Expeditions
"Steam App 214250" = I Am Alive
"Steam App 218680" = Scribblenauts Unlimited
"Steam App 219340" = The Banner Saga: Factions
"Steam App 219640" = Chivalry: Medieval Warfare
"Steam App 220240" = Far Cry® 3
"Steam App 220440" = DmC Devil May Cry
"Steam App 221020" = Towns
"Steam App 22370" = Fallout 3 - Game of the Year Edition
"Steam App 22380" = Fallout: New Vegas
"Steam App 224820" = Super House of Dead Ninjas
"Steam App 233070" = TrackMania² Stadium Open Beta
"Steam App 24400" = King Arthur - The Role-playing Wargame
"Steam App 24780" = SimCity 4 Deluxe
"Steam App 28050" = Deus Ex: Human Revolution
"Steam App 33900" = ARMA 2
"Steam App 33930" = ARMA 2: Operation Arrowhead
"Steam App 34270" = SEGA Genesis & Mega Drive Classics
"Steam App 35500" = Cities XL - Limited Edition
"Steam App 40400" = AI War: Fleet Command
"Steam App 40800" = Super Meat Boy
"Steam App 40810" = Super Meat Boy Editor
"Steam App 41500" = Torchlight
"Steam App 41800" = Gratuitous Space Battles
"Steam App 42640" = Blur
"Steam App 47400" = Stronghold 3
"Steam App 47920" = Shift 2 Unleashed
"Steam App 48240" = Anno 2070
"Steam App 48700" = Mount & Blade: Warband
"Steam App 48720" = Mount & Blade: With Fire and Sword
"Steam App 49520" = Borderlands 2
"Steam App 49600" = Beat Hazard
"Steam App 500" = Left 4 Dead
"Steam App 55230" = Saints Row: The Third
"Steam App 570" = Dota 2
"Steam App 57690" = Tropico 4
"Steam App 58510" = Cities XL 2011
"Steam App 620" = Portal 2
"Steam App 64000" = Men of War: Assault Squad
"Steam App 65800" = Dungeon Defenders
"Steam App 6980" = Thief: Deadly Shadows
"Steam App 70120" = Hacker Evolution Duality
"Steam App 72000" = Closure
"Steam App 72200" = Universe Sandbox
"Steam App 730" = Counter-Strike: Global Offensive
"Steam App 8930" = Sid Meier's Civilization V
"Steam App 92900" = Agricultural Simulator 2011: Extended Edition
"Steam App 97330" = Magic: The Gathering - Duels of the Planeswalkers 2013
"Steam App 98200" = Frozen Synapse
"Steam App 98300" = Toy Soldiers
"Steam App 98800" = Dungeons of Dredmor
"Steam App 9930" = Test Drive Unlimited 2
"The Guild II Pirates of the European Seas_is1" = The Guild II Pirates of the European Seas
"The Guild II_is1" = The Guild II
"The Secret World_is1" = The Secret World
"Tropico3" = Tropico 3 1.00
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite" = Windows Live Essentials
"World of Warcraft" = World of Warcraft
"xchat" = XChat 2 (remove only)
"Xfire" = Xfire (remove only)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"101a9f93b8f0bb6f" = Curse Client
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Jimmie Johnson Spotter-Cuss Pack" = Jimmie Johnson Spotter-Cuss Pack
"NCsoft-GuildWars" = Guild Wars
"Spotify" = Spotify
"SwiftKit" = SwiftKit
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 3/7/2013 3:36:07 AM | Computer Name = AaronLong-PC | Source = Application Hang | ID = 1002
Description = The program SimCity.exe version 1.0.0.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 1300 Start Time:
01ce1b05a5695a01 Termination Time: 17 Application Path: C:\Program Files (x86)\Origin
Games\SimCity\SimCity\SimCity.exe Report Id: aa8015fa-86f9-11e2-a415-50e5494cb46a


Error - 3/7/2013 6:15:20 AM | Computer Name = AaronLong-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files (x86)\SplitMediaLabs\XSplit\XSplitBroadcasterSrc.exe".
Dependent
Assembly Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0" could not
be found. Please use sxstrace.exe for detailed diagnosis.

Error - 3/8/2013 2:55:32 AM | Computer Name = AaronLong-PC | Source = Application Error | ID = 1000
Description = Faulting application name: SimCity.exe, version: 1.2.0.0, time stamp:
0x51385988 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x00000000 Faulting process id: 0xebc Faulting application
start time: 0x01ce1bc2cbdc7352 Faulting application path: C:\Program Files (x86)\Origin
Games\SimCity\SimCity\SimCity.exe Faulting module path: unknown Report Id: 2ae9fc10-87bd-11e2-a415-50e5494cb46a

Error - 3/8/2013 4:26:25 AM | Computer Name = AaronLong-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files (x86)\SplitMediaLabs\XSplit\XSplitBroadcasterSrc.exe".
Dependent
Assembly Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0" could not
be found. Please use sxstrace.exe for detailed diagnosis.

Error - 3/8/2013 3:05:43 PM | Computer Name = AaronLong-PC | Source = Application Error | ID = 1000
Description = Faulting application name: pcnsl.exe, version: 5.70.43.1, time stamp:
0x51386934 Faulting module name: nvinit.dll_unloaded, version: 0.0.0.0, time stamp:
0x50de924b Exception code: 0xc0000005 Fault offset: 0x74bcce59 Faulting process id:
0xb9c Faulting application start time: 0x01ce1c2fee5b162a Faulting application path:
C:\Program Files (x86)\Steam\steamapps\common\star conflict\pcnsl.exe Faulting module
path: nvinit.dll Report Id: 2c470490-8823-11e2-a415-50e5494cb46a

Error - 3/9/2013 5:05:28 AM | Computer Name = AaronLong-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files (x86)\SplitMediaLabs\XSplit\XSplitBroadcasterSrc.exe".
Dependent
Assembly Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0" could not
be found. Please use sxstrace.exe for detailed diagnosis.

Error - 3/9/2013 8:32:18 PM | Computer Name = AaronLong-PC | Source = Application Error | ID = 1000
Description = Faulting application name: SimCity.exe, version: 1.3.0.0, time stamp:
0x513ad837 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x00000000 Faulting process id: 0x7e4 Faulting application
start time: 0x01ce1d06013148d2 Faulting application path: C:\Program Files (x86)\Origin
Games\SimCity\SimCity\SimCity.exe Faulting module path: unknown Report Id: f631b44f-8919-11e2-a415-50e5494cb46a

Error - 3/9/2013 10:02:18 PM | Computer Name = AaronLong-PC | Source = Application Error | ID = 1000
Description = Faulting application name: SimCity.exe, version: 1.3.0.0, time stamp:
0x513ad837 Faulting module name: SimCity.exe, version: 1.3.0.0, time stamp: 0x513ad837
Exception
code: 0xc0000005 Fault offset: 0x0059a08d Faulting process id: 0x560 Faulting application
start time: 0x01ce1d2f23cb41a3 Faulting application path: C:\Program Files (x86)\Origin
Games\SimCity\SimCity\SimCity.exe Faulting module path: C:\Program Files (x86)\Origin
Games\SimCity\SimCity\SimCity.exe Report Id: 88dcdedf-8926-11e2-a415-50e5494cb46a

Error - 3/9/2013 10:02:20 PM | Computer Name = AaronLong-PC | Source = Application Error | ID = 1000
Description = Faulting application name: SimCity.exe, version: 1.3.0.0, time stamp:
0x513ad837 Faulting module name: SimCity.exe, version: 1.3.0.0, time stamp: 0x513ad837
Exception
code: 0xc000041d Fault offset: 0x0059a08d Faulting process id: 0x560 Faulting application
start time: 0x01ce1d2f23cb41a3 Faulting application path: C:\Program Files (x86)\Origin
Games\SimCity\SimCity\SimCity.exe Faulting module path: C:\Program Files (x86)\Origin
Games\SimCity\SimCity\SimCity.exe Report Id: 8a042522-8926-11e2-a415-50e5494cb46a

Error - 3/10/2013 5:17:44 AM | Computer Name = AaronLong-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files (x86)\SplitMediaLabs\XSplit\XSplitBroadcasterSrc.exe".
Dependent
Assembly Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0" could not
be found. Please use sxstrace.exe for detailed diagnosis.

Error - 3/11/2013 6:44:48 AM | Computer Name = AaronLong-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files (x86)\SplitMediaLabs\XSplit\XSplitBroadcasterSrc.exe".
Dependent
Assembly Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0" could not
be found. Please use sxstrace.exe for detailed diagnosis.

Error - 3/12/2013 1:43:14 AM | Computer Name = AaronLong-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files (x86)\SplitMediaLabs\XSplit\XSplitBroadcasterSrc.exe".
Dependent
Assembly Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0" could not
be found. Please use sxstrace.exe for detailed diagnosis.

[ System Events ]
Error - 11/3/2012 8:27:25 PM | Computer Name = AaronLong-PC | Source = Service Control Manager | ID = 7000
Description = The NVIDIA Update Service Daemon service failed to start due to the
following error: %%1069

Error - 11/5/2012 6:41:16 PM | Computer Name = AaronLong-PC | Source = Service Control Manager | ID = 7038
Description = The nvUpdatusService service was unable to log on as .\UpdatusUser
with the currently configured password due to the following error: %%1330 To ensure
that the service is configured properly, use the Services snap-in in Microsoft
Management Console (MMC).

Error - 11/5/2012 6:41:16 PM | Computer Name = AaronLong-PC | Source = Service Control Manager | ID = 7000
Description = The NVIDIA Update Service Daemon service failed to start due to the
following error: %%1069

Error - 11/7/2012 5:29:15 AM | Computer Name = AaronLong-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR4.

Error - 11/7/2012 5:29:15 AM | Computer Name = AaronLong-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR4.

Error - 11/7/2012 5:29:16 AM | Computer Name = AaronLong-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR4.

Error - 11/7/2012 5:29:17 AM | Computer Name = AaronLong-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR4.

Error - 11/7/2012 6:16:08 AM | Computer Name = AaronLong-PC | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 11/7/2012 6:16:17 AM | Computer Name = AaronLong-PC | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 2 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 11/7/2012 6:17:17 AM | Computer Name = AaronLong-PC | Source = Service Control Manager | ID = 7032
Description = The Service Control Manager tried to take a corrective action (Restart
the service) after the unexpected termination of the Apple Mobile Device service,
but this action failed with the following error: %%1056


< End of report >

Edited by Mayko, 12 March 2013 - 05:17 AM.

  • 0

Advertisements

#2
Dakeyras
Posted 17 March 2013 - 04:59 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi and welcome back to Geeks to Go. :)

With regard to this you mentioned:-

I have recently lost control of an account of mine. From then I got a little concerned. I have done Malwarebytes scans as well as Avira as my real time protection. Both scans have come up clean, but the password I was using for the account is rather hard in my opinion to brute force with multiple punctuations.

I am surmising you mean a actual online gaming account or similar, anyway by all means we can run through a Malware Removal process/check etc.

If not changed the password I would do so soon as I give the all clear(and or if you have, change it again etc). This is good way to check the strength of any passwords used if not aware:-

Check your password—is it strong?

Java Advice:

There has been a recent severe exploitation of this software(actually still ongoing), further information can be read here. The aforementioned article will also explain on how to disable the plugins, though my friendly advice would be to uninstall if you do not use anything Java related.

I do not even have anything Java related installed on my machines...

PunkBuster Advice:

There are some issues with infections in relation to PunkBuster...

Your computer has installed gaming tools. Some of these, like Punkbuster, use spyware techniques to engage in the anti-piracy battle.
In the process, they take control of much of your PC, and they actually meet the definition of spyware/malware.
They are sometimes designed to prevent orderly removal or modification, and they have only limited respect for retaining the overall security and integrity of your machine.

My advice would be to download the removal tool from here. Use this to uninstall PunkBuster Services. Then when I give the all clear use it again to reinstall PunkBuster Services if you so wish.

Next:

If you still wish to proceed do let myself know your decision about both Java and PunkBuster in your next reply, as in have you opted to remove/uninstall or not. Plus carry out the below also and we will then go from there, thank you.

Backup the Registry:

Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

  • Please download the installer for Registry Backup from here or here and save to your desktop.
  • Right-click on tweaking.com_registry_backup_setup.exe and select Run as Administrator >> Follow the prompts for a default installation
  • Ensure the option Open "Tweaking.com - Registry Backup" When Install Completes is selected >> Next > >> Finish
  • Once the GUI(graphical user interface) has appeared/loaded:-
Posted Image

  • Click on Backup Now >> once the process is complete the below will be displayed in the GUI:-
Posted Image

  • Close Tweaking.com - Registry Backup
Note: There will now be a folder at the root of the Hard-Drive named C:\RegBackup, do not delete this as it is the actual backup just created.

A tutorial for Registry Backup explaining the various features be viewed here.
  • 0

#3
Mayko
Posted 17 March 2013 - 05:40 AM

Mayko

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
Thank you very much for the reply. The account I was mentioning was with Ubisoft, but they have not had any compromises recently that I am aware of. If you have the time to do a quick check I would be very happy doing all the necessary steps. I try to keep everything clean and up to date, but it gets harder with all the new stuff I install every day / week (things I do not trust inside Sandboxie).

I checked the password I was using at the time on the site you linked, and it showed as strong. The ones I use for more important sites are showing as best. Thanks for the site.

I use Java daily, but I do actively watch for the exploits, updates, and issues they have. I actually had forgotten I had Punkbuster installed, but I have uninstalled it.

I made a Registry backup with the software you mentioned. I usually keep one around, but I have not used that software before.
  • 0

#4
Dakeyras
Posted 17 March 2013 - 06:16 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

Thank you very much for the reply

You're welcome and your reply acknowledged etc.

Lets proceed as follows shall we..

Temp disable both of the following so will not hinder the custom OTL fix below:-

Avira AntiVir

Sandboxie

Then re-enable after the script has been processed and or your machine has rebooted.

Custom OTL Script:

  • Right-click OTL.exe and select Run as Administrator to start the program.
  • Copy the lines from the quote-box(do not copy the word quote) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

:Commands
[CreateRestorePoint]

:OTL
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKCU..\Run: [PlayNC Launcher] File not found
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)

:Files
ipconfig /flushdns /c
netsh advfirewall reset /c
netsh advfirewall set allprofiles state on /c

:Commands
[ResetHosts]
[EmptyTemp]

  • Return to OTL, right-click in the Custom Scans/Fixes window (under the cyan bar) and choose Paste.
  • Then click the red Run Fix button.
  • Let the program run unhindered.
  • If OTL asks to reboot your computer, allow it to do so. The report should appear in Notepad after the reboot.
Note: The logfile can also be located C: >> _OTL >> MovedFiles >> DD/DD/DD TT/TT.txt <-- denotes date/time log created.

Malwarebytes Anti-Malware:

Note: Remember to right click MBAM executable and select Run As Administrator.

  • Launch the application, Check for Updates >> Perform quick scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

Scan with AdwCleaner:

Please download adwcleaner from here and save to your desktop.

Alternate downloads are here or here.

  • Right-click on adwcleaner.exe and select Run as Administrator to launch the application.
  • Now click on the Delete tab >> follow the prompts and reboot your machine if not advised to.
  • Please post the contents of the log file created in your next post.
Note: The log can also be located at C: >> AdwCleaner[XX].txt >> XX <-- denotes the number of times the application has been ran, so in this case should be something like S1.

When completed the above, please post back the following in the order asked for:

  • How is your computer performing now, any further symptoms and or problems encountered?
  • OTL Log from the Custom Script.
  • Malwarebytes Anti-Malware Log.
  • AdwCleaner Log.

  • 0

#5
Mayko
Posted 17 March 2013 - 08:06 AM

Mayko

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
Alright, I was starting with the OTL script, and it encountered an error creating a file. At that point it froze for around a 10 minutes. After a bit of Processing 016 - Some registry value the computer BSODed. 0x0000001E is the BCCode I can give the .dmp file if needed. That is the first BSOD I have had on this machine. I have not continued to the next steps yet. I assumed I should let you know about the error, and BSOD. OTL did not create a log file for the script, and I assume because of the error.

Should I continue with the next steps at this point? If not please let me know what is next. Thank you.
  • 0

#6
Dakeyras
Posted 17 March 2013 - 08:33 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Aye by all means do continue with the rest of the steps etc and can post the dmp file you mentioned though I suspect OTL just hung on the damaged registry entry it was attempting to remove.

Overall not that major a problem at all, do post a new OTL log also for review please as that way I can double check what if anything was actually processed also. :)
  • 0

#7
Mayko
Posted 17 March 2013 - 09:18 AM

Mayko

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
Alright, I have done the other two scans. Here is the Malwarebytes log. Somewhere down the line two desktop.ini files were created on my desktop? These can both be deleted correct? They are just from the BSOD I believe?

Also I would be very appreciative if you could answer me a question when done. With Windows 7 is it possible to still un-check all startup inside msconfig? I know in XP, and Vista the important services would restart automatically.

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.03.11.12

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Aaron Long :: AARONLONG-PC [administrator]

3/17/2013 9:52:10 AM
mbam-log-2013-03-17 (09-52-10).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 246826
Time elapsed: 6 minute(s), 20 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Here is the AdwCleaner log.

# AdwCleaner v2.114 - Logfile created 03/17/2013 at 10:00:16
# Updated 05/03/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Aaron Long - AARONLONG-PC
# Boot Mode : Normal
# Running from : C:\Users\Aaron Long\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\WeCareReminder

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0.2 (en-US)

File : C:\Users\Aaron Long\AppData\Roaming\Mozilla\Firefox\Profiles\npz930rf.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v25.0.1364.172

File : C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v12.12.1707.0

File : C:\Users\Aaron Long\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1100 octets] - [17/03/2013 10:00:16]

########## EOF - C:\AdwCleaner[S1].txt - [1160 octets] ##########




Here is the new OTL log you asked for.

OTL logfile created on: 3/17/2013 10:07:23 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Aaron Long\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.92 Gb Total Physical Memory | 5.27 Gb Available Physical Memory | 66.52% Memory free
15.84 Gb Paging File | 12.85 Gb Available in Paging File | 81.15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1862.92 Gb Total Space | 910.38 Gb Free Space | 48.87% Space Free | Partition Type: NTFS
Drive E: | 465.76 Gb Total Space | 17.50 Gb Free Space | 3.76% Space Free | Partition Type: NTFS

Computer Name: AARONLONG-PC | User Name: Aaron Long | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/03/12 05:05:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Aaron Long\Desktop\OTL.exe
PRC - [2013/03/07 16:35:30 | 000,527,016 | R--- | M] (iRacing.com Motorsport Simulations, LLC
Bedford, MA 01730) -- C:\Program Files (x86)\iRacing\iRacingService.exe
PRC - [2013/03/06 20:07:47 | 001,103,768 | ---- | M] (Spotify Ltd) -- C:\Users\Aaron Long\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2013/02/25 08:39:34 | 001,602,984 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\steam.exe
PRC - [2013/02/12 19:26:30 | 003,560,320 | ---- | M] (Xfire Inc.) -- C:\Program Files (x86)\Xfire\Xfire.exe
PRC - [2013/02/09 22:25:27 | 001,266,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/02/09 18:43:48 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/01/20 14:29:18 | 028,539,272 | ---- | M] (Dropbox, Inc.) -- C:\Users\Aaron Long\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/12/18 14:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/12/10 21:24:44 | 000,338,864 | ---- | M] (Razer USA Ltd) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
PRC - [2012/08/08 08:29:11 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/05/08 05:19:58 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/05/08 05:19:58 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012/03/26 12:05:04 | 004,656,632 | ---- | M] (Almico Software (www.almico.com)) -- C:\Program Files (x86)\SpeedFan\speedfan.exe
PRC - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/10/06 00:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/10/06 00:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/03/10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009/11/10 19:05:34 | 000,248,320 | ---- | M] () -- C:\Program Files (x86)\Razer\Lachesis\razerhid.exe
PRC - [2009/11/04 17:28:00 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Razer\Lachesis\razertra.exe
PRC - [2007/08/16 18:05:16 | 000,274,432 | ---- | M] (razercfg MFC Application) -- C:\Program Files (x86)\Razer\Lachesis\OSD.exe
PRC - [2007/06/05 11:37:12 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Lachesis\razerofa.exe


========== Modules (No Company Name) ==========

MOD - [2013/03/17 10:04:41 | 000,192,512 | ---- | M] () -- C:\Users\Aaron Long\AppData\Local\Temp\sfamcc00001.dll
MOD - [2013/03/17 10:04:41 | 000,158,720 | ---- | M] () -- C:\Users\Aaron Long\AppData\Local\Temp\sfareca00001.dll
MOD - [2013/03/10 19:22:06 | 000,459,728 | ---- | M] () -- C:\Users\Aaron Long\AppData\Local\Google\Chrome\Application\25.0.1364.172\ppgooglenaclpluginchrome.dll
MOD - [2013/03/10 19:22:05 | 012,662,224 | ---- | M] () -- C:\Users\Aaron Long\AppData\Local\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
MOD - [2013/03/10 19:22:04 | 004,050,896 | ---- | M] () -- C:\Users\Aaron Long\AppData\Local\Google\Chrome\Application\25.0.1364.172\pdf.dll
MOD - [2013/03/10 19:21:18 | 000,596,944 | ---- | M] () -- C:\Users\Aaron Long\AppData\Local\Google\Chrome\Application\25.0.1364.172\libglesv2.dll
MOD - [2013/03/10 19:21:18 | 000,124,368 | ---- | M] () -- C:\Users\Aaron Long\AppData\Local\Google\Chrome\Application\25.0.1364.172\libegl.dll
MOD - [2013/03/10 19:21:16 | 001,552,848 | ---- | M] () -- C:\Users\Aaron Long\AppData\Local\Google\Chrome\Application\25.0.1364.172\ffmpegsumo.dll
MOD - [2013/02/25 08:39:32 | 000,988,584 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2013/02/19 12:48:10 | 020,340,648 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2013/02/13 18:33:40 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\39f4c7717661667c68f9af8c4f6402b9\System.Windows.Forms.ni.dll
MOD - [2013/01/09 08:22:38 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\ac9e3eca6c148504588e7c6d09fe83e3\System.Management.ni.dll
MOD - [2013/01/09 08:21:23 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\e7b4706dfe18f29486dbaf5d35e01765\System.Runtime.DurableInstancing.ni.dll
MOD - [2013/01/09 08:21:22 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\910fe53ec2122cf3a2ad11c2b2f5cbfd\System.Runtime.Serialization.ni.dll
MOD - [2013/01/09 08:21:22 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\ef7642a4f2724135d445e2ea36582e78\SMDiagnostics.ni.dll
MOD - [2013/01/09 08:21:20 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\d01a925ecd339eae8ea1da8488eb2283\System.Xml.Linq.ni.dll
MOD - [2013/01/09 08:21:06 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dll
MOD - [2013/01/09 08:12:30 | 018,002,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\14f511c47523f19ca591eb207e9e2084\PresentationFramework.ni.dll
MOD - [2013/01/09 08:12:20 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e10fd15441d278c04a03302880a3e231\PresentationCore.ni.dll
MOD - [2013/01/09 08:12:15 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\27dcf04ed7a3506045597c02a5a1fc31\System.Core.ni.dll
MOD - [2013/01/09 08:12:13 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll
MOD - [2013/01/09 08:12:12 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\7a9ff5ce3a909d075179a2ac70d8f388\WindowsBase.ni.dll
MOD - [2013/01/09 08:12:12 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\dfeff31ab1e7cd3480c8942290c92f5d\PresentationFramework.Aero.ni.dll
MOD - [2013/01/09 08:12:11 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll
MOD - [2013/01/09 08:12:11 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5de5d8c1c02e33789e3cf7e3f54c0ec9\System.Configuration.ni.dll
MOD - [2013/01/09 08:12:10 | 009,094,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll
MOD - [2013/01/09 08:12:06 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll
MOD - [2012/12/18 19:28:50 | 000,647,168 | ---- | M] () -- C:\Program Files (x86)\Steam\sdl.dll
MOD - [2012/12/11 10:51:10 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012/12/11 10:51:10 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/12/11 10:51:10 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/02/09 23:13:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2012/01/08 08:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/11/10 19:05:34 | 000,248,320 | ---- | M] () -- C:\Program Files (x86)\Razer\Lachesis\razerhid.exe
MOD - [2009/11/04 17:28:00 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Razer\Lachesis\razertra.exe


========== Services (SafeList) ==========

SRV:64bit: - [2012/04/10 05:17:16 | 000,097,552 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV:64bit: - [2011/12/26 15:33:26 | 000,289,792 | ---- | M] (Puran Software) [Disabled | Stopped] -- C:\Windows\SysNative\PuranDefragS.exe -- (PuranDefrag)
SRV:64bit: - [2010/04/06 19:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/03/13 06:14:09 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/08 22:04:02 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/03/07 16:35:30 | 000,527,016 | R--- | M] (iRacing.com Motorsport Simulations, LLC
Bedford, MA 01730) [Auto | Running] -- C:\Program Files (x86)\iRacing\iRacingService.exe -- (iRacingService)
SRV - [2013/02/09 22:25:27 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/02/09 18:43:48 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/01/17 22:14:19 | 000,541,608 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/01/11 17:35:46 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Running] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2012/12/18 14:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/11/09 12:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/08 05:19:58 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/05/08 05:19:58 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/03/28 14:51:25 | 004,323,256 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2011/03/01 21:29:58 | 000,130,976 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2010/10/06 00:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/10/06 00:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/12/19 00:41:52 | 000,194,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/11/07 02:49:46 | 000,113,664 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzudd.sys -- (rzudd)
DRV:64bit: - [2012/11/07 02:49:46 | 000,022,016 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzendpt.sys -- (rzendpt)
DRV:64bit: - [2012/08/23 09:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 09:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 09:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/05/08 05:19:58 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012/05/08 05:19:58 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012/04/10 05:17:14 | 000,164,528 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/01/01 01:31:46 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011/12/31 20:52:55 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2011/10/01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/09/21 10:25:54 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2011/09/16 00:55:03 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011/06/09 22:16:08 | 012,230,912 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/05/25 06:19:00 | 000,076,160 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011/05/25 06:19:00 | 000,052,608 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2011/05/16 09:55:28 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/10 21:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/10/14 12:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/09/21 12:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/04/27 17:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010/04/27 17:57:14 | 000,036,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmHidLo.sys -- (WmHidLo)
DRV:64bit: - [2010/04/27 17:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010/04/27 15:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010/04/27 15:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2009/10/16 22:09:14 | 000,029,952 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Lachesis.sys -- (VaneFltr)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 16:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/06/10 15:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/02/02 17:50:43 | 000,004,774 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008/07/26 17:30:36 | 000,014,544 | ---- | M] (OpenLibSys.org) [Kernel | On_Demand | Running] -- C:\Users\Aaron Long\Desktop\Temp\WinRing0x64.sys -- (WinRing0_1_2_0)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{21A51130-7285-49FE-B3F6-2385CC71CDEA}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{21A51130-7285-49FE-B3F6-2385CC71CDEA}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{786DCDF6-3515-4b3e-BDAD-A8CE5F13214D}: "URL" = http://search.yahoo....evm&type=IEBDSV
IE - HKCU\..\SearchScopes\{995A88D4-2CBD-4e39-9822-B0DD04AEEFCC}: "URL" = http://www.bing.com/...=SPLBR1&pc=SPLH
IE - HKCU\..\SearchScopes\{C507F525-7AE3-4757-A1BE-653AAB24D4D2}: "URL" = http://www.google.co...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.138.0: C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.2: C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Aaron Long\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Aaron Long\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Aaron Long\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/08 22:04:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/03/08 22:04:00 | 000,000,000 | ---D | M]

[2011/12/28 20:03:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aaron Long\AppData\Roaming\Mozilla\Extensions
[2012/10/23 02:32:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aaron Long\AppData\Roaming\Mozilla\Firefox\Profiles\npz930rf.default\extensions
[2013/03/08 22:03:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/03/08 22:04:02 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/12/09 12:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012/09/03 14:02:18 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/03/08 22:04:02 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Aaron Long\AppData\Local\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Aaron Long\AppData\Local\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Aaron Long\AppData\Local\Google\Chrome\Application\25.0.1364.172\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Battlefield Play4Free Updater (Enabled) = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\npBP4FUpdater.dll
CHR - plugin: Battlefield Play4Free Updater (Enabled) = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\BP4FUpdater.exe
CHR - plugin: Heroes & Generals (Enabled) = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcdbmojodailncinonfdhpafgopelmbj\1.0.3.4_0\plugins/npretoxlive.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Aaron Long\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: FilePlanet: Free PC Games, Downloads, Mods, Demos, Patches & Maps = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnoghbolbbogfjhdhphboehngjkobekd\2012.1.25.24106_0\
CHR - Extension: Battlefield Play4Free = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\
CHR - Extension: Facebook = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnknkgccldocdogpnhbaddbdhhjiindo\2012.1.25.24069_0\
CHR - Extension: AdBlock = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\
CHR - Extension: LastPass = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.20_0\
CHR - Extension: Watch TV. Watch Movies. | Online | Free | Hulu = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhgbkjbpjkpdkbbalmaggmmlcffjaaae\2012.1.25.24120_0\
CHR - Extension: YouTurn = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\icphmmimmfdlgaaglejeokffekamhplg\2.2_0\
CHR - Extension: Yahoo! = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\inhalmiddnkoaejbelacfdaellglafkk\2012.1.25.24110_0\
CHR - Extension: Heroes & Generals updater (live) = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcdbmojodailncinonfdhpafgopelmbj\1.0.3.4_0\
CHR - Extension: Pandora Radio - Listen to Free Internet Radio, Find New Music = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcgjkdnkaikofglpiokiobahklcacdfb\2012.1.25.24057_0\
CHR - Extension: Awesome New Tab Page = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgmiemnjjchgkmgbeljfocdjjnpjnmcg\2013.107.6.0_0\
CHR - Extension: Google Mail Checker = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: CoreofGreymane's Channel - YouTube = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdaeemjmpffjlgeckaaadgfglmbpgbmo\2012.1.25.24115_0\
CHR - Extension: Minecraft Forum - News, Forums, Mods, and Texture Packs = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\pglelkkdopeeibjojindnmdcijkpfaai\2012.1.25.24118_0\
CHR - Extension: Gmail = C:\Users\Aaron Long\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Lachesis] C:\Program Files (x86)\Razer\Lachesis\razerhid.exe ()
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer USA Ltd)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKCU..\Run: [Spotify] C:\Users\Aaron Long\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Aaron Long\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Aaron Long\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Aaron Long\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Aaron Long\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.17.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{19656C68-C0DE-4BE3-BD04-B51A081E8BD1}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{13c26bb7-5acc-11e2-8606-50e5494cb46a}\Shell - "" = AutoRun
O33 - MountPoints2\{13c26bb7-5acc-11e2-8606-50e5494cb46a}\Shell\AutoRun\command - "" = F:\TL_Bootstrap.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/03/17 08:59:41 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013/03/17 08:50:48 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/03/17 06:40:51 | 000,000,000 | ---D | C] -- C:\Users\Aaron Long\AppData\Roaming\OBS
[2013/03/17 06:40:48 | 000,000,000 | ---D | C] -- C:\Users\Aaron Long\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
[2013/03/17 06:40:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OBS
[2013/03/17 06:33:18 | 000,000,000 | ---D | C] -- C:\RegBackup
[2013/03/17 06:32:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2013/03/17 06:32:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tweaking.com
[2013/03/14 19:31:21 | 000,000,000 | ---D | C] -- C:\Users\Aaron Long\AppData\Roaming\MinerWars
[2013/03/13 18:45:40 | 000,000,000 | ---D | C] -- C:\Users\Aaron Long\Documents\Impire
[2013/03/13 18:24:30 | 000,000,000 | ---D | C] -- C:\Users\Aaron Long\Documents\ManiaPlanet
[2013/03/13 18:24:30 | 000,000,000 | ---D | C] -- C:\ProgramData\ManiaPlanet
[2013/03/13 18:10:51 | 000,000,000 | ---D | C] -- C:\Users\Aaron Long\AppData\Roaming\Sword of the Stars - The Pit
[2013/03/12 23:13:04 | 000,000,000 | ---D | C] -- C:\Users\Aaron Long\Documents\Euro Truck Simulator 2
[2013/03/12 16:30:56 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/03/12 16:30:56 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/03/12 16:30:56 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/03/12 16:30:56 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/03/12 16:30:56 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/03/12 16:30:56 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/03/12 16:30:56 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/03/12 16:30:56 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/03/12 16:30:56 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/03/12 16:30:56 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/03/12 16:30:56 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/03/12 16:30:56 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/03/12 16:30:55 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/03/12 16:30:55 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/03/12 16:30:55 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/03/12 16:25:24 | 026,947,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013/03/12 16:25:24 | 025,256,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013/03/12 16:25:24 | 020,534,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013/03/12 16:25:24 | 017,987,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013/03/12 16:25:24 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013/03/12 16:25:24 | 015,275,744 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2013/03/12 16:25:24 | 012,862,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013/03/12 16:25:24 | 009,422,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013/03/12 16:25:24 | 007,964,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013/03/12 16:25:24 | 007,569,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013/03/12 16:25:24 | 006,267,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013/03/12 16:25:24 | 002,911,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013/03/12 16:25:24 | 002,726,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013/03/12 16:25:24 | 002,350,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013/03/12 16:25:24 | 001,990,944 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013/03/12 16:25:24 | 001,807,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6420294.dll
[2013/03/12 16:25:24 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6420162.dll
[2013/03/12 16:25:24 | 000,194,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2013/03/12 16:25:24 | 000,031,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2013/03/12 05:05:21 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Aaron Long\Desktop\OTL.exe
[2013/03/11 20:19:26 | 000,000,000 | ---D | C] -- C:\Users\Aaron Long\AppData\Roaming\.minecraft
[2013/03/11 16:15:27 | 001,393,736 | ---- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Users\Aaron Long\gotomypc_635.exe
[2013/03/11 15:50:59 | 000,000,000 | ---D | C] -- C:\ProgramData\CitrixLogs
[2013/03/11 15:45:46 | 011,881,936 | ---- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Users\Aaron Long\gosetup.exe
[2013/03/08 22:03:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/03/08 20:27:21 | 000,000,000 | ---D | C] -- C:\Users\Aaron Long\AppData\Roaming\com.stoicstudio.TheBannerSagaFactions
[2013/03/08 20:27:18 | 000,000,000 | ---D | C] -- C:\Users\Aaron Long\tbs_logs
[2013/03/06 23:55:09 | 000,000,000 | ---D | C] -- C:\Users\Aaron Long\AppData\Local\Targem
[2013/03/05 23:41:28 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/03/05 21:45:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™
[2013/02/25 08:37:12 | 000,000,000 | ---D | C] -- C:\Users\Aaron Long\AppData\Roaming\HpUpdate
[2013/02/25 08:36:50 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2013/02/25 08:36:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2013/02/25 08:36:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2013/02/25 08:35:13 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2013/02/25 08:34:24 | 000,000,000 | ---D | C] -- C:\Users\Aaron Long\AppData\Local\HP
[2013/02/23 19:32:23 | 000,000,000 | ---D | C] -- C:\Users\Aaron Long\AppData\Local\signal studios
[2013/02/16 16:53:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McLaren Electronic Systems
[2013/02/16 16:53:25 | 000,000,000 | ---D | C] -- C:\Users\Aaron Long\Documents\McLaren Electronic Systems
[2013/02/16 16:53:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McLaren Electronic Systems
[2013/02/16 16:36:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™ Closed Beta 2
[2013/02/15 15:31:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSpeed
[2013/02/15 15:31:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iSpeed
[2013/02/15 15:31:14 | 000,000,000 | ---D | C] -- C:\Users\Aaron Long\AppData\Roaming\Downloaded Installations
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/03/17 10:10:23 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/17 10:10:23 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/17 10:08:25 | 000,793,136 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/03/17 10:08:25 | 000,669,288 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/03/17 10:08:25 | 000,125,216 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/03/17 10:02:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/17 10:02:15 | 2082,299,903 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/17 09:52:52 | 000,597,667 | ---- | M] () -- C:\Users\Aaron Long\Desktop\AdwCleaner.exe
[2013/03/17 09:36:00 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2136970789-3445424151-3781644325-1002UA.job
[2013/03/17 09:14:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/17 08:59:34 | 735,267,528 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/03/17 06:40:48 | 000,000,959 | ---- | M] () -- C:\Users\Aaron Long\Desktop\Open Broadcaster Software.lnk
[2013/03/17 06:34:01 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-AARONLONG-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
[2013/03/17 06:32:54 | 000,002,199 | ---- | M] () -- C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
[2013/03/17 03:36:00 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2136970789-3445424151-3781644325-1002Core.job
[2013/03/14 19:31:10 | 000,786,860 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/03/13 06:14:08 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/03/13 06:14:08 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/03/12 16:33:09 | 000,001,838 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2013/03/12 05:05:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Aaron Long\Desktop\OTL.exe
[2013/03/11 16:15:30 | 001,393,736 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Users\Aaron Long\gotomypc_635.exe
[2013/03/11 15:46:12 | 011,881,936 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Users\Aaron Long\gosetup.exe
[2013/03/10 18:10:13 | 000,000,000 | -H-- | M] () -- C:\Users\Aaron Long\Documents\Default.rdp
[2013/03/08 17:04:50 | 000,000,000 | ---- | M] () -- C:\Users\Aaron Long\__ng3d.lock
[2013/03/05 23:41:25 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013/03/05 23:41:25 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013/03/05 23:41:25 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/03/05 23:41:25 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/03/05 23:41:25 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/03/05 23:41:25 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/03/05 23:39:56 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf
[2013/03/05 21:45:56 | 000,001,236 | ---- | M] () -- C:\Users\Public\Desktop\SimCity™.lnk
[2013/03/05 21:08:19 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_rzudd_01009.Wdf
[2013/03/05 21:07:58 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_rzendpt_01009.Wdf
[2013/02/22 13:49:37 | 000,401,072 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/02/21 21:49:57 | 000,000,024 | ---- | M] () -- C:\Users\Aaron Long\random.dat
[2013/02/21 21:32:45 | 000,000,049 | ---- | M] () -- C:\Users\Aaron Long\jagex_cl_runescape_LIVE.dat
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/03/17 09:52:49 | 000,597,667 | ---- | C] () -- C:\Users\Aaron Long\Desktop\AdwCleaner.exe
[2013/03/17 08:59:34 | 735,267,528 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013/03/17 06:40:48 | 000,000,959 | ---- | C] () -- C:\Users\Aaron Long\Desktop\Open Broadcaster Software.lnk
[2013/03/17 06:34:01 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-AARONLONG-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
[2013/03/17 06:32:54 | 000,002,199 | ---- | C] () -- C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
[2013/03/10 18:10:13 | 000,000,000 | -H-- | C] () -- C:\Users\Aaron Long\Documents\Default.rdp
[2013/03/08 17:04:50 | 000,000,000 | ---- | C] () -- C:\Users\Aaron Long\__ng3d.lock
[2013/03/05 23:39:56 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf
[2013/03/05 21:45:56 | 000,001,236 | ---- | C] () -- C:\Users\Public\Desktop\SimCity™.lnk
[2013/03/05 21:08:19 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_rzudd_01009.Wdf
[2013/03/05 21:07:58 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_rzendpt_01009.Wdf
[2013/02/12 19:26:34 | 000,042,880 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2013/01/13 14:28:59 | 000,000,050 | ---- | C] () -- C:\Users\Aaron Long\jagex_cl_runescape_LIVE1.dat
[2012/12/01 20:35:05 | 000,017,717 | ---- | C] () -- C:\Users\Aaron Long\AppData\Local\recently-used.xbel
[2012/11/11 04:59:38 | 000,000,051 | ---- | C] () -- C:\Users\Aaron Long\jagex_cl_loginapplet_LIVE.dat
[2012/11/04 21:54:23 | 000,172,840 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/04/25 14:40:56 | 000,001,838 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2012/04/06 02:19:30 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2012/03/03 19:55:38 | 000,068,212 | ---- | C] () -- C:\Users\Aaron Long\AppData\Roaming\icarus-dxdiag.xml
[2012/02/28 21:12:45 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012/02/21 16:26:23 | 000,000,049 | ---- | C] () -- C:\Users\Aaron Long\jagex_cl_runescape_LIVE.dat
[2012/02/21 16:26:23 | 000,000,024 | ---- | C] () -- C:\Users\Aaron Long\random.dat
[2012/02/07 15:35:57 | 000,000,005 | ---- | C] () -- C:\Windows\SysWow64\SySAVI2WMV.dat
[2012/02/07 15:35:51 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2012/01/12 15:34:57 | 000,786,860 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/01/12 04:10:07 | 003,123,272 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012/01/03 20:31:21 | 002,601,752 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_moh.exe
[2011/12/28 14:06:31 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2011/12/13 04:49:09 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011/12/13 04:46:55 | 013,906,944 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/12/13 04:46:55 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/12/13 04:46:55 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/12/13 04:46:55 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/12/13 04:46:55 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/12/13 04:41:40 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011/09/28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/05/31 01:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2011/05/31 01:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
  • 0

#8
Dakeyras
Posted 19 March 2013 - 06:15 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

My apologies for the delay.

Somewhere down the line two desktop.ini files were created on my desktop?

These are actually legitimate and are now showing as part of the initial benign OTL scan will reveal hidden files etc, which from say a Anti-Malware support role makes things a tad easier if I advised say file upload to be checked for example.

When we remove OTL via a specific procedure these will be hidden again.

Also I would be very appreciative if you could answer me a question when done. With Windows 7 is it possible to still un-check all startup inside msconfig? I know in XP, and Vista the important services would restart automatically.

In theory aye. If not aware the presently installed CCleaner is quite effective for dealing with unnecessary system start ups.

Or you could consider WinPatrol when I give the all clear.

Download it from here.

You can find information about how WinPatrol works here.

Scan with TDSSKiller:

Please download TDSSKiller.zip and extract (unzip) it to your Desktop.

  • Right-click on TDSSKiller.exe to launch it.
  • When the window opens, click on Change Parameters
  • Under Additional options, select both Verify driver digital signatures & Detect TDLFS File System >> OK
  • Click on Start Scan, the scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • A Report will have been created by TDSSKiller in your root directory C:\
  • To find the log go to Start(Windows 7 Orb) > Computer > C:
  • Post the contents of that log in your next reply please.
Note: Do not have TDSSKiller remove anything if found at this point in time!
  • 0

#9
Mayko
Posted 19 March 2013 - 10:45 AM

Mayko

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
No problem at all I don't expect a volunteer to respond instantly. Your time is valuable, and I understand that.

I try not to use CCleaner when I clean up my start up every month or so. I prefer a good hand cleaning for that, but I haven't tried full clearing it on Windows 7 . Thank you.

Here is the TDSSKiller log.

11:39:26.0361 2312 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:39:26.0848 2312 ============================================================
11:39:26.0848 2312 Current date / time: 2013/03/19 11:39:26.0848
11:39:26.0848 2312 SystemInfo:
11:39:26.0848 2312
11:39:26.0848 2312 OS Version: 6.1.7601 ServicePack: 1.0
11:39:26.0848 2312 Product type: Workstation
11:39:26.0848 2312 ComputerName: AARONLONG-PC
11:39:26.0848 2312 UserName: Aaron Long
11:39:26.0848 2312 Windows directory: C:\Windows
11:39:26.0848 2312 System windows directory: C:\Windows
11:39:26.0848 2312 Running under WOW64
11:39:26.0848 2312 Processor architecture: Intel x64
11:39:26.0848 2312 Number of processors: 8
11:39:26.0848 2312 Page size: 0x1000
11:39:26.0848 2312 Boot type: Normal boot
11:39:26.0848 2312 ============================================================
11:39:27.0803 2312 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3F161, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
11:39:34.0504 2312 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:39:34.0508 2312 ============================================================
11:39:34.0508 2312 \Device\Harddisk0\DR0:
11:39:34.0544 2312 MBR partitions:
11:39:34.0544 2312 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:39:34.0544 2312 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE8DD5800
11:39:34.0544 2312 \Device\Harddisk1\DR1:
11:39:34.0544 2312 MBR partitions:
11:39:34.0544 2312 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A3855BD
11:39:34.0544 2312 ============================================================
11:39:34.0563 2312 C: <-> \Device\Harddisk0\DR0\Partition2
11:39:34.0581 2312 E: <-> \Device\Harddisk1\DR1\Partition1
11:39:34.0581 2312 ============================================================
11:39:34.0581 2312 Initialize success
11:39:34.0581 2312 ============================================================
11:40:14.0073 4968 ============================================================
11:40:14.0073 4968 Scan started
11:40:14.0073 4968 Mode: Manual; SigCheck; TDLFS;
11:40:14.0073 4968 ============================================================
11:40:14.0292 4968 ================ Scan system memory ========================
11:40:14.0292 4968 System memory - ok
11:40:14.0292 4968 ================ Scan services =============================
11:40:14.0395 4968 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:40:14.0448 4968 1394ohci - ok
11:40:14.0466 4968 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:40:14.0477 4968 ACPI - ok
11:40:14.0484 4968 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:40:14.0528 4968 AcpiPmi - ok
11:40:14.0615 4968 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:40:14.0622 4968 AdobeARMservice - ok
11:40:14.0727 4968 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:40:14.0735 4968 AdobeFlashPlayerUpdateSvc - ok
11:40:14.0752 4968 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:40:14.0764 4968 adp94xx - ok
11:40:14.0789 4968 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:40:14.0805 4968 adpahci - ok
11:40:14.0821 4968 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:40:14.0829 4968 adpu320 - ok
11:40:14.0849 4968 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:40:14.0928 4968 AeLookupSvc - ok
11:40:14.0976 4968 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
11:40:15.0009 4968 AFD - ok
11:40:15.0026 4968 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:40:15.0033 4968 agp440 - ok
11:40:15.0042 4968 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
11:40:15.0059 4968 ALG - ok
11:40:15.0069 4968 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
11:40:15.0076 4968 aliide - ok
11:40:15.0078 4968 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
11:40:15.0084 4968 amdide - ok
11:40:15.0090 4968 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:40:15.0122 4968 AmdK8 - ok
11:40:15.0137 4968 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
11:40:15.0146 4968 AmdPPM - ok
11:40:15.0181 4968 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:40:15.0189 4968 amdsata - ok
11:40:15.0192 4968 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
11:40:15.0200 4968 amdsbs - ok
11:40:15.0211 4968 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:40:15.0217 4968 amdxata - ok
11:40:15.0259 4968 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
11:40:15.0269 4968 AntiVirSchedulerService - ok
11:40:15.0275 4968 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
11:40:15.0281 4968 AntiVirService - ok
11:40:15.0291 4968 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
11:40:15.0325 4968 AppID - ok
11:40:15.0336 4968 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:40:15.0373 4968 AppIDSvc - ok
11:40:15.0399 4968 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
11:40:15.0421 4968 Appinfo - ok
11:40:15.0483 4968 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:40:15.0488 4968 Apple Mobile Device - ok
11:40:15.0508 4968 [ 6BE11AD81D4527D299F0CB5F3731AABC ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
11:40:15.0515 4968 AppleCharger - ok
11:40:15.0525 4968 [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
11:40:15.0531 4968 AppleChargerSrv - ok
11:40:15.0557 4968 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
11:40:15.0565 4968 arc - ok
11:40:15.0578 4968 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:40:15.0586 4968 arcsas - ok
11:40:15.0676 4968 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:40:15.0685 4968 aspnet_state - ok
11:40:15.0711 4968 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:40:15.0738 4968 AsyncMac - ok
11:40:15.0740 4968 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
11:40:15.0746 4968 atapi - ok
11:40:15.0807 4968 [ 3EFD964D52221360AF0673CD61C2F4F5 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
11:40:15.0861 4968 atikmdag - ok
11:40:15.0891 4968 [ FC0E8778C000291CAF60EB88C011E931 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
11:40:15.0900 4968 atksgt - ok
11:40:15.0931 4968 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:40:15.0967 4968 AudioEndpointBuilder - ok
11:40:15.0973 4968 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:40:15.0997 4968 AudioSrv - ok
11:40:16.0019 4968 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
11:40:16.0026 4968 avgntflt - ok
11:40:16.0047 4968 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
11:40:16.0054 4968 avipbb - ok
11:40:16.0066 4968 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
11:40:16.0072 4968 avkmgr - ok
11:40:16.0093 4968 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:40:16.0113 4968 AxInstSV - ok
11:40:16.0141 4968 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
11:40:16.0179 4968 b06bdrv - ok
11:40:16.0197 4968 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:40:16.0223 4968 b57nd60a - ok
11:40:16.0247 4968 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:40:16.0270 4968 BDESVC - ok
11:40:16.0276 4968 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:40:16.0309 4968 Beep - ok
11:40:16.0338 4968 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
11:40:16.0365 4968 BFE - ok
11:40:16.0390 4968 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
11:40:16.0432 4968 BITS - ok
11:40:16.0445 4968 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:40:16.0463 4968 blbdrive - ok
11:40:16.0964 4968 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:40:16.0974 4968 Bonjour Service - ok
11:40:17.0000 4968 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:40:17.0032 4968 bowser - ok
11:40:17.0056 4968 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
11:40:17.0080 4968 BrFiltLo - ok
11:40:17.0095 4968 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
11:40:17.0113 4968 BrFiltUp - ok
11:40:17.0148 4968 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
11:40:17.0161 4968 Browser - ok
11:40:17.0172 4968 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:40:17.0209 4968 Brserid - ok
11:40:17.0220 4968 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:40:17.0236 4968 BrSerWdm - ok
11:40:17.0246 4968 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:40:17.0262 4968 BrUsbMdm - ok
11:40:17.0278 4968 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:40:17.0286 4968 BrUsbSer - ok
11:40:17.0293 4968 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
11:40:17.0312 4968 BTHMODEM - ok
11:40:17.0333 4968 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
11:40:17.0366 4968 bthserv - ok
11:40:17.0378 4968 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:40:17.0400 4968 cdfs - ok
11:40:17.0425 4968 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:40:17.0434 4968 cdrom - ok
11:40:17.0459 4968 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
11:40:17.0497 4968 CertPropSvc - ok
11:40:17.0508 4968 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
11:40:17.0518 4968 circlass - ok
11:40:17.0529 4968 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
11:40:17.0539 4968 CLFS - ok
11:40:17.0585 4968 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:40:17.0591 4968 clr_optimization_v2.0.50727_32 - ok
11:40:17.0615 4968 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:40:17.0623 4968 clr_optimization_v2.0.50727_64 - ok
11:40:17.0709 4968 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:40:17.0716 4968 clr_optimization_v4.0.30319_32 - ok
11:40:17.0722 4968 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:40:17.0729 4968 clr_optimization_v4.0.30319_64 - ok
11:40:17.0746 4968 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
11:40:17.0767 4968 CmBatt - ok
11:40:17.0777 4968 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:40:17.0784 4968 cmdide - ok
11:40:17.0826 4968 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
11:40:17.0841 4968 CNG - ok
11:40:17.0853 4968 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
11:40:17.0859 4968 Compbatt - ok
11:40:17.0881 4968 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
11:40:17.0900 4968 CompositeBus - ok
11:40:17.0911 4968 COMSysApp - ok
11:40:17.0958 4968 [ C08063F052308B6F5882482615387F30 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys
11:40:17.0964 4968 cpuz135 - ok
11:40:17.0978 4968 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:40:17.0985 4968 crcdisk - ok
11:40:18.0027 4968 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:40:18.0053 4968 CryptSvc - ok
11:40:18.0129 4968 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
11:40:18.0144 4968 cvhsvc - ok
11:40:18.0171 4968 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:40:18.0220 4968 DcomLaunch - ok
11:40:18.0235 4968 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
11:40:18.0263 4968 defragsvc - ok
11:40:18.0279 4968 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:40:18.0310 4968 DfsC - ok
11:40:18.0332 4968 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
11:40:18.0366 4968 Dhcp - ok
11:40:18.0379 4968 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
11:40:18.0430 4968 discache - ok
11:40:18.0454 4968 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
11:40:18.0461 4968 Disk - ok
11:40:18.0475 4968 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:40:18.0491 4968 Dnscache - ok
11:40:18.0506 4968 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:40:18.0530 4968 dot3svc - ok
11:40:18.0533 4968 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
11:40:18.0567 4968 DPS - ok
11:40:18.0578 4968 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:40:18.0588 4968 drmkaud - ok
11:40:18.0637 4968 dump_wmimmc - ok
11:40:18.0763 4968 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:40:18.0780 4968 DXGKrnl - ok
11:40:18.0789 4968 EagleX64 - ok
11:40:18.0801 4968 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:40:18.0837 4968 EapHost - ok
11:40:18.0887 4968 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
11:40:18.0923 4968 ebdrv - ok
11:40:18.0937 4968 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
11:40:18.0972 4968 EFS - ok
11:40:19.0011 4968 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:40:19.0045 4968 ehRecvr - ok
11:40:19.0068 4968 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
11:40:19.0076 4968 ehSched - ok
11:40:19.0102 4968 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:40:19.0116 4968 elxstor - ok
11:40:19.0125 4968 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:40:19.0150 4968 ErrDev - ok
11:40:19.0180 4968 [ 72ECCB2F5C9CFC32A9B2A60933832501 ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys
11:40:19.0201 4968 EtronHub3 - ok
11:40:19.0214 4968 [ 7BB310F6FB9E1B9D21DD2CE7EB0D5464 ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys
11:40:19.0234 4968 EtronXHCI - ok
11:40:19.0316 4968 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
11:40:19.0354 4968 EventSystem - ok
11:40:19.0378 4968 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
11:40:19.0401 4968 exfat - ok
11:40:19.0414 4968 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:40:19.0438 4968 fastfat - ok
11:40:19.0455 4968 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
11:40:19.0490 4968 Fax - ok
11:40:19.0501 4968 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
11:40:19.0518 4968 fdc - ok
11:40:19.0541 4968 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:40:19.0563 4968 fdPHost - ok
11:40:19.0576 4968 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:40:19.0599 4968 FDResPub - ok
11:40:19.0606 4968 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:40:19.0613 4968 FileInfo - ok
11:40:19.0623 4968 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:40:19.0655 4968 Filetrace - ok
11:40:19.0667 4968 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
11:40:19.0675 4968 flpydisk - ok
11:40:19.0686 4968 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:40:19.0697 4968 FltMgr - ok
11:40:19.0728 4968 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
11:40:19.0764 4968 FontCache - ok
11:40:19.0798 4968 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:40:19.0804 4968 FontCache3.0.0.0 - ok
11:40:19.0823 4968 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:40:19.0830 4968 FsDepends - ok
11:40:19.0869 4968 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:40:19.0876 4968 Fs_Rec - ok
11:40:19.0911 4968 [ 79B4CDE2B69ED8BA4011859780A66A4D ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
11:40:19.0918 4968 Futuremark SystemInfo Service - ok
11:40:19.0934 4968 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:40:19.0945 4968 fvevol - ok
11:40:19.0963 4968 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:40:19.0971 4968 gagp30kx - ok
11:40:19.0979 4968 gdrv - ok
11:40:20.0015 4968 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:40:20.0020 4968 GEARAspiWDM - ok
11:40:20.0055 4968 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
11:40:20.0083 4968 gpsvc - ok
11:40:20.0119 4968 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
11:40:20.0127 4968 gusvc - ok
11:40:20.0139 4968 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:40:20.0165 4968 hcw85cir - ok
11:40:20.0180 4968 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:40:20.0205 4968 HdAudAddService - ok
11:40:20.0222 4968 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:40:20.0248 4968 HDAudBus - ok
11:40:20.0261 4968 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
11:40:20.0268 4968 HidBatt - ok
11:40:20.0285 4968 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:40:20.0306 4968 HidBth - ok
11:40:20.0330 4968 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
11:40:20.0340 4968 HidIr - ok
11:40:20.0352 4968 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
11:40:20.0374 4968 hidserv - ok
11:40:20.0394 4968 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:40:20.0402 4968 HidUsb - ok
11:40:20.0458 4968 [ D498AD244C51B2DD0639C8C75F68E2F4 ] HiPatchService C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
11:40:20.0467 4968 HiPatchService ( UnsignedFile.Multi.Generic ) - warning
11:40:20.0467 4968 HiPatchService - detected UnsignedFile.Multi.Generic (1)
11:40:20.0482 4968 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:40:20.0514 4968 hkmsvc - ok
11:40:20.0525 4968 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:40:20.0545 4968 HomeGroupListener - ok
11:40:20.0559 4968 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:40:20.0569 4968 HomeGroupProvider - ok
11:40:20.0578 4968 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:40:20.0585 4968 HpSAMD - ok
11:40:20.0600 4968 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:40:20.0641 4968 HTTP - ok
11:40:20.0656 4968 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:40:20.0662 4968 hwpolicy - ok
11:40:20.0670 4968 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:40:20.0678 4968 i8042prt - ok
11:40:20.0728 4968 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:40:20.0740 4968 iaStorV - ok
11:40:20.0776 4968 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:40:20.0791 4968 idsvc - ok
11:40:20.0925 4968 [ 9937600A1584FF00565D5379EB4C9EDB ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
11:40:21.0071 4968 igfx - ok
11:40:21.0103 4968 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:40:21.0110 4968 iirsp - ok
11:40:21.0142 4968 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
11:40:21.0184 4968 IKEEXT - ok
11:40:21.0246 4968 [ 392D5C87F282E8E36DF5154418A7BB20 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:40:21.0285 4968 IntcAzAudAddService - ok
11:40:21.0319 4968 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
11:40:21.0338 4968 IntcDAud - ok
11:40:21.0356 4968 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
11:40:21.0362 4968 intelide - ok
11:40:21.0374 4968 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:40:21.0390 4968 intelppm - ok
11:40:21.0405 4968 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:40:21.0440 4968 IPBusEnum - ok
11:40:21.0454 4968 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:40:21.0476 4968 IpFilterDriver - ok
11:40:21.0520 4968 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:40:21.0556 4968 iphlpsvc - ok
11:40:21.0569 4968 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:40:21.0590 4968 IPMIDRV - ok
11:40:21.0613 4968 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:40:21.0645 4968 IPNAT - ok
11:40:21.0687 4968 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:40:21.0702 4968 iPod Service - ok
11:40:21.0794 4968 [ 4F963AC251722D566D9F72F57E9711CB ] iRacingService C:\Program Files (x86)\iRacing\iRacingService.exe
11:40:21.0805 4968 iRacingService - ok
11:40:21.0828 4968 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:40:21.0838 4968 IRENUM - ok
11:40:21.0869 4968 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:40:21.0875 4968 isapnp - ok
11:40:21.0890 4968 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:40:21.0899 4968 iScsiPrt - ok
11:40:21.0917 4968 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:40:21.0924 4968 kbdclass - ok
11:40:21.0929 4968 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:40:21.0946 4968 kbdhid - ok
11:40:21.0970 4968 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
11:40:21.0977 4968 KeyIso - ok
11:40:22.0008 4968 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:40:22.0023 4968 KSecDD - ok
11:40:22.0063 4968 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:40:22.0070 4968 KSecPkg - ok
11:40:22.0076 4968 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:40:22.0119 4968 ksthunk - ok
11:40:22.0140 4968 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
11:40:22.0165 4968 KtmRm - ok
11:40:22.0182 4968 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
11:40:22.0213 4968 LanmanServer - ok
11:40:22.0236 4968 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:40:22.0271 4968 LanmanWorkstation - ok
11:40:22.0321 4968 [ 83BA097ACAAD0B00505634A62D90F93A ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
11:40:22.0327 4968 lirsgt - ok
11:40:22.0340 4968 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:40:22.0377 4968 lltdio - ok
11:40:22.0393 4968 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:40:22.0431 4968 lltdsvc - ok
11:40:22.0457 4968 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:40:22.0481 4968 lmhosts - ok
11:40:22.0528 4968 [ 0803906D607A9B83184447B75B60ECC2 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
11:40:22.0538 4968 LMS - ok
11:40:22.0561 4968 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:40:22.0569 4968 LSI_FC - ok
11:40:22.0574 4968 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:40:22.0582 4968 LSI_SAS - ok
11:40:22.0594 4968 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
11:40:22.0601 4968 LSI_SAS2 - ok
11:40:22.0612 4968 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:40:22.0620 4968 LSI_SCSI - ok
11:40:22.0627 4968 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
11:40:22.0651 4968 luafv - ok
11:40:22.0677 4968 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:40:22.0685 4968 Mcx2Svc - ok
11:40:22.0692 4968 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
11:40:22.0698 4968 megasas - ok
11:40:22.0717 4968 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
11:40:22.0727 4968 MegaSR - ok
11:40:22.0743 4968 [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
11:40:22.0748 4968 MEIx64 - ok
11:40:22.0755 4968 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
11:40:22.0790 4968 MMCSS - ok
11:40:22.0803 4968 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:40:22.0825 4968 Modem - ok
11:40:22.0842 4968 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:40:22.0860 4968 monitor - ok
11:40:22.0888 4968 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:40:22.0895 4968 mouclass - ok
11:40:22.0906 4968 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:40:22.0921 4968 mouhid - ok
11:40:22.0944 4968 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:40:22.0951 4968 mountmgr - ok
11:40:23.0039 4968 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:40:23.0046 4968 MozillaMaintenance - ok
11:40:23.0061 4968 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
11:40:23.0069 4968 mpio - ok
11:40:23.0083 4968 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:40:23.0105 4968 mpsdrv - ok
11:40:23.0127 4968 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:40:23.0156 4968 MpsSvc - ok
11:40:23.0162 4968 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:40:23.0181 4968 MRxDAV - ok
11:40:23.0201 4968 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:40:23.0220 4968 mrxsmb - ok
11:40:23.0231 4968 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:40:23.0240 4968 mrxsmb10 - ok
11:40:23.0251 4968 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:40:23.0259 4968 mrxsmb20 - ok
11:40:23.0264 4968 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
11:40:23.0271 4968 msahci - ok
11:40:23.0277 4968 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:40:23.0285 4968 msdsm - ok
11:40:23.0294 4968 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
11:40:23.0303 4968 MSDTC - ok
11:40:23.0314 4968 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:40:23.0335 4968 Msfs - ok
11:40:23.0359 4968 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:40:23.0381 4968 mshidkmdf - ok
11:40:23.0387 4968 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:40:23.0393 4968 msisadrv - ok
11:40:23.0414 4968 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:40:23.0447 4968 MSiSCSI - ok
11:40:23.0449 4968 msiserver - ok
11:40:23.0451 4968 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:40:23.0473 4968 MSKSSRV - ok
11:40:23.0475 4968 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:40:23.0505 4968 MSPCLOCK - ok
11:40:23.0532 4968 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:40:23.0564 4968 MSPQM - ok
11:40:23.0578 4968 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:40:23.0589 4968 MsRPC - ok
11:40:23.0600 4968 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
11:40:23.0607 4968 mssmbios - ok
11:40:23.0616 4968 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:40:23.0645 4968 MSTEE - ok
11:40:23.0647 4968 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
11:40:23.0655 4968 MTConfig - ok
11:40:23.0667 4968 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:40:23.0674 4968 Mup - ok
11:40:23.0691 4968 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
11:40:23.0722 4968 napagent - ok
11:40:23.0754 4968 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:40:23.0778 4968 NativeWifiP - ok
11:40:23.0838 4968 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:40:23.0855 4968 NDIS - ok
11:40:23.0868 4968 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:40:23.0891 4968 NdisCap - ok
11:40:23.0902 4968 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:40:23.0923 4968 NdisTapi - ok
11:40:23.0936 4968 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:40:23.0957 4968 Ndisuio - ok
11:40:23.0966 4968 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:40:23.0999 4968 NdisWan - ok
11:40:24.0001 4968 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:40:24.0041 4968 NDProxy - ok
11:40:24.0060 4968 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:40:24.0091 4968 NetBIOS - ok
11:40:24.0103 4968 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:40:24.0126 4968 NetBT - ok
11:40:24.0136 4968 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
11:40:24.0143 4968 Netlogon - ok
11:40:24.0164 4968 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
11:40:24.0197 4968 Netman - ok
11:40:24.0244 4968 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:40:24.0251 4968 NetMsmqActivator - ok
11:40:24.0253 4968 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:40:24.0259 4968 NetPipeActivator - ok
11:40:24.0273 4968 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
11:40:24.0311 4968 netprofm - ok
11:40:24.0313 4968 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:40:24.0320 4968 NetTcpActivator - ok
11:40:24.0322 4968 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:40:24.0328 4968 NetTcpPortSharing - ok
11:40:24.0354 4968 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:40:24.0361 4968 nfrd960 - ok
11:40:24.0383 4968 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:40:24.0394 4968 NlaSvc - ok
11:40:24.0403 4968 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:40:24.0425 4968 Npfs - ok
11:40:24.0427 4968 npggsvc - ok
11:40:24.0429 4968 NPPTNT2 - ok
11:40:24.0432 4968 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:40:24.0465 4968 nsi - ok
11:40:24.0467 4968 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:40:24.0488 4968 nsiproxy - ok
11:40:24.0533 4968 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:40:24.0558 4968 Ntfs - ok
11:40:24.0570 4968 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
11:40:24.0592 4968 Null - ok
11:40:24.0695 4968 [ B4F53BCA4C688FF47F04FA90098F896E ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
11:40:24.0705 4968 NVHDA - ok
11:40:24.0970 4968 [ 0A2F27B5BCC45B64E152DD6AE0815198 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:40:25.0104 4968 nvlddmkm - ok
11:40:25.0164 4968 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:40:25.0172 4968 nvraid - ok
11:40:25.0195 4968 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:40:25.0203 4968 nvstor - ok
11:40:25.0315 4968 [ 574087EA9105F23FB522A4FDDD5292D9 ] nvsvc C:\Windows\system32\nvvsvc.exe
11:40:25.0331 4968 nvsvc - ok
11:40:25.0412 4968 [ ABA5A88740635D37A2B6CEB27DBC738A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:40:25.0432 4968 nvUpdatusService - ok
11:40:25.0448 4968 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:40:25.0455 4968 nv_agp - ok
11:40:25.0475 4968 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:40:25.0483 4968 ohci1394 - ok
11:40:25.0529 4968 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:40:25.0536 4968 ose - ok
11:40:25.0617 4968 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:40:25.0680 4968 osppsvc - ok
11:40:25.0707 4968 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:40:25.0737 4968 p2pimsvc - ok
11:40:25.0755 4968 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
11:40:25.0766 4968 p2psvc - ok
11:40:25.0774 4968 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
11:40:25.0783 4968 Parport - ok
11:40:25.0816 4968 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:40:25.0823 4968 partmgr - ok
11:40:25.0834 4968 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:40:25.0854 4968 PcaSvc - ok
11:40:25.0876 4968 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
11:40:25.0890 4968 pci - ok
11:40:25.0904 4968 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
11:40:25.0910 4968 pciide - ok
11:40:25.0921 4968 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:40:25.0930 4968 pcmcia - ok
11:40:25.0936 4968 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
11:40:25.0942 4968 pcw - ok
11:40:25.0958 4968 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:40:25.0993 4968 PEAUTH - ok
11:40:26.0050 4968 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:40:26.0072 4968 PerfHost - ok
11:40:26.0099 4968 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
11:40:26.0133 4968 pla - ok
11:40:26.0162 4968 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:40:26.0194 4968 PlugPlay - ok
11:40:26.0206 4968 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:40:26.0214 4968 PNRPAutoReg - ok
11:40:26.0218 4968 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:40:26.0227 4968 PNRPsvc - ok
11:40:26.0250 4968 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:40:26.0275 4968 PolicyAgent - ok
11:40:26.0299 4968 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
11:40:26.0329 4968 Power - ok
11:40:26.0354 4968 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:40:26.0388 4968 PptpMiniport - ok
11:40:26.0402 4968 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
11:40:26.0420 4968 Processor - ok
11:40:26.0458 4968 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
11:40:26.0490 4968 ProfSvc - ok
11:40:26.0502 4968 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:40:26.0509 4968 ProtectedStorage - ok
11:40:26.0531 4968 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:40:26.0567 4968 Psched - ok
11:40:26.0632 4968 [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
11:40:26.0639 4968 PSI_SVC_2 - ok
11:40:26.0675 4968 [ 4A304ED3E7F247FC8AE2D8E4ECCE389D ] PuranDefrag C:\Windows\system32\PuranDefragS.exe
11:40:26.0681 4968 PuranDefrag ( UnsignedFile.Multi.Generic ) - warning
11:40:26.0681 4968 PuranDefrag - detected UnsignedFile.Multi.Generic (1)
11:40:26.0711 4968 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
11:40:26.0734 4968 ql2300 - ok
11:40:26.0744 4968 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
11:40:26.0752 4968 ql40xx - ok
11:40:26.0770 4968 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
11:40:26.0783 4968 QWAVE - ok
11:40:26.0793 4968 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:40:26.0804 4968 QWAVEdrv - ok
11:40:26.0816 4968 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:40:26.0837 4968 RasAcd - ok
11:40:26.0853 4968 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:40:26.0874 4968 RasAgileVpn - ok
11:40:26.0890 4968 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
11:40:26.0913 4968 RasAuto - ok
11:40:26.0936 4968 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:40:26.0966 4968 Rasl2tp - ok
11:40:26.0989 4968 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
11:40:27.0013 4968 RasMan - ok
11:40:27.0022 4968 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:40:27.0055 4968 RasPppoe - ok
11:40:27.0071 4968 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:40:27.0103 4968 RasSstp - ok
11:40:27.0135 4968 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:40:27.0173 4968 rdbss - ok
11:40:27.0185 4968 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
11:40:27.0195 4968 rdpbus - ok
11:40:27.0213 4968 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:40:27.0234 4968 RDPCDD - ok
11:40:27.0248 4968 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:40:27.0277 4968 RDPENCDD - ok
11:40:27.0280 4968 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:40:27.0300 4968 RDPREFMP - ok
11:40:27.0348 4968 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:40:27.0378 4968 RdpVideoMiniport - ok
11:40:27.0416 4968 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:40:27.0430 4968 RDPWD - ok
11:40:27.0448 4968 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:40:27.0456 4968 rdyboost - ok
11:40:27.0474 4968 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:40:27.0497 4968 RemoteAccess - ok
11:40:27.0508 4968 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:40:27.0532 4968 RemoteRegistry - ok
11:40:27.0539 4968 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:40:27.0561 4968 RpcEptMapper - ok
11:40:27.0571 4968 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
11:40:27.0579 4968 RpcLocator - ok
11:40:27.0594 4968 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
11:40:27.0618 4968 RpcSs - ok
11:40:27.0632 4968 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:40:27.0654 4968 rspndr - ok
11:40:27.0678 4968 [ E50CFB92986DCAB49DE93788FD695813 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
11:40:27.0689 4968 RTL8167 - ok
11:40:27.0740 4968 [ 944285B6FD4E29897844B743E1DBE3D1 ] rzendpt C:\Windows\system32\DRIVERS\rzendpt.sys
11:40:27.0775 4968 rzendpt - ok
11:40:27.0788 4968 [ D28AB8D41CA4633EA69F2897F0B45565 ] rzudd C:\Windows\system32\DRIVERS\rzudd.sys
11:40:27.0823 4968 rzudd - ok
11:40:27.0835 4968 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
11:40:27.0843 4968 SamSs - ok
11:40:27.0907 4968 [ 0FE05DD9BBF0782E2BBF0977F2034616 ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
11:40:27.0916 4968 SbieDrv - ok
11:40:27.0935 4968 [ C970C7B2FD2E811525D4578D50B535F5 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
11:40:27.0942 4968 SbieSvc - ok
11:40:27.0946 4968 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:40:27.0953 4968 sbp2port - ok
11:40:27.0976 4968 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:40:27.0999 4968 SCardSvr - ok
11:40:28.0021 4968 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:40:28.0041 4968 scfilter - ok
11:40:28.0050 4968 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
11:40:28.0087 4968 Schedule - ok
11:40:28.0116 4968 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:40:28.0137 4968 SCPolicySvc - ok
11:40:28.0153 4968 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:40:28.0170 4968 SDRSVC - ok
11:40:28.0192 4968 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:40:28.0213 4968 secdrv - ok
11:40:28.0222 4968 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
11:40:28.0243 4968 seclogon - ok
11:40:28.0257 4968 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
11:40:28.0287 4968 SENS - ok
11:40:28.0302 4968 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:40:28.0314 4968 SensrSvc - ok
11:40:28.0322 4968 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:40:28.0342 4968 Serenum - ok
11:40:28.0366 4968 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:40:28.0375 4968 Serial - ok
11:40:28.0392 4968 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
11:40:28.0407 4968 sermouse - ok
11:40:28.0424 4968 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
11:40:28.0454 4968 SessionEnv - ok
11:40:28.0465 4968 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:40:28.0482 4968 sffdisk - ok
11:40:28.0497 4968 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:40:28.0517 4968 sffp_mmc - ok
11:40:28.0519 4968 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:40:28.0528 4968 sffp_sd - ok
11:40:28.0539 4968 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
11:40:28.0546 4968 sfloppy - ok
11:40:28.0592 4968 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
11:40:28.0606 4968 Sftfs - ok
11:40:28.0671 4968 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
11:40:28.0682 4968 sftlist - ok
11:40:28.0699 4968 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
11:40:28.0708 4968 Sftplay - ok
11:40:28.0725 4968 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
11:40:28.0731 4968 Sftredir - ok
11:40:28.0744 4968 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
11:40:28.0750 4968 Sftvol - ok
11:40:28.0760 4968 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
11:40:28.0768 4968 sftvsa - ok
11:40:28.0791 4968 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:40:28.0829 4968 SharedAccess - ok
11:40:28.0849 4968 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:40:28.0881 4968 ShellHWDetection - ok
11:40:28.0914 4968 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
11:40:28.0921 4968 SiSRaid2 - ok
11:40:28.0930 4968 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:40:28.0937 4968 SiSRaid4 - ok
11:40:28.0990 4968 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
11:40:28.0997 4968 SkypeUpdate - ok
11:40:29.0024 4968 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:40:29.0047 4968 Smb - ok
11:40:29.0064 4968 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:40:29.0079 4968 SNMPTRAP - ok
11:40:29.0125 4968 [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan C:\Windows\syswow64\speedfan.sys
11:40:29.0133 4968 speedfan - ok
11:40:29.0144 4968 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
11:40:29.0150 4968 spldr - ok
11:40:29.0185 4968 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
11:40:29.0204 4968 Spooler - ok
11:40:29.0251 4968 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
11:40:29.0314 4968 sppsvc - ok
11:40:29.0328 4968 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:40:29.0351 4968 sppuinotify - ok
11:40:29.0375 4968 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
11:40:29.0410 4968 srv - ok
11:40:29.0432 4968 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:40:29.0456 4968 srv2 - ok
11:40:29.0472 4968 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:40:29.0480 4968 srvnet - ok
11:40:29.0509 4968 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:40:29.0544 4968 SSDPSRV - ok
11:40:29.0556 4968 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:40:29.0578 4968 SstpSvc - ok
11:40:29.0611 4968 Steam Client Service - ok
11:40:29.0663 4968 [ 78216A10BF8B200890A88D8820F33F14 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:40:29.0673 4968 Stereo Service - ok
11:40:29.0686 4968 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
11:40:29.0693 4968 stexstor - ok
11:40:29.0710 4968 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
11:40:29.0726 4968 stisvc - ok
11:40:29.0735 4968 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:40:29.0741 4968 swenum - ok
11:40:29.0752 4968 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
11:40:29.0787 4968 swprv - ok
11:40:29.0820 4968 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
11:40:29.0858 4968 SysMain - ok
11:40:29.0882 4968 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:40:29.0925 4968 TabletInputService - ok
11:40:29.0935 4968 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:40:29.0972 4968 TapiSrv - ok
11:40:29.0982 4968 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
11:40:30.0004 4968 TBS - ok
11:40:30.0052 4968 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:40:30.0080 4968 Tcpip - ok
11:40:30.0100 4968 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:40:30.0124 4968 TCPIP6 - ok
11:40:30.0159 4968 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:40:30.0166 4968 tcpipreg - ok
11:40:30.0188 4968 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:40:30.0221 4968 TDPIPE - ok
11:40:30.0259 4968 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:40:30.0266 4968 TDTCP - ok
11:40:30.0281 4968 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:40:30.0302 4968 tdx - ok
11:40:30.0321 4968 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:40:30.0328 4968 TermDD - ok
11:40:30.0345 4968 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
11:40:30.0370 4968 TermService - ok
11:40:30.0388 4968 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
11:40:30.0399 4968 Themes - ok
11:40:30.0413 4968 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
11:40:30.0435 4968 THREADORDER - ok
11:40:30.0446 4968 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
11:40:30.0483 4968 TrkWks - ok
11:40:30.0519 4968 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:40:30.0540 4968 TrustedInstaller - ok
11:40:30.0543 4968 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:40:30.0574 4968 tssecsrv - ok
11:40:30.0607 4968 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:40:30.0640 4968 TsUsbFlt - ok
11:40:30.0677 4968 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
11:40:30.0684 4968 TsUsbGD - ok
11:40:30.0703 4968 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:40:30.0734 4968 tunnel - ok
11:40:30.0743 4968 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:40:30.0750 4968 uagp35 - ok
11:40:30.0765 4968 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:40:30.0797 4968 udfs - ok
11:40:30.0817 4968 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:40:30.0826 4968 UI0Detect - ok
11:40:30.0839 4968 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:40:30.0846 4968 uliagpkx - ok
11:40:30.0858 4968 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:40:30.0876 4968 umbus - ok
11:40:30.0898 4968 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
11:40:30.0917 4968 UmPass - ok
11:40:30.0988 4968 [ EB79C6C91A99930015EF29AE7FA802D1 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
11:40:31.0023 4968 UNS - ok
11:40:31.0042 4968 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
11:40:31.0076 4968 upnphost - ok
11:40:31.0124 4968 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
11:40:31.0129 4968 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
11:40:31.0129 4968 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
11:40:31.0169 4968 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:40:31.0182 4968 usbccgp - ok
11:40:31.0190 4968 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:40:31.0199 4968 usbcir - ok
11:40:31.0235 4968 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
11:40:31.0251 4968 usbehci - ok
11:40:31.0265 4968 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:40:31.0290 4968 usbhub - ok
11:40:31.0302 4968 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:40:31.0316 4968 usbohci - ok
11:40:31.0338 4968 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:40:31.0354 4968 usbprint - ok
11:40:31.0384 4968 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:40:31.0394 4968 usbscan - ok
11:40:31.0402 4968 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:40:31.0416 4968 USBSTOR - ok
11:40:31.0430 4968 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:40:31.0445 4968 usbuhci - ok
11:40:31.0464 4968 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
11:40:31.0498 4968 UxSms - ok
11:40:31.0518 4968 [ 18436F7006443FB76145B3D35162A810 ] VaneFltr C:\Windows\system32\drivers\Lachesis.sys
11:40:31.0531 4968 VaneFltr - ok
11:40:31.0544 4968 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
11:40:31.0551 4968 VaultSvc - ok
11:40:31.0568 4968 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:40:31.0575 4968 vdrvroot - ok
11:40:31.0592 4968 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
11:40:31.0618 4968 vds - ok
11:40:31.0628 4968 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:40:31.0637 4968 vga - ok
11:40:31.0643 4968 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
11:40:31.0665 4968 VgaSave - ok
11:40:31.0677 4968 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:40:31.0686 4968 vhdmp - ok
11:40:31.0694 4968 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
11:40:31.0700 4968 viaide - ok
11:40:31.0720 4968 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:40:31.0726 4968 volmgr - ok
11:40:31.0738 4968 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:40:31.0748 4968 volmgrx - ok
11:40:31.0767 4968 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:40:31.0776 4968 volsnap - ok
11:40:31.0795 4968 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:40:31.0804 4968 vsmraid - ok
11:40:31.0824 4968 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
11:40:31.0870 4968 VSS - ok
11:40:31.0881 4968 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
11:40:31.0905 4968 vwifibus - ok
11:40:31.0940 4968 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
11:40:31.0965 4968 W32Time - ok
11:40:31.0973 4968 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
11:40:31.0996 4968 WacomPen - ok
11:40:32.0018 4968 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:40:32.0051 4968 WANARP - ok
11:40:32.0053 4968 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:40:32.0074 4968 Wanarpv6 - ok
11:40:32.0127 4968 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:40:32.0148 4968 WatAdminSvc - ok
11:40:32.0172 4968 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
11:40:32.0209 4968 wbengine - ok
11:40:32.0222 4968 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:40:32.0234 4968 WbioSrvc - ok
11:40:32.0251 4968 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:40:32.0273 4968 wcncsvc - ok
11:40:32.0289 4968 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:40:32.0303 4968 WcsPlugInService - ok
11:40:32.0326 4968 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
11:40:32.0333 4968 Wd - ok
11:40:32.0372 4968 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:40:32.0388 4968 Wdf01000 - ok
11:40:32.0396 4968 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:40:32.0448 4968 WdiServiceHost - ok
11:40:32.0450 4968 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:40:32.0461 4968 WdiSystemHost - ok
11:40:32.0475 4968 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
11:40:32.0501 4968 WebClient - ok
11:40:32.0514 4968 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:40:32.0548 4968 Wecsvc - ok
11:40:32.0559 4968 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:40:32.0581 4968 wercplsupport - ok
11:40:32.0595 4968 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:40:32.0618 4968 WerSvc - ok
11:40:32.0635 4968 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:40:32.0656 4968 WfpLwf - ok
11:40:32.0658 4968 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:40:32.0665 4968 WIMMount - ok
11:40:32.0677 4968 WinDefend - ok
11:40:32.0696 4968 WinHttpAutoProxySvc - ok
11:40:32.0726 4968 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:40:32.0749 4968 Winmgmt - ok
11:40:32.0869 4968 [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0 C:\Users\Aaron Long\Desktop\Temp\WinRing0x64.sys
11:40:32.0876 4968 WinRing0_1_2_0 - ok
11:40:32.0916 4968 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
11:40:32.0955 4968 WinRM - ok
11:40:32.0996 4968 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:40:33.0019 4968 WinUsb - ok
11:40:33.0044 4968 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
11:40:33.0070 4968 Wlansvc - ok
11:40:33.0126 4968 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:40:33.0157 4968 wlidsvc - ok
11:40:33.0204 4968 [ 680A7846370000D20D7E74917D5B7936 ] WmBEnum C:\Windows\system32\drivers\WmBEnum.sys
11:40:33.0210 4968 WmBEnum - ok
11:40:33.0237 4968 [ 14C35BA8189C6F65D839163AA285E954 ] WmFilter C:\Windows\system32\drivers\WmFilter.sys
11:40:33.0243 4968 WmFilter - ok
11:40:33.0277 4968 [ AC4331AF118A720F13C9C5CABBFE27BD ] WmHidLo C:\Windows\system32\drivers\WmHidLo.sys
11:40:33.0283 4968 WmHidLo - ok
11:40:33.0304 4968 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
11:40:33.0319 4968 WmiAcpi - ok
11:40:33.0337 4968 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:40:33.0357 4968 wmiApSrv - ok
11:40:33.0397 4968 WMPNetworkSvc - ok
11:40:33.0410 4968 [ 8488DD91A3EE54A8E29F02AD7BB8201E ] WmVirHid C:\Windows\system32\drivers\WmVirHid.sys
11:40:33.0415 4968 WmVirHid - ok
11:40:33.0428 4968 [ 14802B3A30AA849C97CB968CCC813BF3 ] WmXlCore C:\Windows\system32\drivers\WmXlCore.sys
11:40:33.0434 4968 WmXlCore - ok
11:40:33.0446 4968 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:40:33.0462 4968 WPCSvc - ok
11:40:33.0474 4968 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:40:33.0483 4968 WPDBusEnum - ok
11:40:33.0491 4968 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:40:33.0512 4968 ws2ifsl - ok
11:40:33.0524 4968 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
11:40:33.0548 4968 wscsvc - ok
11:40:33.0550 4968 WSearch - ok
11:40:33.0608 4968 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
11:40:33.0643 4968 wuauserv - ok
11:40:33.0662 4968 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:40:33.0684 4968 WudfPf - ok
11:40:33.0695 4968 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:40:33.0709 4968 WUDFRd - ok
11:40:33.0721 4968 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:40:33.0742 4968 wudfsvc - ok
11:40:33.0761 4968 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
11:40:33.0775 4968 WwanSvc - ok
11:40:33.0791 4968 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
11:40:33.0811 4968 yukonw7 - ok
11:40:33.0813 4968 ================ Scan global ===============================
11:40:33.0834 4968 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:40:33.0870 4968 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:40:33.0875 4968 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:40:33.0890 4968 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:40:33.0906 4968 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:40:33.0908 4968 [Global] - ok
11:40:33.0908 4968 ================ Scan MBR ==================================
11:40:33.0914 4968 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:40:34.0108 4968 \Device\Harddisk0\DR0 - ok
11:40:34.0110 4968 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
11:40:34.0305 4968 \Device\Harddisk1\DR1 - ok
11:40:34.0305 4968 ================ Scan VBR ==================================
11:40:34.0307 4968 [ C3B75F0F294D11C06A581FDF40B45A3D ] \Device\Harddisk0\DR0\Partition1
11:40:34.0308 4968 \Device\Harddisk0\DR0\Partition1 - ok
11:40:34.0329 4968 [ 3E96EA3D2F9333A9FDBB6D544ACC0899 ] \Device\Harddisk0\DR0\Partition2
11:40:34.0330 4968 \Device\Harddisk0\DR0\Partition2 - ok
11:40:34.0332 4968 [ 6DB007A21D151D8DC159FC8E23F7B70C ] \Device\Harddisk1\DR1\Partition1
11:40:34.0332 4968 \Device\Harddisk1\DR1\Partition1 - ok
11:40:34.0333 4968 ============================================================
11:40:34.0333 4968 Scan finished
11:40:34.0333 4968 ============================================================
11:40:34.0337 2304 Detected object count: 3
11:40:34.0337 2304 Actual detected object count: 3
11:41:30.0555 2304 HiPatchService ( UnsignedFile.Multi.Generic ) - skipped by user
11:41:30.0555 2304 HiPatchService ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:41:30.0555 2304 PuranDefrag ( UnsignedFile.Multi.Generic ) - skipped by user
11:41:30.0555 2304 PuranDefrag ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:41:30.0556 2304 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
11:41:30.0556 2304 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:41:35.0531 4168 Deinitialize success
  • 0

#10
Dakeyras
Posted 19 March 2013 - 04:18 PM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

No problem at all I don't expect a volunteer to respond instantly. Your time is valuable, and I understand that.

Thank you!

I try not to use CCleaner when I clean up my start up every month or so. I prefer a good hand cleaning for that, but I haven't tried full clearing it on Windows 7 . Thank you.

Fair play and you're welcome!

TFC(Temp File Cleaner):

  • Please download TFC to your desktop,
  • Save any unsaved work. TFC will close all open application windows.
  • Right-click TFC.exe and select Run as Administrator to run the program.
  • Click the Start button in the bottom left of TFC
  • If prompted, click "Yes" to reboot.
Note: Save your work. TFC will automatically close any open programs, let it run uninterrupted. It should not take longer than a couple of minutes , and may only take a few seconds. Only if needed will you be prompted to reboot.

ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Windows 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Please go here to run the scan...

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then right click on it and select Run as Administrator to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Posted Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is Not checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Posted Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Posted Image
  • Use notepad to open the logfile located at C:\Program Files (x86)/ESET/ESET Online Scanner\log.txt.
  • Copy and paste that log as a reply to this topic.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!
  • 0

#11
Mayko
Posted 19 March 2013 - 11:27 PM

Mayko

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
Alright, I ran TFC. I ran ESET as well, and here is the log.

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=1d154c244e3b1e499bc6dfa38128920d
# engine=13433
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-03-20 05:24:47
# local_time=2013-03-20 12:24:47 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 99 0 133477992 0 0
# compatibility_mode=5893 16776573 100 94 0 115300537 0 0
# scanned=1020133
# found=2
# cleaned=0
# scan_time=22578
sh=C89865B729E1F6027A461E7B48CFA68A54590A2D ft=1 fh=30a236b0a4800cbe vn="a variant of Win32/Bundled.Toolbar.Ask application" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\apnic.dll"
sh=085E2EFA6A258EEC88044241035A37DFF3DE3AE9 ft=1 fh=561b7be0126badba vn="a variant of Win32/Bundled.Toolbar.Ask application" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\apntoolbarinstaller.exe"
  • 0

#12
Dakeyras
Posted 20 March 2013 - 05:24 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

With regard to what has been detected by the online scan, they are all Ask Toolbar related and this dross is actually bundled now with the installer for Avira AntiVir. One of the main reasons why I no longer recommend this security software.

Anyway they are not malware per-say but rather deemed PUP's(potentially unwanted programs) but do exhibit undesirable characteristics. However still prudent to remove...

Using Windows Explorer (to get there right-click your Start(Windows 7 Orb) button and go to Open Windows Explorer), please delete these files (if present):

C:\Program Files (x86)\Avira\AntiVir Desktop\apnic.dll
C:\Program Files (x86)\Avira\AntiVir Desktop\apntoolbarinstaller.exe

Next:

As far as I can ascertain your machine appears to be malware free, so we can remove tools used and reset the system restore points as follows...

Clean up with OTL:

  • Right-click OTL and select Run as Administrator to start the program.
  • Close all other programs apart from OTL as this step will require a reboot.
  • On the OTL main screen, depress the CleanUp button.
  • Say Yes to the prompt and then allow the program to reboot your computer.
The above process should clean up and remove the vast majority of scanners used and logs created etc.

Any left over merely delete yourself and empty the Recycle Bin.

Reset the System Restore points:

Create a new, clean System Restore point:-

  • Right click on Computer and select Properties >> System protection >> Create.
  • Give this restore point a descriptive name and click Create.
  • When the new restore point is created click on OK >> close the System Properties window.
Note: Do not clear infected/old System Restore points before creating a new System Restore point first!

Flush Old System Restore points:-

  • Next click Start(Windows 7 Orb) >> Run (or the Windows key and R together) to bring up the Run box and and copy and paste in:
    cleanmgr
  • in the box and press OK.
  • Select the system drive, C >> OK.
  • Ensure the boxes for Recycle Bin, Temporary Files and Temporary Internet Files are checked, you can choose to check other boxes if you wish but they are not required.
  • Click on Clean up system files >> Select the system drive, C >> OK.
  • Now click on the More Options tab.
  • Under:-
System Restore and Shadow Copies
  • Click on Clean up... >> Delete >> OK >> Delete Files.
Next:

Would you care for some generic safety advice or not ?
  • 0

#13
Mayko
Posted 20 March 2013 - 02:31 PM

Mayko

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
Thank you very much for all of the help. I have cleaned up all of the programs, and I kind of wish there had been something more so it was not a complete waste of your time. Either way I appreciate your time and help.
I will have to rotate passwords every month instead of every two, but that is not a problem.

I would like to think I know most security tips out there, but if you wouldn't mind i'm sure it would not hurt. Maybe there is something I don't know =P. Thank you again for all of the help, and time.
  • 0

#14
Dakeyras
Posted 20 March 2013 - 03:29 PM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

Thank you very much for all of the help. I have cleaned up all of the programs, and I kind of wish there had been something more so it was not a complete waste of your time. Either way I appreciate your time and help.

You're most welcome and I assure you my time has not been wasted at all!

Regardless I may spend the majority of my online time either teaching and or researching malware...for myself going back to grass roots so to speak assisting those such as yourself is still a very worthwhile endeavour and something always genuinely enjoyed doing so.

I will have to rotate passwords every month instead of every two, but that is not a problem.

Aye would be prudent I concur, more so in the online gaming world. Though not a gamer myself I am aware of how very competitive it can be and the somewhat ruthless tactics employed at times.

I would like to think I know most security tips out there, but if you wouldn't mind i'm sure it would not hurt. Maybe there is something I don't know =P

Fair play and as mentioned it is quite generic in nature and aimed more so for those not quite so IT Literate through no fault of their own etc...

Importance of Regular System Maintenance:

I advice you read both of the below listed topics as this will go a long way to keeping your Computer performing well.

Help! My computer is slow!

Also so is this:

What to do if your Computer is running slowly

Now some advice for on-line safety:

Malwarebyte's Anti-Malware:

This is a excellent application and I advise you keep this installed. Check for updates and run a scan at least once per week.

Other installed security software:

Your presently installed security application, Avira AntiVir. automatically checks for updates and downloads/installs them with every system reboot and or periodically if the machine is left running providing a internet connection is active.

I advise you also run a complete scan with this also at least once per week.

Registry Backup:

Registry Backup - Tweaking.com, I advice you keep this installed as a means to keep a complete backup of your registry and restore it when needed.

Myself I would actually create a new back up once per week as this along with System Restore may prove to be invaluable if something unforeseen occurs!

Keep your system updated:

Microsoft releases patches for Windows and other products regularly:

  • Click on Start(Windows 7 Orb) >> All Programs >> Windows Update.
  • In the navigation pane, click Check for updates.
  • After Windows Update has finished checking for updates, click View available updates.
  • Click to select the check box for any found, then click Install.
  • When completed Reboot(restart) your computer if not prompted to do so.
Be careful when opening attachments and downloading files:

Never open email attachments, not even if they are from someone you know. If you need to open them, scan them with your antivirus program before opening.
Never open emails from unknown senders.
Beware of emails that warn about viruses that are spreading, especially those from antivirus vendors. These email addresses can be easily spoofed. Check the antivirus vendor websites to be sure.
Be careful of what you download. Only download files from known sources. Also, avoid cracked programs. If you need a particular program that costs too much for you, try finding free alternatives on List of Lists or Sourceforge.

Stop malicious scripts:

Windows by default allow scripts (which is VBScript and JavaScript) to run and some of these scripts are malicious. Use Noscript by Symantec or Script Defender by AnalogX to handle these scripts.

Avoid Peer to Peer software:

P2P may be a great way to get lots of seemingly freeware, but it is a great way to get infected as well. There's no way to tell if the file being shared is infected. Worse still, some worms spread via P2P networks, infecting you as well. My advice is avoid these types of software applications.

Hosts File:

A Hosts file is like a phone book. You look up someone's name in the phone book before calling him/her. Similarly, your computer will look up the website's IP address before you can view the website.

Hosts file will replace your current Hosts file with another one containing well-known advertisement sites, spyware sites and other bad sites. This new Hosts file will protect you by re-directing these bad sites to 127.0.0.1.

Here are some Hosts files:

Only use one of the above!

Consider installing WinPatrol:

As I mentioned prior...

WinPatrol alerts you about possible system hijacks, malware attacks and critical changes made to your computer without your permission.

Check your third party software is up to date:

Via using the presently installed FileHippo or Secunia Online Software Inspector

As having certain software outdated is a potential for malware to gain a foothold and exploit a system etc.

Next:

Any questions? Feel free to ask, if not stay safe!
  • 0

#15
Dakeyras
Posted 22 March 2013 - 04:01 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP