Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

DefaultTab, Search Results, LLC

Started by skgruz , May 01 2013 04:12 PM

  • Please log in to reply

#1
skgruz
Posted 01 May 2013 - 04:12 PM

skgruz

    Member

  • Member
  • PipPip
  • 39 posts
I noticed earlier today when i would open up Chrome or IE they looked different.
I then noticed in my installed programs was something called DefaultTab by a company called Search Results, LLC, and it won't let me uninstall it. I get an error box: Close Chrome please close chrome before uninstalling DefaultTab
I have closed out of chrome and rebooted by computer. I have also went into extensions and removed if form Google chrome
went into add-ons in IE and disabled it there and then tried to uninstall and still getting the same error.

I m running windows Vista Sp2
  • 0

Advertisements

#2
skgruz
Posted 01 May 2013 - 07:45 PM

skgruz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
OTL by OldTimer Results

OTL logfile created on: 5/1/2013 8:46:48 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Stephan Gruzinski\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.75 Gb Total Physical Memory | 0.76 Gb Available Physical Memory | 27.70% Memory free
5.71 Gb Paging File | 2.83 Gb Available in Paging File | 49.55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111.44 Gb Total Space | 20.79 Gb Free Space | 18.66% Space Free | Partition Type: NTFS
Drive D: | 111.44 Gb Total Space | 65.07 Gb Free Space | 58.39% Space Free | Partition Type: NTFS
Drive F: | 30.22 Gb Total Space | 26.94 Gb Free Space | 89.13% Space Free | Partition Type: FAT32

Computer Name: STEPHANGRUZ-LAP | User Name: Stephan Gruzinski | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/05/01 20:46:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Stephan Gruzinski\Downloads\OTL.exe
PRC - [2013/05/01 16:48:15 | 000,107,520 | ---- | M] () -- C:\Users\Stephan Gruzinski\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
PRC - [2013/04/23 19:40:56 | 007,331,840 | ---- | M] (Google Inc.) -- C:\Users\Stephan Gruzinski\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
PRC - [2013/04/04 14:50:32 | 000,887,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/28 21:13:23 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013/03/28 21:12:47 | 000,639,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
PRC - [2013/03/28 21:12:37 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013/03/28 21:12:36 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013/02/11 03:42:26 | 000,572,928 | ---- | M] () -- C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe
PRC - [2013/02/08 02:33:10 | 000,213,384 | ---- | M] (Google Inc.) -- C:\Users\Stephan Gruzinski\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe
PRC - [2012/12/18 10:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/11/29 22:06:58 | 001,263,512 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2012/06/15 15:44:04 | 000,548,264 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
PRC - [2012/03/15 01:20:30 | 000,370,504 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
PRC - [2011/11/12 13:04:12 | 000,268,640 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
PRC - [2011/11/12 12:21:58 | 006,141,792 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2011/06/01 12:42:28 | 000,071,432 | ---- | M] (Memeo) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe
PRC - [2011/06/01 12:42:28 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2011/06/01 12:16:54 | 002,260,992 | ---- | M] (Axentra Corporation) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
PRC - [2011/05/04 17:04:32 | 000,325,344 | ---- | M] () -- C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
PRC - [2011/04/08 08:50:02 | 000,542,264 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
PRC - [2010/11/22 11:02:35 | 000,066,864 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
PRC - [2010/07/16 18:23:30 | 006,638,080 | ---- | M] () -- C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
PRC - [2010/06/09 16:15:34 | 000,417,906 | ---- | M] () -- C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe
PRC - [2008/11/17 22:54:44 | 004,933,120 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Gateway\CEC_MAIN.exe
PRC - [2008/09/09 22:58:36 | 000,638,976 | ---- | M] (Chicony) -- C:\Program Files\Camera Assistant Software for Gateway\traybar.exe
PRC - [2007/02/11 12:00:00 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
PRC - [2007/01/01 17:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Users\Stephan Gruzinski\AppData\Roaming\Google\Google Talk\googletalk.exe


========== Modules (No Company Name) ==========

MOD - [2013/04/23 19:29:56 | 000,231,936 | ---- | M] () -- C:\Users\Stephan Gruzinski\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
MOD - [2013/04/23 19:29:46 | 000,344,064 | ---- | M] () -- C:\Users\Stephan Gruzinski\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
MOD - [2013/04/23 19:29:28 | 000,253,440 | ---- | M] () -- C:\Users\Stephan Gruzinski\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
MOD - [2013/04/23 19:28:22 | 000,117,248 | ---- | M] () -- C:\Users\Stephan Gruzinski\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
MOD - [2013/04/09 04:57:07 | 000,390,096 | ---- | M] () -- C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll
MOD - [2013/04/09 04:57:06 | 013,130,704 | ---- | M] () -- C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
MOD - [2013/04/09 04:57:05 | 004,050,896 | ---- | M] () -- C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
MOD - [2013/04/09 04:56:15 | 000,598,480 | ---- | M] () -- C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\Application\26.0.1410.64\libglesv2.dll
MOD - [2013/04/09 04:56:14 | 000,124,368 | ---- | M] () -- C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\Application\26.0.1410.64\libegl.dll
MOD - [2013/04/09 04:56:13 | 001,606,096 | ---- | M] () -- C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
MOD - [2013/02/27 15:33:20 | 000,026,624 | ---- | M] () -- C:\Users\Stephan Gruzinski\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll
MOD - [2013/02/27 15:33:06 | 010,683,392 | ---- | M] () -- C:\Users\Stephan Gruzinski\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll
MOD - [2013/02/27 15:33:02 | 001,681,408 | ---- | M] () -- C:\Users\Stephan Gruzinski\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll
MOD - [2013/02/27 15:32:58 | 007,741,952 | ---- | M] () -- C:\Users\Stephan Gruzinski\AppData\Local\Programs\Google\MusicManager\QtGui4.dll
MOD - [2013/02/27 15:32:56 | 002,248,192 | ---- | M] () -- C:\Users\Stephan Gruzinski\AppData\Local\Programs\Google\MusicManager\QtCore4.dll
MOD - [2013/02/12 22:07:20 | 001,711,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\dae1b2e49e240e879a6523025cc306fb\Microsoft.VisualBasic.ni.dll
MOD - [2013/02/12 22:04:05 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\15e2d7f51f15830591727d6d6a1e4032\System.ServiceProcess.ni.dll
MOD - [2013/02/12 22:03:59 | 011,820,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\421cb77e6a4c21f94e3c5ddf766de23b\System.Web.ni.dll
MOD - [2013/02/12 20:33:53 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e64304962098e90f0d3f4c33c1b080a6\System.Windows.Forms.ni.dll
MOD - [2013/01/10 05:35:06 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\9b2eef59d0cfc5aff182d0951de5f040\Accessibility.ni.dll
MOD - [2013/01/10 05:35:02 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll
MOD - [2013/01/10 05:34:34 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\004bc6615f9c06df5c98859d35149fe6\System.Configuration.ni.dll
MOD - [2013/01/10 05:24:26 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\12915bd8afbaac3b0308f7ab6a3e57e1\System.Xml.ni.dll
MOD - [2013/01/10 05:23:40 | 001,593,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll
MOD - [2013/01/10 05:23:19 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\0f5a23bb73681b6388daccd8e250ba66\System.Data.ni.dll
MOD - [2013/01/10 05:22:09 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll
MOD - [2013/01/10 05:21:59 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll
MOD - [2012/11/29 22:07:48 | 000,100,248 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2012/11/29 22:06:58 | 001,263,512 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2012/09/19 20:17:40 | 000,397,088 | ---- | M] () -- C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2011/09/14 10:19:06 | 008,500,224 | ---- | M] () -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\QtGui4.dll
MOD - [2011/09/14 10:19:06 | 002,348,544 | ---- | M] () -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\QtCore4.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/06/01 12:46:02 | 000,030,984 | ---- | M] () -- C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll
MOD - [2011/06/01 12:42:24 | 000,108,296 | ---- | M] () -- C:\Program Files (x86)\Seagate\Seagate Dashboard\Memeo.Progress.dll
MOD - [2011/06/01 12:16:54 | 000,971,776 | ---- | M] () -- C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll
MOD - [2011/06/01 12:16:54 | 000,241,664 | ---- | M] () -- C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll
MOD - [2011/05/04 17:04:54 | 002,896,608 | ---- | M] () -- C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.UI.dll
MOD - [2011/05/04 17:04:50 | 000,027,360 | ---- | M] () -- C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.DriveDetection.dll
MOD - [2011/05/04 17:04:32 | 000,325,344 | ---- | M] () -- C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
MOD - [2010/11/22 11:02:29 | 000,061,496 | ---- | M] () -- C:\Program Files (x86)\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\clntutil.dll
MOD - [2010/03/22 18:59:46 | 000,504,293 | ---- | M] () -- C:\Program Files (x86)\Memeo\AutoBackup\sqlite3.dll
MOD - [2009/03/30 00:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2008/11/17 22:54:44 | 004,933,120 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Gateway\CEC_MAIN.exe


========== Services (SafeList) ==========

SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/05/27 12:59:40 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2008/08/06 04:30:45 | 000,412,672 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.exe -- (XAudioService)
SRV:64bit: - [2008/06/11 15:18:30 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe -- (ETService)
SRV:64bit: - [2008/01/20 22:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/05/01 16:48:15 | 000,107,520 | ---- | M] () [Auto | Running] -- C:\Users\Stephan Gruzinski\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe -- (DefaultTabUpdate)
SRV - [2013/05/01 10:17:37 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/28 21:13:23 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013/03/28 21:12:37 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013/02/11 03:42:26 | 000,572,928 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe -- (DefaultTabSearch)
SRV - [2013/01/08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/18 10:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/06/15 15:44:04 | 000,548,264 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe -- (SplashtopRemoteService)
SRV - [2012/03/15 01:20:30 | 000,370,504 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe -- (SSUService)
SRV - [2011/11/12 12:21:58 | 006,141,792 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2011/06/01 12:42:28 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2011/05/04 17:04:38 | 000,025,824 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2010/07/16 18:23:30 | 006,638,080 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe -- (AllShare)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/03/30 00:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/04 04:41:00 | 000,437,248 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
SRV - [2008/05/05 18:25:46 | 000,165,416 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/01/20 22:47:00 | 000,428,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008/01/20 22:47:00 | 000,211,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/02/11 12:00:00 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/03/28 21:13:41 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avipbb.sys -- (avipbb)
DRV:64bit: - [2013/03/28 21:13:41 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013/03/28 21:13:41 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013/02/11 22:18:19 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/02/29 09:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/10/04 06:22:16 | 000,095,544 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/07/12 14:36:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/05/27 13:39:12 | 006,856,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/05/27 12:25:36 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/01/20 14:18:26 | 000,040,320 | ---- | M] (Belcarra Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\btblan.sys -- (Leapfrog-USBLAN)
DRV:64bit: - [2009/10/15 13:50:15 | 000,868,848 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009/09/30 20:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/04/09 16:01:08 | 001,192,960 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\athrx.sys -- (athr)
DRV:64bit: - [2009/01/09 15:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2008/11/04 04:40:46 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\XAudio64.sys -- (XAudio)
DRV:64bit: - [2008/10/15 09:57:50 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2008/10/15 09:53:44 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2008/10/15 09:52:24 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2008/09/18 04:15:28 | 000,325,120 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2008/08/20 22:50:12 | 000,325,680 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2008/07/15 04:39:00 | 000,062,296 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\o2mdx64.sys -- (O2MDRDR)
DRV:64bit: - [2008/06/26 20:24:20 | 000,020,520 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV:64bit: - [2008/06/11 21:29:00 | 000,051,800 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\o2sdx64.sys -- (O2SDRDR)
DRV:64bit: - [2008/05/28 18:54:18 | 000,026,168 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2008/04/29 04:00:00 | 000,392,192 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2008/04/27 21:25:06 | 000,016,400 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2008/01/20 22:49:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RootMdm.sys -- (ROOTMODEM)
DRV:64bit: - [2006/06/19 06:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV - [2009/04/06 15:32:46 | 000,015,504 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mbam.sys -- (MBAMProtector)
DRV - [2008/06/11 15:13:24 | 000,017,952 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gate...&m=md2614u&c=BB
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gate...&m=md2614u&c=BB
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpa...B-00238B5DDA95}
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACGW
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...B-00238B5DDA95}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gate...&m=md2614u&c=BB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACGW
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...B-00238B5DDA95}
IE - HKCU\..\SearchScopes\{FDBE2488-6456-4FBB-BA55-42633D7BFDF2}: "URL" = http://search.condui...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Stephan Gruzinski\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Stephan Gruzinski\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Stephan Gruzinski\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Stephan Gruzinski\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Stephan Gruzinski\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013/04/17 08:42:32 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\Application\26.0.1410.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.7896_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Stephan Gruzinski\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Stephan Gruzinski\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: NPCIG.dll (Enabled) = C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Stephan Gruzinski\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Netflix.com = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahbiamcmookkgdmkdbfjjjmahhjjcfoc\1_0\
CHR - Extension: Google Drive = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Mac OS X Simple Theme = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\cihohekcekjgjdkeljpkbaaecgfoimbj\1.0.1_1\
CHR - Extension: Google Search = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: VUDU Movies = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\daomabnenlgkenegngdblacoobnncgib\2.0.0.2_0\
CHR - Extension: Google+ = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm\1.2.0.418_0\
CHR - Extension: Google Calendar = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: Pandora = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl\1.0_0\
CHR - Extension: Google Play Movies = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\fppdphmgcddhjeddoeghpjefkdlccljb\2.4_0\
CHR - Extension: Google Play Music = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg\5.1_0\
CHR - Extension: WeatherBug = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihdkejbciahopmbagpnjmmkkdpfpaaak\2.0.4_0\
CHR - Extension: Twitter = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfkogbicoohcjbjlppcaeiggjomjkkem\1.1_0\
CHR - Extension: StumbleUpon = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcahibnffhnnjcedflmchmokndkjnhpg\5.4.23.1_0\
CHR - Extension: Autodesk Homestyler = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb\2.2_0\
CHR - Extension: Google Play = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi\3.0_0\
CHR - Extension: Skype Extension = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.7896_0\
CHR - Extension: Google Play Books = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb\1.1.8_0\
CHR - Extension: CanIStream.It = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\nefjaladmbgpekhpikihnnchgbdfojpk\4_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0\
CHR - Extension: Google Chrome to Phone Extension = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco\2.3.1_0\
CHR - Extension: Picasa = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb\6.2.2_0\
CHR - Extension: Gmail = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: Netflix.com = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahbiamcmookkgdmkdbfjjjmahhjjcfoc\1_0\
CHR - Extension: Google Drive = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Mac OS X Simple Theme = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\cihohekcekjgjdkeljpkbaaecgfoimbj\1.0.1_1\
CHR - Extension: Google Search = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: VUDU Movies = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\daomabnenlgkenegngdblacoobnncgib\2.0.0.2_0\
CHR - Extension: Google+ = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm\1.2.0.418_0\
CHR - Extension: Google Calendar = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: Pandora = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl\1.0_0\
CHR - Extension: Google Play Movies = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\fppdphmgcddhjeddoeghpjefkdlccljb\2.4_0\
CHR - Extension: Google Play Music = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg\5.1_0\
CHR - Extension: WeatherBug = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihdkejbciahopmbagpnjmmkkdpfpaaak\2.0.4_0\
CHR - Extension: Twitter = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfkogbicoohcjbjlppcaeiggjomjkkem\1.1_0\
CHR - Extension: StumbleUpon = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcahibnffhnnjcedflmchmokndkjnhpg\5.4.23.1_0\
CHR - Extension: Autodesk Homestyler = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb\2.2_0\
CHR - Extension: Google Play = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi\3.0_0\
CHR - Extension: Skype Extension = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.7896_0\
CHR - Extension: Google Play Books = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb\1.1.8_0\
CHR - Extension: CanIStream.It = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\nefjaladmbgpekhpikihnnchgbdfojpk\4_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0\
CHR - Extension: Google Chrome to Phone Extension = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco\2.3.1_0\
CHR - Extension: Picasa = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb\6.2.2_0\
CHR - Extension: Gmail = C:\Users\Stephan Gruzinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2011/01/25 23:56:59 | 000,002,191 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 62.146.66.187 personal.avira-update.com personal.avira-cdn.com
O1 - Hosts: 80.190.143.232 personal.avira-update.net
O1 - Hosts: 80.190.143.229 perspeak.avira-update.com
O1 - Hosts: 62.146.66.181 dl1.avgate.net
O1 - Hosts: 62.146.66.182 dl2.avgate.net
O1 - Hosts: 62.146.66.183 dl3.avgate.net
O1 - Hosts: 62.146.66.184 dl4.avgate.net
O1 - Hosts: 80.190.143.235 dl5.avgate.net
O1 - Hosts: 80.190.143.236 dl6.avgate.net
O1 - Hosts: 62.146.66.178 dl7.avgate.net
O1 - Hosts: 62.146.66.179 dl8.avgate.net
O1 - Hosts: 80.190.143.239 dl9.avgate.net
O1 - Hosts: 80.190.143.230 dl10.avgate.net
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 11 more lines...
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~2\COMMON~1\SYMANT~1\IDS\IPSBHO.dll File not found
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (DefaultTab Browser Helper) - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Stephan Gruzinski\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (Search Results LLC.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Aimersoft Helper Compact.exe] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe (AimerSoft)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Gateway\traybar.exe (Chicony)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [Memeo AutoSync] C:\Program Files (x86)\Memeo\AutoSync\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [Monitor] C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
O4 - HKLM..\Run: [StartCCC] C:\ATI\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [\\Kelsie-netbook\EPSON Stylus Photo RX580 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBPA.EXE /FU "C:\Users\STEPHA~1\AppData\Local\Temp\E_S472D.tmp" /EF "HKCU" File not found
O4 - HKCU..\Run: [\\Steveg\EPSON Stylus Photo RX580 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBPA.EXE /FU "C:\Users\STEPHA~1\AppData\Local\Temp\E_S241.tmp" /EF "HKCU" File not found
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [EPSON Stylus Photo RX580 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBPA.EXE /FU "C:\Windows\TEMP\E_S26D6.tmp" /EF "HKCU" File not found
O4 - HKCU..\Run: [googletalk] C:\Users\Stephan Gruzinski\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe File not found
O4 - HKCU..\Run: [MusicManager] C:\Users\Stephan Gruzinski\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (Google Inc.)
O4 - HKCU..\Run: [Power2GoExpress] NA File not found
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - HKLM..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll] C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll] C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll] C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll] C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax",DllRegisterServer File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: //@surf.mar@/ ([]money in Local intranet)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D5C73BF6-5E4B-4748-B92E-FECCE92F3F4F}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\bwfile-8876480 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files (x86)\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img3.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img3.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/05/01 17:29:25 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{3febd955-a3e2-11e0-9cfb-00238b5dda95}\Shell - "" = AutoRun
O33 - MountPoints2\{3febd955-a3e2-11e0-9cfb-00238b5dda95}\Shell\AutoRun\command - "" = G:\setup.exe -a
O33 - MountPoints2\{b63720e5-8e3b-11df-b5ab-00238b5dda95}\Shell - "" = AutoRun
O33 - MountPoints2\{b63720e5-8e3b-11df-b5ab-00238b5dda95}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe /z detect
O33 - MountPoints2\{cabb4c66-89eb-11df-92a8-00238b5dda95}\Shell - "" = AutoRun
O33 - MountPoints2\{cabb4c66-89eb-11df-92a8-00238b5dda95}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe /z detect
O33 - MountPoints2\{cabb4c80-89eb-11df-92a8-00238b5dda95}\Shell - "" = AutoRun
O33 - MountPoints2\{cabb4c80-89eb-11df-92a8-00238b5dda95}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe /z detect
O33 - MountPoints2\{d1ef7413-956c-11e0-9906-00238b5dda95}\Shell - "" = AutoRun
O33 - MountPoints2\{d1ef7413-956c-11e0-9906-00238b5dda95}\Shell\AutoRun\command - "" = F:\TL-Bootstrap.exe
O33 - MountPoints2\{e14b5602-eeef-11de-a35e-00238b5dda95}\Shell - "" = AutoRun
O33 - MountPoints2\{e14b5602-eeef-11de-a35e-00238b5dda95}\Shell\AutoRun\command - "" = F:\PhotoViewer.exe
O33 - MountPoints2\{f8bf44d8-8b5f-11df-b176-00238b5dda95}\Shell - "" = AutoRun
O33 - MountPoints2\{f8bf44d8-8b5f-11df-b176-00238b5dda95}\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe /z detect
O33 - MountPoints2\{feae71fe-c507-11df-8104-00238b5dda95}\Shell - "" = AutoRun
O33 - MountPoints2\{feae71fe-c507-11df-8104-00238b5dda95}\Shell\AutoRun\command - "" = H:\TL-Bootstrap.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\VZAccess_Manager.exe /z detect
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/05/01 20:42:13 | 000,000,000 | ---D | C] -- C:\Users\Stephan Gruzinski\AppData\Roaming\Mozilla
[2013/05/01 17:24:24 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013/05/01 16:48:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DefaultTab
[2013/05/01 16:48:15 | 000,000,000 | ---D | C] -- C:\Users\Stephan Gruzinski\AppData\Roaming\DefaultTab
[2013/05/01 11:51:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 9.0
[2013/05/01 11:49:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2013/05/01 11:37:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008 R2
[2013/05/01 11:20:22 | 000,000,000 | ---D | C] -- C:\Users\Stephan Gruzinski\AppData\Local\Microsoft_Corporation
[2013/04/29 21:04:32 | 000,000,000 | ---D | C] -- C:\Users\Stephan Gruzinski\Documents\Credit
[2013/04/28 08:22:47 | 000,000,000 | ---D | C] -- C:\Users\Stephan Gruzinski\Oracle
[2013/04/28 08:12:14 | 000,000,000 | ---D | C] -- C:\oraclexe
[2013/04/28 08:12:14 | 000,000,000 | ---D | C] -- C:\Users\Stephan Gruzinski\AppData\Roaming\MySQL
[2013/04/28 07:50:53 | 000,000,000 | ---D | C] -- C:\ProgramData\MySQL
[2013/04/22 20:57:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/04/18 22:10:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2013/04/18 22:10:42 | 000,000,000 | ---D | C] -- C:\Users\Stephan Gruzinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2013/04/18 22:10:40 | 000,000,000 | ---D | C] -- C:\Users\Stephan Gruzinski\AppData\Roaming\Notepad++
[2013/04/18 22:10:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++
[2013/04/16 21:03:33 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Software
[2013/04/16 21:03:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Utilities
[2013/04/16 21:03:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
[2013/04/16 21:03:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NCH Software
[2013/04/16 21:03:15 | 000,000,000 | ---D | C] -- C:\Users\Stephan Gruzinski\AppData\Roaming\NCH Software
[2013/04/16 20:56:22 | 000,000,000 | ---D | C] -- C:\HTML
[2013/04/10 17:05:42 | 000,000,000 | ---D | C] -- C:\Users\Stephan Gruzinski\2013-04-10 1705
[2011/08/02 07:15:16 | 000,086,864 | ---- | C] (Microsoft Corporation) -- C:\Users\Stephan Gruzinski\AppData\Local\Del3AF.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Stephan Gruzinski\AppData\Local\*.tmp files -> C:\Users\Stephan Gruzinski\AppData\Local\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/05/01 20:42:35 | 000,000,956 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2466075458-3562805174-2590953187-1000UA.job
[2013/05/01 20:40:11 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/05/01 19:04:12 | 000,004,960 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/01 19:04:12 | 000,004,960 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/01 17:29:25 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2013/05/01 17:02:49 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2013/05/01 17:02:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/01 16:48:22 | 000,000,258 | RHS- | M] () -- C:\Users\Stephan Gruzinski\ntuser.pol
[2013/05/01 15:24:51 | 000,640,870 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/05/01 15:24:51 | 000,119,090 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/05/01 11:55:54 | 000,959,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/05/01 10:34:57 | 000,000,023 | ---- | M] () -- C:\Windows\ODBCINST.INI
[2013/05/01 09:48:56 | 004,940,472 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/04/28 08:23:32 | 000,869,742 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/04/28 01:38:01 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2466075458-3562805174-2590953187-1000Core.job
[2013/04/18 22:10:43 | 000,000,860 | ---- | M] () -- C:\Users\Stephan Gruzinski\Desktop\Notepad++.lnk
[2013/04/16 21:03:19 | 000,000,931 | ---- | M] () -- C:\Users\Public\Desktop\Classic FTP.lnk
[2013/04/10 07:39:30 | 000,002,106 | ---- | M] () -- C:\Users\Stephan Gruzinski\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Stephan Gruzinski\AppData\Local\*.tmp files -> C:\Users\Stephan Gruzinski\AppData\Local\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/05/01 17:29:25 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2013/05/01 16:48:22 | 000,000,258 | RHS- | C] () -- C:\Users\Stephan Gruzinski\ntuser.pol
[2013/04/28 07:58:51 | 000,000,023 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2013/04/18 22:10:43 | 000,000,860 | ---- | C] () -- C:\Users\Stephan Gruzinski\Desktop\Notepad++.lnk
[2013/04/16 21:03:19 | 000,000,943 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic FTP.lnk
[2013/04/16 21:03:19 | 000,000,931 | ---- | C] () -- C:\Users\Public\Desktop\Classic FTP.lnk
[2011/08/02 08:23:38 | 000,000,086 | ---- | C] () -- C:\Users\Stephan Gruzinski\AppData\Local\Del3AF.bat
[2011/04/28 09:05:21 | 000,000,145 | ---- | C] () -- C:\Users\Stephan Gruzinski\.appletviewer
[2011/01/19 18:58:29 | 000,000,732 | ---- | C] () -- C:\Users\Stephan Gruzinski\AppData\Local\d3d9caps64.dat
[2009/12/09 10:52:57 | 000,000,036 | ---- | C] () -- C:\Users\Stephan Gruzinski\.org.eclipse.epp.usagedata.recording.userId
[2009/07/22 13:21:36 | 000,001,356 | ---- | C] () -- C:\Users\Stephan Gruzinski\AppData\Local\d3d9caps.dat
[2009/03/25 20:33:02 | 000,060,928 | ---- | C] () -- C:\Users\Stephan Gruzinski\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/25 19:01:44 | 000,020,406 | ---- | C] () -- C:\Users\Stephan Gruzinski\AppData\Roaming\UserTile.png
[2009/02/23 08:23:15 | 000,870,128 | ---- | C] () -- C:\Users\Stephan Gruzinski\AppData\Roaming\mcs.rma
[2009/02/23 08:23:15 | 000,000,004 | ---- | C] () -- C:\Users\Stephan Gruzinski\AppData\Roaming\78CAD4
[2009/02/23 00:03:35 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol

========== ZeroAccess Check ==========

[2006/11/02 11:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 13:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 13:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 03:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 22:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/03/12 20:53:51 | 000,000,000 | ---D | M] -- C:\Users\Stephan Gruzinski\AppData\Roaming\Canon
[2011/01/11 00:28:44 | 000,000,000 | ---D | M] -- C:\Users\Stephan Gruzinski\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/03/24 14:56:47 | 000,000,000 | ---D | M] -- C:\Users\Stephan Gruzinski\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/05/01 16:48:15 | 000,000,000 | ---D | M] -- C:\Users\Stephan Gruzinski\AppData\Roaming\DefaultTab
[2011/03/29 20:03:08 | 000,000,000 | ---D | M] -- C:\Users\Stephan Gruzinski\AppData\Roaming\Gmote
[2012/12/23 22:21:08 | 000,000,000 | ---D | M] -- C:\Users\Stephan Gruzinski\AppData\Roaming\HandBrake
[2012/06/07 23:38:53 | 000,000,000 | ---D | M] -- C:\Users\Stephan Gruzinski\AppData\Roaming\Leadertech
[2009/03/24 14:56:47 | 000,000,000 | ---D | M] -- C:\Users\Stephan Gruzinski\AppData\Roaming\Ludia
[2012/06/15 23:32:55 | 000,000,000 | ---D | M] -- C:\Users\Stephan Gruzinski\AppData\Roaming\Memeo
[2013/04/28 08:12:14 | 000,000,000 | ---D | M] -- C:\Users\Stephan Gruzinski\AppData\Roaming\MySQL
[2010/08/04 11:38:03 | 000,000,000 | ---D | M] -- C:\Users\Stephan Gruzinski\AppData\Roaming\Netgear Live Parental Controls
[2013/04/21 23:20:01 | 000,000,000 | ---D | M] -- C:\Users\Stephan Gruzinski\AppData\Roaming\Notepad++
[2009/03/28 22:22:12 | 000,000,000 | ---D | M] -- C:\Users\Stephan Gruzinski\AppData\Roaming\PeerNetworking
[2009/09/16 09:48:07 | 000,000,000 | ---D | M] -- C:\Users\Stephan Gruzinski\AppData\Roaming\SanDisk
[2012/06/07 23:48:43 | 000,000,000 | ---D | M] -- C:\Users\Stephan Gruzinski\AppData\Roaming\Seagate
[2011/02/20 20:23:40 | 000,000,000 | ---D | M] -- C:\Users\Stephan Gruzinski\AppData\Roaming\Smith Micro
[2011/01/11 00:28:06 | 000,000,000 | ---D | M] -- C:\Users\Stephan Gruzinski\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/01/11 21:05:22 | 000,000,000 | ---D | M] -- C:\Users\Stephan Gruzinski\AppData\Roaming\Uniblue
[2009/06/05 15:34:08 | 000,000,000 | ---D | M] -- C:\Users\Stephan Gruzinski\AppData\Roaming\WildTangent
[2012/01/21 12:40:05 | 000,000,000 | ---D | M] -- C:\Users\Stephan Gruzinski\AppData\Roaming\YosemiteSync

========== Purity Check ==========



< End of report >
  • 0

#3
skgruz
Posted 01 May 2013 - 07:46 PM

skgruz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
OTL Extras logfile created on: 5/1/2013 8:46:48 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Stephan Gruzinski\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.75 Gb Total Physical Memory | 0.76 Gb Available Physical Memory | 27.70% Memory free
5.71 Gb Paging File | 2.83 Gb Available in Paging File | 49.55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111.44 Gb Total Space | 20.79 Gb Free Space | 18.66% Space Free | Partition Type: NTFS
Drive D: | 111.44 Gb Total Space | 65.07 Gb Free Space | 58.39% Space Free | Partition Type: NTFS
Drive F: | 30.22 Gb Total Space | 26.94 Gb Free Space | 89.13% Space Free | Partition Type: FAT32

Computer Name: STEPHANGRUZ-LAP | User Name: Stephan Gruzinski | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 69 BD A2 DB 36 E5 C9 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00C2AE9F-6E1C-40CA-806B-63111DD66105}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{02F082E7-00DE-4292-AC6C-1DD952260BB1}" = rport=138 | protocol=17 | dir=out | app=system |
"{0708970F-9F49-431E-9393-77DFFD4E91BE}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{080B5034-C763-4653-A342-B73DBCD4286D}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1D8E5A7A-5388-4377-8DA5-8A6A4035FFB2}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{28EFD830-2E8E-4FD2-9366-A035001D70F4}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2AC5CEF2-9D7F-44E6-81AF-048BC7F0AC98}" = lport=137 | protocol=17 | dir=in | app=system |
"{2E96B5DF-D7A0-4357-8089-F04349C6E7CE}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{2F663504-EDD2-43B7-ABB2-721B8C5B8C85}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2F8494B9-739C-43BE-9F3A-F98A121539AE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{36B1DB9B-250B-46D8-A83D-CDC475C49400}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{38BB9CBA-B4C5-4C86-803E-FEB1EDF99FC5}" = lport=138 | protocol=17 | dir=in | app=system |
"{3AF4B72D-DC62-43A5-AD8B-F012EF0F23D3}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3D7B69A7-5DFF-4FBF-B743-26C5C98BB3ED}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3FBF1F5D-B7E0-4868-8348-2D78D4734BE1}" = rport=139 | protocol=6 | dir=out | app=system |
"{45C2728D-5966-4E14-B9F6-307EE1535870}" = rport=137 | protocol=17 | dir=out | app=system |
"{500F6A5C-104F-492D-924A-D45F96E51E8F}" = lport=3306 | protocol=6 | dir=in | name=port 3306 |
"{54A88565-D3EC-4624-9D4A-2687AB3863C4}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{59B65812-FD23-4DF9-955C-4BF1EE24C88A}" = lport=445 | protocol=6 | dir=in | app=system |
"{5A81ABAD-6453-4F89-A544-BE3EE9B64E70}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{64351BBC-57A8-4E12-BC59-457F1877F485}" = rport=445 | protocol=6 | dir=out | app=system |
"{7232B3BF-24AA-493D-B494-141B4FD7026A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{76DEBDCD-EA21-443C-BC60-17E2CC5AA6CF}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{7735C275-3D4D-4525-A373-0E8E1544E18D}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{777A571F-3D7B-4948-98F2-725B1F0E2150}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{801EC1D8-06D0-47B1-BFC3-C9AFDC9EAC19}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{80582D0C-86FC-4296-8F9D-92EE8199920D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{807AC910-1A2C-4C70-8A00-CD9FCC60DFA7}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{852D48B6-2123-4B89-A5D5-A25083B61765}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{905EC63E-E24E-456E-BCE3-1311F5D9E1CF}" = rport=10243 | protocol=6 | dir=out | app=system |
"{9457CC41-BCDE-4B56-B2DF-27B66D26AD9E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{96D17FF5-A546-4F24-B941-46A6D0822946}" = lport=139 | protocol=6 | dir=in | app=system |
"{9FB4D93B-C64F-43F7-991B-C0274CD5AD63}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A31C40BE-12BD-4485-BD67-734DC4663B91}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A7800A3E-ABD9-418D-A6BB-89A571236AD4}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{A9205B2C-5C8C-4080-A7D2-0F2EE0D90B0B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AEA24999-9AA5-43F9-BC3B-E6A87B457C6E}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{BA65C044-F264-4368-A5A9-832132D1417B}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{BBCEAB95-D6F3-41F2-822E-7FFF17F00BD1}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C09FCAA6-281A-45B5-936E-284E4E3099DD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{C746522D-0BA8-4AF7-982A-423377C8A4DB}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{CCE2ABB2-B871-4982-9381-71EA8B1399CC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D315F79A-C17F-4130-BCB9-0CB928776453}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{D3D1B01D-DFEE-4D1B-AA7D-A13DFCA5547F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DF83B369-91A2-4477-9AA6-FB22ADBD1E09}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{DF8515F9-7768-4842-ACF7-26C5190F93FB}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E1D31096-786C-419D-ACC1-B5C947A8B549}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E1F74E5E-C761-4B02-9A37-9C0A46F9D967}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EA053852-9F14-4E02-BE58-11A6925B2014}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EB0E3F14-E1DA-4B75-B088-145A43D2CF74}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{ECDE339C-BC85-4C9D-AD90-EF6DFB433E38}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F00103F9-BE7C-4731-BF2F-B94D6F6A7457}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F17C048D-733E-48D9-B0A0-1DEF5BBD1D99}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{FFB6CE41-ACEC-4A95-BA00-A35BE1796EA2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{027B0DE8-E09B-4CB6-82BE-63C71CFC472F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{02C77596-067A-474E-87DF-31B9D531DE7E}" = protocol=6 | dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srserver.exe |
"{02D8D935-AEBC-4EA7-A13E-3F81227A2F21}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{04AC42E7-31AA-4558-96BB-D8DCF20145D6}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{153AA14A-5386-460B-9900-F0559DB612AD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1595860A-5A32-43AF-A8AE-95F22B106314}" = protocol=58 | dir=in | [email protected],-28545 |
"{1770E1CF-4B3E-465F-AA6E-8D9210391986}" = protocol=6 | dir=in | app=c:\users\stephan gruzinski\downloads\premotedroid-server\premotedroid-server\premotedroid-server.exe |
"{191907A1-49D6-4F7A-AF9F-0273EDEBA28D}" = protocol=6 | dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\dataproxy.exe |
"{1939FE5B-7FF4-4AC7-A7FD-20E740E13A3F}" = protocol=17 | dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srlogin.exe |
"{1B749FF7-D503-46F2-B30A-9BEEF3AC8C38}" = dir=in | app=c:\program files (x86)\seagate\seagate dashboard\hipservagent\hipservagent.exe |
"{1C2B12DA-CDDF-42DC-A01F-839AC05F7994}" = protocol=1 | dir=out | [email protected],-28544 |
"{22741EE2-AE99-4A5D-AAD5-68DDC1E6B458}" = protocol=6 | dir=in | app=c:\users\stephan gruzinski\appdata\local\temp\7zsa7f2.tmp\symnrt.exe |
"{2BCD62D3-EDD8-4DAF-9D4C-CACBA0F6C2EB}" = protocol=17 | dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\dataproxy.exe |
"{2E948298-338B-495A-AE65-DA7116C12A4B}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{35811F91-98A8-4160-AC5A-753645DC30AE}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{39E2D5C0-D8B0-44CA-B4FE-06671CEDB8DB}" = protocol=17 | dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srfeature.exe |
"{3A8C5411-8317-4E6E-A11E-7142D060617A}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{459001C2-8707-406E-9552-6D744BBAABB1}" = dir=in | app=c:\program files (x86)\leapfrog\leapfrog connect\leapfrogconnect.exe |
"{4646C4F5-0D16-4BA4-81BE-437EE400B853}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{475D963B-C9CB-4A05-A27A-9129569E098D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4BAFD6F1-7547-4E21-B7DC-1E573ABED333}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4C49A292-1E9C-409D-99A8-01B21AED0DF7}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung pc share manager\http_ss_win_pro.exe |
"{507471FC-DB23-484E-B9DA-F0DF3F0EC586}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung pc share manager\wiselinkpro.exe |
"{51FA1F65-18B7-4CA5-921E-513E24240F2C}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{546DE5F1-3410-49FE-B3FA-2B7F0F993C20}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{57475CCA-341C-4F35-880C-046476E8EEDF}" = protocol=6 | dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srfeature.exe |
"{5BBFC32B-7E04-4EA1-B5B1-A0CF58AA783B}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{5DBBCD28-ACFA-40BA-8A8C-7D8063F7A40E}" = protocol=6 | dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srfeature.exe |
"{5DCF1D29-7DC8-4E79-B1B2-4B0F5B6AE2E4}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{5E5C111B-D380-4E10-B10F-4F306DEA216E}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{710DEDC3-F91B-420B-9D39-D059AF714662}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{79890C00-C4B1-4EC0-987E-C2EC9A3E6BD2}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7D838980-219B-4471-9B18-0E9D1EACC737}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{7DA43E4F-ECE9-4144-B2A4-C0EBC01726D7}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung pc share manager\wiselinkpro.exe |
"{8116484B-05C0-4842-A916-12B4258A5A50}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{87AB1EA5-DD11-45CE-A2B6-F9B39BF7E071}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung pc share manager\wiselinkpro.exe |
"{8BADDEAD-D175-4019-9AC0-AAAC98AF177B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8D0B8714-8D79-465A-BABA-9417E1CE93C9}" = protocol=6 | dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srlogin.exe |
"{8F61A989-B8FD-462A-9DA0-5C8414921B2D}" = protocol=6 | dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\dataproxy.exe |
"{90A458CA-2430-4299-84B9-8FEA4807C209}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{93F31512-7C40-436F-8967-295EF7421CF9}" = protocol=17 | dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\dataproxy.exe |
"{997EB113-DC49-477B-8B7A-5F6C9E125D55}" = protocol=17 | dir=in | app=c:\users\stephan gruzinski\downloads\premotedroid-server\premotedroid-server\premotedroid-server.exe |
"{9B0AB61C-A1AC-48D8-BB74-7DB63DD8DB8D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9B1A2BF8-F57A-4905-9FDE-D9F2F45BAC6A}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{9C5BC269-1DC7-4039-BE70-534CC399740C}" = dir=in | app=c:\program files (x86)\msn messenger\msnmsgr.exe |
"{9EF6ACAA-BA90-4265-8B54-6DA8682F2934}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{A24405D4-F901-40E7-9E03-3D9A2B53BF3B}" = protocol=6 | dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\inputserv.exe |
"{A57F4DA3-18D3-43FE-BD8D-03608617CB6D}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung pc share manager\http_ss_win_pro.exe |
"{B162F6E6-F144-4552-B1C2-04AC029D7289}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{B72CC763-D69A-440D-BEA0-6FEBA727584C}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{B8033059-287B-4592-BC4B-E6224ED2A4B4}" = protocol=17 | dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\inputserv.exe |
"{B998E365-A62C-434A-BA3E-CBF5787260BC}" = protocol=17 | dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srserver.exe |
"{BA5C59CB-9786-40CC-9969-CCF00FBBB9FA}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{BE06D64C-5119-4B79-8B2D-298895A2E7F5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C022D417-966C-4954-AD54-4CFA7F7A78BC}" = protocol=17 | dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srserver.exe |
"{C8FA3560-15DB-4F18-8AC8-8A2AD0CCFA6D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CFADFCB6-A2FA-49AB-9717-B03EAE4C5E71}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung pc share manager\http_ss_win_pro.exe |
"{D03EF3DB-A318-432C-B74B-808558DFC53C}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung pc share manager\wiselinkpro.exe |
"{D0B25203-C78C-425F-B133-EA8A4882B093}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D2E44FFA-784F-46F7-A283-EE4EEAF0761C}" = protocol=1 | dir=in | [email protected],-28543 |
"{D79EFF3A-751E-49E0-A0E8-13B82B2C294F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DA28B75B-F389-42F0-A5A7-66F1B6B0F60D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DF4829E2-1BED-404E-8B99-E3A7A07BBA73}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{E13C6F4A-2262-4B50-A48D-A0F7C26A6093}" = protocol=17 | dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srfeature.exe |
"{E2592E6C-E47D-44F4-9951-38C175A0AA44}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EB03C115-B428-4ECC-82E9-76B1DBEBF10A}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung pc share manager\http_ss_win_pro.exe |
"{EB070A66-12BC-40E5-A063-0E7397525885}" = protocol=6 | dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srserver.exe |
"{EDACEBED-C63A-4EF0-B55E-F94E4C4DFA7C}" = protocol=17 | dir=in | app=c:\users\stephan gruzinski\appdata\local\temp\7zsa7f2.tmp\symnrt.exe |
"{F26D50CF-0762-4511-A47F-6B1C0E3149CF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FAA3351C-E3CD-4007-BACD-6D9C6055B0F5}" = protocol=58 | dir=out | [email protected],-28546 |
"{FAA94F21-8D91-432E-A081-305986924CAD}" = dir=in | app=c:\program files (x86)\msn messenger\livecall.exe |
"{FCA6B83C-F32B-4239-BFFA-A096F4EF7E9D}" = protocol=6 | dir=out | app=system |
"{FFCF43FF-7CEE-41FF-8008-C7C6DD173679}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{1EDE369C-8C85-46C8-A637-D048048BCBB6}D:\eclipse\eclipse.exe" = protocol=6 | dir=in | app=d:\eclipse\eclipse.exe |
"TCP Query User{38860365-2684-4249-B188-8839F56E0287}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{5B64AC7B-93E7-4834-9450-F07D639CA2E9}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{6A953E20-B319-4338-8A2C-4CDE0EE86F6B}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{8A121543-6EF8-40FA-BD6B-A30C10877BE3}C:\program files (x86)\v cast music with rhapsody\rhapsody.exe" = protocol=6 | dir=in | app=c:\program files (x86)\v cast music with rhapsody\rhapsody.exe |
"TCP Query User{8BC6F15D-3411-465B-8A3B-9E8E5138B675}C:\users\stephan gruzinski\downloads\3086bf666f784de8bbdd58279ffaaa08_pod6_en-us.exe" = protocol=6 | dir=in | app=c:\users\stephan gruzinski\downloads\3086bf666f784de8bbdd58279ffaaa08_pod6_en-us.exe |
"TCP Query User{D3FB9C44-B728-4B5C-B314-35466D6117C9}C:\program files (x86)\cricutsync\bridge.exe" = protocol=6 | dir=in | app=c:\program files (x86)\cricutsync\bridge.exe |
"TCP Query User{D505B3D2-F07B-4139-B16E-25B14B14B570}C:\program files (x86)\java\jdk1.6.0_17\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jdk1.6.0_17\jre\bin\javaw.exe |
"TCP Query User{E5F38B06-0FF6-499D-A386-EF261B7EFF81}C:\program files (x86)\v cast music with rhapsody\rhapsody.exe" = protocol=6 | dir=in | app=c:\program files (x86)\v cast music with rhapsody\rhapsody.exe |
"UDP Query User{04209F93-7B06-4F96-BB5E-A3B171D9012F}D:\eclipse\eclipse.exe" = protocol=17 | dir=in | app=d:\eclipse\eclipse.exe |
"UDP Query User{398A6E49-7DDF-47AC-BE3A-092EB753E379}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{4EBDCB8C-9A4B-4587-809D-8544C81E3046}C:\program files (x86)\java\jdk1.6.0_17\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jdk1.6.0_17\jre\bin\javaw.exe |
"UDP Query User{679FFFB3-3DE7-4842-AFE1-AA3374610AE3}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{9D2C6D4F-8A44-4F58-A94D-698A55A4D638}C:\program files (x86)\v cast music with rhapsody\rhapsody.exe" = protocol=17 | dir=in | app=c:\program files (x86)\v cast music with rhapsody\rhapsody.exe |
"UDP Query User{B482FEF9-6583-4F97-BD2B-4258378BD431}C:\users\stephan gruzinski\downloads\3086bf666f784de8bbdd58279ffaaa08_pod6_en-us.exe" = protocol=17 | dir=in | app=c:\users\stephan gruzinski\downloads\3086bf666f784de8bbdd58279ffaaa08_pod6_en-us.exe |
"UDP Query User{C8313461-C909-4880-8CF6-B41D0EA67163}C:\program files (x86)\cricutsync\bridge.exe" = protocol=17 | dir=in | app=c:\program files (x86)\cricutsync\bridge.exe |
"UDP Query User{CFA62687-4707-4F7D-AA2A-53CF0D31B57B}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{EC1732C0-A424-44F7-BCD9-451A7C678BDC}C:\program files (x86)\v cast music with rhapsody\rhapsody.exe" = protocol=17 | dir=in | app=c:\program files (x86)\v cast music with rhapsody\rhapsody.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{13AC856A-A22D-FCE4-B451-ED692DB1CAC8}" = ccc-utility64
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{234F6B0D-10AE-4BB7-B2F3-E48D4861952D}" = SQL Server 2008 R2 Common Files
"{26A24AE4-039D-4CA4-87B4-2F86416016FF}" = Java™ 6 Update 16 (64-bit)
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{36F70DEE-1EBF-4707-AFA2-E035EEAEBAA1}" = SQL Server 2008 R2 Common Files
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FE78439-7CAA-45FE-A808-2D7A0FC98643}" = iTunes
"{6292D514-17A4-403F-98F9-E150F10C043D}" = Microsoft SQL Server 2008 Setup Support Files
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6D10FB2C-82A9-40F2-91D0-7BE64CF0DAF2}" = Microsoft SQL Server 2008 R2 Setup (English)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{704C0303-D20C-45AF-BD2B-556EAF31BE09}" = iCloud
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A2122A9C-A699-4365-ADF8-68FEAC125D61}" = SQL Server 2008 R2 Database Engine Shared
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A6F1A083-4B12-47E8-9954-E4820C9A65C2}" = O2Micro Flash Memory Card Reader Driver (x64)
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B143BE44-8723-315E-9413-011C55873C0E}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
"{C5DBD2A7-041C-4127-6EC6-F163B94611D0}" = ATI Catalyst Install Manager
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{C942A025-A840-4BF2-8987-849C0DD44574}" = SQL Server 2008 R2 Database Engine Shared
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{D4F66BBA-D79E-4F11-9B06-70C3D75A2958}" = Adobe Photoshop Lightroom 3.6 64-bit
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E5748D30-7E6D-3A8E-BFE6-C1D02C6DDABB}" = Microsoft Help Viewer 1.1
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"EPSON Printer and Utilities" = EPSON Printer Software
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2 (64-bit)
"Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2 (64-bit)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"nbi-nb-base-6.5.0.0.200811100001" = NetBeans IDE 6.5
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{05FB59A5-4767-BCB4-FB56-0755DA17FEC1}" = Skins
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1E47EF59-E939-A9F1-D29B-0B3FC952A0AF}" = Catalyst Control Center Localization All
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{291B3A3B-F808-45B8-8113-DF232FCB6C82}" = Microsoft .NET Compact Framework 3.5
"{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}" = SAMSUNG PC Share Manager
"{2EFEAD58-3311-4B2B-9D8A-8D663581D109}" = Splashtop Streamer
"{32A3A4F4-B792-11D6-A78A-00B0D0160170}" = Java™ SE Development Kit 6 Update 17
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{39098402-3F7A-4257-A4AE-FC1181D1B40B}" = Camera Assistant Software for Gateway
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{405EF5A6-AAAD-4859-80E1-2D7EFF68141B}" = Wireless LAN Adapter
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime
"{453E989A-CD2B-1562-01FD-0C8F3E23A2AD}" = ccc-core-static
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59F24743-2EA1-3A45-B8C2-6E0E1E078FA8}" = Microsoft Visual C# 2010 Express - ENU
"{5AB7D739-1735-3A9E-BE73-C43507CB4E6F}" = Microsoft Visual Studio 2010 Service Pack 1
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75B7F766-7998-44d8-A202-F1EC76A121BA}" = Memeo AutoSync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}" = Microsoft SQL Server 2008 R2 Management Objects
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Gateway Recovery Management
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{877B76B2-F83F-4F5A-B28D-3F398641ADB6}" = Microsoft SQL Server System CLR Types
"{885F5AC6-4413-4D30-99A9-F4494BFA4923}" = Logitech Harmony Remote Software 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E666407-AC41-46a2-9692-6C7BFCBFDD37}" = Memeo Instant Backup
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9013B370-99D4-404B-9DB9-779B51CEB5FF}" = LeapFrog My Pals Plugin
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{992C016C-CA8F-4D13-ABAB-D24A481C102B}" = LeapFrog Leapster2 Plugin
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}" = Adobe Community Help
"{A3AB35FA-943E-4799-99DC-46EFD59E998F}" = AMD USB Audio Driver Filter
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB7ED389-33A8-B46A-4A8A-F685EF451A5C}" = Catalyst Control Center Graphics Previews Vista
"{AC03ABCC-7626-5695-B98F-F327ECB4C7A4}" = Catalyst Control Center InstallProxy
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.6)
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B9C11A0C-C3FF-FCB2-1BFA-B30400FAFF96}" = Catalyst Control Center InstallProxy
"{C3A11907-930D-41AC-A135-CC3B12F92011}" = Seagate Dashboard
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E7A8BC75-50A9-32F2-8DFB-C499D21881B7}" = Google Talk Plugin
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EDDF99D9-9FE3-4871-A7DB-D1522C51EE9A}" = Microsoft .NET Compact Framework 2.0 SP2
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F68D9C4D-DC60-D021-8B2D-CD14E6BD43EA}" = CCC Help English
"{F9D59E62-845F-49A2-8B75-DDB00661673C}" = LeapFrog Connect
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FE5ED1C0-A340-4EAC-B4BE-FA0AB173436C}" = LeapFrog LeapPad Explorer Plugin
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Aimersoft DVD Creator_is1" = Aimersoft DVD Creator(Build 2.6.5)
"Avira AntiVir Desktop" = Avira Free Antivirus
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"ClassicFTP" = Classic FTP
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DefaultTab" = DefaultTab
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX Setup
"DPP" = Canon Utilities Digital Photo Professional 3.10
"DVD Flick_is1" = DVD Flick 1.3.0.6
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EOS Sample Music" = Canon Utilities EOS Sample Music
"EOS Utility" = Canon Utilities EOS Utility
"EOS Video Snapshot Task" = Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX
"Google Calendar Sync" = Google Calendar Sync
"HTC_WModemDriver" = WModem Driver Installer
"InstallShield_{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}" = SAMSUNG PC Share Manager
"InstallShield_{2EFEAD58-3311-4B2B-9D8A-8D663581D109}" = Splashtop Streamer
"LeapPadExplorerPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin)
"Leapster2Plugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster2 Plugin)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft Visual C# 2010 Express - ENU" = Microsoft Visual C# 2010 Express - ENU
"Microsoft Visual Studio 2010 Service Pack 1" = Microsoft Visual Studio 2010 Service Pack 1
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube
"MyCamera Download Plugin" = CANON iMAGE GATEWAY MyCamera Download Plugin
"MyPalsPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin)
"MyTomTom" = MyTomTom 3.1.0.530
"NETGEAR Live Parental Controls Management Utility" = NETGEAR Live Parental Controls Management Utility 2.1.5
"NETGEAR Live Parental Controls User Utility" = NETGEAR Live Parental Controls User Utility 1.0b40
"Notepad++" = Notepad++
"PhotoStitch" = Canon Utilities PhotoStitch
"Picasa 3" = Picasa 3
"Picture Style Editor" = Canon Utilities Picture Style Editor
"UPCShell" = LeapFrog Connect
"WildTangent gateway Master Uninstall" = Gateway Games
"WinLiveSuite" = Windows Live Essentials
"YTdetect" = Yahoo! Detect
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"Google Chrome" = Google Chrome
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
"MusicManager" = Music Manager

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5/1/2013 12:09:30 PM | Computer Name = StephanGruz-Lap | Source = WinMgmt | ID = 10
Description =

Error - 5/1/2013 12:25:28 PM | Computer Name = StephanGruz-Lap | Source = WinMgmt | ID = 10
Description =

Error - 5/1/2013 1:20:45 PM | Computer Name = StephanGruz-Lap | Source = MsiInstaller | ID = 11304
Description =

Error - 5/1/2013 1:23:02 PM | Computer Name = StephanGruz-Lap | Source = MsiInstaller | ID = 11304
Description =

Error - 5/1/2013 2:17:22 PM | Computer Name = StephanGruz-Lap | Source = WinMgmt | ID = 10
Description =

Error - 5/1/2013 2:28:02 PM | Computer Name = StephanGruz-Lap | Source = WinMgmt | ID = 10
Description =

Error - 5/1/2013 3:44:05 PM | Computer Name = StephanGruz-Lap | Source = WinMgmt | ID = 10
Description =

Error - 5/1/2013 4:58:20 PM | Computer Name = StephanGruz-Lap | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 9.0.8112.16476, time stamp
0x5126e7ac, faulting module kernel32.dll, version 6.0.6002.18704, time stamp 0x5065cd44,
exception code 0xe06d7363, fault offset 0x0001d8cb, process id 0x12b8, application
start time 0x01ce46ae969b2b6a.

Error - 5/1/2013 5:03:27 PM | Computer Name = StephanGruz-Lap | Source = WinMgmt | ID = 10
Description =

Error - 5/1/2013 6:49:37 PM | Computer Name = StephanGruz-Lap | Source = VSS | ID = 12289
Description =

[ Media Center Events ]
Error - 6/10/2009 8:55:59 AM | Computer Name = StephanGruz-Lap | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ OSession Events ]
Error - 2/18/2013 10:43:55 PM | Computer Name = StephanGruz-Lap | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 75
seconds with 60 seconds of active time. This session ended with a crash.

Error - 3/4/2013 1:41:45 PM | Computer Name = StephanGruz-Lap | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 894
seconds with 720 seconds of active time. This session ended with a crash.

Error - 3/25/2013 9:13:31 PM | Computer Name = StephanGruz-Lap | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2587
seconds with 600 seconds of active time. This session ended with a crash.

Error - 3/27/2013 10:21:20 PM | Computer Name = StephanGruz-Lap | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 536
seconds with 240 seconds of active time. This session ended with a crash.

Error - 3/28/2013 10:34:01 PM | Computer Name = StephanGruz-Lap | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2588
seconds with 540 seconds of active time. This session ended with a crash.

Error - 3/28/2013 11:10:26 PM | Computer Name = StephanGruz-Lap | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2176
seconds with 240 seconds of active time. This session ended with a crash.

Error - 3/28/2013 11:16:31 PM | Computer Name = StephanGruz-Lap | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 237
seconds with 120 seconds of active time. This session ended with a crash.

Error - 4/3/2013 9:23:20 PM | Computer Name = StephanGruz-Lap | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1428
seconds with 180 seconds of active time. This session ended with a crash.

Error - 4/8/2013 9:25:57 PM | Computer Name = StephanGruz-Lap | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 958
seconds with 120 seconds of active time. This session ended with a crash.

Error - 4/29/2013 10:43:40 PM | Computer Name = StephanGruz-Lap | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8312
seconds with 960 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 5/1/2013 2:28:03 PM | Computer Name = StephanGruz-Lap | Source = Service Control Manager | ID = 7000
Description =

Error - 5/1/2013 3:44:05 PM | Computer Name = StephanGruz-Lap | Source = Service Control Manager | ID = 7000
Description =

Error - 5/1/2013 4:48:26 PM | Computer Name = StephanGruz-Lap | Source = Service Control Manager | ID = 7030
Description =

Error - 5/1/2013 4:59:51 PM | Computer Name = StephanGruz-Lap | Source = Service Control Manager | ID = 7034
Description =

Error - 5/1/2013 5:03:29 PM | Computer Name = StephanGruz-Lap | Source = Service Control Manager | ID = 7000
Description =

Error - 5/1/2013 5:14:58 PM | Computer Name = StephanGruz-Lap | Source = DCOM | ID = 10016
Description =

Error - 5/1/2013 5:26:29 PM | Computer Name = StephanGruz-Lap | Source = DCOM | ID = 10016
Description =

Error - 5/1/2013 5:27:12 PM | Computer Name = StephanGruz-Lap | Source = DCOM | ID = 10016
Description =

Error - 5/1/2013 7:19:39 PM | Computer Name = StephanGruz-Lap | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.206.249 for the Network Card with network
address 00225F5F8DB5 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 5/1/2013 8:27:41 PM | Computer Name = StephanGruz-Lap | Source = DCOM | ID = 10016
Description =


< End of report >
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP