Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Looking for help regarding apphangb1 exception. [Solved]


  • This topic is locked This topic is locked

#1
ElevatedMinds

ElevatedMinds

    Member

  • Member
  • PipPip
  • 40 posts
Hello.

Starting about two days ago, whenever I run steam.exe, the program starts up and runs fine for a few minutes before freezing and only after clicking on the frozen application do I get the pop up that its not responding. I have tried using spybot, it found 3 entries and removed them. I then restarted the computer and the same problem occurred upon opening steam.exe. When I click on details for the crash:
Description:
A problem caused this program to stop interacting with Windows.

Problem signature:
Problem Event Name: AppHangB1
Application Name: Steam.exe
Application Version: 1.78.87.58
Application Timestamp: 51b0f5f8
Hang Signature: 1a9b
Hang Type: 0
OS Version: 6.0.6002.2.2.0.256.1
Locale ID: 1033
Additional Hang Signature 1: f6265e708e02072a6c6c5b35904f9cf3
Additional Hang Signature 2: 3f1a
Additional Hang Signature 3: 14fd3bf8cf5b8c474668cf9e612cbbd9
Additional Hang Signature 4: 1a9b
Additional Hang Signature 5: f6265e708e02072a6c6c5b35904f9cf3
Additional Hang Signature 6: 3f1a
Additional Hang Signature 7: 14fd3bf8cf5b8c474668cf9e612cbbd9


All my Steam files and folders are saved on an external 1.5tb hard drive that was bought less then a week ago. The drive F:\

I also recently ran a OTL scan and will post the logs below:

OTL logfile created on: 6/20/2013 8:11:57 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Attila\Desktop
Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 1.66 Gb Available Physical Memory | 51.16% Memory free
6.72 Gb Paging File | 4.83 Gb Available in Paging File | 71.84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.03 Gb Total Space | 58.45 Gb Free Space | 20.29% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.00 Gb Free Space | 49.95% Space Free | Partition Type: NTFS
Drive F: | 1397.26 Gb Total Space | 884.14 Gb Free Space | 63.28% Space Free | Partition Type: NTFS

Computer Name: ATTILA-PC | User Name: Attila | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/20 19:26:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Attila\Desktop\OTL.exe
PRC - [2013/05/15 12:08:44 | 001,435,984 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2013/02/11 16:15:46 | 001,243,024 | ---- | M] (Binary Fortress Software) -- C:\Program Files\DisplayFusion\DisplayFusionService.exe
PRC - [2013/02/11 16:15:36 | 007,203,712 | ---- | M] (Binary Fortress Software) -- C:\Program Files\DisplayFusion\DisplayFusion.exe
PRC - [2013/02/05 11:48:44 | 000,272,248 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
PRC - [2013/01/27 12:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013/01/27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/01/27 12:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013/01/16 14:47:30 | 000,026,456 | ---- | M] (Uniblue Systems Ltd) -- C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
PRC - [2012/12/19 15:56:24 | 000,482,304 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2012/12/19 15:55:48 | 000,219,136 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2012/12/18 10:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/05/15 12:54:32 | 000,276,872 | ---- | M] (http://tortoisesvn.net) -- C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
PRC - [2011/11/23 09:17:10 | 000,072,976 | ---- | M] (SANDBOXIE L.T.D) -- C:\Program Files\Sandboxie\SbieSvc.exe
PRC - [2011/09/29 12:16:26 | 000,101,144 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech Gaming Software\LCore.exe
PRC - [2011/05/16 12:30:06 | 000,887,712 | ---- | M] (Razer USA Ltd) -- C:\Program Files\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe
PRC - [2010/12/08 13:11:32 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2010/04/30 22:47:47 | 002,938,552 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
PRC - [2009/11/12 20:55:42 | 000,323,392 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Attila\Program Files\DNA\btdna.exe
PRC - [2009/05/21 11:13:58 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/05/01 14:35:54 | 000,181,544 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/05/01 14:35:10 | 000,185,640 | ---- | M] (Seagate LLC) -- C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/05 17:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/08/14 02:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/02/26 12:57:28 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2008/02/01 01:20:22 | 004,706,304 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/09/12 11:52:18 | 000,172,032 | ---- | M] () -- C:\Program Files\Razer\Lachesis\razerhid.exe
PRC - [2007/08/28 10:32:24 | 000,143,360 | ---- | M] () -- C:\Program Files\Razer\Lachesis\razertra.exe
PRC - [2007/08/16 17:05:16 | 000,274,432 | ---- | M] (razercfg MFC Application) -- C:\Program Files\Razer\Lachesis\OSD.exe
PRC - [2007/06/05 10:37:12 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files\Razer\Lachesis\razerofa.exe
PRC - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe


========== Modules (No Company Name) ==========

MOD - [2013/05/16 03:34:52 | 000,686,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\2bc38488f9988db801a844e2590294a3\System.Security.ni.dll
MOD - [2013/05/16 03:34:51 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3da65115bf9debbf564861f6b123a2e4\System.Configuration.ni.dll
MOD - [2013/05/16 03:32:07 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e9ea3e70247b4aa4a8b260426db3aa6b\System.Windows.Forms.ni.dll
MOD - [2013/05/16 03:12:47 | 012,079,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\cc347b5b70f4434141acf25f0f295c1e\System.Web.ni.dll
MOD - [2013/05/16 03:09:39 | 018,002,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a9594959e951127f16eb49644ba92f79\PresentationFramework.ni.dll
MOD - [2013/05/16 03:09:24 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\7cfbbd029ef945fbcdaedd24b2b67a24\PresentationCore.ni.dll
MOD - [2013/05/16 03:09:20 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\153143f74d840484b510d8cf5187796b\System.Windows.Forms.ni.dll
MOD - [2013/05/16 03:09:15 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\2f9e0112e10f9e70d3430d0be9863976\System.Core.ni.dll
MOD - [2013/05/16 03:09:12 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\af18b8a8f56494da44cc448f3b9704a5\WindowsBase.ni.dll
MOD - [2013/05/16 03:09:08 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\233661f3a2b632e9553915c8639637d0\System.Configuration.ni.dll
MOD - [2013/02/13 05:12:01 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\ba39e27ea796912fce296963622dfbae\WindowsFormsIntegration.ni.dll
MOD - [2013/02/13 05:03:51 | 011,820,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\421cb77e6a4c21f94e3c5ddf766de23b\System.Web.ni.dll
MOD - [2013/01/10 04:42:14 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f042f66c2ad8fd5b8c34fa22cd22079e\System.Management.ni.dll
MOD - [2013/01/10 04:36:08 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll
MOD - [2013/01/10 04:35:46 | 001,593,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll
MOD - [2013/01/10 04:34:56 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll
MOD - [2013/01/10 04:34:46 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll
MOD - [2013/01/10 04:18:10 | 000,096,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\a1b65a602c75409c0c1ce7fa1f2a0983\UIAutomationProvider.ni.dll
MOD - [2013/01/10 04:17:57 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\5ea93652e4752c75bc6fbb195b4eb864\System.Runtime.Remoting.ni.dll
MOD - [2013/01/10 04:17:22 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dll
MOD - [2013/01/10 04:09:35 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\dfeff31ab1e7cd3480c8942290c92f5d\PresentationFramework.Aero.ni.dll
MOD - [2013/01/10 04:09:30 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll
MOD - [2013/01/10 04:09:27 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll
MOD - [2013/01/10 04:09:25 | 009,094,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll
MOD - [2013/01/10 04:09:18 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll
MOD - [2012/12/19 15:30:26 | 000,037,376 | ---- | M] () -- C:\Windows\System32\atitmpxx.dll
MOD - [2012/05/15 12:54:16 | 000,070,536 | ---- | M] () -- C:\Program Files\TortoiseSVN\bin\libsasl32.dll
MOD - [2011/12/19 21:37:19 | 000,026,112 | ---- | M] () -- C:\Program Files\Logitech Gaming Software\plugins\PnpGamePanelDevices-8.12.049\PnpGamePanelDevices.dll
MOD - [2011/12/19 21:37:18 | 000,070,656 | ---- | M] () -- C:\Program Files\Logitech Gaming Software\plugins\SimInput-8.12.068\SimInput.dll
MOD - [2011/12/19 21:37:16 | 000,467,456 | ---- | M] () -- C:\Program Files\Logitech Gaming Software\plugins\MainUI-8.12.179\MainUI.dll
MOD - [2011/12/19 21:37:09 | 000,206,336 | ---- | M] () -- C:\Program Files\Logitech Gaming Software\plugins\G19Device-8.12.147\G19Device.dll
MOD - [2011/12/19 21:37:09 | 000,189,952 | ---- | M] () -- C:\Program Files\Logitech Gaming Software\plugins\G13Device-8.12.155\G13Device.dll
MOD - [2011/12/19 21:37:07 | 000,086,016 | ---- | M] () -- C:\Program Files\Logitech Gaming Software\plugins\DevMgr-8.12.077\DevMgr.dll
MOD - [2011/12/19 21:37:06 | 000,090,112 | ---- | M] () -- C:\Program Files\Logitech Gaming Software\plugins\DevBusHid-8.12.078\DevBusHid.dll
MOD - [2011/12/19 21:37:06 | 000,088,064 | ---- | M] () -- C:\Program Files\Logitech Gaming Software\plugins\DevBusBulk-8.12.076\DevBusBulk.dll
MOD - [2010/04/30 22:47:47 | 002,938,552 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
MOD - [2007/09/12 11:52:18 | 000,172,032 | ---- | M] () -- C:\Program Files\Razer\Lachesis\razerhid.exe
MOD - [2007/08/28 10:32:24 | 000,143,360 | ---- | M] () -- C:\Program Files\Razer\Lachesis\razertra.exe
MOD - [2005/10/07 16:05:32 | 000,125,440 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2013/06/16 12:29:00 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/06/06 18:06:24 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/05/21 21:54:08 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/15 12:08:44 | 001,435,984 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2013/02/11 22:57:36 | 000,049,152 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\BattlEye\BEService.exe -- (BEService)
SRV - [2013/02/11 16:15:46 | 001,243,024 | ---- | M] (Binary Fortress Software) [Auto | Running] -- C:\Program Files\DisplayFusion\DisplayFusionService.exe -- (DisplayFusionService)
SRV - [2013/02/05 11:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2013/01/27 12:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/01/27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/12/19 15:55:48 | 000,219,136 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012/12/18 10:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/11/23 09:17:10 | 000,072,976 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2011/04/27 18:41:54 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\ramaint.exe -- (LMIMaint)
SRV - [2011/04/27 18:41:50 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010/12/08 13:11:32 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2010/06/25 13:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2009/10/23 12:31:44 | 000,401,920 | ---- | M] (Amazon.com) [On_Demand | Stopped] -- C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe -- (Amazon Download Agent)
SRV - [2009/05/01 14:35:54 | 000,181,544 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2008/08/14 02:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter)
SRV - [2008/01/20 22:21:41 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2013/06/20 18:42:27 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EB4E754C-F593-4DA3-8E20-C0581AFE2F01}\MpKsl3aed075f.sys -- (MpKsl3aed075f)
DRV - [2013/06/20 03:41:49 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EB4E754C-F593-4DA3-8E20-C0581AFE2F01}\MpKsl13798d4e.sys -- (MpKsl13798d4e)
DRV - [2013/01/20 16:59:04 | 000,100,328 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012/12/19 16:47:46 | 009,647,104 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2012/12/19 16:47:46 | 009,647,104 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2012/12/19 16:47:46 | 009,647,104 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2012/12/19 15:32:06 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2012/11/29 15:54:54 | 000,042,592 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\libusb0.sys -- (libusb0)
DRV - [2012/09/02 18:03:50 | 000,125,824 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2012/02/23 08:31:36 | 000,083,984 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdLH3.sys -- (AtiHDAudioService)
DRV - [2011/12/19 21:37:18 | 000,019,720 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV - [2011/12/19 21:37:18 | 000,014,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LGVirHid.sys -- (LGVirHid)
DRV - [2011/12/19 21:37:05 | 000,378,568 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ladfGSCi386.sys -- (LADF_CaptureOnly)
DRV - [2011/12/19 21:37:05 | 000,317,384 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ladfGSRi386.sys -- (LADF_RenderOnly)
DRV - [2011/05/12 17:59:46 | 000,124,672 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RzSynapse.sys -- (RzSynapse)
DRV - [2011/04/27 18:41:47 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2010/06/25 13:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2009/05/28 11:07:14 | 000,334,992 | ---- | M] (Logitech) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ladfSBVMi386.sys -- (LADF_SBVM)
DRV - [2009/05/28 11:07:14 | 000,053,520 | ---- | M] (Logitech) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ladfDHP2i386.sys -- (LADF_DHP2)
DRV - [2009/03/18 18:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008/08/11 13:41:00 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/08/11 13:41:00 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008/03/07 01:46:56 | 000,027,648 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV - [2008/02/03 00:50:06 | 000,106,496 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/01/20 22:21:33 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2007/08/08 11:04:16 | 000,012,032 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Lachesis.sys -- (LachesisFltr)
DRV - [2006/11/02 03:30:56 | 000,047,104 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
IE - HKLM\..\URLSearchHook: {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTorr.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...hromesbox-en-us
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...ie7&rlz=1I7DKUS
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT1640187

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://partnerpage.g...smb&ibd=3090121
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 00 D4 46 33 12 7B CD 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://partnerpage.g...smb&ibd=3090121
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...hromesbox-en-us
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:466...q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT1640187
IE - HKCU\..\SearchScopes\{E163AE6E-254C-5FF4-BE33-4CBD31D63F5C}: "URL" = http://dm.startnow.c...eferrer:source}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AIM Search"
FF - prefs.js..browser.search.defaulturl: "http://aim.search.ao...romesbox-en-us"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com"
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.172
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130515
FF - prefs.js..extensions.enabledAddons: infoatoms%40infoatoms.com:1.5.0.0
FF - prefs.js..extensions.enabledAddons: djziggy%40gmail.com:2.0.8
FF - prefs.js..extensions.enabledItems: {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.608
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {8ed952a0-199c-11d9-9669-0800200c9a66}:1.5.3
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..keyword.URL: "http://dm.startnow.c...6.0-x86-SP2&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Users\Attila\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Attila\AppData\Roaming\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Attila\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Mozilla Firefox\extensions\[email protected] [2013/05/21 21:53:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013/03/24 18:17:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/21 21:54:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/05/21 21:53:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Attila\AppData\Roaming\Move Networks [2009/11/03 21:05:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}: C:\Users\Attila\Program Files\DNA [2013/06/20 18:41:26 | 000,000,000 | ---D | M]

[2009/03/16 21:14:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Attila\AppData\Roaming\Mozilla\Extensions
[2009/03/16 21:14:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Attila\AppData\Roaming\Mozilla\Extensions\[email protected]
[2013/06/18 04:17:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\extensions
[2010/06/28 20:51:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/02/20 19:22:45 | 000,000,000 | ---D | M] (FT DeepDark) -- C:\Users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}(235)
[2010/03/09 01:26:11 | 000,000,000 | ---D | M] ("Unlinker") -- C:\Users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\extensions\{8ed952a0-199c-11d9-9669-0800200c9a66}
[2013/05/16 14:29:56 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013/02/05 00:53:13 | 000,000,000 | ---D | M] (LavaFox V2-Blue) -- C:\Users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\extensions\[email protected]
[2013/02/04 21:10:44 | 000,000,000 | ---D | M] (LavaFox V2) -- C:\Users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\extensions\[email protected]
[2011/03/07 22:17:25 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\extensions\[email protected]
[2013/02/04 21:10:45 | 000,000,000 | ---D | M] (LavaFox V2-Green) -- C:\Users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\extensions\[email protected]
[2013/06/18 04:17:10 | 002,494,702 | ---- | M] () (No name found) -- C:\Users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\extensions\[email protected]
[2013/03/23 07:46:11 | 000,221,336 | ---- | M] () (No name found) -- C:\Users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2013/05/08 19:59:53 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2009/12/20 14:21:58 | 000,004,546 | ---- | M] () -- C:\Users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\searchplugins\aim-search-1.xml
[2009/10/09 10:56:20 | 000,004,207 | ---- | M] () -- C:\Users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\searchplugins\aim-search.xml
[2011/06/26 23:06:38 | 000,002,286 | ---- | M] () -- C:\Users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\searchplugins\bing-zugo.xml
[2013/05/21 21:54:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/05/21 21:53:26 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2013/05/21 21:53:26 | 000,000,000 | ---D | M] (InfoAtoms) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2013/05/21 21:54:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/06/01 08:37:11 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/03/24 18:17:46 | 000,000,000 | ---D | M] (No name found) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2008/09/03 20:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2007/04/16 13:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll
[2011/05/12 06:47:24 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml.old

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.co...:en-US:official
CHR - plugin: First user (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Error reading preferences file
CHR - Extension: YouTube = C:\Users\Attila\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Users\Attila\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: InfoAtoms = C:\Users\Attila\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhbgpoakplhahbklhkcfbpicgjcaoglk\1.5.0.0_0\
CHR - Extension: Coupon Companion Plugin = C:\Users\Attila\AppData\Local\Google\Chrome\User Data\Default\Extensions\jneaojaoiajhnemidnjhoempalnidbhj\1.21.11_0\crossrider
CHR - Extension: Coupon Companion Plugin = C:\Users\Attila\AppData\Local\Google\Chrome\User Data\Default\Extensions\jneaojaoiajhnemidnjhoempalnidbhj\1.21.11_0\
CHR - Extension: FastestChrome - Browse Faster = C:\Users\Attila\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\6.9.9_0\
CHR - Extension: YouTube MP3 = C:\Users\Attila\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmghicmdofaaocopbneacnhbkpdcieo\2.0_0\
CHR - Extension: Better Pop Up Blocker = C:\Users\Attila\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpeeekfhbmikbdhlpjbfmnpgcbeggic\2.1.6_0\
CHR - Extension: DivX Plus Web Player HTML5 <video> = C:\Users\Attila\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.126_0\
CHR - Extension: Late Night = C:\Users\Attila\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbdhkpacgdhfabeceekiafonfkipohm\1.0_0\
CHR - Extension: Gmail = C:\Users\Attila\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Coupon Companion Plugin) - {11111111-1111-1111-1111-110211181104} - C:\Program Files\Coupon Companion Plugin\Coupon Companion Plugin.dll (215 Apps)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (TorrentMan Toolbar) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTorr.dll (Conduit Ltd.)
O2 - BHO: (HappyQuickPop) - {8D644BBD-0FF3-B0EE-B876-72FB72C7AE6E} - C:\Program Files\HappyQuickPop\HappyQuickPop.dll File not found
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (TorrentMan Toolbar) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTorr.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (TorrentMan Toolbar) - {7C5C0F58-E061-457D-9033-77307F5ED00C} - C:\Program Files\TorrentMan\tbTorr.dll (Conduit Ltd.)
O4 - HKLM..\Run: [AmazonGSDownloaderTray] C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe (Amazon.com)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [Lachesis] C:\Program Files\Razer\Lachesis\razerhid.exe ()
O4 - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Razer Blackwidow Driver] C:\Program Files\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [{79BF4901-1EC4-4726-B3C2-A7859706C6E7}] "C:\Users\Attila\Desktop\LeagueofLegends_NA_Installer_05_07_13.exe" /cmdloc "HKCU\Software\Riot Games AiTemp\{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" File not found
O4 - HKCU..\Run: [BitTorrent DNA] C:\Users\Attila\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKCU..\Run: [DisplayFusion] C:\Program Files\DisplayFusion\DisplayFusion.exe (Binary Fortress Software)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKLM..\RunOnce: [SpybotSnD] C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe (Safer Networking Limited)
O4 - Startup: C:\Users\Attila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O4 - Startup: C:\Users\Attila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Launch Jawbone Updater.lnk = C:\Program Files\Jawbone\LaunchJU.exe ()
O4 - Startup: C:\Users\Attila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.254.1 167.206.254.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C2F540FB-26F5-4DB6-8E0A-2F17E1778D36}: DhcpNameServer = 167.206.254.1 167.206.254.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C497BC71-2AD7-4650-A3C8-8D0A38E6AA43}: DhcpNameServer = 167.206.254.2 167.206.254.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Attila\AppData\Roaming\DisplayFusion\Wallpaper_1.jpg
O24 - Desktop BackupWallPaper: C:\Users\Attila\AppData\Roaming\DisplayFusion\Wallpaper_1.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2013/06/14 20:16:42 | 000,000,067 | ---- | M] () - F:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{29f7e23b-d967-11e0-a731-0014d11a7017}\Shell - "" = AutoRun
O33 - MountPoints2\{29f7e23b-d967-11e0-a731-0014d11a7017}\Shell\AutoRun\command - "" = H:\setup.exe -a
O33 - MountPoints2\{29f7e570-d967-11e0-a731-0014d11a7017}\Shell - "" = AutoRun
O33 - MountPoints2\{29f7e570-d967-11e0-a731-0014d11a7017}\Shell\AutoRun\command - "" = J:\setup.exe -a
O33 - MountPoints2\{7963a7fc-0aab-11e1-8216-0014d11a7017}\Shell - "" = AutoRun
O33 - MountPoints2\{7963a7fc-0aab-11e1-8216-0014d11a7017}\Shell\AutoRun\command - "" = H:\setup.exe -a
O33 - MountPoints2\{85478acf-c57a-11e2-8a0f-0014d11a7017}\Shell - "" = AutoRun
O33 - MountPoints2\{85478acf-c57a-11e2-8a0f-0014d11a7017}\Shell\AutoRun\command - "" = H:\VZW_Software_upgrade_assistant_installer.exe
O33 - MountPoints2\{f9ce6fce-8470-11e1-b1ae-0014d11a7017}\Shell - "" = AutoRun
O33 - MountPoints2\{f9ce6fce-8470-11e1-b1ae-0014d11a7017}\Shell\AutoRun\command - "" = H:\setup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/06/20 19:26:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Attila\Desktop\OTL.exe
[2013/06/15 21:19:20 | 000,000,000 | ---D | C] -- C:\Users\Attila\AppData\Roaming\LolClient
[2013/06/15 17:03:06 | 000,000,000 | -HSD | C] -- C:\Windows\System32\AI_RecycleBin
[2013/06/15 17:03:00 | 000,000,000 | ---D | C] -- C:\Riot Games
[2013/06/15 17:03:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
[2013/06/15 17:01:27 | 000,000,000 | ---D | C] -- C:\Users\Attila\AppData\Roaming\Riot Games
[2013/06/14 20:16:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
[2013/06/14 20:16:25 | 000,000,000 | ---D | C] -- C:\Program Files\Seagate
[2013/06/14 20:14:05 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache
[2013/06/14 19:57:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2013/06/09 19:56:13 | 000,000,000 | ---D | C] -- C:\Users\Attila\Documents\Proteus
[2013/06/09 13:19:02 | 000,000,000 | ---D | C] -- C:\Users\Attila\Documents\Anomaly Warzone Earth
[2013/06/01 11:13:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013/05/31 17:17:09 | 000,000,000 | ---D | C] -- C:\Users\Attila\AppData\Roaming\Little Inferno
[2013/05/23 07:50:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2013/05/23 07:50:22 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2013/05/21 21:53:23 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/06/20 20:02:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/20 19:59:59 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/06/20 19:26:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Attila\Desktop\OTL.exe
[2013/06/20 19:03:01 | 000,649,260 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/06/20 19:03:01 | 000,122,770 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/06/20 18:37:30 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/20 18:37:20 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\dsmonitor.job
[2013/06/20 18:37:13 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/20 18:37:13 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/20 18:37:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/06/20 18:37:01 | 3487,748,096 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/20 13:10:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2013/06/19 18:13:01 | 000,000,544 | ---- | M] () -- C:\Users\Attila\Desktop\Steam.lnk
[2013/06/15 20:22:00 | 000,000,514 | ---- | M] () -- C:\Users\Attila\Application Data\Microsoft\Internet Explorer\Quick Launch\mcpatcher-3.0.4 - Shortcut.lnk
[2013/06/15 20:21:54 | 000,000,499 | ---- | M] () -- C:\Users\Attila\Application Data\Microsoft\Internet Explorer\Quick Launch\Minecraft(1) - Shortcut.lnk
[2013/06/14 18:20:22 | 000,008,512 | ---- | M] () -- C:\Users\Attila\AppData\Local\d3d9caps.dat
[2013/06/01 08:37:31 | 000,000,872 | ---- | M] () -- C:\Users\Attila\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/05/31 20:24:22 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/06/19 18:13:01 | 000,000,544 | ---- | C] () -- C:\Users\Attila\Desktop\Steam.lnk
[2013/06/15 20:22:00 | 000,000,514 | ---- | C] () -- C:\Users\Attila\Application Data\Microsoft\Internet Explorer\Quick Launch\mcpatcher-3.0.4 - Shortcut.lnk
[2013/06/15 20:21:54 | 000,000,499 | ---- | C] () -- C:\Users\Attila\Application Data\Microsoft\Internet Explorer\Quick Launch\Minecraft(1) - Shortcut.lnk
[2012/12/19 16:45:04 | 000,180,224 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2012/11/29 11:40:02 | 000,662,786 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012/09/19 15:09:40 | 000,076,660 | ---- | C] () -- C:\Windows\System32\ativce02.dat
[2012/09/11 00:16:17 | 000,001,475 | ---- | C] () -- C:\Users\Attila\.recently-used.xbel
[2012/09/04 11:20:18 | 000,228,528 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik_nd.dat
[2012/09/04 11:20:18 | 000,228,528 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik.dat
[2012/09/02 18:06:21 | 000,002,544 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2012/02/26 11:09:10 | 000,088,198 | ---- | C] () -- C:\Users\Attila\AppData\Roaming\icarus-dxdiag.xml
[2011/12/19 21:37:05 | 000,076,360 | ---- | C] () -- C:\Windows\System32\ladfGSRCoinst_i386.dll
[2011/11/30 22:04:35 | 000,103,784 | ---- | C] () -- C:\Users\Attila\GoToAssistDownloadHelper.exe
[2011/10/24 21:52:49 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011/09/28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011/09/12 18:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2010/05/01 01:48:51 | 000,000,094 | ---- | C] () -- C:\Users\Attila\AppData\Local\fusioncache.dat
[2010/04/24 00:03:24 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/03/11 21:04:19 | 000,976,384 | -HS- | C] () -- C:\Users\Attila\ehthumbs_vista.db
[2010/03/02 23:16:12 | 000,022,328 | ---- | C] () -- C:\Users\Attila\AppData\Roaming\PnkBstrK.sys
[2009/03/07 17:22:55 | 000,008,512 | ---- | C] () -- C:\Users\Attila\AppData\Local\d3d9caps.dat
[2009/01/28 12:31:34 | 000,039,936 | ---- | C] () -- C:\Users\Attila\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2012/02/20 15:53:45 | 000,000,000 | ---D | M] -- C:\Windows\$NtUninstallKB46196$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\RXPC38SZ\myonlinearcade.com\yume\n
[2012/02/19 21:13:44 | 000,000,082 | ---- | M] () -- C:\Windows\$NtUninstallKB46196$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\RXPC38SZ\t.cxt.ms\lso.swf\u.sol
[2006/11/02 08:53:06 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 13:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 02:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/06/08 20:20:02 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\.minecraft
[2010/05/11 23:06:33 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\Amazon
[2011/08/07 19:33:54 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\AtomZombieData
[2011/10/08 10:50:26 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\Beat Hazard
[2010/12/12 10:15:04 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\BitTorrent
[2011/07/28 22:50:32 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\Broken Rules
[2012/05/26 12:25:12 | 000,000,000 | -HSD | M] -- C:\Users\Attila\AppData\Roaming\Common
[2011/07/29 00:41:34 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\Crayon Physics Deluxe
[2012/07/28 22:43:57 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\DarknessII
[2011/06/16 00:47:03 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\DarksporeData
[2013/06/15 21:18:45 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\DisplayFusion
[2013/06/20 20:11:35 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\DNA
[2013/06/08 22:59:49 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\Doublefine
[2011/06/26 00:29:31 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\fltk.org
[2011/06/22 01:20:20 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\GetRightToGo
[2012/09/11 00:16:17 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\gtk-2.0
[2013/01/02 20:26:57 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\JawboneUpdater
[2011/07/28 22:47:21 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\Lazy 8 Studios
[2010/06/03 20:57:48 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\Leadertech
[2011/06/23 22:49:50 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\LimeWire
[2011/07/03 17:19:36 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\Lionhead Studios
[2013/05/31 20:20:09 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\Little Inferno
[2013/06/15 21:19:20 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\LolClient
[2011/08/15 00:34:01 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\MoreTerra
[2011/12/13 20:08:28 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\Nicalis
[2009/10/13 10:01:41 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\OpenOffice.org
[2011/12/22 20:27:29 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\Polynomial
[2009/02/24 00:27:18 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\QQ Games Plugin
[2013/06/15 17:06:18 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\Riot Games
[2012/02/21 00:23:11 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\RotMG.Production
[2012/07/21 19:40:12 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\six-updater
[2012/07/21 19:39:35 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\six-zsync
[2010/12/23 22:58:57 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\Spore
[2012/08/04 17:30:59 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\Subversion
[2012/01/31 09:02:14 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\SystemRequirementsLab
[2010/07/02 13:11:03 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\Tropico 3
[2013/06/20 18:34:48 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\TS3Client
[2010/05/01 01:49:00 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\Turbine
[2013/03/24 18:14:34 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\Uniblue
[2011/10/31 21:09:30 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\Voxatron
[2010/09/12 19:13:08 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\Wireshark
[2012/02/21 00:20:37 | 000,000,000 | ---D | M] -- C:\Users\Attila\AppData\Roaming\ZumoCast

========== Purity Check ==========



========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\$NtUninstallKB46196$] -> Error: Cannot create file handle -> Unknown point type

< End of report >
-------------------------------------
OTL Extras logfile created on: 6/20/2013 8:11:57 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Attila\Desktop
Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 1.66 Gb Available Physical Memory | 51.16% Memory free
6.72 Gb Paging File | 4.83 Gb Available in Paging File | 71.84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.03 Gb Total Space | 58.45 Gb Free Space | 20.29% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.00 Gb Free Space | 49.95% Space Free | Partition Type: NTFS
Drive F: | 1397.26 Gb Total Space | 884.14 Gb Free Space | 63.28% Space Free | Partition Type: NTFS

Computer Name: ATTILA-PC | User Name: Attila | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{042E6332-6AE2-44B3-823A-11FB45DE02E3}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{04F10AFD-E2A0-4978-B404-4D6F74F55FE3}" = rport=80 | protocol=6 | dir=out | app=g:\steam\steamapps\common\warframe\tools\launcher.exe |
"{11ED275B-CE45-4D57-A767-D8DF486B14A4}" = lport=56986 | protocol=6 | dir=in | name=pando media booster |
"{124378AA-F27E-4AA8-9B90-D9BBADBDF408}" = lport=56986 | protocol=6 | dir=in | name=pando media booster |
"{189FF92B-F4EC-4534-9B73-5772B505FB73}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{2004F0B3-686B-41AE-822F-AD54E5E9341B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{22D67D7E-BB4B-4DC0-AF3D-7E652BBAC980}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{29CD3F4B-DBF3-415B-8A57-CA0DC72ECAF6}" = lport=10244 | protocol=6 | dir=in | app=system |
"{2CC36273-32E0-4302-B8BF-5C77A0DE50DE}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2CD11CD8-9DB9-4E4A-B68E-4FF5C8985569}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2EB92036-41F2-4C32-BCB2-520AA11250B0}" = lport=6881 | protocol=6 | dir=in | name=wow2 |
"{342296BF-D3A7-453F-89BE-E20C30376F65}" = lport=56986 | protocol=17 | dir=in | name=pando media booster |
"{3424A363-F3F8-4A8A-BB86-EC4A42030C1C}" = lport=445 | protocol=6 | dir=in | app=system |
"{3E9011C3-091D-4071-9E5A-64161DBEB898}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{420CA718-DCB6-42BE-94F6-5B5C023A9FA4}" = lport=56986 | protocol=17 | dir=in | name=pando media booster |
"{5A727F59-E454-42E1-ADD3-0CA90D729B76}" = lport=3390 | protocol=6 | dir=in | app=system |
"{5F872F8A-90B3-4B40-8023-A96038650D3B}" = rport=10244 | protocol=6 | dir=out | app=system |
"{60B8A53D-ADE3-4F4B-B966-5D3200010D47}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{615DDADF-DE0E-4091-AD1D-829821FAC6E3}" = rport=139 | protocol=6 | dir=out | app=system |
"{64C12A51-6328-429D-8E5B-D5B3D4C4066F}" = rport=80 | protocol=6 | dir=out | app=g:\steam\steamapps\common\warframe\warframe.x64.exe |
"{68224EF2-65B6-46CC-991A-7DA8400E9F53}" = lport=10244 | protocol=6 | dir=in | app=system |
"{6E850343-1C3F-4666-A466-7743F6E25908}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7152BA22-9887-4023-8B7F-3E2E59A39727}" = lport=3390 | protocol=6 | dir=in | app=system |
"{7B49B517-1C71-4A00-A17A-25E186F21AFB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7E023E1D-DDEA-4DC2-B648-545DAE8340D1}" = rport=80 | protocol=6 | dir=out | app=g:\steam\steamapps\common\warframe\warframe.exe |
"{87831E03-8D52-4E79-B379-AF5B16327B04}" = rport=445 | protocol=6 | dir=out | app=system |
"{8AC60A96-D37C-449D-831C-D5185B7F102F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{94D405E0-E660-4154-B2C4-EDA3BB7463F1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{954D2D92-F44F-4E21-8D01-CD6601B3356F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{971B373B-6542-4992-B074-06924CFDF0C5}" = rport=138 | protocol=17 | dir=out | app=system |
"{A3CF5639-FC44-458D-8D06-58967EAA5A06}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{A499ECF6-D245-4841-A823-F0EFDCB2CB01}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{A6BE238F-3F70-403B-A6B8-A0A692CEDFB5}" = rport=10244 | protocol=6 | dir=out | app=system |
"{AB431D3F-CC03-4729-85AB-DCCF99C3EA05}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B1CDA453-12E7-4C02-8F4F-CCC4C09C844F}" = lport=6882 | protocol=6 | dir=in | name=wow3 |
"{B7338D81-683C-4649-9C68-5B378B14C9A9}" = lport=6112 | protocol=6 | dir=in | name=wow |
"{BAAFA8C4-36E4-44C6-904E-1F630473060B}" = lport=137 | protocol=17 | dir=in | app=system |
"{C490DA93-B9D2-44A6-8D6F-F722934F23BB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C65C7B1D-44A1-4C4A-831E-8CB2A942F153}" = lport=138 | protocol=17 | dir=in | app=system |
"{CCB984D4-4FCB-4EC1-8340-5F89F93ED4B5}" = lport=6999 | protocol=6 | dir=in | name=wow4 |
"{DD558274-38EC-4101-9C0D-1B6D181C1A33}" = lport=139 | protocol=6 | dir=in | app=system |
"{E1B9B5F3-A244-48DE-B0D6-0408B8B4DAE6}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E8E8A52D-C558-4D2E-9187-1E5425D8E767}" = rport=137 | protocol=17 | dir=out | app=system |
"{EB603E19-444F-4B8D-ADD5-1F1DB54F988C}" = lport=3724 | protocol=6 | dir=in | name=wow1 |
"{F59F5A17-A8CE-4252-A2FD-E8028B59F462}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00438999-9E4C-4A49-B282-AD98D677BC22}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\bit.trip void\bit.trip void.exe |
"{00536591-EE4F-42A9-89F3-A5695F6792B3}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\serious sam classic the second encounter\bin\serioussam.exe |
"{00852305-06EA-4A15-B55B-CF831404A378}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\grand theft auto san andreas\gta-sa.exe |
"{0086C8CB-F38B-4B52-97B1-1B1DC834AE87}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\tropico 3\tropico3.exe |
"{00919051-68DE-4E3B-9661-1C1FEEC10166}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\aliens vs predator\avp_launcher.exe |
"{00938738-3AEE-4338-B20E-1F91C109140F}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\sniper ghost warrior\sniper_x86.exe |
"{00AC1A1F-EF3B-4E85-878E-0C7012B4AC3D}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\uplink\uplink.exe |
"{00D32BD1-48D7-465D-9C44-0A0F31F91E39}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\cargo commander\cargocommander.exe |
"{015FBAE4-34DE-43C9-84E8-46F2E3906592}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{0167453F-E4AA-4EAE-A292-1B3834B634DF}" = dir=out | app=c:\program files\zecter\zumocast\zumocast.exe |
"{02372A22-9C24-4301-AC28-E87A9AE1A612}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\rhythm zone\rhythmzone.exe |
"{024C509D-9E7E-4EE6-BCEB-2E67A181A9CA}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\thepolynomial\polynomial.exe |
"{028B65A9-8A2A-4965-BC17-3C5CADE8EA6A}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\overlord ii\config.exe |
"{02B9AAF7-0E18-4E6F-BAB2-8E1E5A5C47C3}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\sanctum\binaries\win32\sanctumgame-win32-shipping.exe |
"{0322D394-85E7-4470-92A7-5B4BB6FE4480}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\metro 2033\metro2033.exe |
"{034874B2-853F-41CC-9BC8-75C067A598F1}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\black lake prototype\black.exe |
"{03F7E01A-4440-445B-9D2C-ACF44CCE5DE1}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{045833E2-BABC-4A68-A098-4523A8B1AD05}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\world of goo\worldofgoo.exe |
"{0470931E-6307-4E89-9B66-9F55AB9A7E5B}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\steelstorm\steelstorm.exe |
"{04A49197-36B7-448E-A813-5F88B6A65812}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\the witcher enhanced edition\system\witcher.exe |
"{04B59BF1-0F1C-414B-B84B-8090368ECCA1}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat |
"{04BB4FFA-0E10-48EE-864D-FBA4AC44EDDC}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe |
"{04DFA930-A237-45E0-AF8B-0DCD951DE31E}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\arma 2\arma2.exe |
"{04E720D2-F6E7-4ADE-956C-C74152715475}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\swarm.exe |
"{0519E4D2-2DEE-40F5-AD45-848D48F64B26}" = protocol=17 | dir=in | app=d:6\steam\steamapps\common\saints row the third\game_launcher.exe |
"{0522B98B-ED23-46DB-AED3-9D827EE7D609}" = dir=out | app=c:\program files\zecter\zumocast\bin\gst-thumbnailer.exe |
"{054256B7-0291-41E0-A447-A3862EF94534}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\psychonauts\psychonauts.exe |
"{0561C13E-2A10-443A-B063-859A9A8F32E3}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\cave story+\cavestory+.exe |
"{059899E0-9688-460E-BE0D-DBB953B07BD9}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\serious sam 3\bin\sam3.exe |
"{05A73107-D2E0-4C51-B1FA-246A482C503E}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\shattered_horizon\client_exe\shattered_horizon.exe |
"{05F00F33-C4B9-4018-B1B0-DAFBCCA02E0B}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\intrusion 2\intrusion2.exe |
"{0635AA86-C650-4EBD-8C2B-28D6895E8057}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\amd driver updater, vista and 7, 32 bit\setup.exe |
"{063CDE3E-AAEA-4BFF-B6B3-FBCF4CAD78CB}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\dota 2 test\dota.exe |
"{0668DD6D-2D1E-413A-BC3A-30D3B8700D0E}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\alien breed impact\binaries\alienbreed-impact.exe |
"{0699B8E6-AD3A-40C2-82E1-41F4632A9C24}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\darksiders\darksiderspc.exe |
"{06AA26A4-3296-4C11-B78D-2AC7C93BBBE2}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\anomaly warzone earth\anomalywarzoneearth.exe |
"{06D1EB41-D971-4DF8-9883-7153AAAC977F}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\fallout 3\falloutlauncher.exe |
"{06D2B06B-F94E-41D1-8644-503F33996DBA}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\super hexagon\superhexagon.exe |
"{071E9EFC-B9EF-4F89-9E34-FC8584021619}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\serious sam classic the second encounter\bin\seriouseditor.exe |
"{07667A16-532E-4858-9CDF-5AFF6B1099F4}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\crysis\bin32\crysis.exe |
"{078499EA-ECE5-49F7-A642-3EA355A3BF3F}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\zenoclash\zenoclash.exe |
"{078B53CD-77C2-4531-9A93-7702EC06B55D}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\spore\runme.exe |
"{07F28084-C3E4-44CE-A795-7ECB2DCE423C}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\fallout 3\falloutlauncher.exe |
"{081CAACE-F8C3-4702-90EF-D53950DC4FC1}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\serious sam classic the second encounter\bin\seriousmodeler.exe |
"{0875A5F6-27BE-4442-B7C3-826D85005EBD}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\sanctum\binaries\win32\shippingpc-sanctumgame.exe |
"{08A91A04-AE64-4A98-B6BA-45D1477247C2}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\portal 2\portal2.exe |
"{094F6D21-9C2F-4A27-A2A0-491855FA4D5C}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\the sims 3\support\ea help\electronic_arts_technical_support.htm |
"{0973EC32-8D02-4C8E-87CF-DD7654EE68AE}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0-enus-downloader.exe |
"{09A98934-6E10-4806-8854-FC357790B74D}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{09AB2450-28BE-449F-AE00-809879DEA007}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\gratuitous space battles\gsb.exe |
"{0A619844-D61C-4E59-A5D2-CDC40F77B12F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\amd driver updater, vista and 7, 32 bit\setup.exe |
"{0ACC8A0E-4F14-4F6F-A032-093F298982AE}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\the sims 3\game\bin\sims3launcher.exe |
"{0B2C590C-0461-4FF1-9637-A66F6ED1DC28}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{0BDE87F1-047C-4163-86C1-F2C8119102E8}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\world of goo\worldofgoo.exe |
"{0C278B76-A144-4CEB-93F1-66BF5026D186}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\alice madness returns\binaries\win32\alicemadnessreturns.exe |
"{0C43DF5D-AAE3-4EF3-B0C7-4F3A9ABDD3F7}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\hammerfight\hammerfight.exe |
"{0C4AB37F-3980-41F4-8D1F-8385F1107FF3}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{0C7E271E-D7DF-4328-943A-FC7C8ADD8F7D}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\dead rising 2\deadrising2.exe |
"{0CAEE3EE-A601-4063-B22D-33D8C85E1474}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\bit.trip runner\runner.exe |
"{0CBE5FB7-CE6C-4900-B29C-76861427DF66}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\thepolynomial\polynomial.exe |
"{0DB1AB8C-2444-42B4-A90E-99CCB6544F81}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\serious sam classic the first encounter\bin\seriousmodeler.exe |
"{0DF0C203-43AC-4B27-A05A-F0A1B44301C0}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\the walking dead\walkingdead101.exe |
"{0E09228F-185A-4C4B-96C7-A5E16F718259}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\the binding of isaac\isaac.exe |
"{0E13AC12-8D19-413A-AE59-10A4B148CC93}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\back to the future 104\backtothefuture104.exe |
"{0E1CCB0C-B764-4AEE-8A9B-371E531DF39D}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\beat hazard\beathazard.exe |
"{0E301063-952B-482B-B1C5-3CAD31A52A14}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\dungeon hearts\dungeonhearts.exe |
"{0E40ABEF-A0BF-45A0-9AAB-49EC70447EA8}" = protocol=6 | dir=in | app=d:6\steam\steamapps\common\dota 2 beta\dota.exe |
"{0E7E42D7-758F-45BC-BAB3-811A0039C12A}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\sanctum\binaries\win32\sanctumgame-win32-shipping.exe |
"{0EA42E9B-7944-4624-9B15-DC98A56E7698}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\the sims 3\support\ea help\electronic_arts_technical_support.htm |
"{0EEEBAA4-01B7-447E-8ABA-ADFB665AC8FE}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\crysis warhead\bin32\crysis.exe |
"{0EF4A6A9-E0EA-4657-8B2F-16A231DE467F}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\grand theft auto\wino\grand theft auto.exe |
"{0F3A291D-3F76-467F-B156-2343C6531289}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-enus-downloader.exe |
"{0F9E4479-15E1-4EB1-BCE0-2DACDC9D324A}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\fear2\fear2.exe |
"{0FEEB190-E2A0-4476-B3EB-52219AD80B27}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\grand theft auto 3\gta3.exe |
"{10282E8B-0D11-42AA-B927-A41FB89A75A3}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\fear ultimate shooter edition\fearxp2\fearxp2.exe |
"{10602FAC-6E91-49DC-9CB3-6C09A2FDED27}" = protocol=17 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{109459AD-4EAB-4C3E-ACF8-B2FA7F10C713}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\serious sam hd the second encounter\bin\samhd_tse_unrestricted.exe |
"{1096A92D-4293-46B2-B582-01E7F82B5BCA}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\steelstorm\steelstorm-dedicated.exe |
"{11232693-A245-466D-82ED-C6CE173565DF}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\from dust\from_dust.exe |
"{11254876-FFD1-4A6F-BC9A-C7FEA4CFEA6A}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\blocks that matter\btm_launcher_win.exe |
"{1165A1E3-C7CA-4376-8DFD-DC2C0AE8898E}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\deus ex - human revolution\dxhr.exe |
"{116D5CE2-E719-4A50-A5E3-73F77D10B3FB}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\beat hazard\beathazard.exe |
"{118055C0-A0F3-47EA-B751-D935E655B02B}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\osmos\osmos.exe |
"{11FFC925-2DBF-4DC6-99E7-79C52893820C}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\the binding of isaac\isaac.exe |
"{1237984E-7D95-41BB-B72A-5E17977DF7C8}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\fallout 3\falloutlauncher.exe |
"{126DD89B-6416-47AD-9194-DC3C8A442CA4}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-enus-downloader.exe |
"{128818A9-1E45-4A33-BA69-AF0248994C13}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\majesty 2\m2editor.exe |
"{1298BA02-62CA-4FE0-A1B0-9D481BED5BD2}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\thomaswasalone\thomaswasalone.exe |
"{12ACAEE2-C4F6-47A0-A37D-572FB3D6A0D8}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\jamestown\jamestown.exe |
"{12D26E00-7C4A-4BEB-A7C4-5AAF7E89720A}" = protocol=17 | dir=in | app=g:\steam\steamapps\just2damndgood\half-life\hl.exe |
"{12FC01E6-6966-49EE-9DB1-B366A44D252E}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\team fortress 2\hl2.exe |
"{131BEE99-D9F6-4923-A6F6-7DBA0B3111FC}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\left 4 dead\left4dead.exe |
"{137A0F53-A8A9-41D5-84DA-4B3394C063B4}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\dota 2 test\dota.exe |
"{1406ACA1-1735-4A5C-909F-7A8E4D43E82D}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\darwinia\darwinia.exe |
"{140E2F7D-505A-49AE-8FB3-9F5C35C5A7FB}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\stacking\stack.exe |
"{141E1E45-8E3F-491D-8251-B577DD836323}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\grand theft auto\wino\grand theft auto.exe |
"{14577782-F649-49E8-90C9-91C27296B1FA}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\crysis warhead\bin32\crysis.exe |
"{14636E9F-9810-4362-8C70-681E0C9FD7E0}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\back to the future ep 2\backtothefuture102.exe |
"{149A2057-04A5-46D8-934A-C4C420B48325}" = protocol=6 | dir=in | app=d:2\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{14BC4052-78BD-4A13-BC40-CF94E87DC3E9}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\uplink\uplink.exe |
"{14C8C743-4732-4C36-9EEE-6E9C9A71690F}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\osmos\osmos.exe |
"{152A8D4A-2130-41E2-A792-5961082B8493}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{156797B8-9C8D-4773-AADE-C5063B3B995B}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\the witcher enhanced edition\system\djinni!.exe |
"{1589CF5A-AC14-4FD4-934E-96C26F71C960}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\alien swarm\swarm.exe |
"{15A2F7B9-1AA5-481C-9712-1640C8468174}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\dishonored\binaries\win32\dishonored.exe |
"{15F4B760-740D-4104-9D2F-4C78CD5A2A94}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\amnesia the dark descent\launcher.exe |
"{15F6787A-E87C-488E-9D14-8FF507F54A9D}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\dead island\deadislandgame.exe |
"{1633FFEB-6D58-489E-9669-3FEBF59B56B7}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\back to the future ep 1\backtothefuture101.exe |
"{16398760-E4E8-42DF-8BE3-78991B3AF277}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\left 4 dead\left4dead.exe |
"{165C4B69-BEC1-4DA4-97A7-62810926FBEA}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\serious sam classic the second encounter\bin\seriousmodeler.exe |
"{165F3467-5A93-4DD7-AEA6-BD93C8F10A1E}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\super hexagon\superhexagon.exe |
"{167685A8-5D4E-412A-AEE1-D483FD8F6A84}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\quantum conundrum\binaries\win32\trygame-win32-shipping.exe |
"{16B94693-4944-4D65-9561-1502E80163B4}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe |
"{16C54B4D-E41C-4F71-A083-733612ED023F}" = protocol=17 | dir=in | app=f:\steam\steamapps\just2damndgood\half-life\hl.exe |
"{16D3A837-7258-4C75-B8D8-C6597AF30D39}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\hoard\win32\reuben.exe |
"{16E4D2BC-09DC-4869-9F83-3C7A875329D7}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\team fortress 2\hl2.exe |
"{17575404-1A15-4D91-A065-EA0E3CB228EC}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\oil rush\launcher_steam.bat |
"{175875E5-1AC0-4156-8808-F41881434D8E}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\dota 2 beta\dota.exe |
"{17661FFB-936F-4C80-8F2A-42396F5D041E}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\overlord\overlord.exe |
"{1859841E-1C41-426B-9BEF-8AAE3CD04CA4}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\realm of the mad god\realm of the mad god.exe |
"{18BACF49-DE86-476B-B08D-326A1C946CA4}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\aliens vs predator\avp_dx11.exe |
"{18CE32C0-E6B4-4460-B017-6E62A397655F}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\the sims 3\game\bin\sims3launcher.exe |
"{18DBB301-63E0-45E2-9850-2C99339B2979}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\orcs must die!\build\release\orcsmustdie.exe |
"{190214FC-B248-47B0-89A0-17C45F2FFF7C}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{19960826-651B-45D7-B9F2-E166DF16F09E}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\serious sam classic the first encounter\bin\seriousmodeler.exe |
"{19AED618-C477-441C-9F5E-1BC6E99D078D}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\l.a.noire\lanlauncher.exe |
"{1A0C6375-42FC-45E1-9602-2C4C52DE6B81}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\dungeons of dredmor\dungeons of dredmor.exe |
"{1A37124F-C227-40F7-A700-661B0544E238}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{1A439B82-7AF2-405B-AFDC-3415D2EDAE1E}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{1A4428D9-B3C3-4C07-88AF-8AA5BE14E6EA}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\grand theft auto 2\gta2.exe |
"{1A472EA7-677A-4191-A37E-54A96051A854}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\fear2\fear2.exe |
"{1A73AE4C-CFC9-4DC4-A908-FDB4373C5DB7}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{1A8018F8-46F1-4BC0-AD7D-770CDB06798D}" = protocol=17 | dir=in | app=f:\steam\steamapps\just2damndgood\day of defeat source\hl2.exe |
"{1A816178-3C96-4E8E-845F-A25E3D456198}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\mass effect\docs\ea help\electronic_arts_technical_support.htm |
"{1A852F5B-37C0-4400-B0B6-35EFB4DA4216}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe |
"{1AA73B66-A1DF-4D2D-934C-D41F3C553988}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\portal 2\portal2.exe |
"{1AE624DB-301D-4390-89EA-95CA6997A40F}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{1B3503BB-1C9B-476E-8D06-AAC81C1B89E5}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\serious sam hd the first encounter\bin\samhd.exe |
"{1B567D04-6646-4029-9BAE-60ABBF34B876}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\dungeons of dredmor\dungeons of dredmor.exe |
"{1BFF2F5E-E6D9-4C46-8ED2-207B061B801E}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\warframe\warframe.x64.exe |
"{1C173F57-9412-461F-8966-EF75FB79E009}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\oddworld abes oddysee\abewin.exe |
"{1C566CAF-F0F1-4325-9FC6-457B496BEB13}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\sid meier's civilization iv\civilization4.exe |
"{1C9008CF-1CF4-4FF8-BB04-690DA7133F4F}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\sid meier's civilization iv beyond the sword\beyond the sword\civ4beyondsword.exe |
"{1DFD29D8-6004-4A3C-9E3A-576662D56193}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\the sims 3\game\bin\sims3launcher.exe |
"{1E046D9C-8B62-42DC-AB12-B85CA650BA76}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\poker night 2\pokernight2.exe |
"{1E307772-1FEC-477E-AC28-D06D3548E270}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\stacking\stack.exe |
"{1E34F665-2307-4648-9736-BB568762130B}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{1E599023-9E0F-4B57-B0F5-FC44C2E96D5B}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\grand theft auto 2\gta2.exe |
"{1EAC3C67-AFB2-4B5E-8C5C-0B5FD85FD797}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\beat hazard\runme.exe |
"{1EAED9EF-95E4-401F-8263-5C875AE91CEC}" = protocol=6 | dir=in | app=c:\program files\curse\curseclient.exe |
"{1EC3225A-C2F8-41EE-BF1E-6FA118DCE9A8}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\tinyandbig\tinyandbig.exe |
"{1F270246-9781-4789-879C-8EEEC93776A7}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\serious sam hd the second encounter\bin\samhd_tse_unrestricted.exe |
"{1F2F12E5-4905-4664-BEB6-D10D30F656FF}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\sid meier's civilization iv warlords\warlords\civ4warlords_pitboss.exe |
"{1F766CE3-1219-4FBE-8B8C-EBC81EB51B71}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\aliens vs predator\avp_dx11.exe |
"{20682D3E-6021-480B-9C37-4A549D397478}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\srcds.exe |
"{20C1155B-71D8-4BFB-8936-03A077AE84B1}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\ben there, dan that!\winsetup.exe |
"{20C15B51-37A3-479F-8AE7-1AD762530A14}" = protocol=17 | dir=in | app=c:\program files\electronic arts\battleforge\battleforge.exe |
"{20CC3555-CD27-4977-8B7A-050209084AA1}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\the binding of isaac\binding_of_isaac.exe |
"{20D0EEFA-4C64-4348-8853-9F242C2147CA}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\left 4 dead\left4dead.exe |
"{20F8EE59-8C25-4768-B932-5A9855456443}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\amnesia the dark descent\launcher.exe |
"{21143B85-F7B3-4C70-9CF1-2AB41294F708}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\bully scholarship edition\bully.exe |
"{215A9E5E-9A80-4A0C-BEAC-09A2E1A03B5B}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\dota 2 beta\dota.exe |
"{21788684-8F4C-4888-93DE-FFA76D6767BE}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\jamestown\jamestown.exe |
"{2194FE59-9724-49A4-831C-7C23A22C165D}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\grand theft auto san andreas\gta-sa.exe |
"{21A99D63-1914-4918-BD40-BBFAEBB3BB3E}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\atomzombiesmasher\data\atomzombiesmasher.exe |
"{21B19CEA-E43B-413E-B519-EF192C58F99E}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{21D7AB3E-4018-424D-BB00-F9CB579E94FE}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\the witcher enhanced edition\system\witcher.exe |
"{21DAF70B-8492-4728-B8A6-5EC9ED832694}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\shadowgrounds\shadowgroundseditor.exe |
"{21E619B8-1954-4E9B-AF6D-AE06CBC60D8D}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\bioshock\builds\release\bioshock.exe |
"{21E89F97-BD59-4CA5-9147-3ACDC65AFC4A}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\aliens vs predator\avp.exe |
"{2295B90B-067D-4E35-9388-0BD6013D717C}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\eufloria\eufloria.exe |
"{229D7AC0-FE62-4C44-8FC4-5B081466E97D}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\the ball demo\binaries\win32\theball.exe |
"{231B9BB6-F899-4EF1-84C8-A1731698460F}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{235F71AB-F97E-41DC-85C3-4A4E78963D01}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\dota 2 beta\dota.exe |
"{23AE5BFF-827F-456C-BEC6-D9A90918539B}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\lume\lume.exe |
"{23ED4DE6-71BA-441B-843B-A326EA52E70B}" = protocol=6 | dir=in | app=c:\program files\mcafee\managed virusscan\agent\myagtsvc.exe |
"{241C96AF-F0FA-4C16-9453-E4F5A7A28C78}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\hoard\win32\reuben.exe |
"{24B16327-FBC7-460E-B221-C9DA8B035295}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\steelstorm\steelstorm.exe |
"{24C64809-C09E-4320-9B0E-87057F7BBB2B}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{24EC47AF-3F3A-4172-BF3B-7CF3BD88BEAD}" = protocol=17 | dir=in | app=c:\users\attila\desktop\qq games\qqgamesd.exe |
"{252973E3-A1E4-493C-BAAE-D5F4D071EF01}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"{25970724-AD13-4080-BA0A-6F3B261A9F21}" = dir=in | app=c:\program files\zecter\zumocast\zumocast.exe |
"{266CE218-C781-4FB8-AB8B-3C55D6D6A7BD}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-enus-downloader.exe |
"{2687DE69-99EE-4458-9D4B-A6631F849535}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\counter-strike source\hl2.exe |
"{269C80FC-DE2D-4ECA-8C78-7865AF8536FC}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{26A385EF-5806-4598-8D15-05A0E075F8A4}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\penumbra overture\redist\penumbra.exe |
"{26E9A46F-0248-44F0-98D1-D5DB4C87F9EB}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{27227BAB-7AA8-4439-95DE-3DD7DDF71D3A}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\team fortress 2\hl2.exe |
"{2752CC94-9992-4653-8B16-2A27B92A6F8F}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\saints row the third\saintsrowthethird.exe |
"{2784E961-FF4D-4BFC-A7F1-030AA4A3AAF3}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\brink\brink.exe |
"{27D06497-C2C8-4665-A211-03A68DA24CD7}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe |
"{28119758-7C83-4F91-BEB5-4B1EF0DCD615}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\serious sam hd the second encounter\bin\samhd_tse.exe |
"{289E925F-988D-4F52-BCAD-212EC929A3EB}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\killingfloor\system\killingfloor.exe |
"{28B9A070-6FF1-46F7-92E8-C4C5017F6006}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\shadowgrounds\shadowgrounds.exe |
"{28D11F86-D408-4388-8AC3-FD53C749A357}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\alien swarm\srcds.exe |
"{28FE3938-B9C2-4128-B238-2010310F4BB1}" = protocol=6 | dir=in | app=f:\steam\steamapps\just2damndgood\half-life\hl.exe |
"{29BE2766-3B1B-49BA-9F72-4B109CA72404}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\aliens vs predator\avp_launcher.exe |
"{29C5CE4D-F2AC-44DD-973F-1263EE02A487}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\serious sam classic the second encounter\bin\serioussam.exe |
"{29D8B139-A8E1-4AD4-A40C-9E8E383A216A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{2A05912C-1218-4BF4-922D-3E70D854BCEE}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\trine\trine_launcher.exe |
"{2A256D77-9967-4C36-886F-8839975233DB}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
"{2A2BDD8B-1BB7-409B-8599-A8A285FCA8B2}" = protocol=17 | dir=in | app=d:6\steam\steamapps\common\beat hazard\beathazard.exe |
"{2A41E739-43B0-4547-BAE5-917C600B9353}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{2A7FC021-E63E-4D1E-B47A-B9C4126701C8}" = protocol=6 | dir=in | app=f:\steam\steamapps\just2damndgood\day of defeat source\hl2.exe |
"{2A92C6C1-3624-4B4D-81A7-8146478A4B7E}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\batman arkham asylum goty\binaries\bmlauncher.exe |
"{2AED9E95-3B2A-4C3B-9B31-6FB538348E1E}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\back to the future 105\backtothefuture105.exe |
"{2B65CE3D-31E9-4A68-A461-427492104460}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\serious sam hd the first encounter\bin\samhd.exe |
"{2B86FBD7-E605-47BA-B069-9567C19C99C6}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\rhythm zone\rhythmzone.exe |
"{2BB56EE5-4B12-4ABD-9914-B320A66FFDF1}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\hammerfight\hammerfight.exe |
"{2C05E22B-37A3-4D49-9913-D0844E20C199}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\overlord ii\config.exe |
"{2C9BCCBE-A1F3-4FB3-92C4-4DD9EE3839A8}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\steelstorm\steelstorm.exe |
"{2C9D6464-0B2E-40DD-A567-0E19EC8EBC60}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{2CA6A4B0-0E78-48E6-A2E5-1AF2B4A29542}" = protocol=6 | dir=in | app=d:2\steam\steamapps\common\aaaaaaaaaaaaaaaaaaaaaaaaa!!!\main.exe |
"{2CEC02B1-C7DC-475F-87CC-3BBD5B31FD4B}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{2D4B5B91-447F-481B-9A14-A2B89546BC78}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\beat hazard\beathazard.exe |
"{2DBD1E85-74CE-49BB-BA7F-6123C0483BBC}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\aliens vs predator\avp.exe |
"{2E2159A2-7A96-49EB-9195-1EC7D10E62E6}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\world of goo\worldofgoo.exe |
"{2E26D21A-9CA0-4A21-9F4B-DB00A4F10301}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{2E7184E8-5716-4B5E-9514-F196DEF1BCF2}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\shadowgrounds survivor\survivor.exe |
"{2E827402-2FBA-49F5-8ECC-F4C899CF3752}" = protocol=6 | dir=in | app=d:6\steam\steamapps\common\saints row the third\game_launcher.exe |
"{2EC8BFA1-3D85-4E41-9996-701CC706F93F}" = protocol=6 | dir=in | app=d:6\steam\steamapps\common\dota 2 test\dota.exe |
"{2ED948D3-122B-4D19-8C51-8A5153950986}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\alien swarm\swarm.exe |
"{2EF0E6ED-1F06-467D-AEA6-5298BCFDC925}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\company of heroes\reliccoh.exe |
"{2F6E7709-770C-4AE9-9901-B02B74042E63}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\fallout 3\falloutlauncher.exe |
"{2FD82134-16CF-4B8F-B616-636D32EE04E9}" = protocol=17 | dir=in | app=c:\program files\curse\curseclient.exe |
"{2FE4DB23-4D15-4028-8653-414F774C3259}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\sniper ghost warrior\sniper_x86.exe |
"{306E11D9-9FF9-4E86-BB0E-D006256EF6D8}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\serious sam hd the second encounter\bin\samhd_tse_unrestricted.exe |
"{308E188E-645C-446A-A60B-91B62D07CDDC}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\shadowgrounds\shadowgroundslauncher.exe |
"{30A7B620-72D6-41A5-BC27-810750A23990}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\tinyandbig\tinyandbig.exe |
"{30C4942F-54DE-44CB-8DDE-B898152ADF7B}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\killingfloor\system\killingfloor.exe |
"{315F01F4-1E02-4F9D-92B6-A9AECF5AAA5D}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\the sims 3\support\ea help\electronic_arts_technical_support.htm |
"{316CAEC6-5C06-483C-8EB2-361707393049}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\castlecrashers\castle.exe |
"{3178071A-BF65-47A3-A4CA-3A086AC894AA}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\penny arcade adventures on the rain-slick precipice of darkness episode 2\rainslickep2.exe |
"{3180FDF5-1CA5-4656-A17D-4E43D74E2A11}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\the last remnant\binaries\tlr.exe |
"{31CDFA2A-DD31-4B0A-8609-D24E04AF00F9}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\arcadia\act.exe |
"{3253C886-E189-4D15-B72C-4233DE943E66}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\shadowgrounds\shadowgrounds.exe |
"{327C4AF5-9BA1-4AE4-8E61-DE61F7AC91C7}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\the witcher enhanced edition\system\djinni!.exe |
"{32AC4DA3-674B-44F0-BBD1-370CEAD5CF9D}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\bit.trip core\bit.trip core.exe |
"{32D6BBA2-B6F3-44E0-96B7-8CE5BDE3A4C2}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\the witcher enhanced edition\system\djinni!.exe |
"{32D7A90B-8C18-47C3-9915-0859935C6634}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{32E05631-AE42-495A-9A3E-EFC24A4712B8}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\trauma\trauma.exe |
"{330B4908-AAC3-45C7-8026-B78159AC48BB}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\tropico 3\tropico3.exe |
"{3313E3CB-1072-45A0-A089-D2B40C8B4588}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\nightsky\nightsky.exe |
"{331CE463-2F6A-4482-B5EA-11D5BF52CE74}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\back to the future 103\backtothefuture103.exe |
"{33457608-CDBA-48F9-8543-C263F5369F86}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\osmos\osmos.exe |
"{339C7B6F-608E-4030-BF40-EA9E8E508A89}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\aquaria\aquaria.exe |
"{33C16F4E-B9E6-4B04-8DFA-F7F146A9CF6E}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
"{33C8040B-CC33-4693-9F76-D08B441DCC7C}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\serious sam classic the first encounter\bin\seriousmodeler.exe |
"{33D5854F-C278-4601-8486-376EA16023FC}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\the walking dead\walkingdead101.exe |
"{33EF7795-9D02-4972-86AE-0421333F1F34}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\stacking\stack.exe |
"{343B6A26-DA5E-4DC0-9B16-C0AB132B1396}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{34798A7D-E8E4-4070-90FD-D6F9C1F3EED8}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\english country tune\english country tune.exe |
"{34851B11-FEF2-4766-B254-67358245341A}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\hotline_miami\hotlinemiami.exe |
"{34A11A0F-223D-4804-A9EA-A71F583C57C9}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\penumbra black plague\redist\penumbra.exe |
"{34E78DE2-FDDA-4E47-BC54-399A3F32BBA8}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\serious sam hd the second encounter\bin\samhd_tse_unrestricted.exe |
"{350F8B52-C5F0-453E-9D8E-B021006459D9}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\dungeons of dredmor\dungeons of dredmor.exe |
"{3524FB65-6976-432C-8E05-E5E927920DFA}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\serious sam classic the first encounter\bin\seriousmodeler.exe |
"{35274F2D-12A5-47F1-8BB8-BD3436669BC9}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{35422EDD-417A-4CFB-BDC7-12C3E58566A6}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\serious sam classic the first encounter\bin\serioussam.exe |
"{35640119-A66A-47E4-8CA7-34C8A8FC6920}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\shadowgrounds\shadowgrounds.exe |
"{35AA4FA2-774C-4920-BF91-C2FE5874F15D}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\lume\lume.exe |
"{35C3EAD6-6634-4514-997F-06DB4B613978}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\ben there, dan that!\btdt.exe |
"{35F6BFD9-C59C-4418-8BE5-53D60906D7F2}" = protocol=6 | dir=in | app=d:6\steam\steamapps\common\beat hazard\beathazard.exe |
"{36094D66-5F77-4F0D-B8F7-3F6715C86188}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\fable 3\fablelauncher.exe |
"{3626F8DD-FF38-4775-8C2D-634F3D2435DB}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\dota 2 beta\dota.exe |
"{363E93C0-8A4B-4AF0-BCD1-64405E9CB420}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |
"{366D09C1-B849-4260-B190-6CF1AEE51377}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\serious sam hd the second encounter\bin\samhd_tse.exe |
"{3679F50A-4F06-4B2F-B270-1C1FFB59FC19}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\sanctum\binaries\win32\sanctumgame-win32-shipping.exe |
"{36AD75AB-149A-4E1D-BFAC-8438A4EB4C66}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\super meat boy\supermeatboy.exe |
"{36C3D630-9BD2-405B-A8BB-D07AA80A4D18}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\trine\trine_launcher.exe |
"{37096AAB-913E-4B58-84C1-B600AB533FDD}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\fear ultimate shooter edition\fearxp\fearxp.exe |
"{3712E734-BD5E-4D91-B4AB-2B01C3D2B831}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-enus-downloader.exe |
"{37217C64-4EBA-4BA5-953B-D004770D4C29}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\aaaaaaaaaaaaaaaaaaaaaaaaa!!!\main.exe |
"{3736D170-448A-4288-97FC-ECF92FE7C872}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\penumbra black plague\redist\requiem.exe |
"{37B74D1B-016B-44FF-B57C-BC7FDE1B6B3A}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\fallout 3\falloutlauncher.exe |
"{37C20C46-606F-4020-B8D1-CF5A963E733B}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\beat hazard\beathazard.exe |
"{3812D6B7-A289-4AD9-B5D7-797FD3D27123}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"{3825F89D-E9B8-4468-899E-D462BC8E150B}" = protocol=6 | dir=in | app=f:\steam\steamapps\just2damndgood\counter-strike source\hl2.exe |
"{3837AC05-505D-41A2-91E2-2F26D80225C8}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\serious sam classic the first encounter\bin\seriouseditor.exe |
"{3854113F-6912-4CB9-AA39-A1CFFA2D3F48}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\crysis warhead\bin32\crysis.exe |
"{385AC803-E476-4ECB-A32D-8F5FCCC24CDD}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\crysis wars\bin32\crysis.exe |
"{38A09D98-B682-4B43-9DAB-5DCB365DC803}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\serious sam hd the first encounter\bin\samhd.exe |
"{38C098A4-D9FB-4E15-B74E-B566A12EDEDB}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
"{38E6A1F1-A998-4232-8CF3-F116CC6CA448}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\saints row the third\game_launcher.exe |
"{38E8AE8A-084B-4E0A-B988-C232D474D031}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"{39669D52-3084-484D-9D90-8AD5EA3DDCA9}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\frozen synapse\frozensynapse.exe |
"{398071F5-7D3E-4DFF-9ABD-C205C7285382}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\dear esther\dearesther.exe |
"{3A368CD1-3705-40C8-89CD-1194EC03D970}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"{3A9EA90E-F4FC-4B0A-82FC-1862237006EA}" = protocol=17 | dir=in | app=g:\steam\steamapps\just2damndgood\garrysmod\hl2.exe |
"{3B3EA459-D862-4898-8E62-96EE172A6BEF}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\penumbra black plague\redist\requiem.exe |
"{3B46B221-D0F0-446A-8602-994421326440}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\proteus\proteus.exe |
"{3BA52027-7167-45A7-9759-FD16BFB02286}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\shadowgrounds survivor\shadowgrounds survivor launcher.exe |
"{3C72A566-2E08-432E-8ECA-3AEDD73D155D}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\dota 2 beta\dota.exe |
"{3C7BB41B-583B-484F-98FE-3D0133567FB2}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\sniper ghost warrior\sniper_x86.exe |
"{3CA08235-68A4-4215-A3CD-62DE09CB3CE9}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\back to the future 104\backtothefuture104.exe |
"{3CAC1F10-9F02-4D65-8E15-7323B72B6523}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\trauma\trauma.exe |
"{3D0CD4A2-422E-411D-A074-DBB7701AB765}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\lead and gold gangs of the wild west\lag_win32_public_dev.exe |
"{3D1E3C21-BF7C-479A-83FE-789DCF567B39}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\portal 2\portal2.exe |
"{3D2EA000-E06D-417F-BAC2-1D405D04D1DF}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\shadowgrounds\shadowgroundslauncher.exe |
"{3D2FC306-0F09-4D7F-9DC2-92E27E810A44}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\crysis\bin32\crysis.exe |
"{3DC3CB2C-ACA3-434E-825F-81E82DEE3814}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\fable 3\fablelauncher.exe |
"{3DCBEC7A-DF7F-4A25-98FC-45282EACBD62}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\penumbra overture\redist\penumbra.exe |
"{3E73BAE6-1165-4C2E-91FA-BD2ADBD38E0B}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\shadowgrounds survivor\shadowgrounds survivor launcher.exe |
"{3EC14C72-7B6E-4F4E-95B3-B8D84C716649}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\sid meier's civilization iv\civilization4.exe |
"{3F15BCA6-3F8E-4D3D-94DA-9D8B908C03BC}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\civilization iv colonization\colonization.exe |
"{4034E02F-9BBC-4425-AD28-39E05C920D4A}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\warframe\warframe.exe |
"{40448E88-21C3-4EC2-9B06-551306B588ED}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{4047F5E9-5433-4FBB-B661-C973B2808DB8}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{40628702-0630-46F5-9332-D36F6B6AFBFA}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\dishonored\binaries\win32\dishonored.exe |
"{41D998CB-8AB0-4FC2-85FE-E05ED5D3F155}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\crayon physics deluxe\launcher.exe |
"{41DE0752-5895-4142-96C3-2D5816C9DA3D}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\on the rain-slick precipice of darkness - episode one\rainslickep1.exe |
"{426ADD26-FF43-46CF-87BF-3046A1453A74}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\overlord ii\overlord2.exe |
"{42796303-0345-4DFC-9D8B-821F1CF683A5}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\fear ultimate shooter edition\fear.exe |
"{42C33926-F9A1-406F-91B4-80A047756417}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\l.a.noire\lanlauncher.exe |
"{42FB462F-3512-4AC2-8C96-439A4323F348}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\super meat boy\supermeatboy.exe |
"{43D4C483-6B7A-4722-B492-41F86AF9448A}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\bit.trip void\bit.trip void.exe |
"{43FEA81A-8150-4E2A-842B-619E4A0BA926}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\l.a.noire\lanlauncher.exe |
"{4446F6A2-2571-4AB8-9688-CC8542935E45}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\civilization iv colonization\colonization.exe |
"{4537447D-430D-4998-9D36-EA27CBEF4908}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{45474092-BD1A-4AED-82DC-40678CBEBCE2}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\darksiders\darksiderspc.exe |
"{471E2464-D3CB-43A1-BE16-EBDB05D57AD2}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\overlord\overlord.exe |
"{47337288-4D44-4003-AF43-05C186364DD6}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\steelstorm\netradiant_win32\radiant.exe |
"{4735DCAF-D05A-4FA0-9804-C0D63C7FF227}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\shadowgrounds\shadowgroundseditor.exe |
"{4772DC24-2225-46FD-9B9E-26A3F4FA99D1}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\shattered_horizon\client_exe\shattered_horizon.exe |
"{481940F6-FDA3-40F9-AB38-915E2E3F69CE}" = protocol=6 | dir=in | app=d:6\steam\steamapps\common\beat hazard\runme.exe |
"{487B1E28-1962-4D4A-B390-5AEB6E4C7761}" = protocol=6 | dir=in | app=g:\steam\steamapps\just2damndgood\day of defeat source\hl2.exe |
"{488B61A9-C21A-471F-ADAF-70A4BDC136AC}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\aliens vs predator\avp.exe |
"{48B6504F-5A39-4CE8-B891-FFF329C4B575}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\sniper ghost warrior\sniper_x86.exe |
"{4916CECD-6367-4DAF-9381-D0ED6110A12F}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\back to the future 103\backtothefuture103.exe |
"{49318042-A3CB-41DF-9E01-BEDFA47D29EE}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\grand theft auto vice city\gta-vc.exe |
"{4963E8B2-F259-430F-83AF-967448B27342}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\penumbra overture\redist\penumbra.exe |
"{49DA297D-FCD7-4B17-954D-04652B90FF19}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\brink\brink.exe |
"{4AE1E486-959F-4438-AF06-52CEBCB1BBF7}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\metro 2033\metro2033.exe |
"{4AF9F062-52CC-4EA4-B7B3-70BBECCE0AEC}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\sanctum\binaries\win32\shippingpc-sanctumgame.exe |
"{4B148989-ABD7-43E5-89EA-4EFE3EB07D9D}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\serious sam classic the first encounter\bin\serioussam.exe |
"{4B4F2A2E-DA26-425E-83DA-F9F676242A82}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\dino d-day\srcds.exe |
"{4CBD3063-2F15-4C7F-BE5F-7FA16310ACB8}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\alien breed impact\binaries\alienbreed-impact.exe |
"{4CCE1695-88F8-411E-89BB-8EEF63668382}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\penumbra black plague\redist\requiem.exe |
"{4DACCAAB-6C64-445C-83B7-335E89CDD579}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\dino d-day\srcds.exe |
"{4DAFF973-1F45-4195-BDBB-2AEB6189E45B}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\majesty 2\m2editor.exe |
"{4E029B2C-BAAA-4DF0-A238-A0341A46A477}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\steelstorm\netradiant_win32\radiant.exe |
"{4E10E116-6499-494F-BB55-DA0B7B13D5B2}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\proteus\proteus.exe |
"{4E2053A4-3264-41C3-B67D-44713CE5654A}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\back to the future ep 1\backtothefuture101.exe |
"{4E209D0D-1FD6-4FD2-BF75-F6E58C75ECB1}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\aliens vs predator\avp_dx11.exe |
"{4E339139-89A6-4AA9-B023-EBC5E96FA392}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\aliens vs predator\avp_dx11.exe |
"{4E5A5591-A557-4831-BD0F-4F9822FE380D}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\from dust\from_dust.exe |
"{4EF219F8-51A4-408B-AECF-564B9CB11100}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\mass effect\binaries\masseffect.exe |
"{4F0071F9-B1B4-4AD9-BF7F-18AAA185F9BE}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\bit.trip void\bit.trip void.exe |
"{4F0DA8D9-0B3A-4313-93E5-FF447E60C6B5}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\overlord ii\config.exe |
"{4F358D5D-2897-49D5-8457-45F413EF306C}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\black lake prototype\black.exe |
"{4FF8343B-1780-48DA-9AFC-5155FD81AFDF}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\overlord ii\config.exe |
"{509D54FD-314D-42FB-83A4-05369CC2A9E1}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\dead island\deadislandgame.exe |
"{50E7F62C-1ABD-407D-ADED-AD4EADC82F8F}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\crayon physics deluxe\launcher.exe |
"{510744D1-74B9-4CC8-A3C6-8BB6682AD58B}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\metro 2033\metro2033.exe |
"{51202FAB-EB94-4C88-BC51-1EE6211583AB}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\serious sam classic the first encounter\bin\seriouseditor.exe |
"{51B3091B-1DC5-423A-BB99-2972F405B1CE}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\microsoft flight\flight.exe |
"{51E84D33-4BC3-4627-AC12-5902656283AD}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-enus-downloader.exe |
"{52192523-810D-4FAD-B485-17296E49168D}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\mass effect\binaries\masseffect.exe |
"{52892B51-763E-423C-9D07-4E2F6F3894B0}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\majesty 2\majesty2.exe |
"{52BA81C0-63B7-4B3B-89B6-991F8D351196}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\mass effect\binaries\masseffect.exe |
"{52BFF44B-2973-4094-8087-D1DCA90E17D1}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\aliens vs predator\avp_dx11.exe |
"{52EAA257-DF65-4664-8CCA-5863DA25A3FD}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\bit.trip runner\runner.exe |
"{52FA3109-866B-46C4-B555-3A018075E9CD}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\left 4 dead\left4dead.exe |
"{531913C8-B417-428F-8852-02638EE564AB}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\mass effect\docs\ea help\electronic_arts_technical_support.htm |
"{532DC6E5-C8AC-4605-A63F-68CD3BEB1436}" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
"{5378BFDF-ADC5-48C1-B74A-B80A617A0FF3}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\back to the future 103\backtothefuture103.exe |
"{538EA4B5-3C14-4CAF-A336-21D76A3F9FF4}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat |
"{53EF498F-F15D-4CA5-AA7B-22BAD3BDCB10}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\serious sam classic the first encounter\bin\serioussam.exe |
"{53F07FC8-FE58-42B9-B94C-025FA1DEF37D}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |
"{5428509F-17E3-41D8-8D2A-1381ABEDFCE3}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\serious sam hd the second encounter\bin\samhd_tse_unrestricted.exe |
"{544D83A2-816C-4773-9AD0-92510C2316B5}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |
"{54517A36-A93A-4E65-B79E-58BB28610A63}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\the binding of isaac\binding_of_isaac.exe |
"{54F163B3-2EDE-4248-BBAA-1B92B5E07163}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\the wonderful end of the world\main.exe |
"{55A100D7-B87D-427D-81C8-6B14C2F0FADF}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\the binding of isaac\isaac.exe |
"{55B6A756-CB6C-419B-BFA0-F49981D9A6BD}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\super meat boy\supermeatboy.exe |
"{55D5B934-C5C6-49BF-BCC5-E3F44506C868}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\sid meier's civilization iv warlords\warlords\civ4warlords_pitboss.exe |
"{5605CCA4-FFD7-4E1D-AD74-8CB70C197C52}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\hotline_miami\hotlinemiami.exe |
"{561CA4D1-79CE-4F85-B04F-0496FA6DD765}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\amnesia the dark descent\launcher.exe |
"{563F49CE-696F-4C11-B6CF-919476D2A023}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\cargo commander\cargocommander.exe |
"{569F3570-DADC-4042-B6F5-EAF03F872FB4}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\sanctum\binaries\win32\sanctumgame-win32-shipping.exe |
"{56CC22F1-800A-4A49-A90F-B62CD4B05565}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\crysis wars\bin32\crysis.exe |
"{56E8BFF9-18A5-414D-B04E-9DEB68F4F441}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\fallout 3\falloutlauncher.exe |
"{571CBD59-1F10-465E-BD1E-1D033912CB69}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\garrysmod\hl2.exe |
"{5772D47F-0611-4D63-8576-08770C7A350B}" = protocol=17 | dir=in | app=c:\users\attila\desktop\qq games\update\update.exe |
"{57F534A8-09E2-4F5C-8568-629F4462156C}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\serious sam classic the first encounter\bin\seriouseditor.exe |
"{580E4167-7AB2-4C92-BC7D-791B90DC98F6}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe |
"{58ACE65F-2BFE-43C9-B010-F2277D41733B}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\civilization iv colonization\colonization.exe |
"{58C4D232-9A90-4259-B794-4F4C773D9EA2}" = protocol=17 | dir=in | app=d:2\steam\steamapps\common\aaaaaaaaaaaaaaaaaaaaaaaaa!!!\main.exe |
"{59287431-F3F5-4029-AAE0-9AA61CA818AD}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-enus-downloader.exe |
"{5A6831A2-82B6-46F3-9D98-BCA2028A2594}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\the sims 3\game\bin\sims3launcher.exe |
"{5AD0EC2B-3373-4F7B-90B4-38681F09519E}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\batman arkham asylum goty\binaries\bmlauncher.exe |
"{5B090226-0002-4383-80DA-7D0DDC2112A1}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\edge\edge.exe |
"{5B2E917E-25D5-4F5C-8CDC-B7795ED705AA}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\saints row the third\game_launcher.exe |
"{5B41C058-5A3C-4405-8170-A435FDE5CB7A}" = protocol=17 | dir=in | app=d:6\steam\steamapps\common\dota 2 test\dota.exe |
"{5B4276C7-19AE-49AB-92A7-036045E31EE9}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\left 4 dead 2\left4dead2.exe |
"{5B45D007-0F0C-45E9-9DA3-9B1818327CDC}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\overlord\overlord.exe |
"{5B625D2D-8220-4A11-B8E0-120CD44C5B37}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\rhythm zone\rhythmzone.exe |
"{5BA4A1DA-BB9E-4F59-ABB7-FCAB91F65B2D}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\serious sam 3\bin\sam3_unrestricted.exe |
"{5C03E646-95A2-495D-9588-844DF6C527C7}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\beat hazard\runme.exe |
"{5C9F3BFD-CE95-40D8-8CAF-630EDCDDD067}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\shadowgrounds survivor\survivor.exe |
"{5CC8D63C-AF5F-4CE9-8424-DCE677BED25E}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\portal 2\portal2.exe |
"{5CEC75D0-9D54-4E17-A967-27F4838F0F8B}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\simcity 4 deluxe\support\ea help\electronic_arts_technical_support.htm |
"{5CF89112-6668-4209-A0C5-2315255ABF6F}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\dead rising 2\deadrising2.exe |
"{5D7019D7-09A1-4957-ACB6-F1CBC53C6785}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\bioshock\builds\release\bioshock.exe |
"{5DF3FECB-D74C-4809-875B-619FA6E3CD3C}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe |
"{5DF535E0-5B9F-4BEF-841D-8EF47B59490F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5E6AA926-2796-4FFF-B3FF-889AFF86070E}" = protocol=17 | dir=in | app=g:\steam\steamapps\just2damndgood\garrysmod\hl2.exe |
"{5F7076CE-298A-4B79-B208-8C3D924B5E3A}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{5F93BA94-931A-48CC-9100-C7B3E14C4E2A}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\dota 2 test\dota.exe |
"{5FD4BEEB-861E-4023-BC67-9C5237FBE7AF}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\arma 2\arma2.exe |
"{5FF47379-C1F0-4F39-93C3-C14BA798D802}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\spiral knights\java_vm\bin\javaw.exe |
"{5FFD6F23-3EB6-4823-8B91-0676787EAF50}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\super hexagon\superhexagon.exe |
"{6021EB54-29D0-4B45-95D2-AB091AFADFC7}" = protocol=17 | dir=in | app=d:2\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{603477B0-245A-4E2A-A9BA-FD2A4DFB83D5}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\grand theft auto vice city\gta-vc.exe |
"{607057B6-37D4-4D16-AA37-4C901E9C6998}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\oddworld abes oddysee\abewin.exe |
"{6087F97A-0010-437F-AE13-A121261FA805}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\red faction armageddon\rf4_launcher.exe |
"{60A72873-4531-4379-9A97-520A6798012D}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\titan quest\titan quest.exe |
"{60CFE733-3CE1-4B68-B9C5-C4340B6E7FF3}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\arcadia\arcadia.exe |
"{610D3BDE-E790-468B-A330-AAA93E079801}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\gratuitous space battles\gsb.exe |
"{613BC88B-3FAD-4338-93E3-263A666D49F0}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\thepolynomial\polynomial.exe |
"{61AD2940-ECC5-4205-9F0A-F4852FF1F152}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{61D87531-7487-41DD-BB90-5A5D5F80BE18}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\serious sam classic the second encounter\bin\seriousmodeler.exe |
"{61DF1395-3AD5-4383-A900-1D0CF631340D}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\grand theft auto san andreas\gta-sa.exe |
"{61E6941C-2E41-48FD-81E2-C58EEC082D92}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\overlord ii\config.exe |
"{61F2F946-6074-4E0E-822F-1D2ACBF33104}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\sid meier's civilization iv warlords\warlords\civ4warlords.exe |
"{621DE92B-6BB7-4C89-AEBB-CB4BCC198369}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\osmos\osmos.exe |
"{62351372-074B-4E5E-AF87-A7BF83B22732}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\bully scholarship edition\bully.exe |
"{630097C4-22B9-4BC5-A410-EFCD55E10B47}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\alien swarm\srcds.exe |
"{6318A935-D0A3-4ED6-8FB3-E347F2B3C20F}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat |
"{6358CE9E-5D17-4BB8-B14F-2704FDA9C9AE}" = protocol=6 | dir=in | app=g:\steam\steamapps\just2damndgood\half-life\hl.exe |
"{63B243D0-B5AF-47C2-8BB0-FAAD9DFFD781}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\from dust\from_dust.exe |
"{63CE7303-00EE-4BEF-8165-0FD650C6F9A1}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\shadowgrounds\shadowgroundslauncher.exe |
"{63CF172A-D90D-499F-AFA9-301D9FD079D2}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\maplestory\nxsteam.exe |
"{63E80568-8979-43B8-B815-D0F993CBE58B}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\grand theft auto 2\gta2.exe |
"{64286707-B097-47FF-8D7B-53E7DAB4CF9E}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\serious sam classic the second encounter\bin\serioussam.exe |
"{646E6E55-6A79-49FC-AEE8-3233CE3A8669}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\simcity 4 deluxe\support\ea help\electronic_arts_technical_support.htm |
"{649FD25A-EC0B-4FE0-81D2-B1591DB612B9}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
"{64D2885F-8739-4A4C-81F0-47CF571D076B}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\the binding of isaac\isaac.exe |
"{6519BA57-E749-4B3F-AD0F-2F950F3C0B8A}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\super meat boy\supermeatboy.exe |
"{652EF435-DE13-4872-B3B2-F6DC25279E81}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\autonomous prototype\launcher.exe |
"{65FD064D-6313-44E7-8EBF-AA111FF51CAE}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\grand theft auto 3\gta3.exe |
"{662D5BC6-C777-4BA4-AFF9-CF1B03E44C51}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\sid meier's civilization iv beyond the sword\beyond the sword\civ4beyondsword.exe |
"{66440F8E-1F17-48A0-AD50-EC874F7016EA}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\the witcher enhanced edition\system\djinni!.exe |
"{66A2C577-EEC2-4314-A6DD-6A35233E8394}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\arcadia\arcadia.exe |
"{66B89E7B-5B61-461C-BE99-6B1329F5E3EC}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\capsized\capsized.exe |
"{6834BCAB-DFC3-44C5-9D7D-E68B8427E5FC}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\terraria\terraria.exe |
"{685A4114-D9AA-4B30-90C7-1FD8AC994A1E}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\aliens vs predator\avp.exe |
"{686454D1-80C9-44AF-8E1F-8B5874ED373A}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\spore\support\ea help\electronic_arts_technical_support.htm |
"{68D7F5B1-CDCB-4CF4-BB02-4652B37B9FF2}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\brutallegend\brutallegend.exe |
"{68E9F8B6-95EE-4B32-BA85-225E5A9F52F9}" = protocol=17 | dir=in | app=f:\steam\steamapps\just2damndgood\counter-strike source\hl2.exe |
"{694F3D8E-0F14-4BAF-8324-BE15BF84E755}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{69E573B4-8AF2-4F26-B306-3C216D490A7F}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\red faction armageddon\rf4_launcher.exe |
"{69E73F53-0779-4FE7-840A-E542C1913B58}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\serious sam hd the second encounter\bin\samhd_tse.exe |
"{6A00779A-257C-414D-BE18-379608A05017}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\spiral knights\java_vm\bin\javaw.exe |
"{6A2E6AAC-0E46-4534-8F6C-4C55B9B81284}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\serious sam hd the first encounter\bin\samhd_demo.exe |
"{6A47E981-8B00-4890-AD65-10E54F7F4FA1}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\overlord\config.exe |
"{6A6DA090-B698-4D10-80FE-FD872B0A8C47}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe |
"{6AE1F914-C7A3-48D0-805A-9CA434ADD71C}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\crysis 2 - demo\bin32\crysis2demo.exe |
"{6AF418C4-9331-4A1B-8782-85C8B6D2C410}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\grand theft auto 3\gta3.exe |
"{6B2EAE9D-B812-4BF6-9508-300253E24F3D}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\limbo\limbo.exe |
"{6B471D18-6FC0-4602-8F6C-7A2B3C8D8C92}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\serious sam hd the second encounter\bin\samhd_tse_unrestricted.exe |
"{6B663702-EFD8-4984-B53C-129AFA4DF98E}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\aquaria\aquaria.exe |
"{6BC32007-DB1D-42F4-95E0-F24AF7AFD58E}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\awesomenauts\awesomenautslauncher.exe |
"{6BD1040A-0B6C-4C4E-A825-5AA1AD25E2EA}" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |
"{6C008C85-B175-43B8-BCAA-61DB656CE3AA}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\arma 2\arma2.exe |
"{6C5E61B5-2B57-4C25-805F-D248A7054553}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\serious sam hd the second encounter\bin\samhd_tse_unrestricted.exe |
"{6C74E593-3B08-4CD5-B36C-8D205CEA5F15}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\batman arkham asylum goty\binaries\bmlauncher.exe |
"{6CC6126B-3C8A-498C-839D-248AAEA105BC}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{6CD92362-4642-4A34-B863-F42DAE304F94}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\dynamite jack\dynamite jack.exe |
"{6CE9BAE1-4F48-47EB-B592-D58D68B6EEDA}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\swarm.exe |
"{6D4CB847-166D-42AC-A55D-108E8BA86CD4}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"{6DFE0C08-252C-4659-983D-C5272CE3DA90}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\steelstorm\netradiant_win32\radiant.exe |
"{6E060105-E5B6-4F7C-A785-C102C4128A54}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\hoard\win32\reuben.exe |
"{6E3BFE77-9ABE-4A86-B26F-D924AC31A930}" = protocol=17 | dir=out | app=g:\steam\steamapps\common\warframe\warframe.exe |
"{6E3EF7F3-CC73-46C5-BFEE-4E4A2EC012C2}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\crysis\bin32\crysis.exe |
"{6EBD555D-26A2-4913-947F-847BC4C38CBE}" = protocol=17 | dir=in | app=g:\steam\steam.exe |
"{6ECBD9EC-C99A-4A30-B94C-87A7E1C91437}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\red faction armageddon\redfactionarmageddon_dx11.exe |
"{6EDD6D63-C5DE-4125-BAFF-493D248B5B2B}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\aaaaaaaaaaaaaaaaaaaaaaaaa!!!\main.exe |
"{6F3E3BA7-A51B-4895-88DA-E22B08D63A8B}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\stacking\stack.exe |
"{6F454918-D7BD-4D77-8538-A31C4651FC58}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\tropico 3\tropico3.exe |
"{6F47A4E4-A214-437C-817E-709F56AC5128}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{7030A2FA-DA66-434B-83B7-AE42E43C1FB5}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\the sims 3\game\bin\sims3launcher.exe |
"{704D78D0-C577-4B6B-A337-BA2C3AF5294C}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\mass effect 2\masseffect2launcher.exe |
"{70643B77-04C6-4AB0-B36A-88DAC5EAF73B}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\defcon\defcon.exe |
"{70AFCCAB-0484-4FAD-BEA1-19CDA0153C39}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\penny arcade adventures on the rain-slick precipice of darkness episode 2\rainslickep2.exe |
"{70AFD548-5ADA-4056-BADA-ACF1ED500078}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\sid meier's civilization iv\civilization4.exe |
"{70D4D5EC-608A-4F52-A8B6-410556693E7F}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\bit.trip runner\runner.exe |
"{713F3334-53A7-42CE-B7EF-13854E451CCC}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\aliens vs predator\avp_launcher.exe |
"{717BBC8F-BCC7-4FA9-A534-D59FE7109F1C}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{7192B35D-BCFD-463C-8E19-3986003BB750}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\sid meier's civilization iv warlords\warlords\civ4warlords_pitboss.exe |
"{7197A7A9-A6F3-42FE-86E4-3E3FCB95D7A0}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\serious sam classic the second encounter\bin\seriouseditor.exe |
"{720A6F80-B88F-4CBB-BC90-0603EA7E44FC}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\company of heroes\reliccoh.exe |
"{7237AD17-A9B0-4B16-BBAB-BA484879A624}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\solar 2\solar2.exe |
"{72BC5827-5522-45DE-AF87-1D038AF79F51}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\blocks that matter\btm_launcher_win.exe |
"{7342CD29-55DD-498D-A189-0C5150B1C65D}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{73D7E0EB-5312-44A7-8589-3994CC23F7D0}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\portal 2\portal2.exe |
"{73DC8516-CBD3-4B62-971A-8ECEE8DB3F71}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\beat hazard\runme.exe |
"{74190F1B-6CBF-4CDD-973C-A4F8606DB2EC}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\spore\sporebinep1\sporeapp.exe |
"{7455B4C6-9E9D-4ADF-921D-DB901658AD63}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\red faction armageddon\rf4_launcher.exe |
"{748AF982-6957-47C8-9EDC-FBF0F08A945E}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\magicka\magicka.exe |
"{752A5BE4-2F6F-4E77-94EE-3F398E81B9C6}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{7573CCC8-BDD5-4232-8987-6EF28D93F741}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\poker night 2\pokernight2.exe |
"{75AA5165-C244-4362-806F-8CE84E806B8F}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\sniper ghost warrior\sniper_x86.exe |
"{75C741D6-3CEE-4BBA-8B71-B7EBF166171B}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\serious sam classic the first encounter\bin\seriousmodeler.exe |
"{760066FD-C3AB-4AD0-99A9-F401674ED5E6}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"{760EE0D6-A66D-496C-A55B-3F9FBB946982}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\serious sam classic the second encounter\bin\seriousmodeler.exe |
"{76A18E0E-210B-48AA-A867-F2156E728ED1}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\crysis\bin32\crysis.exe |
"{76F4045C-6B98-463B-AA11-722EBA98E5EE}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{77171D3C-4489-4971-87DA-9A5590189F20}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\overlord\config.exe |
"{774DB99F-FD5B-452B-96F3-73DDE9D2A139}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\blocks that matter\btm_launcher_win.exe |
"{77537917-5D47-43B2-87C2-5B18B171F258}" = protocol=17 | dir=in | app=d:6\steam\steamapps\common\dota 2 beta\dota.exe |
"{77799A90-5DAF-4694-8805-AB1D71838721}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\shattered_horizon\client_exe\shattered_horizon.exe |
"{77CBACE7-717C-4A35-BF83-7467DB342AA9}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\crysis wars\bin32\crysis.exe |
"{782B8225-D70E-455D-AFE3-8215192C3E0F}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\overlord ii\overlord2.exe |
"{789AADFE-0945-4745-9B40-83F28A5AB2AE}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\bit.trip beat\beat.exe |
"{78A22B9D-DA81-4072-8219-510FB971D778}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\l.a.noire\lanlauncher.exe |
"{78E9B8DE-02D3-4480-B189-4E0CA5F7F7ED}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\psychonauts\psychonauts.exe |
"{79059912-89EF-4D68-9D54-CD6D85829B81}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\serious sam classic the second encounter\bin\serioussam.exe |
"{794F0E88-CC3B-4479-BD88-03524C30D513}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{7983949B-F6DE-46CC-BBAA-FB7C76BD366F}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\spiral knights\java_vm\bin\javaw.exe |
"{799362D4-9681-4F8E-92C0-736657D5BF79}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\defcon\defcon.exe |
"{79CD654C-C57A-4890-B8EC-263DCC9D2CDF}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\grand theft auto san andreas\gta-sa.exe |
"{79CF95E6-7DEC-4064-8649-5125ECC271E7}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\back to the future 104\backtothefuture104.exe |
"{79E31B6A-16A8-4A17-A5AC-5F8FFD6CED23}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\dungeons of dredmor\dungeons of dredmor.exe |
"{79F61B65-57AF-4033-99DF-150214B48EEA}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\serious sam classic the second encounter\bin\seriouseditor.exe |
"{7A00FE4A-CF65-4910-8D67-8457E128EFCC}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\back to the future 105\backtothefuture105.exe |
"{7A114A58-3DF8-467D-8A5D-9E9B5E7FD08A}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\steelstorm\netradiant_win32\radiant.exe |
"{7AD7952B-F01B-48E9-97D7-0D92ED696715}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\overlord\config.exe |
"{7B3EBD49-0DB8-4CE5-BEBD-BDD7B1CB8378}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{7B5B7080-DA2D-4CC1-AE4B-3519441DFC68}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\steelstorm\steelstorm.exe |
"{7B8877A1-B880-493E-9F27-17944EB5C1BF}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\vvvvvv\vvvvvv.exe |
"{7C09CC95-EFC7-4C41-B7FE-5CCCDB3D860A}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\mass effect\binaries\masseffect.exe |
"{7C68E08C-8C47-47A8-A822-B085E3D3D888}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\costume quest prototype\afcq.exe |
"{7C84C7B5-A161-4953-9DEF-308E0C8ED84A}" = protocol=1 | dir=out | [email protected],-28544 |
"{7D040244-4560-4EB3-9014-554E6E5F2F74}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\bioshock\builds\release\bioshock.exe |
"{7D4FA9F7-D968-40BC-8DDA-19FC3103E137}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\penumbra black plague\redist\penumbra.exe |
"{7D6262A7-994F-48DB-A25E-93DCD3414D3C}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\sniper ghost warrior\sniper_x86.exe |
"{7DDF23A1-8136-47A0-87EF-57B4BDF63D7F}" = protocol=6 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{7DFAAD04-E135-49A3-ACF8-B5BF1C667901}" = dir=in | app=c:\program files\war inc battlezone\warinc.exe |
"{7E00B732-364A-4C71-8BB9-A5434394CF81}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\maplestory\nxsteam.exe |
"{7E66811E-CE6D-4B96-8C95-F5356F827233}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\deus ex - human revolution\dxhr.exe |
"{7E9BC959-42F4-42DC-A5E4-C69698496B3B}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\aceofspades\aos.exe |
"{7EBF3AC9-E3A9-4422-B7BF-4F5D0079CF69}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\little inferno beta\little inferno.exe |
"{7F09924D-CF60-40FD-9D42-6958D2DF92B4}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\shadowgrounds\shadowgroundseditor.exe |
"{7F2512FA-86F7-4A5D-9928-7E5718F82E31}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\beat hazard\runme.exe |
"{7F46BAC7-5761-4D29-98FE-BB2D8E95F8EF}" = protocol=6 | dir=in | app=f:\steam\steamapps\just2damndgood\arcadia\act.exe |
"{7F4A1762-B76C-4BA4-813E-163A225898E5}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\back to the future 105\backtothefuture105.exe |
"{7F4D3196-43C0-4496-B51F-0660754E8B4E}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\lead and gold gangs of the wild west\lag_win32_public_dev.exe |
"{7FE554F8-4850-46A9-A13C-0B8FBDF54572}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\grand theft auto vice city\gta-vc.exe |
"{801CB11B-401C-4BDC-9A36-FA156B9BED21}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\darkness ii\darknessii.exe |
"{8027B172-26A5-4042-8415-A5D14B2CB9FC}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\fable 3\fablelauncher.exe |
"{802D1E0D-DF5B-49A7-A9AD-2235A88711E8}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\serious sam hd the second encounter\bin\samhd_tse.exe |
"{802EE4D9-B6C7-4B75-948C-5FB171E6FE76}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\brazen\brazen.exe |
"{80797FDE-4799-4B46-AE69-DD1106D77110}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\sid meier's civilization iv beyond the sword\beyond the sword\civ4beyondsword.exe |
"{809E8C96-42DB-4B28-8ABA-AB178DBDF239}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{80A776D2-11B2-42E5-B62E-62EAC09F27D3}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\sid meier's civilization iv\civilization4.exe |
"{80C45F54-D733-4416-B8C7-DF09B83F02D9}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\serious sam hd the second encounter\bin\samhd_tse.exe |
"{811AEFA1-8AFA-4E95-BF0E-029BA4F128AD}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\uplink\uplink.exe |
"{812C2F19-FFF6-44E3-BB50-5CDE46B19216}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\batman arkham asylum goty\binaries\bmlauncher.exe |
"{81939282-2BC5-446C-886C-4AAF6737A184}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\overlord\config.exe |
"{81A76CCA-7990-4860-B39A-B18B2DF3F039}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{81A94374-5666-4D56-B648-3949B22AF00D}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\the sims 3\support\ea help\electronic_arts_technical_support.htm |
"{81AE80BA-F018-4880-BEDD-A6248CB2489B}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\bastion\bastion.exe |
"{81D2B381-8E43-4228-93AB-3E2F053E1F71}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{81F6146F-DD65-4F41-9EC8-9712082D0E49}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\sid meier's civilization iv\civilization4.exe |
"{82778A8A-BEA5-4B08-A1B8-3E584DF5DFA0}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\and yet it moves\and yet it moves.exe |
"{828D3143-3AB0-48BC-B384-F4B35E3A7698}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{82BCE2A0-96C0-4DDD-AB10-79C3BA2CB371}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\bit.trip beat\beat.exe |
"{82C2B890-BCD6-4832-92FD-FC93F6B90180}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\world of goo\worldofgoo.exe |
"{82CA5181-B271-4871-82F4-5C9900FF40BC}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\the witcher enhanced edition\system\djinni!.exe |
"{82F1C851-10E5-43B3-83F0-C512D89F43E4}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\time gentlemen, please!\tgp.exe |
"{82FC056D-8043-48CB-B36A-BD91E11279E6}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\the last remnant\binaries\tlr.exe |
"{83226EA4-5161-479A-842D-8A278C894FD0}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\metro 2033\metro2033.exe |
"{832D552E-8C3D-4613-BB38-ECB7F520CC51}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\mass effect 2\binaries\masseffect2.exe |
"{8362687E-4317-4BEE-A413-D26505FBE61A}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\overlord\overlord.exe |
"{83C729C3-2D9E-441E-9F57-F595B62D17ED}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\beat hazard\beathazard.exe |
"{850D47BC-7FDA-4D5E-8BDD-4F070E4C9F73}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\serious sam hd the first encounter\bin\samhd.exe |
"{860BB728-DB18-426A-AB92-98A8DF3E9DB5}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\serious sam classic the first encounter\bin\seriouseditor.exe |
"{8639DF1A-54A7-43E6-82AA-9D5FC14C7AD4}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\the witcher enhanced edition\system\witcher.exe |
"{864365B5-FE67-4029-87CA-6057253113A7}" = protocol=6 | dir=in | app=f:\steam folder\steam.exe |
"{86544358-A592-4905-942B-EBF690C1784E}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\bully scholarship edition\bully.exe |
"{86642D64-79E8-419B-A588-1A8139BE16BA}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\red faction armageddon\redfactionarmageddon.exe |
"{869FEBBF-8082-4EE3-A779-4EE0F3D12F29}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{86DF91F4-64B8-420D-A482-77C72A1FAA36}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\dead island\deadislandgame.exe |
"{870BF706-8A69-4719-AB68-E930E3AC87DD}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\brink\brink.exe |
"{8718027C-7CBD-4B79-A14C-F631ACFA3E00}" = protocol=58 | dir=in | [email protected],-28545 |
"{87EF22B7-60E4-49C3-B214-3703BC7BCDCC}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"{87F9C0EA-8CD8-4F35-A490-6EAC64228C8C}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{88707958-1749-42EB-A443-49933E03B3C1}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\atomzombiesmasher\data\atomzombiesmasher.exe |
"{889C8208-2DD8-4C84-BBF8-D60F050118EE}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\vvvvvv\vvvvvv.exe |
"{88CF3A2A-432D-4506-9F82-31CCFC2D0688}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\serious sam 3\bin\sam3.exe |
"{88EAD7AF-ECC4-48EB-BF47-A5BC97E070D8}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\spore\runme.exe |
"{890ED694-EE23-4D7F-8297-F86B562F6DEB}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\crayon physics deluxe\launcher.exe |
"{89251266-833C-4C1B-B032-1F42766CA48D}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\shadowgrounds survivor\survivor.exe |
"{89C89292-C9CB-4B34-8AE8-CC89D67C194B}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\realm of the mad god\realm of the mad god.exe |
"{89E0E541-9CDD-4519-B03B-08ABCF659AD7}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\alice madness returns\binaries\win32\alicemadnessreturns.exe |
"{89FF6A2A-389C-4D8E-8C58-8ECF5D1AA718}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\poker night at the inventory\celebritypoker.exe |
"{8A034892-0912-457A-B1A5-C8B3DA413EE3}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\portal 2\portal2.exe |
"{8A214444-AD12-40F0-AB7D-6930E5E7AA6A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\the ball demo\binaries\win32\theball.exe |
"{8A95AFED-C405-4DF3-BDB5-3C2F1CC887F3}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\aaaaaaaaaaaaaaaaaaaaaaaaa!!!\main.exe |
"{8AB7DD21-3F3B-4B74-9934-4B4F81C571CE}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\serious sam classic the second encounter\bin\seriouseditor.exe |
"{8AF4687D-5DD0-4F83-8343-8EE29016C74B}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\bit.trip runner\runner.exe |
"{8B1FC28B-EFDE-4125-8211-C375E7C8F761}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\solar 2\solar2.exe |
"{8B291954-2607-4579-A1EA-5EBF9D942049}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"{8B311A57-B34E-423A-9448-12A9213659E2}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{8BEA0A3F-8CA1-4402-B301-7AE0AF7F96BB}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\overlord ii\config.exe |
"{8C602BCD-CD33-4E37-BDA8-5187668FDF29}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\penumbra black plague\redist\requiem.exe |
"{8C80D21B-189A-4B52-A407-0271EC2AEB74}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\overlord\overlord.exe |
"{8CB38A70-D352-450A-A119-92AF4E669DA5}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{8CF62615-E84B-48F9-A5CE-F153CEA34B77}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\tinyandbig\tinyandbig.exe |
"{8D61CE26-D6A7-46AD-A946-C69BB70BF80E}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\dungeons of dredmor\dungeons of dredmor.exe |
"{8D79DD36-AED1-4728-AD70-6DC7A986C64F}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\fear ultimate shooter edition\fearxp\fearxp.exe |
"{8DC88EF6-1E87-498F-8884-F66F9C3F0DC6}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\dota 2 beta\dota.exe |
"{8DFDB181-7236-4C65-89BF-A62EE2C2D3C7}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-enus-downloader.exe |
"{8E10D3DB-C901-4FE6-8B7C-B6942B1A2C45}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\time gentlemen, please!\winsetup.exe |
"{8E513284-2403-45F4-9436-E42B4E3C652F}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\alice madness returns\binaries\win32\alicemadnessreturns.exe |
"{8EC056C1-C198-49E1-B872-89B832DDB012}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\amd driver updater, vista and 7, 32 bit\setup.exe |
"{8F53FC0F-A884-4337-8334-126EADA47CA2}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\fear2\fear2.exe |
"{8FF23BC0-8AE5-4D7E-AC5A-174AD2AB8FF7}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{8FFF07E1-4778-4C07-85FE-7A1627391517}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{900C4E5B-0D01-4438-8B13-9E662990D725}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\quantum conundrum\binaries\win32\trygame-win32-shipping.exe |
"{907C4BE6-8C11-4C3C-9692-D9F52D9DCCA4}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\the sims 3\game\bin\sims3launcher.exe |
"{907D41C5-82A5-4560-98DB-29FEDBFA1E15}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\the sims 3\support\ea help\electronic_arts_technical_support.htm |
"{908C60AB-0839-4F8B-8DE4-BAD66DCC601E}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{908F1533-4518-4E8E-8DA2-C80C361669B4}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\spacechem\spacechem.exe |
"{90AF1754-9DD2-47BB-B1BD-9AFBA53CF1EC}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\beat hazard\beathazard.exe |
"{911D3D2E-DDB4-411B-9B79-1DB7BFDD5221}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{914C72B1-ABAA-4D20-9B48-3E8FC8C24998}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{915729A1-4C99-497A-961C-AA742CE09E67}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\aaaaaaaaaaaaaaaaaaaaaaaaa!!!\main.exe |
"{915DA9A1-5EEB-441D-8418-A904D3360E92}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\civilization iv colonization\colonization.exe |
"{917099A0-9479-4386-8E75-3FF39AC5A3B5}" = protocol=17 | dir=in | app=c:\program files\mcafee\managed virusscan\agent\myagtsvc.exe |
"{917C65BE-FD78-48BA-AE2C-61998B76325F}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\poker night at the inventory\celebritypoker.exe |
"{91CE28C6-7919-4B92-BD1E-241F8F369A03}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\back to the future 104\backtothefuture104.exe |
"{91D8CA93-695F-4CCF-AB9E-875974B36264}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{91FE1EC5-B49D-4C93-89A9-9DB8B1585F3C}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\the last remnant\binaries\tlr.exe |
"{923F7CD1-BE3E-445E-ADEC-8082B9CCF9B4}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\metaldrift\metaldrift.exe |
"{92941FAE-A91F-44EA-B7E6-5AC16AD2B290}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\aliens vs predator\avp_launcher.exe |
"{92EB3293-E706-486B-AFF9-086526F71884}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\sanctum\binaries\win32\sanctumgame-win32-shipping.exe |
"{92F98AFF-CA31-49FF-B457-FA5FD66F0F2A}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\castlecrashers\castle.exe |
"{935F9E44-5157-45F1-AE0F-241D47B4744E}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\awesomenauts\awesomenautslauncher.exe |
"{94262ED7-1CA0-41BC-9FE1-D113CF36E418}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\audiosurf\engine\questviewer.exe |
"{950DB211-DBA3-4334-B914-415A15BE2B6F}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\garrysmod\hl2.exe |
"{95A4E444-B578-484F-A722-40312B7002FC}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{95C95C86-DE40-4632-ACE6-B54337619C92}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\cave story+\cavestory+.exe |
"{96580AF2-8192-4EDD-83C0-A2470F2C78EC}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\planetside 2\launchpad.exe |
"{9668FB98-3FD9-426F-86FA-5A035E00891C}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{967FF845-3C4B-4FE2-B136-75FF3E38C1B0}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\beat hazard\beathazard.exe |
"{970ABFA6-F588-4FD3-BC0C-513B6810FAA9}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\bioshock\builds\release\bioshock.exe |
"{975B9A71-ABD4-4A8B-9FA7-7317FC7BEC4F}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\the binding of isaac\isaac.exe |
"{9780F79F-6B60-46F5-B2ED-18A9FEC3A9DB}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\arcadia\act.exe |
"{97893CD9-2423-436C-B6C1-77BC5C78C556}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\crysis wars\bin32\crysis.exe |
"{978E2E0F-1809-46EC-8F94-75E1F55C5D51}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\alien breed impact\binaries\alienbreed-impact.exe |
"{97A17787-E241-4D7E-AE09-C7C5B5EB710F}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\serious sam classic the first encounter\bin\seriousmodeler.exe |
"{97BEE3F1-7F90-4277-8B66-4EC7DE5CC457}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\aliens vs predator\avp_launcher.exe |
"{97C38FE1-D41F-460B-83AA-F7A7BA70823E}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\steelstorm\netradiant_win32\radiant.exe |
"{985DF3EF-B06D-48A1-B02E-1A1C91F87AF0}" = protocol=17 | dir=out | app=g:\steam\steamapps\common\warframe\warframe.x64.exe |
"{987FB122-1CE0-4CDD-A87F-71CF0DF81B1A}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\alien breed 2 assault\binaries\alienbreed2assault.exe |
"{994079B9-6E39-4F4E-A38E-6EA5E4654C09}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\spore\sporebinep1\sporeapp.exe |
"{99EED716-B270-4266-8005-B8BDE3AC44A6}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\gratuitous space battles\gsb.exe |
"{99F17B7C-209A-410C-9BB2-DBB3776642E4}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\simcity 4 deluxe\apps\simcity 4.exe |
"{9A03B1D7-D7F8-4947-A941-A40822132BA5}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\shank\bin\shank.exe |
"{9A98CE29-CEF3-4907-A5EB-A954C8780274}" = protocol=17 | dir=in | app=d:6\steam\steamapps\common\spore\support\ea help\electronic_arts_technical_support.htm |
"{9ABBD057-84A4-44E2-A070-C5B704CA7C66}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\poker night 2\pokernight2.exe |
"{9AD2B5DE-96B8-4DE7-856C-7566F0B2BF57}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{9B64D0F2-2A18-495A-9AD9-3F02645B4019}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\serious sam classic the first encounter\bin\serioussam.exe |
"{9B76F493-8490-4277-A02E-CF229F707ABD}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\serious sam 3\bin\sam3.exe |
"{9B93072B-B72A-40E8-883E-C45E33EDC54E}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\spiral knights\java_vm\bin\javaw.exe |
"{9C29C377-BDA5-4625-BD50-6B159B15EC10}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\sanctum\binaries\win32\sanctumgame-win32-shipping.exe |
"{9D406BB0-0C7E-42BF-BB82-F75CCD07344B}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{9D7B44B3-1A18-4C8E-824C-984AB3714448}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\batman arkham asylum goty\binaries\bmlauncher.exe |
"{9E2249A3-D8B0-4FFC-A1DC-F806A2A4AD49}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\rhythm zone\rhythmzone.exe |
"{9E28B9C0-E3B5-411B-8EC5-22B4B4F18C80}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\portal 2\portal2.exe |
"{9E35330B-1460-475B-8136-8E78838A1E14}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\dota 2 test\dota.exe |
"{9E93343E-C990-4CA8-BBA5-AFD2A195EAAA}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\magicka\magicka.exe |
"{9EBE7E18-8AF9-4FEF-B0A6-5C0433B8E379}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"{9F3D77FF-9E81-4045-A46C-4967E1A3FE93}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\tropico 3\tropico3.exe |
"{9F67D36C-F9F1-450C-B4DE-90F56AB6CF55}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\costume quest\cq.exe |
"{9FB30D17-AD25-4479-8471-A256053EFDEE}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\brutallegend\brutallegend.exe |
"{9FDC6C68-B4C1-4B59-A266-A8284A4C80B3}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\back to the future 103\backtothefuture103.exe |
"{9FF6FC8C-D393-4AE2-AF0B-67CA00DB437B}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\on the rain-slick precipice of darkness - episode one\rainslickep1.exe |
"{A003E68F-AE50-4558-87FB-FEC70E1DDB6D}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe |
"{A038E07B-8BBC-4FBA-A75C-C17EB8529C7D}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |
"{A04563CA-3318-431A-B2C4-7C8AE3666A73}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\titan quest\titan quest.exe |
"{A08DB193-6E01-404C-B228-A346CCB92C32}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\solar 2\solar2.exe |
"{A0EBEE35-4574-41CD-B022-D12E9BDB3AFD}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\magicka\magicka.exe |
"{A17BBCEE-7147-4D0C-94E5-E70CB33FAA8F}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\pid\pid.exe |
"{A1B39DB1-45BD-49A0-90F5-34CF19DB6838}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\serious sam classic the first encounter\bin\serioussam.exe |
"{A1B98532-D2B8-443B-929F-2596C469B25C}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe |
"{A1E307C1-3F9E-4670-A4B1-FB80CD51FA6F}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\mass effect 2\binaries\masseffect2.exe |
"{A30A3BC5-2E92-4A5B-A60B-F938500DD84A}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\simcity 4 deluxe\apps\simcity 4.exe |
"{A34D6934-E070-4580-8BF5-D09B3ED7F24A}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\steelstorm\netradiant_win32\radiant.exe |
"{A37E0E8F-9F48-4978-911F-9CAB166917D3}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\the witcher enhanced edition\system\witcher.exe |
"{A3E77005-3AA8-4724-9ACF-1BCE75D03432}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\the sims 3\game\bin\sims3launcher.exe |
"{A408B579-594C-4F93-8DBD-EFCE6BB2FF87}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\awesomenauts\awesomenautslauncher.exe |
"{A4A293C8-E509-4433-9476-2974F8441258}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\shadowgrounds\shadowgroundseditor.exe |
"{A4EE6E4A-D4F4-4203-BD2D-6AFD12885C6F}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\happy song prototype\afmana.exe |
"{A533E0E7-2D72-4A43-BB52-283209914FE1}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{A55D61F4-5182-4A77-9477-F8DEE80C872E}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\intrusion 2\intrusion2.exe |
"{A5E84989-4BE8-4F82-8A45-DA30FC43AC0D}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{A613CDDC-F7D3-40DB-B275-6CA234407907}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\grand theft auto\wino\grand theft auto.exe |
"{A62E773B-9E96-4BE0-8C43-281BC394541D}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\serious sam classic the first encounter\bin\serioussam.exe |
"{A6328B5E-AB75-411D-B3A3-FD6F488FF57B}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\warframe\tools\launcher.exe |
"{A65AA86C-9295-47EA-B0D0-DB795C83D2BC}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{A68840D2-75B3-4A4B-A9A9-23460E8F7B16}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\shadowgrounds survivor\survivor.exe |
"{A6F5BB9C-817E-43EB-8E55-2DD21EA606AC}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\nightsky\nightsky.exe |
"{A7628254-9BD8-46F3-90DC-043F86E0293D}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\overlord ii\overlord2.exe |
"{A78286B2-1C6A-4C69-9448-4E7244AAD0A4}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\steelstorm\steelstorm.exe |
"{A7867F28-739D-40D3-8598-AF4F93270706}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{A7C4FA35-1987-42DE-91AE-4FFBE3B1E1B8}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\sid meier's civilization iv warlords\warlords\civ4warlords_pitboss.exe |
"{A7F3D191-5E08-42AA-8CA0-7D86BCB96F1A}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\bit.trip beat\beat.exe |
"{A81200D9-A4AB-4258-B213-2214E059483B}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\rhythm zone\rhythmzone.exe |
"{A81212FC-54A9-4E2B-B452-971F2B215162}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\nightsky\nightsky.exe |
"{A84D36C0-B594-4354-8612-959A2D162A8D}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\portal 2\portal2.exe |
"{A8C70F47-FC87-4110-90E9-F7B122146E32}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\crayon physics deluxe\launcher.exe |
"{A8EAE106-D7AE-4378-B53F-C7382298915A}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-enus-downloader.exe |
"{A908923E-BF84-49AE-9544-D6835B27AAD2}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\the witcher enhanced edition\system\djinni!.exe |
"{A93AF337-A174-457E-B335-CCA501EA42A7}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\spore\sporebinep1\sporeapp.exe |
"{A9624529-13E8-4FF0-B4FF-873711AB14CF}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\penny arcade adventures on the rain-slick precipice of darkness episode 2\rainslickep2.exe |
"{A9745BF7-C427-4247-A71B-04554B70956E}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\vvvvvv\vvvvvv.exe |
"{AA1F3ED4-E5FF-4037-9BD2-7AB540B0E348}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\serious sam classic the second encounter\bin\serioussam.exe |
"{AA61127D-A8E5-4CD9-95D8-B66832EB6561}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe |
"{AA6E70A5-E99F-4F4D-9CA3-89E9847D0EB4}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\serious sam classic the second encounter\bin\seriouseditor.exe |
"{AA84D713-9841-4838-AAD4-9026DE60FCAA}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\castlecrashers\castle.exe |
"{AAB567B4-0752-4D9E-88B4-0641CB1C4B1F}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\civilization iv colonization\colonization.exe |
"{AB030B96-22EF-4ED0-BF54-7E3430851739}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\tropico 3\tropico3.exe |
"{AB9765F0-BD47-47CF-92F6-E2C9FF3B522B}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\company of heroes\reliccoh.exe |
"{AC2FB6C0-6561-4EF3-8BB4-1EC16FB8A549}" = protocol=17 | dir=in | app=c:\users\attila\desktop\qq games\qqgames.exe |
"{AC62817B-BA61-4B32-8F4A-7077F4EB763F}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\serious sam classic the first encounter\bin\seriouseditor.exe |
"{AC6676DF-4CF0-47E6-B4EA-FA2D8E85F1FA}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\counter-strike source\hl2.exe |
"{AC70289C-22DB-458D-94E8-1DB879B26C9B}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\pid\pid.exe |
"{ACE27EF8-BB50-4D70-9FB3-B8C4427E141A}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\grand theft auto 3\gta3.exe |
"{AD10377D-1FEB-4698-9C81-89DD6ED96E9D}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\costume quest prototype\afcq.exe |
"{AD52CBEC-78CF-4E49-B62F-C6973385EA09}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\batman arkham asylum goty\binaries\bmlauncher.exe |
"{AD5AE6A3-AD35-4E4F-8637-00969B6AC96C}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\penumbra black plague\redist\penumbra.exe |
"{AE59ADAC-9BF8-4503-B259-CC90F3408C7E}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\overlord\overlord.exe |
"{AED0F9E9-7CD9-4E74-831A-97179B1FE5F3}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\bit.trip runner\runner.exe |
"{AF0EC342-C2EA-45B9-B8B4-E588AF6818A0}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\happy song prototype\afmana.exe |
"{AFB27972-0EA4-4A25-BB35-64B67E30EC83}" = protocol=6 | dir=in | app=c:\program files\electronic arts\battleforge\bootstrapper.exe |
"{AFDA1760-510C-482C-8565-AD83B46E6CDB}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\mass effect\docs\ea help\electronic_arts_technical_support.htm |
"{B06DCEFB-C4EE-42D9-9547-202B270DAB78}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\aceofspades\aos.exe |
"{B0C00001-3D9F-4CFD-9723-6ECA8D4B7E91}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\dear esther\dearesther.exe |
"{B0C4887F-D2C1-4A07-9F8E-14944A25B8C0}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\hoard\win32\reuben.exe |
"{B0C526D0-AC6C-47A4-8061-E8381D35B7E2}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\zenoclash\zenoclash.exe |
"{B0E5D005-86C5-4969-99EC-17555AFD24FD}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\grand theft auto 2\gta2.exe |
"{B122D836-783F-447B-9809-4B8A43838E15}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\the walking dead\walkingdead101.exe |
"{B156611E-8E9D-491E-8564-FB392F6E6226}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{B18CE381-89C9-42F8-960F-D7570CA263CA}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\amnesia the dark descent\launcher.exe |
"{B2100DB2-AC46-4F7D-BC67-3B845093FF34}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\mass effect 2\masseffect2launcher.exe |
"{B23371A1-82CF-4418-8BB1-417C81E0434C}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\fear ultimate shooter edition\fear.exe |
"{B2ED908D-FCA5-4BDF-87BA-839092C513F1}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\aliens vs predator\avp_dx11.exe |
"{B2FD1E3D-087A-4D11-A983-F71F44499971}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\edge\edge.exe |
"{B35BD782-A894-4CDC-88CE-7859074D88BF}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\crysis wars\bin32\crysis.exe |
"{B35FC365-3639-4F75-8AB0-8819DC9FDDF9}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\back to the future ep 2\backtothefuture102.exe |
"{B393D865-0439-430B-B727-F53AEB740F95}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\spacechem\spacechem.exe |
"{B3BDDE81-FC00-4003-ADBE-487208B6FAA9}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\overlord\overlord.exe |
"{B403940A-AB48-4F28-97E5-75D7FAEF737B}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\fable 3\fablelauncher.exe |
"{B40C84A1-7A7B-434F-897D-11A269CC2FF1}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\on the rain-slick precipice of darkness - episode one\rainslickep1.exe |
"{B443F0C8-BFF9-4624-82DB-4CBDC73BADAE}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\back to the future ep 2\backtothefuture102.exe |
"{B462BBFE-ECF5-447E-8546-47AC9E32CBC7}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\cave story+\cavestory+.exe |
"{B478EAFB-D9A8-4A16-A2D9-F5B6EEA653F0}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\aliens vs predator\avp_launcher.exe |
"{B4960C34-9C58-411E-8CC6-EC59E474794F}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\blocks that matter\btm_launcher_win.exe |
"{B4D11E81-9264-4EBD-A28A-D0F22531ABC5}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\simcity 4 deluxe\support\ea help\electronic_arts_technical_support.htm |
"{B4E2E232-2AEA-4F45-9975-5D688A2B2093}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\oil rush\launcher_steam.bat |
"{B5094BCD-DC0B-42F6-8C20-2F7D54990BA3}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\english country tune\english country tune.exe |
"{B55E4A91-D284-4090-88AE-3A2CB92DE0B3}" = protocol=17 | dir=in | app=c:\program files\electronic arts\battleforge\bootstrapper.exe |
"{B587E519-A054-4CA8-B62B-AF586DF77C65}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\majesty 2\majesty2.exe |
"{B5A3F8B1-F1ED-4D9C-B57D-B918E6982478}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\red faction armageddon\redfactionarmageddon.exe |
"{B5F95791-1023-4622-AA60-A30AB15F7641}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\spacebase df-9 prototype\win\bin\moai-fmod-designer.exe |
"{B674E8D5-C382-4893-9209-563B5ED4D2C0}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\company of heroes\reliccoh.exe |
"{B6AC31DE-C922-4064-A3F9-AE4CD6D85251}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\tinyandbig\tinyandbig.exe |
"{B72EA9F6-93CC-40E6-8896-64F9966DA5ED}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{B73C5482-4F2A-4EC2-B39A-B269D30F3062}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\dungeon hearts\dungeonhearts.exe |
"{B78BFB61-7FC1-473D-8C75-10B88CFE66C3}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\on the rain-slick precipice of darkness - episode one\rainslickep1.exe |
"{B7A87C44-2182-4EEF-858A-C9A2F7881892}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\nightsky\nightsky.exe |
"{B7DD674F-99A6-4BEE-B5E2-DF0349FF3108}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\spacebase df-9 prototype\win\bin\moai-fmod-designer.exe |
"{B88EE738-E397-4972-9B6F-6A1C8AB89568}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\darwinia\darwinia.exe |
"{B8AF90F7-9CB5-4DCF-8F0C-D1409BB233B8}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\psychonauts\psychonauts.exe |
"{B8B23952-CA3A-4BC9-B2A5-CBF191502368}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\metaldrift\metaldrift.exe |
"{B8D6E782-05AC-4CBD-9C5F-DE183DA45A59}" = protocol=17 | dir=in | app=g:\steam\steamapps\just2damndgood\day of defeat source\hl2.exe |
"{B94E4CB0-F1B0-4DF6-8F77-F350C81AC425}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\alien swarm\srcds.exe |
"{B9937B6C-6F5C-4DE4-8E24-0F7E490FCD1F}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\spore\sporebinep1\sporeapp.exe |
"{BA4BF7A5-76FA-433C-B70A-85A472E7E8A4}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\magicka\magicka.exe |
"{BA511757-E7EC-4D8F-ADF0-FEA4126CECF2}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\serious sam hd the second encounter\bin\samhd_tse.exe |
"{BA5377E3-8BF9-4D9B-ACF9-F2050509AB4F}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\alien breed impact\binaries\alienbreed-impact.exe |
"{BB0EA102-A579-42EB-9292-3E030207DEC3}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\saints row the third\saintsrowthethird.exe |
"{BB3B1091-FDEE-4A71-8D57-0A7470717B8F}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\spore\runme.exe |
"{BB94DE63-52FB-4509-9073-535620F03F88}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{BBB52EE2-BD4C-4BAD-AE91-931D711411C3}" = protocol=17 | dir=in | app=f:\steam\steamapps\just2damndgood\arcadia\act.exe |
"{BC2917B9-C208-4078-BD01-C1C4702375FE}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\psychonauts\psychonauts.exe |
"{BCC8B5C4-C970-40D4-A919-DD7F083625F2}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{BD1869FD-8FFE-4E06-B851-894631F3D9E5}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\grand theft auto vice city\gta-vc.exe |
"{BD3134E8-C0BD-4A10-A444-DC48F2851234}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\realm of the mad god\realm of the mad god.exe |
"{BD729DFD-64D7-42B3-87C7-A842B58C3B17}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\rhythm zone\rhythmzone.exe |
"{BE53C157-743E-49DE-9790-A0F520DFE1C6}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\sid meier's civilization iv warlords\warlords\civ4warlords.exe |
"{BE65BE0D-F97B-4E00-80ED-2B6F60BBF77E}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\realm of the mad god\realm of the mad god.exe |
"{BE8E67B0-A0ED-4745-B19A-1B87172077F9}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\serious sam hd the second encounter\bin\samhd_tse.exe |
"{BE9899A3-D3DE-4BFD-AB0F-01E1B17AC9D0}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\the binding of isaac\isaac.exe |
"{BEA47AEC-FF88-4A6F-95F8-F276A00C8CE6}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\the wonderful end of the world\main.exe |
"{BEBE912A-EE98-4826-AE0F-E83DC1294795}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{BEDCACDC-3CA1-4221-82E9-35E807ED3719}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{BF06C2C4-B311-481F-B996-2F859AC5623D}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\darksiders\darksiderspc.exe |
"{BF06CA0E-F0C1-4BC7-8F6B-944DB1A08A74}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{BF4AAE3E-449E-4952-B17E-4D0E159C85D4}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\simcity 4 deluxe\apps\simcity 4.exe |
"{BFBF3C0D-FDFF-48D4-BE7B-4E39F017201E}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{C0009ED6-177A-4069-BF1F-E5E2260DA3A2}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\uplink\uplink.exe |
"{C0451277-D944-4208-9E43-7BCA3A9D3F47}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\titan quest\titan quest.exe |
"{C0879DD1-4026-4787-884C-B20D2A1857B6}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\sniper ghost warrior\sniper_x86.exe |
"{C09F159A-7832-431E-8E0F-B6216F35F2E4}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\aquaria\aquaria.exe |
"{C10870CF-BF10-446F-8666-83BBE73DB4E0}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\grand theft auto 3\gta3.exe |
"{C154D51C-8C18-4574-951D-B55940C9517D}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\titan quest\titan quest.exe |
"{C1CCDDAC-EC98-4EF8-B922-73879DCFA0D9}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{C1D39525-96E4-4E70-A9C6-AB78F1C31558}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\bastion\bastion.exe |
"{C21D1CA6-C519-48E0-84F2-976B22161653}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\sid meier's civilization iv\civilization4.exe |
"{C2593760-6FAB-441D-BC35-FC284E7C529B}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\shadowgrounds survivor\shadowgrounds survivor launcher.exe |
"{C27CCC3D-6C62-468D-B795-D599B41812A3}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\bit.trip void\bit.trip void.exe |
"{C2BFA6FA-9B7D-4C15-A36F-4CAC78DD9244}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\grand theft auto vice city\gta-vc.exe |
"{C2FB7FCC-8853-4927-ADE8-8A089572F134}" = protocol=6 | dir=in | app=g:\steam\steamapps\just2damndgood\garrysmod\hl2.exe |
"{C320A478-4F25-4FBE-9A7F-013828A4753B}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\beat hazard\runme.exe |
"{C32E4E4F-E2D9-40AF-A455-EF4DD354B49C}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe |
"{C33F5BCA-9F02-4A9E-A70F-BE1BFE336BD8}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\bastion\bastion.exe |
"{C358E8FD-2287-4851-B04F-BC4A638AE61F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\grand theft auto 3\gta3.exe |
"{C37E10D7-5101-4BA2-940E-8E110DAF15AF}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\dynamite jack\dynamite jack.exe |
"{C38BD01B-6A33-42A1-863C-2EEB47C94BDE}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\shank\bin\shank.exe |
"{C3C6E635-B02A-45A8-9353-47969F7B99E1}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\planetside 2\launchpad.exe |
"{C40E74B9-70BD-4224-8CCC-B07CF936E34E}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\crysis warhead\bin32\crysis.exe |
"{C42F0C74-7D69-477B-B125-B18869827B05}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\the witcher enhanced edition\system\witcher.exe |
"{C43D8CEB-215A-4B66-B560-DECDAF7929AB}" = protocol=6 | dir=in | app=g:\steam\steamapps\just2damndgood\garrysmod\hl2.exe |
"{C4AF02A6-0042-4857-BC23-1F9889227627}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\simcity 4 deluxe\apps\simcity 4.exe |
"{C4B1C8B9-74F5-4719-BC80-5146FC4C810E}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\alice madness returns\binaries\win32\alicemadnessreturns.exe |
"{C4C92927-06F7-44E9-B2ED-DB763A640EC3}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\vvvvvv\vvvvvv.exe |
"{C550C18B-C80F-45A5-81EE-EC7B96227143}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\bit.trip runner\runner.exe |
"{C55C57E2-B363-4061-A245-25DD3F2406ED}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"{C58DF579-D302-4A07-B5B3-293BF3C73059}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\the walking dead\walkingdead101.exe |
"{C5F76323-459A-4672-8718-A0B74A9C6BEC}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\and yet it moves\and yet it moves.exe |
"{C60A0FDC-9239-453D-B247-CCCCBB05E4A0}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\overlord ii\overlord2.exe |
"{C697F14D-952C-4710-A06C-DFC61A7C504A}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\vampire the masquerade - bloodlines\vampire.exe |
"{C6F81CBC-517B-4311-A8A5-3E88CC13AEA9}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\spiral knights\java_vm\bin\javaw.exe |
"{C770F1D3-6F39-4494-B739-7D9AA20C18D9}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\bit.trip core\bit.trip core.exe |
"{C7BBC48B-EC78-46DB-9863-469C486F032F}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\anomaly warzone earth\anomalywarzoneearth.exe |
"{C7D89C85-A3CC-4807-A229-99312C158558}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\steelstorm\netradiant_win32\radiant.exe |
"{C84B86D4-B782-4945-984E-C8A5CCA4E6DD}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\jamestown\jamestown.exe |
"{C84C104E-5714-45F2-BAE5-7AE29C44DBAD}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\fear ultimate shooter edition\fear.exe |
"{C882F332-308C-4B84-8789-3498F610C477}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\fear2\fear2.exe |
"{C952DA76-86A2-4992-A32E-863A847F7250}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\overlord\config.exe |
"{C959EF2A-6B63-4FB4-8C46-5040249097F9}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\poker night at the inventory\celebritypoker.exe |
"{C97BADB2-7324-4888-A38E-404266F5C0C6}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\trine\trine_launcher.exe |
"{C9963733-F155-402C-B657-644BB21839E4}" = protocol=6 | dir=in | app=c:\users\attila\desktop\qq games\qqgames.exe |
"{C9B7A11D-1F7F-4388-8B82-C14C7B4700D8}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\aliens vs predator\avp.exe |
"{CA99D8E8-A0B8-4224-8D27-B52680FD66E3}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\cogs\cogs.exe |
"{CA9FFAF3-12D3-4F66-86D9-CBD3650D3A7C}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\oil rush\launcher_steam.bat |
"{CB176F27-87AF-4559-8701-3334D4930739}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\atomzombiesmasher\data\atomzombiesmasher.exe |
"{CB7753E0-6496-4FCA-9686-D5FB087EE2A9}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\quantum conundrum\binaries\win32\trygame-win32-shipping.exe |
"{CBD924A8-1D6D-4734-933C-69E117AEF1EC}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\saints row the third\game_launcher.exe |
"{CC3F43A4-2E25-4532-ACE4-6D9F33848FA7}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\oil rush\launcher_steam.bat |
"{CC6F8FB2-F7C1-4E99-9FB7-6C02B1CAB34E}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\dust an elysian tail\dustaet.exe |
"{CC79470C-A99C-4BF4-AE0E-D1A83C561FCA}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\serious sam hd the second encounter\bin\samhd_tse_unrestricted.exe |
"{CCB8E3DA-DF2E-4EE3-808D-05F8C6BDF901}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\spore\support\ea help\electronic_arts_technical_support.htm |
"{CD29711E-B680-44C0-B934-82D54DE631B8}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\spore\runme.exe |
"{CD4D0EAB-78F0-4C20-A5FA-C1E1AFC71759}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\crysis 2 - demo\bin32\crysis2demo.exe |
"{CD7D9AD6-8837-40CB-8A60-CFCA41F209BD}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\thepolynomial\polynomial.exe |
"{CD82E358-7E4E-4910-83FF-627DE46BE6EF}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\mass effect 2\masseffect2launcher.exe |
"{CDA031F0-A81C-4B99-9413-9FA77110A38F}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\little inferno beta\little inferno.exe |
"{CDB37C7C-3C47-46E7-8CE3-EF8B7A25CD55}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\nightsky\nightsky.exe |
"{CDF576ED-F586-4628-AF7D-0CBC71EAA702}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\grand theft auto san andreas\gta-sa.exe |
"{CE43EF0A-FF13-4BE7-A88F-FA6B39C49BD4}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\spore\support\ea help\electronic_arts_technical_support.htm |
"{CE45BEB2-7A9E-48E7-8AB8-CBF9CC6D74EA}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\the sims 3\support\ea help\electronic_arts_technical_support.htm |
"{CE951884-22FA-4D0C-8153-8EE1C1408695}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\penny arcade adventures on the rain-slick precipice of darkness episode 2\rainslickep2.exe |
"{CEF958A5-634D-4868-A1F4-210D45BCDFE4}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\the white birch prototype\birch.exe |
"{CF1FE448-C7E3-4CE9-8F32-C6C88054F956}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat |
"{CF6921DE-B90A-448D-A4C8-C4F5577C885A}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\team fortress 2\hl2.exe |
"{CF9A9296-9ED8-47D1-B38A-D89C847DDFBE}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\dynamite jack\dynamite jack.exe |
"{CF9E5DAB-3118-4924-A889-727945E19B2D}" = protocol=17 | dir=in | app=g:\steam\steamapps\just2damndgood\day of defeat source\hl2.exe |
"{D0263A70-AF94-43CB-939A-BB5DD2229A74}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\half-life\hl.exe |
"{D0343475-DA57-42C2-817A-F59D7E7044C4}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\alien swarm\srcds.exe |
"{D0B39D92-9653-4BA1-80DC-9629FA260118}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\castlecrashers\castle.exe |
"{D0C08DF1-E765-402A-B310-E3DC424848B5}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\costume quest\cq.exe |
"{D18B62DF-EAB5-4E0C-992B-5842E236EB8A}" = protocol=6 | dir=in | app=c:\program files\electronic arts\battleforge\battleforge.exe |
"{D18D5E60-40D1-433E-9BD0-9FBA78F5E55D}" = protocol=6 | dir=in | app=c:\program files\jawbone\jawboneupdater.exe |
"{D1BA9D24-FE61-4BC3-A4B3-F10BCEF33E14}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\brazen\brazen.exe |
"{D1BD9913-27BB-443F-97F6-5310C860A92D}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\nightsky\nightsky.exe |
"{D203779F-E482-4AA5-BAC7-0D27217A4600}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\alien swarm\swarm.exe |
"{D238F1D6-A36C-4B61-8519-1189892A88F6}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\serious sam classic the second encounter\bin\seriousmodeler.exe |
"{D259AC19-585A-408E-B404-5511BA9584CD}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\thepolynomial\polynomial.exe |
"{D32E1511-5C26-466E-AAF4-3F4E4B887C10}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\sid meier's civilization iv warlords\warlords\civ4warlords.exe |
"{D35F9EAE-6603-41E3-A4B1-0AAF67712A28}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\serious sam classic the first encounter\bin\seriouseditor.exe |
"{D3BA3CDC-8AE3-4009-9F72-E97E86DFEDF7}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\tropico 3\tropico3.exe |
"{D3D9E4A6-449D-4E74-9ED7-BA2B0C374323}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\crysis\bin32\crysis.exe |
"{D49B81E6-D06D-4867-86F2-39DB80064B44}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\civilization iv colonization\colonization.exe |
"{D5120060-7F83-40CF-A8CC-FE63424DE19C}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\grand theft auto vice city\gta-vc.exe |
"{D58C7E7F-F8B0-40CA-ABC4-2C2510C77DC4}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\serious sam hd the first encounter\bin\samhd_demo.exe |
"{D5B461CD-97FC-4B25-A458-D70220285050}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{D71F2C46-689B-4D08-A885-4D96CD37CFD7}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\bit.trip beat\beat.exe |
"{D7365640-3DE1-4968-AD6B-6519ACEB012D}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\penumbra black plague\redist\penumbra.exe |
"{D7531DA8-D58D-4404-BE3A-A7AB733AB1DF}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{D757A9EE-8CC2-4A87-AA52-029357CBC0EB}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\from dust\from_dust.exe |
"{D785510A-442F-4897-9458-BBAE3C5883CF}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\red faction armageddon\rf4_launcher.exe |
"{D7A62D10-535B-409B-AF14-71D372FBAC7D}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\brink\brink.exe |
"{D7FB4908-1AA7-47DB-8829-A6336D559427}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\bit.trip beat\beat.exe |
"{D8048BF9-C2F3-4AD0-82A3-303D6355D8FA}" = protocol=17 | dir=in | app=d:6\steam\steamapps\common\beat hazard\runme.exe |
"{D809B3B0-C534-4192-9833-D17D9D49380F}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\ben there, dan that!\winsetup.exe |
"{D85B1F3B-08A4-49BA-8292-560546017CD8}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{D88CCC1A-E77C-47AF-9B7D-BBDE81B63CE0}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\warframe\tools\launcher.exe |
"{D8ECA7F7-C914-4078-9A94-FD15C0E15ACA}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\grand theft auto san andreas\gta-sa.exe |
"{D9978BED-2459-43BD-9B0C-BCDE023649EE}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\srcds.exe |
"{D9E289F4-6C4C-45A4-9BE9-B8E8A5E145E8}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\psychonauts\psychonauts.exe |
"{D9F736DF-7971-4459-BD4B-1BFF1C5536DC}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\the white birch prototype\birch.exe |
"{DA1C7F2A-26FF-436C-AFEA-875C60B6C52F}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\shadowgrounds\shadowgrounds.exe |
"{DAC3DC1D-18CE-46C4-B234-94936F809294}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\back to the future 105\backtothefuture105.exe |
"{DACD24A2-301F-4A11-9EDF-07EED6A68311}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\crysis wars\bin32\crysis.exe |
"{DAEB1F43-A64E-4FAF-9DE2-3FE4C3D4FCC7}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\penumbra overture\redist\penumbra.exe |
"{DB2BDBCB-174D-471E-A769-98715AE132AC}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\batman arkham asylum goty\binaries\bmlauncher.exe |
"{DC1F5000-DCEE-446F-9774-4FD524E69122}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{DC479A71-E05C-4855-A082-A23CB99BC88F}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\shadowgrounds\shadowgroundslauncher.exe |
"{DC61AF1D-38DD-4621-BBC0-515D244AA5E3}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\costume quest\cq.exe |
"{DCBA1755-5578-48F4-AA85-611D2E166F07}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\little inferno beta\little inferno.exe |
"{DCDF4F00-24A1-4C36-95CC-322A3A1A01FA}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\gratuitous space battles\gsb.exe |
"{DCE757BE-27F0-4425-9558-91922F00A02F}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\beat hazard\runme.exe |
"{DDA3EB45-9F3C-48DE-9997-0B96C081D6F8}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{DDC904C8-501E-44E9-A515-199F9583E390}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{DE0BA58F-52BC-45E7-AE07-C7032CC8D67C}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\pid\pid.exe |
"{DE2F78C6-5F53-4B06-B8E8-97E206B4C1B1}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\beat hazard\beathazard.exe |
"{DEDC6C96-069F-416B-8DAC-9A89BFF5C9C5}" = protocol=6 | dir=in | app=c:\users\attila\desktop\qq games\qqgamesd.exe |
"{DF04D23B-FE66-4363-BD1C-C5512499B320}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"{DF0BEDC1-9671-4E36-A405-97C2D4C4CE28}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\dungeons of dredmor\dungeons of dredmor.exe |
"{DF32388C-B1AC-40A1-B34D-5513FAD15CDE}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\the sims 3\game\bin\sims3launcher.exe |
"{DF8F1797-7A8F-4AE2-88DB-2FE07D8A9741}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\eufloria\eufloria.exe |
"{DFF0BDBF-47B1-470A-9BD5-95D54EC4FBC3}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\microsoft flight\flight.exe |
"{E0AC718A-2DF2-4213-B68B-3C39A4EC65D9}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\autonomous prototype\launcher.exe |
"{E159540A-0E40-4A7D-8647-C7BB1464A5D1}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\hack n slash prototype\afhack.exe |
"{E15C1860-1CF6-4A14-89DA-BFA0B2B9BC43}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\serious sam 3\bin\sam3_unrestricted.exe |
"{E18B12A1-03D9-4159-AE6F-6742F78105D8}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\sid meier's civilization iv beyond the sword\beyond the sword\civ4beyondsword.exe |
"{E1D681AE-DACE-426F-8B20-9A3CAFE6BB3A}" = protocol=17 | dir=in | app=c:\program files\jawbone\jawboneupdater.exe |
"{E1F1B2FD-03A7-4460-ACE7-8B3309F58419}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{E20BE460-BBE1-4855-8E4A-8DA2EFF2CBEF}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{E22669B7-CA7F-4069-BEBF-A1CFE519E4F5}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\serious sam classic the second encounter\bin\seriousmodeler.exe |
"{E26712C9-C74B-4CB8-8E92-67E0D07A931D}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\shank\bin\shank.exe |
"{E26BED0A-C723-47A7-8E27-D804F3FE88C7}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\mass effect 2\masseffect2launcher.exe |
"{E2AC278C-3C3A-4344-858E-3BA1CB61E29B}" = protocol=6 | dir=in | app=c:\users\attila\desktop\qq games\update\update.exe |
"{E2DC79AD-D04F-49AF-AF3F-DD3E6D153732}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\bastion\bastion.exe |
"{E302DB58-F13C-4904-9476-2787791194DF}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\little inferno beta\little inferno.exe |
"{E3120BD6-BC5A-498B-AD7C-E61520713D8A}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\darkness ii\darknessii.exe |
"{E32A32EA-B736-499F-819C-B250FF67DCD9}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{E34432E5-ED17-4DC3-B3F3-60479040A6D7}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\serious sam classic the second encounter\bin\serioussam.exe |
"{E37F0E2A-A14B-4C9C-A1FA-BDE75FE07951}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\frozen synapse\frozensynapse.exe |
"{E3977588-A9C6-42D6-8F47-7956038AEEE2}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\alien breed impact\binaries\alienbreed-impact.exe |
"{E3B4D85B-C7E2-494E-8F9B-3DABE654195B}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\the sims 3\support\ea help\electronic_arts_technical_support.htm |
"{E3BF4772-0E60-4AAE-B6E3-7BA92A5DA294}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\crysis warhead\bin32\crysis.exe |
"{E3F011F7-C5FD-45F4-82F2-E2A1B5FCE62E}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\beat hazard\runme.exe |
"{E3F5DFB5-5B1D-4730-AD78-9253B59568C5}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\multiwinia\multiwinia.exe |
"{E4A47441-FA20-43CA-A003-7C40659BDF8C}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\atomzombiesmasher\data\atomzombiesmasher.exe |
"{E5135504-80D8-41AA-9A6E-C619CF9F68FC}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\cogs\cogs.exe |
"{E59A5786-3FC2-4F8C-90EE-D09AA615DED4}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\simcity 4 deluxe\support\ea help\electronic_arts_technical_support.htm |
"{E5A3C74B-AE28-4F58-AE2C-6643D8C70444}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\the witcher enhanced edition\system\witcher.exe |
"{E6318A36-05A9-4E84-B76B-8183487974E0}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\the last remnant\binaries\tlr.exe |
"{E6515658-BD54-470D-B65E-1A09DA8C2673}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\poker night at the inventory\celebritypoker.exe |
"{E6549399-436F-4EC1-A815-5DA9F5176F1D}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\aquaria\aquaria.exe |
"{E67B7D9C-5C06-4E58-AF6E-AA676BCD4E01}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\darksiders\darksiderspc.exe |
"{E68B936B-E43D-4CE1-9918-62DA2F18F628}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\beat hazard\beathazard.exe |
"{E6AB1646-DB90-41A0-8C03-FF3D8A0FC98B}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"{E729FB53-143F-4A31-AD3B-5ACBB728AB44}" = dir=in | app=c:\users\attila\documents\the war z\warz.exe |
"{E73BA3F2-69E3-4371-8B8A-063ED3EA60BD}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\audiosurf\engine\questviewer.exe |
"{E81A863F-49CD-49E0-8950-D7332317F63C}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\overlord\config.exe |
"{E82D3DF3-9B66-41DB-B1B8-D4C9639F39EF}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\eufloria\eufloria.exe |
"{E84C65DC-E5CB-4FE3-B506-5EBAC1640D5C}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\jamestown\jamestown.exe |
"{E86522CE-F83C-4CDA-907C-E8C5BE0533F8}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\arma 2\arma2.exe |
"{E8BF6F24-CC05-4A62-8367-9D5BEE782638}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\bit.trip core\bit.trip core.exe |
"{E9BE3010-337D-41F8-AFE2-65F47E5BC843}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\beat hazard\beathazard.exe |
"{E9FE75C2-4EC1-41A8-ADDE-B0B879613F6F}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\shank\bin\shank.exe |
"{EA57AA09-C49D-4DA5-AB7D-27F6D5C091A8}" = protocol=1 | dir=in | [email protected],-28543 |
"{EAD374C5-B3AF-42C3-A62E-5A7450394458}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\serious sam 3\bin\sam3_unrestricted.exe |
"{EAD6CDA7-D259-4A1E-8932-2191E3186226}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\serious sam classic the second encounter\bin\seriouseditor.exe |
"{EB04F0D5-F89F-4529-8ED8-29BFC2F0657D}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\poker night 2\pokernight2.exe |
"{EB0C822E-60F2-4660-8128-8E1E8EE5CB82}" = protocol=58 | dir=out | [email protected],-28546 |
"{EB4EBD94-39DB-456D-B5D8-4AF584010460}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{EB68CDE5-3B4F-4C66-9EE3-936839A79851}" = protocol=6 | dir=in | app=g:\steam\steam.exe |
"{EBA8A84C-3F4D-462B-802C-309F95D53599}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{EBB30D25-849A-4539-88FE-0102190C8C7F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\alien breed impact\binaries\alienbreed-impact.exe |
"{EBD67986-0A00-4A70-A643-847FE80BA0A8}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\fallout 3\falloutlauncher.exe |
"{EC5545E4-B749-4230-8537-AC768F2D0B20}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\ben there, dan that!\btdt.exe |
"{EC81360F-F770-4082-ADAD-3903A8A05F61}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\overlord\config.exe |
"{ECE448C3-3A41-48CC-84EB-FB3B0EFF0B7A}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\dynamite jack\dynamite jack.exe |
"{ED22AD85-E972-4D97-838D-1F125B241AA1}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\steelstorm\steelstorm.exe |
"{ED5F8C1B-D4EF-49B4-8F8B-C4A807D69A12}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\serious sam 3\bin\sam3.exe |
"{ED796D2B-6DC8-461A-8E50-7BDB0DD01C12}" = protocol=17 | dir=in | app=f:\steam folder\steam.exe |
"{EE115F38-4247-46A9-A4DF-3EE6CA38584B}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\left 4 dead 2\left4dead2.exe |
"{EE9A8B07-4327-4C90-A223-5F14094081A1}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\dead rising 2\deadrising2.exe |
"{EEE63033-95C4-49E8-9B1F-54B799AD67FD}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{EF1504EA-18E4-4140-9E25-A87473AE7540}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\serious sam hd the second encounter\bin\samhd_tse.exe |
"{EF3DB02B-B585-427C-9850-8C607A48F5DE}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\saints row the third\game_launcher.exe |
"{EFD69013-0DAC-4E46-8E09-4266FCD17EDB}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\back to the future ep 2\backtothefuture102.exe |
"{EFE94CBE-5F05-46A8-BA9F-A2790F10FF2F}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\steelstorm\steelstorm.exe |
"{EFF25422-B756-46C1-B09F-C1CF07225322}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\grand theft auto\wino\grand theft auto.exe |
"{EFFCF62C-F053-4BB1-A161-8D861864E24E}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\costume quest\cq.exe |
"{F007E3C3-1F1C-4B85-A6DB-9F3EA8B92D11}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\half-life\hl.exe |
"{F0384FEB-E3CB-4CCF-8665-4892E7BFB99F}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\dead rising 2\deadrising2.exe |
"{F13D2D78-18AC-4126-A907-5B8DDB3EBBB1}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\crysis warhead\bin32\crysis.exe |
"{F1488EE5-6AD4-4E5D-A8BC-DA259DC15A0A}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\solar 2\solar2.exe |
"{F1551CFE-D9AA-4518-B0C1-FDA81A98D4CF}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\fallout 3\falloutlauncher.exe |
"{F1ABF094-2EA4-44B3-8B80-4C11B43CBC72}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\pid\pid.exe |
"{F1C9D2E5-9F91-47AB-AFCC-B97B1D57CBAC}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\black lake prototype\black.exe |
"{F1D1A87E-9573-4947-B671-FC603AC62190}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\time gentlemen, please!\winsetup.exe |
"{F1E11549-4C5F-47E6-ADDB-77943B5C0CCE}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\mass effect 2\binaries\masseffect2.exe |
"{F1E5A63E-B0F0-4151-9250-DACA31018BA3}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\overlord ii\overlord2.exe |
"{F25A32DA-FE1F-4226-9457-E45E8C5DE20A}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\batman arkham asylum goty\binaries\bmlauncher.exe |
"{F26F5D13-2C1C-4F49-BB1A-A33CC73B70D4}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\bit.trip beat\beat.exe |
"{F2741119-18E9-48A9-9665-3E0FFF76B6B8}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\super hexagon\superhexagon.exe |
"{F2AE1178-41F4-4211-8C55-D6FD528277D1}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\cave story+\cavestory+.exe |
"{F2AE728F-F568-41A4-B904-D0A5289F5A3F}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\multiwinia\multiwinia.exe |
"{F301C88F-3321-4CDD-9025-FCB27EC0E967}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\black lake prototype\black.exe |
"{F3DBF4E2-7EE9-47DC-96A1-161ED91FF76C}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\dead island\deadislandgame.exe |
"{F3DD726D-72C6-466D-A322-2E44F283D7E9}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\sniper ghost warrior\sniper_x86.exe |
"{F441B906-704F-4245-92AE-3A3983F14B97}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{F4A8456C-9E40-45E2-BB89-C8D9772FD7F6}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0-enus-downloader.exe |
"{F4B13BD1-C48E-4487-9055-0DDA1C008FFD}" = dir=in | app=c:\program files\zecter\zumocast\bin\gst-thumbnailer.exe |
"{F4BD704E-7B69-4DAF-8E57-8C350B2ACC6E}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\steelstorm\steelstorm-dedicated.exe |
"{F4ED4325-EE5C-4230-837E-270C9FA5668D}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\steelstorm\steelstorm.exe |
"{F4FF407E-C8E1-43DC-BCF8-59FA50CD1562}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\trine\trine_launcher.exe |
"{F501969E-C5C1-4A11-BD67-001D6140A98F}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\psychonauts\psychonauts.exe |
"{F5677F7A-0843-4AB5-BB50-790A62BF0762}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\capsized\capsized.exe |
"{F5C7A45C-67A0-4A32-9F45-A3BAE537817C}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\overlord\config.exe |
"{F675C2C3-51A1-442D-82D0-FA19C05C21B2}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\overlord ii\overlord2.exe |
"{F70C3D5B-DB79-40F5-8175-60D6777D86A4}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\terraria\terraria.exe |
"{F75285ED-6149-4B1A-9EEA-BA2B6A5C4BFA}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\mass effect 2\binaries\masseffect2.exe |
"{F75EF8FB-C847-431E-AC42-C8DACD1622CB}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\fear ultimate shooter edition\fear.exe |
"{F7695B76-03AF-49C1-9E91-8658E69768EB}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\quantum conundrum\binaries\win32\trygame-win32-shipping.exe |
"{F7770B7E-721A-4EEC-BD51-B900281EEB8F}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\capsized\capsized.exe |
"{F77C19BB-6865-47D6-9FAD-6AC72326ACCD}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\spore\support\ea help\electronic_arts_technical_support.htm |
"{F7D804B6-F1FB-4815-9446-DB06D19ED021}" = protocol=6 | dir=in | app=d:6\steam\steamapps\common\spore\support\ea help\electronic_arts_technical_support.htm |
"{F81A8BC3-E8CF-479B-8089-A2FAF28856B1}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\red faction armageddon\redfactionarmageddon_dx11.exe |
"{F834C409-31C5-4F03-B621-7E82EC5F362E}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\sid meier's civilization iv warlords\warlords\civ4warlords.exe |
"{F84CB130-8FD5-464E-B09B-1A9D1E4E6AAB}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\hack n slash prototype\afhack.exe |
"{F877C6A4-21AD-4C31-9588-F773AAA11140}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\shadowgrounds survivor\shadowgrounds survivor launcher.exe |
"{F8B06748-9AED-49FB-A2B2-6C054A78B6F0}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\bully scholarship edition\bully.exe |
"{F8C02E2D-9889-4703-B68F-0D05226E7E0D}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\the sims 3\support\ea help\electronic_arts_technical_support.htm |
"{F8DB962B-0C1D-4A68-86A0-633CAED08D18}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{F8DE1830-67FA-404C-A22F-7FF516343CA8}" = protocol=6 | dir=in | app=g:\steam\steamapps\common\alien swarm\swarm.exe |
"{F9134484-A2C5-4588-A000-3AEDBF47CA1E}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\bit.trip core\bit.trip core.exe |
"{F91558CC-9AC1-47AD-98A0-CAB57F096955}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\beat hazard\runme.exe |
"{F92D5FC5-B67C-4DDB-919A-B00CF12D2DE1}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\vampire the masquerade - bloodlines\vampire.exe |
"{F9D59460-12CB-4420-BAC6-BAA50B73804C}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\thomaswasalone\thomaswasalone.exe |
"{FA58506C-5494-4B2B-BD76-6C44C9C13837}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\crysis\bin32\crysis.exe |
"{FAABCB73-9E87-41AB-8229-A1EF3960397B}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\orcs must die!\build\release\orcsmustdie.exe |
"{FAB2E8AC-058A-43F7-8199-CD763DD5D8F3}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\steelstorm\netradiant_win32\radiant.exe |
"{FABF43F1-2A75-47D9-B827-D7E05BD60797}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\shattered_horizon\client_exe\shattered_horizon.exe |
"{FAC83F7B-BEA6-4E48-8943-FF3871817178}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\dust an elysian tail\dustaet.exe |
"{FAF6246E-AA62-47FE-8428-B747710BC1BA}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\mass effect\docs\ea help\electronic_arts_technical_support.htm |
"{FBB960E4-E70C-4AB6-A54F-9E2809F62BE0}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\spiral knights\java_vm\bin\javaw.exe |
"{FBCEB303-68B8-4086-B6F6-B14CD5A6172D}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{FC0C3575-5C0C-49EB-A20C-D350EB3AAF72}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\time gentlemen, please!\tgp.exe |
"{FC3C2D7C-7474-4CB9-ABC6-7C55FCAA192E}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{FC5F4960-917F-418D-9DF6-752ED3324A0F}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\eufloria\eufloria.exe |
"{FCADF775-73D0-45DC-BA97-47CCCEB5D1E0}" = protocol=6 | dir=in | app=g:\steam\steamapps\just2damndgood\day of defeat source\hl2.exe |
"{FCF91C32-9C7D-4BE3-9DB1-F125ADF6E709}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\awesomenauts\awesomenautslauncher.exe |
"{FD1EB8D4-822C-4601-9FDD-EED59E6DF05F}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\serious sam 3\bin\sam3_unrestricted.exe |
"{FD6F211F-BAF8-4A71-9BB5-875BA7602CA2}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\fear ultimate shooter edition\fearxp2\fearxp2.exe |
"{FE219027-869A-4EC9-93E7-4B33AD58EFB0}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\limbo\limbo.exe |
"{FE26C410-087A-4A4E-BD19-36DA3D5B64E6}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\thepolynomial\polynomial.exe |
"{FEAAEA8C-E1F9-4135-9C96-B87EC1776949}" = protocol=6 | dir=in | app=f:\steam folder\steamapps\common\overlord\overlord.exe |
"{FF3BAA67-8AFB-49F2-B724-69BABDE947DB}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\amd driver updater, vista and 7, 32 bit\setup.exe |
"{FFADF5C2-73CC-4FAD-B4F8-6B6C8B8074B1}" = protocol=17 | dir=in | app=f:\steam folder\steamapps\common\capsized\capsized.exe |
"{FFBAFA85-6314-4ED8-A5CA-29E2371C654A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\aliens vs predator\avp.exe |
"{FFD9769B-22FE-4B79-9EF3-7F4365F1DA37}" = protocol=17 | dir=in | app=g:\steam\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe |
"TCP Query User{08273235-0B23-4737-A71E-8BB84728C28E}C:\users\attila\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\attila\appdata\local\temp\gw2.exe |
"TCP Query User{0A19258E-5FD3-404C-A7BD-36D28E7D5A17}C:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe |
"TCP Query User{0AF57857-ED3D-468A-A557-69CD544CC3BF}C:\users\attila\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\attila\program files\dna\btdna.exe |
"TCP Query User{17F4F2C1-BCA6-4BF5-A722-6FDC368CEC1E}C:\program files\steam\steamapps\just2damndgood\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\just2damndgood\team fortress 2\hl2.exe |
"TCP Query User{36294D42-0F4C-481D-9468-6CD8CE9BB2A1}C:\program files\steam\steamapps\common\fallout 3\fallout3.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\fallout 3\fallout3.exe |
"TCP Query User{3874CA6E-F235-4662-A3ED-465496386F29}G:\steam\steamapps\common\planetside 2\planetside2.exe" = protocol=6 | dir=in | app=g:\steam\steamapps\common\planetside 2\planetside2.exe |
"TCP Query User{40C13FE5-1180-42F0-9A6A-087C4994A0FD}C:\program files\turbine\ddo unlimited\dndclient.exe" = protocol=6 | dir=in | app=c:\program files\turbine\ddo unlimited\dndclient.exe |
"TCP Query User{4EDF1A6E-B27A-4710-A7D0-BEFB0C5D391F}C:\program files\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\program files\guild wars 2\gw2.exe |
"TCP Query User{4FFF48E9-CD01-4D58-8358-C84C1FBE1D87}C:\users\public\games\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"TCP Query User{5334D6B6-BFE8-46F1-9CE4-86D002D422E0}D:6\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe" = protocol=6 | dir=in | app=d:6\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe |
"TCP Query User{5C385689-A62E-4A40-830F-AC99CD58767A}G:\steam\steamapps\common\autonomous prototype\auto.exe" = protocol=6 | dir=in | app=g:\steam\steamapps\common\autonomous prototype\auto.exe |
"TCP Query User{62EB6D5D-0997-4E1B-BD07-9A9EBCA1FF8C}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{6DE848FD-6131-4ED3-A973-21480DE41D6E}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{738E4CF8-38D2-4D27-BD66-C6122D4ED799}C:\program files\starcraft ii\versions\base24944\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base24944\sc2.exe |
"TCP Query User{766E5FDF-9BEF-474D-80B4-B7FC34CF3C86}G:\steam\steamapps\just2damndgood\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=g:\steam\steamapps\just2damndgood\team fortress 2\hl2.exe |
"TCP Query User{95037B50-D61D-4A51-B238-15D5A67FF70C}C:\program files\starcraft ii\versions\base15405\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base15405\sc2.exe |
"TCP Query User{98B84DA3-5FD5-46D8-8E3B-E508A6C94F40}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{9DACA06B-42AD-4CDC-936C-25D8FD94E1AD}C:\users\attila\appdata\local\warframe\downloaded\public\warframe.exe" = protocol=6 | dir=in | app=c:\users\attila\appdata\local\warframe\downloaded\public\warframe.exe |
"TCP Query User{9FB3C60C-5C06-4907-A382-BF4C2D8D18C1}G:\steam\steamapps\common\dead island\deadislandgame.exe" = protocol=6 | dir=in | app=g:\steam\steamapps\common\dead island\deadislandgame.exe |
"TCP Query User{A262658D-4E12-4C26-9182-3CF45E507EAF}C:\program files\starcraft ii\versions\base23260\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base23260\sc2.exe |
"TCP Query User{CB5FB50F-084E-4B3F-AE9E-2F69D4DF849A}G:\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe" = protocol=6 | dir=in | app=g:\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe |
"TCP Query User{D4B59AC5-037B-4B23-AE0D-308BA9B10346}G:\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=6 | dir=in | app=g:\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"TCP Query User{E21F8C6B-91F0-41E7-8FF4-0F5D8717616C}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{E29423B2-E9F6-4E45-9863-631E7C2A33FE}C:\program files\curse\curseclient.exe" = protocol=6 | dir=in | app=c:\program files\curse\curseclient.exe |
"TCP Query User{F4B4D304-856F-4F2D-AC2F-8A4FE9CE2DE2}C:\users\attila\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\attila\program files\dna\btdna.exe |
"UDP Query User{09F63436-2EF9-4B60-82A5-7B8009B22318}C:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2\bfbc2game.exe |
"UDP Query User{1114A412-AB6B-421C-970E-9A770B3968A1}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{1268EEBF-7380-4C63-95BC-F54FE56A261C}G:\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=17 | dir=in | app=g:\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"UDP Query User{17CB17DA-2975-479D-A8C1-C8DF34925962}C:\program files\steam\steamapps\common\fallout 3\fallout3.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\fallout 3\fallout3.exe |
"UDP Query User{25628BCE-2C06-469F-8F69-E388B598234F}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{38E25AF8-051F-4BF0-B00F-7BC3AFCE75A4}C:\program files\curse\curseclient.exe" = protocol=17 | dir=in | app=c:\program files\curse\curseclient.exe |
"UDP Query User{3B7C3812-B231-4912-9A66-F04BDD1444DE}G:\steam\steamapps\common\planetside 2\planetside2.exe" = protocol=17 | dir=in | app=g:\steam\steamapps\common\planetside 2\planetside2.exe |
"UDP Query User{44FBFFB4-8D11-444B-97B6-05BFAE4CC3DE}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{467FD82C-616D-434F-A25A-FFD0A62D44BC}C:\program files\starcraft ii\versions\base23260\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base23260\sc2.exe |
"UDP Query User{49EF603A-E8C6-4DA3-8489-29D4C7156E09}C:\users\public\games\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"UDP Query User{4D7B9D4A-7164-4A7B-B652-9ABA7D697089}C:\program files\starcraft ii\versions\base15405\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base15405\sc2.exe |
"UDP Query User{5095B6D0-0825-41B1-9AB2-142FD5ED8F0E}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{5A420ADF-E29E-455C-BFE3-A2FF8A30D67E}C:\program files\steam\steamapps\just2damndgood\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\just2damndgood\team fortress 2\hl2.exe |
"UDP Query User{83CBFE16-497B-4C5A-89D6-9735FCCDA562}C:\users\attila\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\attila\program files\dna\btdna.exe |
"UDP Query User{9EE7BA47-46FF-4D5B-AA75-EEC874EE1471}D:6\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe" = protocol=17 | dir=in | app=d:6\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe |
"UDP Query User{A620CE57-7F41-498A-9401-549BD0C0ED71}C:\program files\starcraft ii\versions\base24944\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base24944\sc2.exe |
"UDP Query User{A9332795-F54F-47E8-82AF-DD2335ED1490}C:\users\attila\appdata\local\warframe\downloaded\public\warframe.exe" = protocol=17 | dir=in | app=c:\users\attila\appdata\local\warframe\downloaded\public\warframe.exe |
"UDP Query User{AB3A84EE-73BB-48F0-BE07-34C7A23DC2FC}G:\steam\steamapps\common\dead island\deadislandgame.exe" = protocol=17 | dir=in | app=g:\steam\steamapps\common\dead island\deadislandgame.exe |
"UDP Query User{ADE5D561-6208-431D-9CD4-1DE7429E9DCE}G:\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe" = protocol=17 | dir=in | app=g:\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe |
"UDP Query User{B135306A-86C6-48E7-9DC7-DBE0A0196DE6}C:\users\attila\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\attila\appdata\local\temp\gw2.exe |
"UDP Query User{B375777B-650D-47B0-B7A0-5D2ACA1615A3}C:\users\attila\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\attila\program files\dna\btdna.exe |
"UDP Query User{CB05A094-385D-4749-8114-F2799C0FFB3C}G:\steam\steamapps\common\autonomous prototype\auto.exe" = protocol=17 | dir=in | app=g:\steam\steamapps\common\autonomous prototype\auto.exe |
"UDP Query User{D8360010-F17B-490B-8033-82BDBE323E22}C:\program files\turbine\ddo unlimited\dndclient.exe" = protocol=17 | dir=in | app=c:\program files\turbine\ddo unlimited\dndclient.exe |
"UDP Query User{F62DC31E-2B37-4572-80D9-38668CE6CA01}G:\steam\steamapps\just2damndgood\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=g:\steam\steamapps\just2damndgood\team fortress 2\hl2.exe |
"UDP Query User{FB3EF81C-1F18-428B-BF6F-328FFB026A15}C:\program files\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\program files\guild wars 2\gw2.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0394CDC8-FABD-4ED8-B104-03393876DFDF}" = Roxio Creator Tools
"{03B25762-461B-22C8-9AF0-170F3D749061}" = Catalyst Control Center Graphics Previews Vista
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC4
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0A0F73EF-BFFA-42CE-A60E-74FB9F02F270}" = Warframe
"{0AC7F464-85E9-337D-B100-DC178C14A699}" = Catalyst Control Center Core Implementation
"{0BB1DBF8-DEF9-90DF-B7D8-2E3E67D79FB3}" = AMD Catalyst Install Manager
"{0D397393-9B50-4C52-84D5-77E344289F87}" = Roxio Creator Data
"{10621ADB-04B8-94B5-0520-E799FBCFE366}" = CCC Help German
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{15E63A3E-5FEC-FC64-C09D-757F2753DA10}" = CCC Help Italian
"{162B71B8-8464-4680-A086-601D555B331D}" = Apple Mobile Device Support
"{16F3A269-C49C-3EA8-76B6-3006007CE201}" = CCC Help Portuguese
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1A44135B-3127-9AEE-5686-F64DA4F262CA}" = Catalyst Control Center Graphics Previews Common
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FECF5F8-8E75-432C-9FF7-1C04F1956B54}" = Realtek Ethernet Network Card Diagnostic tool for Windows Vista
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{231A1A09-FDF2-45F2-B3D1-964CECE372BC}" = Seagate Manager Installer
"{2573A5FB-0352-4B85-E948-10FFCDD28731}" = Catalyst Control Center InstallProxy
"{2687340C-C114-47DC-9F0E-C1BA85FEB001}" = POWERPREP II
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{276B965A-AC01-955C-E678-C8D25C58A42B}" = Catalyst Control Center Graphics Previews Common
"{29EF24BB-EF96-0D83-4142-2488827609B1}" = CCC Help Dutch
"{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}" = Six Updater
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{2F2AE1BD-90B2-F4C0-3D32-4653B5B65AB1}" = Catalyst Control Center InstallProxy
"{2F56F921-7281-17D7-C628-EDC320DB1AF3}" = CCC Help French
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{33126DA3-B1C3-A57F-B8DD-8D10B00698DC}" = Catalyst Control Center
"{34F93E31-E1A0-421C-8E86-BCF7C4193A91}" = LogMeIn
"{37F964E4-9C3F-4066-B933-1747D3AC6737}" = Personal Entertainment Launcher
"{390DD8BB-BB57-4942-A029-2D913E4E9D74}" = Microsoft Security Client
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D98AE11-B5A5-1EDB-F815-B1C2DA7BE1DB}" = Catalyst Control Center InstallProxy
"{3E8DD348-4174-4fe8-8FDC-238AAFBD2488}" = HP Photosmart All-In-One Software 9.0
"{4343080E-448E-4E2C-B27F-B91000028201}" = Dead Rising 2
"{44B2E182-DD85-45FC-9F51-326B81D7C7F1}" = Fax
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}" = NVIDIA PhysX
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{5070FEB6-D861-648C-95EA-D08B15139677}" = CCC Help Turkish
"{507A4C55-8DAF-1607-0B3B-36F975039B2D}" = CCC Help Korean
"{56BB049F-DAD3-4D9E-BC83-E4D778EAE0BD}" = CCC Help Norwegian
"{56CDA83B-BC0B-A4A7-BD48-1176A6C97033}" = Catalyst Control Center Graphics Light
"{5DE28421-7661-5A77-F667-5FDC46170AD8}" = CCC Help Swedish
"{5EA47F98-C7D2-2C53-0316-CF59E197116D}" = CCC Help Finnish
"{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}" = GameSpy Comrade
"{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{6530FDAA-5B1F-4830-95BB-650E9804D239}" = UE3Redist
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A7DF5D8-2DDA-56C0-CC4A-667EC297787D}" = CCC Help Thai
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6F962C4B-9924-E471-080F-55E9E7678F3B}" = ccc-utility
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75685CA8-0B74-45BB-9C64-744A0FB79EDC}" = Business Tools Launcher
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{78D7DA9D-C97B-477E-8D05-84ECE394BBCF}" = DayZ Commander
"{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" = League of Legends
"{7A8A86CF-71B4-4517-919F-43E493547346}" = CCC Help Danish
"{7D5BFB15-8BC7-2170-144F-7F585FE9FDF1}" = CCC Help Japanese
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7E77E37C-1806-ADFD-C98B-5F1465781D8F}" = CCC Help Chinese Traditional
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FFCFC7-88C6-41C6-8752-958A45325C82}" = Roxio Creator Audio
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{88DCB080-7A56-5697-4407-21BD03DCE401}" = Catalyst Control Center Graphics Full New
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A0B485A-639F-751F-7CA9-744F15BC54F8}" = CCC Help Czech
"{8AC7ACAD-10E5-E7F4-481A-29C4C8B19990}" = Catalyst Control Center Graphics Full Existing
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8BFFC140-7C6F-CCB0-B85B-2AE63922C919}" = CCC Help Hungarian
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{8E4F1F84-B054-5875-ABF4-1246B3CFD48E}" = CCC Help Russian
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{92482FB3-C05B-41C6-89E7-75D985602A6E}" = System Requirements Lab
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{93DE6349-A17B-8CA8-181F-6DB7A2E1F1C7}" = Catalyst Control Center Localization All
"{93FF055C-7E0B-4E26-AAFB-2C4333E2D7D0}" = Logitech Gaming Software 8.12
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{97E21DF5-574A-67C2-6ECC-0AC11F0ABF3C}" = CCC Help Polish
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E4F0E65-209E-4713-8BE2-7F8802BB3987}_is1" = War Inc Battlezone version 1.0.0
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.6)
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B051D1F8-8A3D-096B-1BC5-15F111F4EE2D}" = CCC Help Greek
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B56BA529-977E-4276-0325-A94BF57E1B65}" = CCC Help Spanish
"{B8ABB25D-1E30-4ED7-A3CE-0F8BED439647}" = Product Support Launcher
"{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}" = DarksidersInstaller
"{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1" = The War Z version alpha
"{C26B06A9-27BB-45B0-9873-9C623EC2BA38}" = iTunes
"{C2D541C2-B516-B049-EC3F-41B7A8E1C72D}" = ccc-utility
"{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1" = DriverScanner
"{C35CCBEB-5A54-4DD8-9EC8-110F2A8154B3}" = Motorola Mobile Drivers Installation 5.1.0
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C580908C-B3BA-4C19-BD60-16F02F272201}" = BattleForge™
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB4532F7-A1BD-46D2-9938-3E7D4656FB18}" = Razer Lachesis
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D68F16A7-9447-8A92-7EF3-A4E26B2A95EE}" = CCC Help English
"{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}" = Microsoft XNA Framework Redistributable 4.0 Refresh
"{DE9CF741-20F7-488B-8B85-9D0F86FA51B4}" = TortoiseSVN 1.7.7.22907 (32 bit)
"{E04810F9-4BAC-C803-82F1-241041A44897}" = CCC Help English
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E3AC9740-66D4-412F-AE55-DD0428F78175}" = Razer BlackWidow Ultimate
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{ED2A4AA9-11F8-8338-0B18-CD9C543E876E}" = CCC Help Chinese Standard
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF0D2E55-6FE2-4e35-BE22-A742E85D84E3}" = PS_AIO_02_Software_min
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F751C062-87DA-4D33-8A12-6E7F1D4C051C}" = Netflix in Windows Media Center
"{F9706A8C-D740-42CA-8703-E08EDD0F0778}" = LogMeIn Hamachi
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Aim Plugin for QQ Games" = Aim Plugin for QQ Games
"AIM Toolbar" = AIM Toolbar
"AIMTunes" = AIMTunes
"Amazon Games & Software Downloader_is1" = Amazon Games & Software Downloader
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.10
"AutoHotkey" = AutoHotkey 1.0.48.05
"B076073A-5527-4f4f-B46B-B10692277DA2_is1" = DisplayFusion 5.0
"BattlEye for A2" = BattlEye Uninstall
"BattlEye for OA" = BattlEye for OA Uninstall
"BitLord" = BitLord 1.1
"Cake Mania_is1" = Cake Mania
"Cheat Engine 6.0_is1" = Cheat Engine 6.0
"Coupon Companion Plugin" = Coupon Companion Plugin
"Debut" = Debut Video Capture Software
"Diablo III" = Diablo III
"DivX Setup" = DivX Setup
"EVE" = EVE Online (remove only)
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"Guild Wars 2" = Guild Wars 2
"Hardware Helper_is1" = Hardware Helper
"HDMI" = Intel® Graphics Media Accelerator Driver
"InfoAtoms" = InfoAtoms [Uninstall]
"InstallShield_{231A1A09-FDF2-45F2-B3D1-964CECE372BC}" = Seagate Manager Installer
"Jawbone Updater" = Jawbone Updater
"League of Legends 3.0.0" = League of Legends
"LimeWire" = LimeWire 5.1.2
"LogMeIn Hamachi" = LogMeIn Hamachi
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 21.0 (x86 en-US)" = Mozilla Firefox 21.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OpenAL" = OpenAL
"PunkBusterSvc" = PunkBuster Services
"QQ Games" = QQ Games
"QQ Pool" = QQ Pool
"Rockstar Games Social Club" = Rockstar Games Social Club
"Sandboxie" = Sandboxie 3.62 (32-bit)
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"StarCraft II" = StarCraft II
"Steam App 105400" = Fable III
"Steam App 105600" = Terraria
"Steam App 10680" = Aliens vs. Predator
"Steam App 110800" = L.A. Noire
"Steam App 111800" = Blocks That Matter
"Steam App 11200" = Shadowgrounds: Survivor
"Steam App 113200" = The Binding of Isaac
"Steam App 11450" = Overlord
"Steam App 115100" = Costume Quest
"Steam App 115110" = Stacking
"Steam App 12100" = Grand Theft Auto III
"Steam App 12110" = Grand Theft Auto: Vice City
"Steam App 12120" = Grand Theft Auto: San Andreas
"Steam App 12200" = Bully: Scholarship Edition
"Steam App 1250" = Killing Floor
"Steam App 12710" = Overlord: Raising [bleep]
"Steam App 12810" = Overlord II
"Steam App 12900" = Audiosurf
"Steam App 1510" = Uplink
"Steam App 15520" = AaAaAA!!! - A Reckless Disregard for Gravity
"Steam App 16450" = F.E.A.R. 2: Project Origin
"Steam App 17300" = Crysis
"Steam App 17330" = Crysis Warhead
"Steam App 17340" = Crysis Wars
"Steam App 17390" = Spore
"Steam App 17440" = Spore: Creepy & Cute Parts Pack
"Steam App 17460" = Mass Effect
"Steam App 18000" = On the Rain-Slick Precipice of Darkness, Episode One
"Steam App 18020" = On the Rain-Slick Precipice of Darkness, Episode Two
"Steam App 18700" = And Yet It Moves
"Steam App 19680" = Alice: Madness Returns
"Steam App 200010" = Quantum Conundrum
"Steam App 200390" = Oil Rush
"Steam App 200510" = XCOM: Enemy Unknown
"Steam App 200900" = Cave Story+
"Steam App 201790" = Orcs Must Die! 2
"Steam App 202730" = Dynamite Jack
"Steam App 204300" = Awesomenauts
"Steam App 204360" = Castle Crashers
"Steam App 205060" = BIT.TRIP CORE
"Steam App 205070" = BIT.TRIP VOID
"Steam App 205100" = Dishonored
"Steam App 20540" = Company of Heroes: Tales of Valor
"Steam App 205910" = Tiny and Big: Grandpa's Leftovers
"Steam App 207610" = The Walking Dead
"Steam App 20900" = The Witcher: Enhanced Edition
"Steam App 21090" = F.E.A.R.
"Steam App 21110" = F.E.A.R.: Extraction Point
"Steam App 21120" = F.E.A.R.: Perseus Mandate
"Steam App 214970" = Intrusion 2
"Steam App 218740" = Pid
"Steam App 219150" = Hotline Miami
"Steam App 219540" = Arma 2: Operation Arrowhead Beta
"Steam App 219740" = Don't Starve
"Steam App 220" = Half-Life 2
"Steam App 22000" = World of Goo
"Steam App 220460" = Cargo Commander
"Steam App 22120" = Penumbra: Black Plague
"Steam App 221260" = Little Inferno
"Steam App 22140" = Penumbra: Requiem
"Steam App 221640" = Super Hexagon
"Steam App 22180" = Penumbra: Overture
"Steam App 22200" = Zeno Clash
"Steam App 22300" = Fallout 3
"Steam App 22350" = BRINK
"Steam App 225120" = BRAZEN Prototype
"Steam App 225260" = Brütal Legend
"Steam App 225940" = Happy Song Prototype
"Steam App 22610" = Alien Breed: Impact
"Steam App 22650" = Alien Breed 2: Assault
"Steam App 228060" = Black Lake Prototype
"Steam App 228100" = Autonomous Prototype
"Steam App 228200" = Company of Heroes (New Steam Version)
"Steam App 229520" = Dungeon Hearts
"Steam App 23310" = The Last Remnant
"Steam App 234710" = Poker Night 2
"Steam App 23490" = Tropico 3 - Steam Special Edition
"Steam App 236090" = Dust: An Elysian Tail
"Steam App 240" = Counter-Strike: Source
"Steam App 24420" = Aquaria
"Steam App 24720" = Spore: Galactic Adventures
"Steam App 24780" = SimCity 4 Deluxe
"Steam App 24980" = Mass Effect 2
"Steam App 2500" = Shadowgrounds
"Steam App 26900" = Crayon Physics Deluxe
"Steam App 28050" = Deus Ex: Human Revolution
"Steam App 29180" = Osmos
"Steam App 31280" = Poker Night at the Inventory
"Steam App 33460" = From Dust
"Steam App 33900" = Arma 2
"Steam App 33930" = Arma 2: Operation Arrowhead
"Steam App 34830" = Sniper: Ghost Warrior
"Steam App 35140" = Batman: Arkham Asylum GOTY Edition
"Steam App 35700" = Trine
"Steam App 3830" = Psychonauts
"Steam App 38900" = Rhythm Zone
"Steam App 3900" = Sid Meier's Civilization IV
"Steam App 400" = Portal
"Steam App 4000" = Garry's Mod
"Steam App 40800" = Super Meat Boy
"Steam App 41000" = Serious Sam HD: The First Encounter
"Steam App 41010" = Serious Sam HD: The Second Encounter
"Steam App 41050" = Serious Sam Classic: The First Encounter
"Steam App 41060" = Serious Sam Classic: The Second Encounter
"Steam App 41070" = Serious Sam 3: BFE
"Steam App 41210" = Eufloria
"Steam App 41800" = Gratuitous Space Battles
"Steam App 42120" = Lead and Gold - Gangs of the Wild West
"Steam App 42910" = Magicka
"Steam App 43110" = Metro 2033
"Steam App 440" = Team Fortress 2
"Steam App 4540" = Titan Quest
"Steam App 4560" = Company of Heroes
"Steam App 45740" = Dead Rising 2
"Steam App 47890" = The Sims™ 3
"Steam App 48000" = LIMBO
"Steam App 49520" = Borderlands 2
"Steam App 49600" = Beat Hazard
"Steam App 500" = Left 4 Dead
"Steam App 50620" = Darksiders
"Steam App 550" = Left 4 Dead 2
"Steam App 55040" = Atom Zombie Smasher
"Steam App 55110" = Red Faction: Armageddon
"Steam App 55230" = Saints Row: The Third
"Steam App 570" = Dota 2
"Steam App 57300" = Amnesia: The Dark Descent
"Steam App 6120" = Shank
"Steam App 620" = Portal 2
"Steam App 63700" = BIT.TRIP BEAT
"Steam App 63710" = BIT.TRIP RUNNER
"Steam App 65800" = Dungeon Defenders
"Steam App 67370" = The Darkness II
"Steam App 70" = Half-Life
"Steam App 70300" = VVVVVV
"Steam App 72500" = Arcadia
"Steam App 7670" = BioShock
"Steam App 8870" = BioShock Infinite
"Steam App 91200" = Anomaly Warzone Earth
"Steam App 91310" = Dead Island
"Steam App 91600" = Sanctum
"Steam App 9340" = Company of Heroes: Opposing Fronts
"Steam App 94200" = Jamestown
"Steam App 94500" = Back to the Future: Ep 2 - Get Tannen!
"Steam App 94510" = Back to the Future: Ep 3 - Citizen Brown
"Steam App 94520" = Back to the Future: Ep 4 - Double Visions
"Steam App 94530" = Back to the Future: Ep 5 - OUTATIME
"Steam App 95300" = Capsized
"Steam App 96200" = Steel Storm: Burning Retribution
"Steam App 97000" = Solar 2
"Steam App 98800" = Dungeons of Dredmor
"Steam App 99700" = NightSky
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"ToolBox" = NCH Toolbox
"TorrentMan Toolbar" = TorrentMan Toolbar
"UltSounds" = Windows Sound Schemes
"UltSounds2" = Ultimate Extras sounds from Microsoft® Tinker™
"ViewpointMediaPlayer" = Viewpoint Media Player
"Voxatron" = Voxatron 0.1.3
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = WinRAR archiver
"Wireshark" = Wireshark 1.4.0
"World of Warcraft" = World of Warcraft
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"YTdetect" = Yahoo! Detect
"ZumoCast" = ZumoCast

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"BitTorrent" = BitTorrent
"BitTorrent DNA" = DNA
"InstallShield_{6530FDAA-5B1F-4830-95BB-650E9804D239}" = UE3Redist
"Move Media Player" = Move Media Player
"SOE-DC Universe Online Beta" = DC Universe Online
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 1/23/2013 7:40:44 PM | Computer Name = Attila-PC | Source = Perflib | ID = 1008
Description =

Error - 1/23/2013 7:40:46 PM | Computer Name = Attila-PC | Source = Perflib | ID = 1008
Description =

Error - 1/23/2013 7:40:46 PM | Computer Name = Attila-PC | Source = Perflib | ID = 1008
Description =

Error - 1/24/2013 8:33:24 AM | Computer Name = Attila-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 1/27/2013 1:07:47 AM | Computer Name = Attila-PC | Source = Application Error | ID = 1000
Description = Faulting application 313001056-52.exe, version 0.0.0.0, time stamp
0x509e804c, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception
code 0xc0000005, fault offset 0x5c4647d0, process id 0x1728, application start time
0x01cdfc381ce6d370.

Error - 1/27/2013 3:53:09 PM | Computer Name = Attila-PC | Source = VSS | ID = 8194
Description =

Error - 1/27/2013 3:54:55 PM | Computer Name = Attila-PC | Source = System Restore | ID = 8193
Description =

Error - 1/27/2013 7:23:00 PM | Computer Name = Attila-PC | Source = Application Error | ID = 1000
Description = Faulting application FlashPlayerPlugin_11_5_502_146.exe, version 11.5.502.146,
time stamp 0x50cfc179, faulting module ShimEng.dll_unloaded, version 0.0.0.0, time
stamp 0x4549bdb7, exception code 0xc0000005, fault offset 0x73084618, process id
0x1fa0, application start time 0x01cdfce53f17ff20.

Error - 1/27/2013 7:23:19 PM | Computer Name = Attila-PC | Source = Application Error | ID = 1000
Description = Faulting application FlashPlayerPlugin_11_5_502_146.exe, version 11.5.502.146,
time stamp 0x50cfc179, faulting module ShimEng.dll_unloaded, version 0.0.0.0, time
stamp 0x4549bdb7, exception code 0xc0000005, fault offset 0x73084618, process id
0x9a4, application start time 0x01cdfce54a53d210.

Error - 1/27/2013 7:23:23 PM | Computer Name = Attila-PC | Source = Application Error | ID = 1000
Description = Faulting application FlashPlayerPlugin_11_5_502_146.exe, version 11.5.502.146,
time stamp 0x50cfc179, faulting module ShimEng.dll_unloaded, version 0.0.0.0, time
stamp 0x4549bdb7, exception code 0xc0000005, fault offset 0x73084618, process id
0x182c, application start time 0x01cdfce54cd525c0.

[ Media Center Events ]
Error - 8/30/2009 4:16:17 PM | Computer Name = Attila-PC | Source = McrMgr | ID = 109
Description =

Error - 10/14/2009 8:17:51 PM | Computer Name = Attila-PC | Source = McrMgr | ID = 109
Description =

Error - 10/14/2009 10:41:52 PM | Computer Name = Attila-PC | Source = McrMgr | ID = 109
Description =

Error - 11/21/2009 6:28:22 PM | Computer Name = Attila-PC | Source = McrMgr | ID = 109
Description =

Error - 2/20/2010 11:29:19 PM | Computer Name = Attila-PC | Source = McrMgr | ID = 109
Description =

Error - 2/21/2010 6:40:08 PM | Computer Name = Attila-PC | Source = McrMgr | ID = 109
Description =

Error - 3/26/2010 10:00:19 PM | Computer Name = Attila-PC | Source = Mcx2Dvcs | ID = 405
Description =

Error - 3/26/2010 10:01:42 PM | Computer Name = Attila-PC | Source = Mcx2Dvcs | ID = 405
Description =

Error - 9/21/2010 3:09:36 PM | Computer Name = Attila-PC | Source = Mcx2Svc | ID = 301
Description =

Error - 7/22/2012 1:11:24 PM | Computer Name = Attila-PC | Source = McrMgr | ID = 109
Description =

[ System Events ]
Error - 6/16/2013 12:12:49 PM | Computer Name = Attila-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 6/16/2013 12:13:04 PM | Computer Name = Attila-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 6/16/2013 12:13:08 PM | Computer Name = Attila-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 6/16/2013 12:13:45 PM | Computer Name = Attila-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 6/20/2013 6:18:46 PM | Computer Name = Attila-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 6/20/2013 6:18:51 PM | Computer Name = Attila-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 6/20/2013 6:18:57 PM | Computer Name = Attila-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 6/20/2013 6:19:06 PM | Computer Name = Attila-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 6/20/2013 6:19:25 PM | Computer Name = Attila-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 6/20/2013 6:35:35 PM | Computer Name = Attila-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.153.222.0 Update Source: %%859 Update Stage:
%%854 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803

User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9607.0 Error
code: 0x8024001e Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.


< End of report >

Thank you for your time and patience.
  • 0

Advertisements


#2
Jasmyne

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
Hi! My name is Jasmyne and Welcome to Geeks to Go!

I'm sorry you are having issues with your computer but I will do my best to resolve them as quickly as possible. I know having an infected computer is frustrating because I was once where you are now!

Please be patient with me as I am currently in training, and all of my responses to you have to be reviewed by my instructor before I post them. Just keep in mind that you get the advantage as you have 2 people examining your issue.

  • You may want to print out these instructions, or copy them to a text file so that will have a copy in case you loose your connection to the internet during a removal process.
  • Please make sure to carefully read any instruction that I give you and in perform them in the order they are posted. If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask! Never be afraid to ask questions! :)
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.
  • Please note that there is no "Quick & Easy Fix" to most malware infections and we may need to use several different tools to get your system clean.
  • Please stick with me until I tell you that your machine is clean. If you don't see any symptoms it does not mean your system is clear of malware
  • Please don't run any other scans or other software unless I ask you to, as it will make this repair more difficult.
  • Please reply within 3 days. Topics with no reply in 4 days are closed!

I will be submitting a fix to my instructors and will post back to you as soon as possible. :)

Jasmyne
  • 0

#3
ElevatedMinds

ElevatedMinds

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts
Thanks.


Looking forward to working with you.
  • 0

#4
Jasmyne

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
Hi ElevatedMinds,

Let's get rid of the malware on your system and then see if the issue with Steam continues.

But first....

P2P Warning!

IMPORTANT I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.

BitTorrent/BitTorrent DNA
BitLord
Limewire


Please note that as long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur. Once upon a time, P2P file sharing was fairly safe. That is no longer true. You may continue to use P2P sharing at your own risk; however, please keep in mind that this practice may be the source of your current malware infestation

I'd like you to read the Guidelines for P2P Programs where we explain why it's not a good idea to have them.

Please read these short reports on the dangers of peer-2-peer programs and file sharing.

Cyber Education Letter
File sharing infects 500,000 computers
USAToday

I would recommend that you uninstall the above, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.

If you decide to keep the program in spite of the risks involved, do not use it until I have finished cleaning your computer and have given you the all clear.
[/list]
----------------------------
Now that's out of the way, lets get started :)

Step 1 - Run ComboFix

Download ComboFix from Here or Here to your Desktop.

VERY IMPORTANT !!!
Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks
  • Also allow the installation of the recovery console
Posted Image

Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
  • Do not mouse-click Combofix's window while it is running. That may cause it to stall.
  • Do not "re-run" ComboFix. If you have a problem, reply back for further instructions.
  • If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.


Step 2 - AdwCleaner

  • Download AdwCleaner from here or here and save it to your desktop.
  • Run AdwCleaner and select Delete

    Posted Image
  • Once it has completed it will ask to reboot the computer, please allow it to so.
  • After the computer reboots, a log will be produced. Please attach that log to your next post.

Step 3 - OTL Fix

Warning: This fix is relevant for this system and no other. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

1. Please copy all of the text in the code box below. To do this, highlight everything inside the code box, right click and click Copy.

:Commands
[createrestorepoint]

:OTL
PRC - [2009/11/12 20:55:42 | 000,323,392 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Attila\Program Files\DNA\btdna.exe
IE - HKLM\..\URLSearchHook: {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTorr.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT1640187
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 00 D4 46 33 12 7B CD 01 [binary data]
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:466...q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT1640187
IE - HKCU\..\SearchScopes\{E163AE6E-254C-5FF4-BE33-4CBD31D63F5C}: "URL" = http://dm.startnow.c...eferrer:source}
FF - prefs.js..keyword.URL: "http://dm.startnow.com/s/?src=addrbar&provider=bing&provider_name=bing&provider_code=Z055&partner_id=195&product_id=611&affiliate_id=&channel=dm6&toolbar_id=200&toolbar_version=2.1.0&install_country=US&install_date=20110627&user_guid=189A217F7FE14C10AAFEF32E8A960F8C&machine_id=025b0bd5a42b56608d48c3640cc29943&browser=FF&os=win&os_version=6.0-x86-SP2&q="
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKCU\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Users\Attila\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
[2008/09/03 20:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
O2 - BHO: (Coupon Companion Plugin) - {11111111-1111-1111-1111-110211181104} - C:\Program Files\Coupon Companion Plugin\Coupon Companion Plugin.dll (215 Apps)
O2 - BHO: (TorrentMan Toolbar) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTorr.dll (Conduit Ltd.)
O2 - BHO: (HappyQuickPop) - {8D644BBD-0FF3-B0EE-B876-72FB72C7AE6E} - C:\Program Files\HappyQuickPop\HappyQuickPop.dll File not found
O3 - HKLM\..\Toolbar: (TorrentMan Toolbar) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTorr.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (TorrentMan Toolbar) - {7C5C0F58-E061-457D-9033-77307F5ED00C} - C:\Program Files\TorrentMan\tbTorr.dll (Conduit Ltd.)

:Commands
[emptytemp]

2. Please re-open Posted Image on your desktop.
3. Place the mouse pointer inside the Posted Image textbox, right click and click Paste. This will put the above script inside the textbox.
4. Click the Posted Image button.
5. Let the program run unhindered.
6. OTL may ask to reboot the machine. Please do so if asked.
7. Click the Posted Image button.
8. A report will open. Copy and Paste that report in your next reply.
9. If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, (where mmddyyyy_hhmmss is the date of the tool run).
10. Run OTL again:
  • Please check the box next to Scan All Users
    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    dir C:\ /S /A:L /C
    CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so.
  • When the scan completes, post the log it produces in your next reply.

~~~~~~~~~~~~~~~~~~~~ Things Needed for Your Next Post ~~~~~~~~~~~~~~~~~~~~
1. ComboFix Log
2. AdwCleaner Log
3. OTL Fix
4. New OTL Log
  • 0

#5
ElevatedMinds

ElevatedMinds

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts
Hello. I followed your suggestion and un-installed bittorrent and bitlord and limewire and something calling torrentman toolbar. I am in the process of scanning my pc with combofix. However, it has been scanning for over 30 min with no indication of progress. I dont want to interupt it unless told to do so. So I am currently posting from my smartphone. It also seems that upon starting combifix scan. My pc has lost connection to the internet, when I hover over my internet icon in the tray it shows as local only.


Edit; I am not sure its combofix that is actually scanning at the moment. The screen looks nothing like the screenshot. It is a blue window with white text reading "scanning for infected files. This typically doesnt take more then 10 minutes. However,scan times for badly infected machines may easily double" the icon on this window looks like a mini dos screen with c:\.

edit#2: The PCs internet is back, maybe it was just a brief service provider issue. I am currently posting from the pc while it is scanning, I hope this wont be an issue. But the scan has been going on for an hour now.

Edited by ElevatedMinds, 21 June 2013 - 05:31 PM.

  • 0

#6
Jasmyne

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
Combofix Scans can take quite a while (I've seen one take well over an hour before), just let it run, it will go through several stages and doing things while ComboFix is active can make the scan take longer. Depending on the infection, it can interrupt your internet connection while it is running. Below is a screenshot of ComboFix actually during the scan.

CF Scan in progress.JPG
  • 0

#7
ElevatedMinds

ElevatedMinds

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts
Alright. Thanks for the heads up. I guess I'm just not used to such a long scan time. I immediately thought something went wrong. The screen shot you posted is the screen I see minus the "Stage Completed" parts. I will post the results once it is finished.

Edit #1- Still scanning....

Edit #2--Still scanning...for about 3 hours now.. is this normal?

Edited by ElevatedMinds, 21 June 2013 - 07:38 PM.

  • 0

#8
Jasmyne

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
If you can still see the hard drive activity light still is blinking, continue to let it scan a bit longer please. Sorry it has taken so long to reply. I do not get email notifications when the last post is edited so please add a reply rather than edit your previous posts.

Thank you,

Jasmyne
  • 0

#9
ElevatedMinds

ElevatedMinds

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts
I'm back. Went to sleep, let it run overnight. When I woke up it had a screen that it dectected Zero.Access rootkit and it needed to restart. I clicked OK and it rebooted, then started to scan again, I went back to sleep (this was around 4am). Woke back up and it had restarted my machine at some point during the night. When I entered my user password and started up the machine, it produced its log report.

The report:
ComboFix 13-06-21.02 - Attila 06/22/2013 4:45.1.4 - x86
Running from: c:\users\Attila\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Coupon Companion Plugin\CoUPon companion plugin.dll
c:\users\Attila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlayMP3z
c:\users\Attila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlayMP3z\Run PlayMP3z.pif
c:\users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\searchplugins\bing-zugo.xml
c:\users\Attila\GoToAssistDownloadHelper.exe
c:\windows\$NtUninstallKB46196$
c:\windows\$NtUninstallKB46196$\834053426
c:\windows\security\Database\tmp.edb
c:\windows\system32\AutoRun.inf
F:\Autorun.inf
F:\Setup.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-05-22 to 2013-06-22 )))))))))))))))))))))))))))))))
.
.
2013-06-22 09:13 . 2013-06-22 11:43 -------- d-----w- c:\users\Attila\AppData\Local\temp
2013-06-22 09:13 . 2013-06-22 09:13 -------- d-----w- c:\users\Mcx1\AppData\Local\temp
2013-06-22 09:13 . 2013-06-22 09:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-16 01:19 . 2013-06-16 01:19 -------- d-----w- c:\users\Attila\AppData\Roaming\LolClient
2013-06-15 21:03 . 2013-06-15 21:03 -------- d-sh--w- c:\windows\system32\AI_RecycleBin
2013-06-15 21:03 . 2013-06-15 21:03 -------- d-----w- C:\Riot Games
2013-06-15 21:01 . 2013-06-15 21:06 -------- d-----w- c:\users\Attila\AppData\Roaming\Riot Games
2013-06-15 00:16 . 2013-06-15 00:16 -------- d-----w- c:\program files\Seagate
2013-06-15 00:14 . 2013-06-15 00:14 -------- d-sh--w- c:\windows\ftpcache
2013-06-12 20:41 . 2013-05-08 03:40 914792 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-06-12 20:41 . 2013-05-08 01:58 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2013-06-12 20:41 . 2013-05-02 04:04 443904 ----a-w- c:\windows\system32\win32spl.dll
2013-06-12 20:41 . 2013-05-02 04:03 37376 ----a-w- c:\windows\system32\printcom.dll
2013-06-12 20:41 . 2013-04-24 04:00 985600 ----a-w- c:\windows\system32\crypt32.dll
2013-06-12 20:41 . 2013-04-24 04:00 98304 ----a-w- c:\windows\system32\cryptnet.dll
2013-06-12 20:41 . 2013-04-24 04:00 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2013-06-12 20:41 . 2013-04-24 04:00 41984 ----a-w- c:\windows\system32\certenc.dll
2013-06-12 20:41 . 2013-04-24 01:46 812544 ----a-w- c:\windows\system32\certutil.exe
2013-06-12 20:41 . 2013-05-02 22:03 3603832 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-06-12 20:41 . 2013-05-02 22:03 3551096 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-06-12 20:40 . 2013-04-17 12:30 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2013-06-01 15:13 . 2013-06-01 15:13 -------- d-----w- c:\programdata\Package Cache
2013-05-31 21:17 . 2013-06-01 00:20 -------- d-----w- c:\users\Attila\AppData\Roaming\Little Inferno
2013-05-23 11:50 . 2013-05-23 11:50 -------- d-----w- c:\program files\LogMeIn Hamachi
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-16 16:29 . 2012-04-21 22:03 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-16 16:29 . 2011-05-20 02:11 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-01 00:24 . 2010-11-28 23:41 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2013-06-01 00:24 . 2010-11-28 23:41 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2013-05-02 15:28 . 2009-11-02 00:21 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-04-15 14:20 . 2013-05-15 07:39 638328 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-04-13 10:56 . 2013-05-15 07:39 37376 ----a-w- c:\windows\system32\cdd.dll
2013-04-09 01:36 . 2013-05-15 07:39 2049024 ----a-w- c:\windows\system32\win32k.sys
2010-02-10 00:22 . 2013-05-22 01:53 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-21 39408]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"BitTorrent DNA"="c:\users\Attila\Program Files\DNA\btdna.exe" [2009-11-13 323392]
"DisplayFusion"="c:\program files\DisplayFusion\DisplayFusion.exe" [2013-02-11 7203712]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2010-05-01 2938552]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2011-11-23 442640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-02-01 4706304]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-02-10 30192]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 16384]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-02-26 128296]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-03-13 342312]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-01 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-01 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-01 133656]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2008-08-11 63048]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]
"Lachesis"="c:\program files\Razer\Lachesis\razerhid.exe" [2007-09-12 172032]
"AmazonGSDownloaderTray"="c:\program files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe" [2009-10-23 326144]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2011-09-29 101144]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"Razer Blackwidow Driver"="c:\program files\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe" [2011-05-16 887712]
"DivXMediaServer"="c:\program files\DivX\DivX Media Server\DivXMediaServer.exe" [2013-01-30 450560]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2013-02-13 1263952]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-05-15 2255184]
"MaxMenuMgr"="c:\program files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" [2009-05-01 185640]
.
c:\users\Attila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2010-6-29 0]
Launch Jawbone Updater.lnk - c:\program files\Jawbone\LaunchJU.exe [2012-11-29 62128]
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}]
2008-04-11 22:23 38400 ----a-w- c:\windows\System32\SoundSchemes.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}]
2008-08-28 15:50 30720 ----a-w- c:\windows\System32\soundschemes2.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-21 16:29]
.
2013-06-22 c:\windows\Tasks\dsmonitor.job
- c:\program files\Uniblue\DriverScanner\dsmonitor.exe [2013-03-24 18:47]
.
2013-06-21 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-21 01:48]
.
2013-06-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-04 18:52]
.
2013-06-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-04 18:52]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
FF - ProfilePath - c:\users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\
FF - prefs.js: browser.search.defaulturl - hxxp://aim.search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://dm.startnow.com/s/?src=addrbar&provider=bing&provider_name=bing&provider_code=Z055&partner_id=195&product_id=611&affiliate_id=&channel=dm6&toolbar_id=200&toolbar_version=2.1.0&install_country=US&install_date=20110627&user_guid=189A217F7FE14C10AAFEF32E8A960F8C&machine_id=025b0bd5a42b56608d48c3640cc29943&browser=FF&os=win&os_version=6.0-x86-SP2&q=
FF - ExtSQL: !HIDDEN! 2009-11-02 06:40; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-{79BF4901-1EC4-4726-B3C2-A7859706C6E7} - c:\users\Attila\Desktop\LeagueofLegends_NA_Installer_05_07_13.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-Aim Plugin for QQ Games - c:\users\Attila\Desktop\QQ Games\Plugin\Uninstall.EXE
AddRemove-AIMTunes - c:\users\Attila\Desktop\AIMTunes\Uninstall.exe
AddRemove-BattlEye for A2 - g:\steam\steamapps\common\arma 2BattlEye\UnInstallBE.exe
AddRemove-BattlEye for OA - g:\steam\steamapps\common\arma 2 operation arrowhead\Expansion\BattlEye\UnInstallBE.exe
AddRemove-QQ Games - c:\users\Attila\Desktop\QQ Games\Uninstall.EXE
AddRemove-QQ Pool - c:\users\Attila\Desktop\QQ Games\QQ Pool\Uninstall.EXE
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-06-22 07:43
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1944996874-710951996-293725333-1001\Software\SecuROM\License information*]
"datasecu"=hex:5c,d7,98,2d,9d,0f,70,05,3b,fe,5d,84,e3,41,3c,9a,73,39,11,87,52,
0b,c8,68,f0,7d,04,03,c1,66,2a,d2,42,ba,1a,ce,3f,9d,66,e7,bb,2e,61,89,df,f4,\
"rkeysecu"=hex:56,81,f0,40,29,d6,c5,87,42,fa,49,69,92,6c,10,fc
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(2620)
c:\program files\DisplayFusion\Hooks\AppHookx86_58DF3D9E-3ED4-4660-8C5F-375C7CE714EB.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\atiesrxx.exe
c:\program files\Sandboxie\SbieSvc.exe
c:\windows\system32\atieclxx.exe
c:\windows\System32\WUDFHost.exe
c:\windows\System32\WUDFHost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\DisplayFusion\DisplayFusionService.exe
c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe
c:\program files\LogMeIn Hamachi\hamachi-2.exe
c:\program files\LogMeIn\x86\LMIGuardianSvc.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\program files\Viewpoint\Common\ViewpointService.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Spybot - Search & Destroy\SDWinSec.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Core Temp\Core Temp.exe
c:\windows\RtHDVCpl.exe
c:\program files\TortoiseSVN\bin\TSVNCache.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Razer\Lachesis\OSD.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Windows Media Player\WMPSideShowGadget.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Windows Media Player\wmplayer.exe
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
c:\program files\Razer\Lachesis\razertra.exe
c:\program files\Razer\Lachesis\razerofa.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
.
**************************************************************************
.
Completion time: 2013-06-22 07:47:52 - machine was rebooted
ComboFix-quarantined-files.txt 2013-06-22 11:47
.
Pre-Run: 55,065,092,096 bytes free
Post-Run: 54,976,348,160 bytes free
.
- - End Of File - - E1BB840422E8239F7704A9C0A5D98AB4
5C616939100B85E558DA92B899A0FC36
  • 0

#10
ElevatedMinds

ElevatedMinds

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts
Here is the ADWCleaner Log:

# AdwCleaner v2.303 - Logfile created 06/22/2013 at 07:58:09
# Updated 08/06/2013 by Xplode
# Operating system : Windows Vista ™ Ultimate Service Pack 2 (32 bits)
# User : Attila - ATTILA-PC
# Boot Mode : Normal
# Running from : C:\Users\Attila\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Viewpoint Manager Service

***** [Files / Folders] *****

File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnu.xpt
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.xpt
Folder Deleted : C:\Program Files\Common Files\Software Update Utility
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\Coupon Companion Plugin
Folder Deleted : C:\Program Files\InfoAtoms
Folder Deleted : C:\Program Files\Viewpoint
Folder Deleted : C:\ProgramData\APN
Folder Deleted : C:\ProgramData\Tencent
Folder Deleted : C:\ProgramData\Viewpoint
Folder Deleted : C:\Users\Attila\AppData\Local\Coupon Companion Plugin
Folder Deleted : C:\Users\Attila\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhbgpoakplhahbklhkcfbpicgjcaoglk
Folder Deleted : C:\Users\Attila\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\Attila\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Attila\AppData\LocalLow\Viewpoint

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\InfoAtoms
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PlayMP3
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Deleted : HKCU\Software\TENCENT
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{418D86BE-7386-4F1A-83E0-53604ADBDA74}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021804.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021804.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021804.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hhbgpoakplhahbklhkcfbpicgjcaoglk
Key Deleted : HKLM\Software\InfoAtoms
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InfoAtoms
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\Software\TENCENT
Key Deleted : HKLM\Software\Viewpoint
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16490

[OK] Registry is clean.

-\\ Mozilla Firefox v21.0 (en-US)

File : C:\Users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\prefs.js

C:\Users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\user.js ... Deleted !

Deleted : user_pref("aol_toolbar.surf.date", "166");
Deleted : user_pref("aol_toolbar.surf.lastDate", "20");
Deleted : user_pref("aol_toolbar.surf.lastMonth", "11");
Deleted : user_pref("aol_toolbar.surf.lastYear", "2009");
Deleted : user_pref("aol_toolbar.surf.mURL", "");
Deleted : user_pref("aol_toolbar.surf.mURLh", "0");
Deleted : user_pref("aol_toolbar.surf.mURLw", "0");
Deleted : user_pref("aol_toolbar.surf.mURLx", "0");
Deleted : user_pref("aol_toolbar.surf.mURLy", "0");
Deleted : user_pref("aol_toolbar.surf.milestone", "-1");
Deleted : user_pref("aol_toolbar.surf.month", "166");
Deleted : user_pref("aol_toolbar.surf.prevMonth", "1");
Deleted : user_pref("aol_toolbar.surf.total", "167");
Deleted : user_pref("aol_toolbar.surf.week", "166");
Deleted : user_pref("aol_toolbar.surf.year", "166");
Deleted : user_pref("browser.search.defaulturl", "hxxp://aim.search.aol.com/search/search?query={searchTerms}&[...]
Deleted : user_pref("extensions.smarterwiki.search_surfcanyon", false);
Deleted : user_pref("keyword.URL", "hxxp://dm.startnow.com/s/?src=addrbar&provider=bing&provider_name=bing&pro[...]

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Attila\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [7989 octets] - [22/06/2013 07:58:09]

########## EOF - C:\AdwCleaner[S1].txt - [8049 octets] ##########
  • 0

Advertisements


#11
ElevatedMinds

ElevatedMinds

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts
Ran the posted OTL fix, will post the log for it then run OTL again as instructed.

OTL Fix Log:

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
No active process named btdna.exe was found!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{7c5c0f58-e061-457d-9033-77307f5ed00c} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7c5c0f58-e061-457d-9033-77307f5ed00c}\ not found.
File C:\Program Files\TorrentMan\tbTorr.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E163AE6E-254C-5FF4-BE33-4CBD31D63F5C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E163AE6E-254C-5FF4-BE33-4CBD31D63F5C}\ not found.
Prefs.js: "http://dm.startnow.c...6.0-x86-SP2&q=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA\ deleted successfully.
C:\Program Files\DNA\plugins\npbtdna.dll moved successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA\ deleted successfully.
C:\Users\Attila\Program Files\DNA\plugins\npbtdna.dll moved successfully.
C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110211181104}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110211181104}\ not found.
File C:\Program Files\Coupon Companion Plugin\Coupon Companion Plugin.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7c5c0f58-e061-457d-9033-77307f5ed00c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7c5c0f58-e061-457d-9033-77307f5ed00c}\ not found.
File C:\Program Files\TorrentMan\tbTorr.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D644BBD-0FF3-B0EE-B876-72FB72C7AE6E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8D644BBD-0FF3-B0EE-B876-72FB72C7AE6E}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7c5c0f58-e061-457d-9033-77307f5ed00c} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7c5c0f58-e061-457d-9033-77307f5ed00c}\ not found.
File C:\Program Files\TorrentMan\tbTorr.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7C5C0F58-E061-457D-9033-77307F5ED00C} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C5C0F58-E061-457D-9033-77307F5ED00C}\ not found.
File C:\Program Files\TorrentMan\tbTorr.dll not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Attila
->Temp folder emptied: 67860 bytes
->Temporary Internet Files folder emptied: 12033227 bytes
->Java cache emptied: 9687165 bytes
->FireFox cache emptied: 64789073 bytes
->Google Chrome cache emptied: 389583730 bytes
->Flash cache emptied: 33599 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Mcx1
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 155648 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 65748 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 454.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 06222013_080651

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • 0

#12
ElevatedMinds

ElevatedMinds

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts
In step 10 of your instructions on running the OTL Scan.

You have "Check All Users" box, which I did. There is then some code in a box (on step 10 on your instructions) but there is no instruction on what to do with the code in the box. I will wait to proceed with the scan until I know what to do with the code.

Edit: Upon reading some of your other posts, I see that the code in the box is intended for the custom scans/fixes area. I will post the code there and post the log after the scan is complete.

Edited by ElevatedMinds, 22 June 2013 - 07:49 AM.

  • 0

#13
Jasmyne

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts

Edit: Upon reading some of your other posts, I see that the code in the box is intended for the custom scans/fixes area. I will post the code there and post the log after the scan is complete.


Sorry about that! :blush: Just just logged on and was about to post that too you. I'll start going through the rest of the logs you have posted.
  • 0

#14
ElevatedMinds

ElevatedMinds

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts
New OTL Scan Log:

OTL logfile created on: 6/22/2013 9:50:17 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Attila\Desktop
Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 1.68 Gb Available Physical Memory | 51.62% Memory free
6.72 Gb Paging File | 4.90 Gb Available in Paging File | 72.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.03 Gb Total Space | 52.53 Gb Free Space | 18.24% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.00 Gb Free Space | 49.95% Space Free | Partition Type: NTFS
Drive F: | 1397.26 Gb Total Space | 884.14 Gb Free Space | 63.28% Space Free | Partition Type: NTFS

Computer Name: ATTILA-PC | User Name: Attila | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/20 19:26:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Attila\Desktop\OTL.exe
PRC - [2013/06/11 14:00:16 | 001,855,880 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
PRC - [2013/05/15 12:08:46 | 002,255,184 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2013/05/15 12:08:44 | 001,435,984 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2013/05/11 18:26:08 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/02/11 16:15:46 | 001,243,024 | ---- | M] (Binary Fortress Software) -- C:\Program Files\DisplayFusion\DisplayFusionService.exe
PRC - [2013/02/11 16:15:36 | 007,203,712 | ---- | M] (Binary Fortress Software) -- C:\Program Files\DisplayFusion\DisplayFusion.exe
PRC - [2013/02/05 11:48:44 | 000,272,248 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
PRC - [2013/01/16 14:47:30 | 000,026,456 | ---- | M] (Uniblue Systems Ltd) -- C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
PRC - [2012/12/19 15:56:24 | 000,482,304 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2012/12/19 15:55:48 | 000,219,136 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2012/12/18 10:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/10/14 22:21:42 | 000,763,856 | ---- | M] () -- C:\Program Files\Core Temp\Core Temp.exe
PRC - [2012/05/15 12:54:32 | 000,276,872 | ---- | M] (http://tortoisesvn.net) -- C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
PRC - [2011/11/23 09:17:10 | 000,442,640 | ---- | M] (SANDBOXIE L.T.D) -- C:\Program Files\Sandboxie\SbieCtrl.exe
PRC - [2011/11/23 09:17:10 | 000,072,976 | ---- | M] (SANDBOXIE L.T.D) -- C:\Program Files\Sandboxie\SbieSvc.exe
PRC - [2011/09/29 12:16:26 | 000,101,144 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech Gaming Software\LCore.exe
PRC - [2011/05/16 12:30:06 | 000,887,712 | ---- | M] (Razer USA Ltd) -- C:\Program Files\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe
PRC - [2010/12/08 13:11:32 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2010/04/30 22:47:47 | 002,938,552 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
PRC - [2009/11/12 20:55:42 | 000,323,392 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Attila\Program Files\DNA\btdna.exe
PRC - [2009/08/19 10:23:24 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009/08/19 10:23:22 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2009/05/21 11:13:58 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/05/01 14:35:54 | 000,181,544 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/05/01 14:35:10 | 000,185,640 | ---- | M] (Seagate LLC) -- C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/05 17:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/08/14 02:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/08/11 13:41:00 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2008/02/26 12:57:28 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2008/02/01 01:20:22 | 004,706,304 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/09/12 11:52:18 | 000,172,032 | ---- | M] () -- C:\Program Files\Razer\Lachesis\razerhid.exe
PRC - [2007/08/28 10:32:24 | 000,143,360 | ---- | M] () -- C:\Program Files\Razer\Lachesis\razertra.exe
PRC - [2007/08/16 17:05:16 | 000,274,432 | ---- | M] (razercfg MFC Application) -- C:\Program Files\Razer\Lachesis\OSD.exe
PRC - [2007/06/05 10:37:12 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files\Razer\Lachesis\razerofa.exe


========== Modules (No Company Name) ==========

MOD - [2013/06/20 21:28:45 | 012,156,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\de0d1e23b3de6010d4608db3dc59f337\System.Web.ni.dll
MOD - [2013/06/20 21:28:35 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\fbc70df7b07a2e9a7b59d26cb4e3b610\System.Runtime.Remoting.ni.dll
MOD - [2013/06/16 12:28:58 | 016,033,160 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_7_700_224.dll
MOD - [2013/05/16 03:34:52 | 000,686,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\2bc38488f9988db801a844e2590294a3\System.Security.ni.dll
MOD - [2013/05/16 03:34:51 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3da65115bf9debbf564861f6b123a2e4\System.Configuration.ni.dll
MOD - [2013/05/16 03:32:07 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e9ea3e70247b4aa4a8b260426db3aa6b\System.Windows.Forms.ni.dll
MOD - [2013/05/16 03:09:39 | 018,002,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a9594959e951127f16eb49644ba92f79\PresentationFramework.ni.dll
MOD - [2013/05/16 03:09:24 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\7cfbbd029ef945fbcdaedd24b2b67a24\PresentationCore.ni.dll
MOD - [2013/05/16 03:09:20 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\153143f74d840484b510d8cf5187796b\System.Windows.Forms.ni.dll
MOD - [2013/05/16 03:09:15 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\2f9e0112e10f9e70d3430d0be9863976\System.Core.ni.dll
MOD - [2013/05/16 03:09:12 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\af18b8a8f56494da44cc448f3b9704a5\WindowsBase.ni.dll
MOD - [2013/05/16 03:09:08 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\233661f3a2b632e9553915c8639637d0\System.Configuration.ni.dll
MOD - [2013/05/11 18:26:24 | 003,128,728 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/02/13 05:12:01 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\ba39e27ea796912fce296963622dfbae\WindowsFormsIntegration.ni.dll
MOD - [2013/02/13 05:03:51 | 011,820,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\421cb77e6a4c21f94e3c5ddf766de23b\System.Web.ni.dll
MOD - [2013/01/10 04:42:14 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f042f66c2ad8fd5b8c34fa22cd22079e\System.Management.ni.dll
MOD - [2013/01/10 04:36:08 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll
MOD - [2013/01/10 04:35:46 | 001,593,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll
MOD - [2013/01/10 04:34:56 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll
MOD - [2013/01/10 04:34:46 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll
MOD - [2013/01/10 04:18:10 | 000,096,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\a1b65a602c75409c0c1ce7fa1f2a0983\UIAutomationProvider.ni.dll
MOD - [2013/01/10 04:17:22 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dll
MOD - [2013/01/10 04:09:35 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\dfeff31ab1e7cd3480c8942290c92f5d\PresentationFramework.Aero.ni.dll
MOD - [2013/01/10 04:09:30 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll
MOD - [2013/01/10 04:09:27 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll
MOD - [2013/01/10 04:09:25 | 009,094,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll
MOD - [2013/01/10 04:09:18 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll
MOD - [2012/12/19 15:30:26 | 000,037,376 | ---- | M] () -- C:\Windows\System32\atitmpxx.dll
MOD - [2012/10/14 22:21:42 | 000,763,856 | ---- | M] () -- C:\Program Files\Core Temp\Core Temp.exe
MOD - [2012/05/15 12:54:16 | 000,070,536 | ---- | M] () -- C:\Program Files\TortoiseSVN\bin\libsasl32.dll
MOD - [2011/12/19 21:37:19 | 000,026,112 | ---- | M] () -- C:\Program Files\Logitech Gaming Software\plugins\PnpGamePanelDevices-8.12.049\PnpGamePanelDevices.dll
MOD - [2011/12/19 21:37:18 | 000,070,656 | ---- | M] () -- C:\Program Files\Logitech Gaming Software\plugins\SimInput-8.12.068\SimInput.dll
MOD - [2011/12/19 21:37:16 | 000,467,456 | ---- | M] () -- C:\Program Files\Logitech Gaming Software\plugins\MainUI-8.12.179\MainUI.dll
MOD - [2011/12/19 21:37:09 | 000,206,336 | ---- | M] () -- C:\Program Files\Logitech Gaming Software\plugins\G19Device-8.12.147\G19Device.dll
MOD - [2011/12/19 21:37:09 | 000,189,952 | ---- | M] () -- C:\Program Files\Logitech Gaming Software\plugins\G13Device-8.12.155\G13Device.dll
MOD - [2011/12/19 21:37:07 | 000,086,016 | ---- | M] () -- C:\Program Files\Logitech Gaming Software\plugins\DevMgr-8.12.077\DevMgr.dll
MOD - [2011/12/19 21:37:06 | 000,090,112 | ---- | M] () -- C:\Program Files\Logitech Gaming Software\plugins\DevBusHid-8.12.078\DevBusHid.dll
MOD - [2011/12/19 21:37:06 | 000,088,064 | ---- | M] () -- C:\Program Files\Logitech Gaming Software\plugins\DevBusBulk-8.12.076\DevBusBulk.dll
MOD - [2010/04/30 22:47:47 | 002,938,552 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
MOD - [2009/08/18 15:54:22 | 000,970,752 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2007/09/12 11:52:18 | 000,172,032 | ---- | M] () -- C:\Program Files\Razer\Lachesis\razerhid.exe
MOD - [2007/08/28 10:32:24 | 000,143,360 | ---- | M] () -- C:\Program Files\Razer\Lachesis\razertra.exe


========== Services (SafeList) ==========

SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2013/06/16 12:29:00 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/06/06 18:06:24 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/05/21 21:54:08 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/15 12:08:44 | 001,435,984 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2013/02/11 22:57:36 | 000,049,152 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\BattlEye\BEService.exe -- (BEService)
SRV - [2013/02/11 16:15:46 | 001,243,024 | ---- | M] (Binary Fortress Software) [Auto | Running] -- C:\Program Files\DisplayFusion\DisplayFusionService.exe -- (DisplayFusionService)
SRV - [2013/02/05 11:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2012/12/19 15:55:48 | 000,219,136 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012/12/18 10:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/11/23 09:17:10 | 000,072,976 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2011/04/27 18:41:54 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\ramaint.exe -- (LMIMaint)
SRV - [2011/04/27 18:41:50 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010/12/08 13:11:32 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2010/06/25 13:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2009/10/23 12:31:44 | 000,401,920 | ---- | M] (Amazon.com) [On_Demand | Stopped] -- C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe -- (Amazon Download Agent)
SRV - [2009/05/01 14:35:54 | 000,181,544 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2008/08/14 02:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter)
SRV - [2008/01/20 22:21:41 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - File not found [Kernel | On_Demand | Running] -- C:\Users\Attila\AppData\Local\Temp\ALSysIO.sys -- (ALSysIO)
DRV - [2012/12/19 16:47:46 | 009,647,104 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2012/12/19 16:47:46 | 009,647,104 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2012/12/19 16:47:46 | 009,647,104 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2012/12/19 15:32:06 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2012/11/29 15:54:54 | 000,042,592 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\libusb0.sys -- (libusb0)
DRV - [2012/09/02 18:03:50 | 000,125,824 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2012/02/23 08:31:36 | 000,083,984 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdLH3.sys -- (AtiHDAudioService)
DRV - [2011/12/19 21:37:18 | 000,019,720 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV - [2011/12/19 21:37:18 | 000,014,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LGVirHid.sys -- (LGVirHid)
DRV - [2011/12/19 21:37:05 | 000,378,568 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ladfGSCi386.sys -- (LADF_CaptureOnly)
DRV - [2011/12/19 21:37:05 | 000,317,384 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ladfGSRi386.sys -- (LADF_RenderOnly)
DRV - [2011/05/12 17:59:46 | 000,124,672 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RzSynapse.sys -- (RzSynapse)
DRV - [2011/04/27 18:41:47 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2010/06/25 13:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2009/05/28 11:07:14 | 000,334,992 | ---- | M] (Logitech) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ladfSBVMi386.sys -- (LADF_SBVM)
DRV - [2009/05/28 11:07:14 | 000,053,520 | ---- | M] (Logitech) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ladfDHP2i386.sys -- (LADF_DHP2)
DRV - [2009/03/18 18:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008/08/11 13:41:00 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/08/11 13:41:00 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008/03/07 01:46:56 | 000,027,648 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV - [2008/02/03 00:50:06 | 000,106,496 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/01/20 22:21:33 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2007/08/08 11:04:16 | 000,012,032 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Lachesis.sys -- (LachesisFltr)
DRV - [2006/11/02 03:30:56 | 000,047,104 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...hromesbox-en-us
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...ie7&rlz=1I7DKUS


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1944996874-710951996-293725333-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1944996874-710951996-293725333-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP =
IE - HKU\S-1-5-21-1944996874-710951996-293725333-1001\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1944996874-710951996-293725333-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1944996874-710951996-293725333-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1944996874-710951996-293725333-1001\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...hromesbox-en-us
IE - HKU\S-1-5-21-1944996874-710951996-293725333-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-21-1944996874-710951996-293725333-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1944996874-710951996-293725333-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AIM Search"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com"
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.172
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130515
FF - prefs.js..extensions.enabledAddons: djziggy%40gmail.com:2.0.8
FF - prefs.js..extensions.enabledItems: {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.608
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {8ed952a0-199c-11d9-9669-0800200c9a66}:1.5.3
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Attila\AppData\Roaming\Move Networks\plugins\npqmp071503000010.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Attila\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013/03/24 18:17:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/21 21:54:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/06/22 08:09:01 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Attila\AppData\Roaming\Move Networks [2009/11/03 21:05:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}: C:\Users\Attila\Program Files\DNA [2013/06/22 08:27:52 | 000,000,000 | ---D | M]

[2009/03/16 21:14:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Attila\AppData\Roaming\Mozilla\Extensions
[2009/03/16 21:14:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Attila\AppData\Roaming\Mozilla\Extensions\[email protected]
[2013/06/18 04:17:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\extensions
[2010/06/28 20:51:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/02/20 19:22:45 | 000,000,000 | ---D | M] (FT DeepDark) -- C:\Users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}(235)
[2010/03/09 01:26:11 | 000,000,000 | ---D | M] ("Unlinker") -- C:\Users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\extensions\{8ed952a0-199c-11d9-9669-0800200c9a66}
[2013/05/16 14:29:56 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013/02/05 00:53:13 | 000,000,000 | ---D | M] (LavaFox V2-Blue) -- C:\Users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\extensions\[email protected]
[2013/02/04 21:10:44 | 000,000,000 | ---D | M] (LavaFox V2) -- C:\Users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\extensions\[email protected]
[2011/03/07 22:17:25 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\extensions\[email protected]
[2013/02/04 21:10:45 | 000,000,000 | ---D | M] (LavaFox V2-Green) -- C:\Users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\extensions\[email protected]
[2013/06/18 04:17:10 | 002,494,702 | ---- | M] () (No name found) -- C:\Users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\extensions\[email protected]
[2013/03/23 07:46:11 | 000,221,336 | ---- | M] () (No name found) -- C:\Users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2013/05/08 19:59:53 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2009/12/20 14:21:58 | 000,004,546 | ---- | M] () -- C:\Users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\searchplugins\aim-search-1.xml
[2009/10/09 10:56:20 | 000,004,207 | ---- | M] () -- C:\Users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\searchplugins\aim-search.xml
[2013/05/21 21:54:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/05/21 21:53:26 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2013/05/21 21:53:26 | 000,000,000 | ---D | M] (InfoAtoms) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2013/05/21 21:54:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/06/01 08:37:11 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/03/24 18:17:46 | 000,000,000 | ---D | M] (No name found) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2007/04/16 13:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll
[2011/05/12 06:47:24 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml.old

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.co...:en-US:official
CHR - plugin: First user (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Error reading preferences file
CHR - Extension: YouTube = C:\Users\Attila\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Users\Attila\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Coupon Companion Plugin = C:\Users\Attila\AppData\Local\Google\Chrome\User Data\Default\Extensions\jneaojaoiajhnemidnjhoempalnidbhj\1.21.11_0\crossrider
CHR - Extension: Coupon Companion Plugin = C:\Users\Attila\AppData\Local\Google\Chrome\User Data\Default\Extensions\jneaojaoiajhnemidnjhoempalnidbhj\1.21.11_0\
CHR - Extension: FastestChrome - Browse Faster = C:\Users\Attila\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\6.9.9_0\
CHR - Extension: YouTube MP3 = C:\Users\Attila\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmghicmdofaaocopbneacnhbkpdcieo\2.0_0\
CHR - Extension: Better Pop Up Blocker = C:\Users\Attila\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpeeekfhbmikbdhlpjbfmnpgcbeggic\2.1.6_0\
CHR - Extension: DivX Plus Web Player HTML5 <video> = C:\Users\Attila\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.126_0\
CHR - Extension: Late Night = C:\Users\Attila\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbdhkpacgdhfabeceekiafonfkipohm\1.0_0\
CHR - Extension: Gmail = C:\Users\Attila\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013/06/22 07:43:00 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {7C5C0F58-E061-457D-9033-77307F5ED00C} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {7C5C0F58-E061-457D-9033-77307F5ED00C} - No CLSID value found.
O3 - HKU\S-1-5-21-1944996874-710951996-293725333-1001\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O4 - HKLM..\Run: [AmazonGSDownloaderTray] C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe (Amazon.com)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [Lachesis] C:\Program Files\Razer\Lachesis\razerhid.exe ()
O4 - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Razer Blackwidow Driver] C:\Program Files\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-1944996874-710951996-293725333-1001..\Run: [BitTorrent DNA] C:\Users\Attila\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-1944996874-710951996-293725333-1001..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKU\S-1-5-21-1944996874-710951996-293725333-1001..\Run: [DisplayFusion] C:\Program Files\DisplayFusion\DisplayFusion.exe (Binary Fortress Software)
O4 - HKU\S-1-5-21-1944996874-710951996-293725333-1001..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-1944996874-710951996-293725333-1001..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKU\S-1-5-21-1944996874-710951996-293725333-1001..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\Attila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O4 - Startup: C:\Users\Attila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Launch Jawbone Updater.lnk = C:\Program Files\Jawbone\LaunchJU.exe ()
O4 - Startup: C:\Users\Attila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1944996874-710951996-293725333-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1944996874-710951996-293725333-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\.DEFAULT\..Trusted Ranges: GD ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Ranges: GD ([http] in Local intranet)
O15 - HKU\S-1-5-21-1944996874-710951996-293725333-1001\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1944996874-710951996-293725333-1001\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1944996874-710951996-293725333-1001\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-1944996874-710951996-293725333-1001\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1944996874-710951996-293725333-1001\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1944996874-710951996-293725333-1001\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C2F540FB-26F5-4DB6-8E0A-2F17E1778D36}: DhcpNameServer = 167.206.254.1 167.206.254.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C497BC71-2AD7-4650-A3C8-8D0A38E6AA43}: DhcpNameServer = 167.206.254.2 167.206.254.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Attila\AppData\Roaming\DisplayFusion\Wallpaper_1.jpg
O24 - Desktop BackupWallPaper: C:\Users\Attila\AppData\Roaming\DisplayFusion\Wallpaper_1.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2013/06/22 08:00:31 | 000,000,067 | ---- | M] () - F:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/06/22 08:06:51 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/06/22 07:43:06 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/06/22 05:13:13 | 000,000,000 | ---D | C] -- C:\Users\Attila\AppData\Local\temp
[2013/06/21 18:21:59 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/06/21 18:21:59 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/06/21 18:21:58 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/06/21 18:20:39 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013/06/21 18:17:42 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/06/21 18:17:12 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/06/21 18:15:31 | 005,081,922 | R--- | C] (Swearware) -- C:\Users\Attila\Desktop\ComboFix.exe
[2013/06/20 19:26:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Attila\Desktop\OTL.exe
[2013/06/15 21:19:20 | 000,000,000 | ---D | C] -- C:\Users\Attila\AppData\Roaming\LolClient
[2013/06/15 17:03:06 | 000,000,000 | -HSD | C] -- C:\Windows\System32\AI_RecycleBin
[2013/06/15 17:03:00 | 000,000,000 | ---D | C] -- C:\Riot Games
[2013/06/15 17:03:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
[2013/06/15 17:01:27 | 000,000,000 | ---D | C] -- C:\Users\Attila\AppData\Roaming\Riot Games
[2013/06/14 20:16:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
[2013/06/14 20:16:25 | 000,000,000 | ---D | C] -- C:\Program Files\Seagate
[2013/06/14 20:14:05 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache
[2013/06/14 19:57:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2013/06/13 03:05:37 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/06/13 03:05:36 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/06/13 03:05:35 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/06/13 03:05:35 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/06/13 03:05:35 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/06/13 03:05:34 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/06/13 03:05:34 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/06/13 03:05:32 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/06/12 16:41:10 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll
[2013/06/12 16:41:06 | 000,812,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2013/06/12 16:41:06 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certenc.dll
[2013/06/12 16:41:01 | 003,603,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/06/12 16:41:01 | 003,551,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/06/12 16:40:56 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptdlg.dll
[2013/06/09 19:56:13 | 000,000,000 | ---D | C] -- C:\Users\Attila\Documents\Proteus
[2013/06/09 13:19:02 | 000,000,000 | ---D | C] -- C:\Users\Attila\Documents\Anomaly Warzone Earth
[2013/06/01 11:13:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013/05/31 17:17:09 | 000,000,000 | ---D | C] -- C:\Users\Attila\AppData\Roaming\Little Inferno

========== Files - Modified Within 30 Days ==========

[2013/06/22 09:02:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/22 09:00:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/06/22 08:25:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/22 08:25:00 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\dsmonitor.job
[2013/06/22 08:24:30 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/22 08:24:29 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/22 08:24:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/06/22 08:24:17 | 3485,679,616 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/22 07:57:51 | 000,648,201 | ---- | M] () -- C:\Users\Attila\Desktop\AdwCleaner.exe
[2013/06/22 07:43:54 | 000,008,512 | ---- | M] () -- C:\Users\Attila\AppData\Local\d3d9caps.dat
[2013/06/22 07:43:00 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013/06/21 21:56:20 | 000,649,260 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/06/21 21:56:20 | 000,122,770 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/06/21 18:21:42 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/06/21 18:15:41 | 005,081,922 | R--- | M] (Swearware) -- C:\Users\Attila\Desktop\ComboFix.exe
[2013/06/21 13:10:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2013/06/20 19:26:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Attila\Desktop\OTL.exe
[2013/06/19 18:13:01 | 000,000,544 | ---- | M] () -- C:\Users\Attila\Desktop\Steam.lnk
[2013/06/16 12:29:00 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/06/16 12:29:00 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/06/15 20:22:00 | 000,000,514 | ---- | M] () -- C:\Users\Attila\Application Data\Microsoft\Internet Explorer\Quick Launch\mcpatcher-3.0.4 - Shortcut.lnk
[2013/06/15 20:21:54 | 000,000,499 | ---- | M] () -- C:\Users\Attila\Application Data\Microsoft\Internet Explorer\Quick Launch\Minecraft(1) - Shortcut.lnk
[2013/06/01 08:37:31 | 000,000,872 | ---- | M] () -- C:\Users\Attila\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/05/31 20:24:22 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2013/05/31 20:24:22 | 000,109,080 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll

========== Files Created - No Company Name ==========

[2013/06/22 07:57:50 | 000,648,201 | ---- | C] () -- C:\Users\Attila\Desktop\AdwCleaner.exe
[2013/06/21 18:21:59 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/06/21 18:21:59 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/06/21 18:21:58 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/06/21 18:21:58 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/06/21 18:21:58 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/06/19 18:13:01 | 000,000,544 | ---- | C] () -- C:\Users\Attila\Desktop\Steam.lnk
[2013/06/15 20:22:00 | 000,000,514 | ---- | C] () -- C:\Users\Attila\Application Data\Microsoft\Internet Explorer\Quick Launch\mcpatcher-3.0.4 - Shortcut.lnk
[2013/06/15 20:21:54 | 000,000,499 | ---- | C] () -- C:\Users\Attila\Application Data\Microsoft\Internet Explorer\Quick Launch\Minecraft(1) - Shortcut.lnk
[2012/12/19 16:45:04 | 000,180,224 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2012/11/29 11:40:02 | 000,662,786 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012/09/19 15:09:40 | 000,076,660 | ---- | C] () -- C:\Windows\System32\ativce02.dat
[2012/09/11 00:16:17 | 000,001,475 | ---- | C] () -- C:\Users\Attila\.recently-used.xbel
[2012/09/04 11:20:18 | 000,228,528 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik_nd.dat
[2012/09/04 11:20:18 | 000,228,528 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik.dat
[2012/09/02 18:06:21 | 000,002,544 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2012/02/26 11:09:10 | 000,088,198 | ---- | C] () -- C:\Users\Attila\AppData\Roaming\icarus-dxdiag.xml
[2011/12/19 21:37:05 | 000,076,360 | ---- | C] () -- C:\Windows\System32\ladfGSRCoinst_i386.dll
[2011/10/24 21:52:49 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011/09/28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011/09/12 18:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2010/05/01 01:48:51 | 000,000,094 | ---- | C] () -- C:\Users\Attila\AppData\Local\fusioncache.dat
[2010/04/24 00:03:24 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/03/11 21:04:19 | 000,976,384 | -HS- | C] () -- C:\Users\Attila\ehthumbs_vista.db
[2010/03/02 23:16:12 | 000,022,328 | ---- | C] () -- C:\Users\Attila\AppData\Roaming\PnkBstrK.sys
[2009/03/07 17:22:55 | 000,008,512 | ---- | C] () -- C:\Users\Attila\AppData\Local\d3d9caps.dat
[2009/01/28 12:31:34 | 000,039,936 | ---- | C] () -- C:\Users\Attila\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 08:53:06 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 13:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 02:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

========== Base Services ==========
SRV - [2006/11/02 05:46:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2008/01/20 22:22:25 | 000,033,280 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2008/01/20 22:22:24 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2009/04/11 02:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2009/04/11 02:28:18 | 000,334,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2011/11/16 10:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2009/04/11 02:28:19 | 000,268,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2008/01/20 22:22:43 | 000,081,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2013/04/24 00:00:30 | 000,133,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2009/04/11 02:28:24 | 000,550,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2009/04/11 02:28:18 | 000,204,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcsvc.dll -- (Dhcp)
SRV - [2011/03/02 11:44:27 | 000,086,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2008/01/20 22:23:12 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2009/04/11 02:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2008/01/20 22:22:17 | 000,288,256 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2009/04/11 02:28:20 | 000,364,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV - [2009/04/11 02:28:24 | 000,311,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2008/01/20 22:23:01 | 000,045,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2008/01/20 22:22:19 | 000,274,432 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2008/01/20 22:22:33 | 000,237,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2008/01/20 22:21:54 | 000,168,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2008/01/20 22:22:55 | 000,018,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2009/04/11 02:28:25 | 000,222,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2010/08/17 10:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2011/11/16 10:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
SRV - [2009/04/11 02:28:19 | 000,564,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\emdmgmt.dll -- (EMDMgmt)
SRV - [2008/01/20 22:22:29 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2009/04/11 02:28:24 | 000,262,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2009/04/11 02:28:24 | 000,550,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2008/01/20 22:22:43 | 000,019,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2011/11/16 10:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2009/04/11 02:28:26 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2010/09/06 12:20:29 | 000,125,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2009/07/10 07:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
SRV - [2009/04/11 02:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\SLsvc.exe -- (slsvc)
SRV - [2010/11/04 14:55:12 | 000,601,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2009/04/11 02:28:24 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2009/07/10 07:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (Themes)
SRV - [2009/04/11 02:28:23 | 000,153,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2009/04/11 02:28:10 | 001,055,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2009/04/11 02:28:18 | 000,315,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2009/04/11 02:28:18 | 000,315,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2008/01/20 22:21:35 | 000,104,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2008/01/20 22:21:41 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/04/11 02:28:25 | 001,017,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (Eventlog)
SRV - [2009/04/11 02:28:20 | 000,407,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2009/04/11 02:28:25 | 000,453,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (stisvc)
SRV - [2009/04/11 02:27:45 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2009/04/11 02:28:25 | 000,162,304 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2012/06/02 18:19:17 | 001,933,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2009/04/11 02:28:18 | 000,175,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2009/07/11 15:01:42 | 000,513,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2009/06/10 07:42:23 | 000,160,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2008/10/29 02:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/29 23:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\erdnt\cache\explorer.exe
[2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/27 22:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/20 22:22:34 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: SERVICES >
[2006/09/18 17:41:30 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\System32\drivers\etc\services
[2006/09/18 17:41:30 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\services
[2010/08/29 18:25:58 | 000,822,993 | ---- | M] () MD5=C0AE18526A0755C6C26DAB119575D65C -- C:\Program Files\Wireshark\services

< MD5 for: SERVICES.CFG >
[2012/12/18 10:28:18 | 000,558,791 | ---- | M] () MD5=A9983CC532F9B3FB1E87918D2313731D -- C:\Program Files\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2011/06/06 13:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\services.cfg

< MD5 for: SERVICES.EXE >
[2008/01/20 22:22:56 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009/04/11 02:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\erdnt\cache\services.exe
[2009/04/11 02:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe
[2009/04/11 02:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2006/11/02 08:39:23 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\System32\en-US\services.exe.mui
[2006/11/02 08:39:23 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.0.6000.16386_en-us_67c6851b290a1ced\services.exe.mui

< MD5 for: SERVICES.LNK >
[2008/01/20 22:41:26 | 000,001,688 | ---- | M] () MD5=3082647B3541D5282ECD09C09B9B4602 -- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 22:41:26 | 000,001,688 | ---- | M] () MD5=3082647B3541D5282ECD09C09B9B4602 -- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 22:41:26 | 000,001,688 | ---- | M] () MD5=3082647B3541D5282ECD09C09B9B4602 -- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 22:41:26 | 000,001,688 | ---- | M] () MD5=3082647B3541D5282ECD09C09B9B4602 -- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 22:41:26 | 000,001,688 | ---- | M] () MD5=3082647B3541D5282ECD09C09B9B4602 -- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 22:41:26 | 000,001,688 | ---- | M] () MD5=3082647B3541D5282ECD09C09B9B4602 -- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 22:41:26 | 000,001,688 | ---- | M] () MD5=3082647B3541D5282ECD09C09B9B4602 -- C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 22:41:26 | 000,001,688 | ---- | M] () MD5=3082647B3541D5282ECD09C09B9B4602 -- C:\Documents and Settings\All Users\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 22:41:26 | 000,001,688 | ---- | M] () MD5=3082647B3541D5282ECD09C09B9B4602 -- C:\Documents and Settings\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 22:41:26 | 000,001,688 | ---- | M] () MD5=3082647B3541D5282ECD09C09B9B4602 -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 22:41:26 | 000,001,688 | ---- | M] () MD5=3082647B3541D5282ECD09C09B9B4602 -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 22:41:26 | 000,001,688 | ---- | M] () MD5=3082647B3541D5282ECD09C09B9B4602 -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 22:41:26 | 000,001,688 | ---- | M] () MD5=3082647B3541D5282ECD09C09B9B4602 -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 22:41:26 | 000,001,688 | ---- | M] () MD5=3082647B3541D5282ECD09C09B9B4602 -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 22:41:26 | 000,001,688 | ---- | M] () MD5=3082647B3541D5282ECD09C09B9B4602 -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 22:41:26 | 000,001,688 | ---- | M] () MD5=3082647B3541D5282ECD09C09B9B4602 -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 22:41:26 | 000,001,688 | ---- | M] () MD5=3082647B3541D5282ECD09C09B9B4602 -- C:\ProgramData\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 22:41:26 | 000,001,688 | ---- | M] () MD5=3082647B3541D5282ECD09C09B9B4602 -- C:\ProgramData\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 22:41:26 | 000,001,688 | ---- | M] () MD5=3082647B3541D5282ECD09C09B9B4602 -- C:\ProgramData\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 22:41:26 | 000,001,688 | ---- | M] () MD5=3082647B3541D5282ECD09C09B9B4602 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 22:41:26 | 000,001,688 | ---- | M] () MD5=3082647B3541D5282ECD09C09B9B4602 -- C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 22:41:26 | 000,001,688 | ---- | M] () MD5=3082647B3541D5282ECD09C09B9B4602 -- C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 22:41:26 | 000,001,688 | ---- | M] () MD5=3082647B3541D5282ECD09C09B9B4602 -- C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 22:41:26 | 000,001,688 | ---- | M] () MD5=3082647B3541D5282ECD09C09B9B4602 -- C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 22:41:26 | 000,001,688 | ---- | M] () MD5=3082647B3541D5282ECD09C09B9B4602 -- C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 22:41:26 | 000,001,688 | ---- | M] () MD5=3082647B3541D5282ECD09C09B9B4602 -- C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 22:41:26 | 000,001,688 | ---- | M] () MD5=3082647B3541D5282ECD09C09B9B4602 -- C:\Users\All Users\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 22:41:26 | 000,001,688 | ---- | M] () MD5=3082647B3541D5282ECD09C09B9B4602 -- C:\Users\All Users\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 22:41:26 | 000,001,688 | ---- | M] () MD5=3082647B3541D5282ECD09C09B9B4602 -- C:\Users\All Users\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 22:41:26 | 000,001,688 | ---- | M] () MD5=3082647B3541D5282ECD09C09B9B4602 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
File not found Unable to obtain MD5 -- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
File not found Unable to obtain MD5 -- C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2006/09/18 17:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2006/09/18 17:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.mof
[2006/09/18 17:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.mof

< MD5 for: SERVICES.MSC >
[2006/11/02 08:39:59 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc
[2006/09/18 17:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2006/11/02 08:39:59 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.0.6000.16386_en-us_a2085506ff73b6e0\services.msc
[2006/09/18 17:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.0.6001.18000_none_cf63e2a445bae4e3\services.msc

< MD5 for: SERVICES.RDB >
[2009/08/19 10:23:28 | 005,472,256 | ---- | M] () MD5=81CCB59A28A03DB55807B883CB679027 -- C:\Program Files\OpenOffice.org 3\Basis\program\services.rdb
[2009/08/19 10:24:20 | 000,262,144 | ---- | M] () MD5=81CCB59A28A03DB55807B883CB679027 -- C:\Program Files\OpenOffice.org 3\URE\misc\services.rdb
[2009/08/19 10:23:28 | 005,472,256 | ---- | M] () MD5=81CCB59A28A03DB55807B883CB679027 -- C:\Users\Attila\AppData\Local\temp\services.rdb

< MD5 for: SERVICES.SBS >
[2011/03/01 09:58:44 | 000,034,818 | ---- | M] () MD5=62AFD4B2025CE6D4706B36F4C4808F9B -- C:\Program Files\Spybot - Search & Destroy\Includes\Services.sbs

< MD5 for: SVCHOST.EXE >
[2008/01/20 22:21:53 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\erdnt\cache\svchost.exe
[2008/01/20 22:21:53 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/20 22:21:53 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/01/20 22:22:58 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\erdnt\cache\userinit.exe
[2008/01/20 22:22:58 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/20 22:22:58 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\erdnt\cache\winlogon.exe
[2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/20 22:22:59 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< dir C:\ /S /A:L /C >
Volume in drive C is OS
Volume Serial Number is 5EC0-3C0F
Directory of C:\
01/28/2009 11:57 AM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\Documents and Settings
01/28/2009 11:57 AM <SYMLINKD> All Users [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [.]
01/28/2009 11:57 AM <JUNCTION> Desktop [.]
01/28/2009 11:57 AM <JUNCTION> Documents [.]
01/28/2009 11:57 AM <JUNCTION> Favorites [.]
01/28/2009 11:57 AM <JUNCTION> Start Menu [.]
01/28/2009 11:57 AM <JUNCTION> Templates [.]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Attila
01/28/2009 12:00 PM <JUNCTION> Application Data [C:\Users\Attila\AppData\Roaming]
01/28/2009 12:00 PM <JUNCTION> Cookies [C:\Users\Attila\AppData\Roaming\Microsoft\Windows\Cookies]
01/28/2009 12:00 PM <JUNCTION> Local Settings [C:\Users\Attila\AppData\Local]
01/28/2009 12:00 PM <JUNCTION> My Documents [C:\Users\Attila\Documents]
01/28/2009 12:00 PM <JUNCTION> NetHood [C:\Users\Attila\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
01/28/2009 12:00 PM <JUNCTION> PrintHood [C:\Users\Attila\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
01/28/2009 12:00 PM <JUNCTION> Recent [C:\Users\Attila\AppData\Roaming\Microsoft\Windows\Recent]
01/28/2009 12:00 PM <JUNCTION> SendTo [C:\Users\Attila\AppData\Roaming\Microsoft\Windows\SendTo]
01/28/2009 12:00 PM <JUNCTION> Start Menu [C:\Users\Attila\AppData\Roaming\Microsoft\Windows\Start Menu]
01/28/2009 12:00 PM <JUNCTION> Templates [C:\Users\Attila\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Attila\AppData\Local
01/28/2009 12:00 PM <JUNCTION> Application Data [C:\Users\Attila\AppData\Local]
01/28/2009 12:00 PM <JUNCTION> History [C:\Users\Attila\AppData\Local\Microsoft\Windows\History]
01/28/2009 12:00 PM <JUNCTION> Temporary Internet Files [C:\Users\Attila\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Attila\Documents
01/28/2009 12:00 PM <JUNCTION> My Music [C:\Users\Attila\Music]
01/28/2009 12:00 PM <JUNCTION> My Pictures [C:\Users\Attila\Pictures]
01/28/2009 12:00 PM <JUNCTION> My Videos [C:\Users\Attila\Videos]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Default
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
01/28/2009 11:57 AM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
01/28/2009 11:57 AM <JUNCTION> My Documents [C:\Users\Default\Documents]
01/28/2009 11:57 AM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
01/28/2009 11:57 AM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
01/28/2009 11:57 AM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
01/28/2009 11:57 AM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Default\AppData\Local
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
01/28/2009 11:57 AM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
01/28/2009 11:57 AM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Default\Documents
01/28/2009 11:57 AM <JUNCTION> My Music [C:\Users\Default\Music]
01/28/2009 11:57 AM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
01/28/2009 11:57 AM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Mcx1
02/08/2009 05:09 PM <JUNCTION> Application Data [C:\Users\Mcx1\AppData\Roaming]
02/08/2009 05:09 PM <JUNCTION> Cookies [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Cookies]
02/08/2009 05:09 PM <JUNCTION> Local Settings [C:\Users\Mcx1\AppData\Local]
02/08/2009 05:09 PM <JUNCTION> My Documents [C:\Users\Mcx1\Documents]
02/08/2009 05:09 PM <JUNCTION> NetHood [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
02/08/2009 05:09 PM <JUNCTION> PrintHood [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
02/08/2009 05:09 PM <JUNCTION> Recent [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Recent]
02/08/2009 05:09 PM <JUNCTION> SendTo [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\SendTo]
02/08/2009 05:09 PM <JUNCTION> Start Menu [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Start Menu]
02/08/2009 05:09 PM <JUNCTION> Templates [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Mcx1\AppData\Local
02/08/2009 05:09 PM <JUNCTION> Application Data [C:\Users\Mcx1\AppData\Local]
02/08/2009 05:09 PM <JUNCTION> History [C:\Users\Mcx1\AppData\Local\Microsoft\Windows\History]
02/08/2009 05:09 PM <JUNCTION> Temporary Internet Files [C:\Users\Mcx1\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Mcx1\Documents
02/08/2009 05:09 PM <JUNCTION> My Music [C:\Users\Mcx1\Music]
02/08/2009 05:09 PM <JUNCTION> My Pictures [C:\Users\Mcx1\Pictures]
02/08/2009 05:09 PM <JUNCTION> My Videos [C:\Users\Mcx1\Videos]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Public\Documents
01/28/2009 11:57 AM <JUNCTION> My Music [C:\Users\Public\Music]
01/28/2009 11:57 AM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
01/28/2009 11:57 AM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\ProgramData
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [.]
01/28/2009 11:57 AM <JUNCTION> Desktop [.]
01/28/2009 11:57 AM <JUNCTION> Documents [.]
01/28/2009 11:57 AM <JUNCTION> Favorites [.]
01/28/2009 11:57 AM <JUNCTION> Start Menu [.]
01/28/2009 11:57 AM <JUNCTION> Templates [.]
0 File(s) 0 bytes
Directory of C:\Qoobox\Quarantine\C\Windows\$NtUninstallKB46196$
02/20/2012 11:30 PM <SYMLINK> 834053426.vir [c:\windows\system32\config]
1 File(s) 0 bytes
Directory of C:\Users
01/28/2009 11:57 AM <SYMLINKD> All Users [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\ProgramData]
01/28/2009 11:57 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
01/28/2009 11:57 AM <JUNCTION> Documents [C:\Users\Public\Documents]
01/28/2009 11:57 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
01/28/2009 11:57 AM <JUNCTION> Application Data [.]
01/28/2009 11:57 AM <JUNCTION> Desktop [.]
01/28/2009 11:57 AM <JUNCTION> Documents [.]
01/28/2009 11:57 AM <JUNCTION> Favorites [.]
01/28/2009 11:57 AM <JUNCTION> Start Menu [.]
01/28/2009 11:57 AM <JUNCTION> Templates [.]
0 File(s) 0 bytes
Directory of C:\Users\Attila
01/28/2009 12:00 PM <JUNCTION> Application Data [C:\Users\Attila\AppData\Roaming]
01/28/2009 12:00 PM <JUNCTION> Cookies [C:\Users\Attila\AppData\Roaming\Microsoft\Windows\Cookies]
01/28/2009 12:00 PM <JUNCTION> Local Settings [C:\Users\Attila\AppData\Local]
01/28/2009 12:00 PM <JUNCTION> My Documents [C:\Users\Attila\Documents]
01/28/2009 12:00 PM <JUNCTION> NetHood [C:\Users\Attila\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
01/28/2009 12:00 PM <JUNCTION> PrintHood [C:\Users\Attila\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
01/28/2009 12:00 PM <JUNCTION> Recent [C:\Users\Attila\AppData\Roaming\Microsoft\Windows\Recent]
01/28/2009 12:00 PM <JUNCTION> SendTo [C:\Users\Attila\AppData\Roaming\Microsoft\Windows\SendTo]
01/28/2009 12:00 PM <JUNCTION> Start Menu [C:\Users\Attila\AppData\Roaming\Microsoft\Windows\Start Menu]
01/28/2009 12:00 PM <JUNCTION> Templates [C:\Users\Attila\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Attila\AppData\Local
01/28/2009 12:00 PM <JUNCTION> Application Data [C:\Users\Attila\AppData\Local]
01/28/2009 12:00 PM <JUNCTION> History [C:\Users\Attila\AppData\Local\Microsoft\Windows\History]
01/28/2009 12:00 PM <JUNCTION> Temporary Internet Files [C:\Users\Attila\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Attila\Documents
01/28/2009 12:00 PM <JUNCTION> My Music [C:\Users\Attila\Music]
01/28/2009 12:00 PM <JUNCTION> My Pictures [C:\Users\Attila\Pictures]
01/28/2009 12:00 PM <JUNCTION> My Videos [C:\Users\Attila\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Default
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
01/28/2009 11:57 AM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
01/28/2009 11:57 AM <JUNCTION> My Documents [C:\Users\Default\Documents]
01/28/2009 11:57 AM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
01/28/2009 11:57 AM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
01/28/2009 11:57 AM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
01/28/2009 11:57 AM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
01/28/2009 11:57 AM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
01/28/2009 11:57 AM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
01/28/2009 11:57 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
01/28/2009 11:57 AM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
01/28/2009 11:57 AM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
01/28/2009 11:57 AM <JUNCTION> My Music [C:\Users\Default\Music]
01/28/2009 11:57 AM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
01/28/2009 11:57 AM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Mcx1
02/08/2009 05:09 PM <JUNCTION> Application Data [C:\Users\Mcx1\AppData\Roaming]
02/08/2009 05:09 PM <JUNCTION> Cookies [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Cookies]
02/08/2009 05:09 PM <JUNCTION> Local Settings [C:\Users\Mcx1\AppData\Local]
02/08/2009 05:09 PM <JUNCTION> My Documents [C:\Users\Mcx1\Documents]
02/08/2009 05:09 PM <JUNCTION> NetHood [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
02/08/2009 05:09 PM <JUNCTION> PrintHood [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
02/08/2009 05:09 PM <JUNCTION> Recent [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Recent]
02/08/2009 05:09 PM <JUNCTION> SendTo [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\SendTo]
02/08/2009 05:09 PM <JUNCTION> Start Menu [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Start Menu]
02/08/2009 05:09 PM <JUNCTION> Templates [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Mcx1\AppData\Local
02/08/2009 05:09 PM <JUNCTION> Application Data [C:\Users\Mcx1\AppData\Local]
02/08/2009 05:09 PM <JUNCTION> History [C:\Users\Mcx1\AppData\Local\Microsoft\Windows\History]
02/08/2009 05:09 PM <JUNCTION> Temporary Internet Files [C:\Users\Mcx1\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Mcx1\Documents
02/08/2009 05:09 PM <JUNCTION> My Music [C:\Users\Mcx1\Music]
02/08/2009 05:09 PM <JUNCTION> My Pictures [C:\Users\Mcx1\Pictures]
02/08/2009 05:09 PM <JUNCTION> My Videos [C:\Users\Mcx1\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
01/28/2009 11:57 AM <JUNCTION> My Music [C:\Users\Public\Music]
01/28/2009 11:57 AM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
01/28/2009 11:57 AM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile
01/21/2009 05:28 PM <JUNCTION> Application Data [..]
01/21/2009 05:28 PM <JUNCTION> Cookies [..]
01/21/2009 05:28 PM <JUNCTION> Local Settings [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local
01/21/2009 05:28 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
01/21/2009 05:28 PM <JUNCTION> History [..]
01/21/2009 05:28 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data
01/21/2009 05:28 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
01/21/2009 05:28 PM <JUNCTION> History [..]
01/21/2009 05:28 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data
01/21/2009 05:28 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
01/21/2009 05:28 PM <JUNCTION> History [..]
01/21/2009 05:28 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data
01/21/2009 05:28 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
01/21/2009 05:28 PM <JUNCTION> History [..]
01/21/2009 05:28 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data
01/21/2009 05:28 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
01/21/2009 05:28 PM <JUNCTION> History [..]
01/21/2009 05:28 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data
01/21/2009 05:28 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
01/21/2009 05:28 PM <JUNCTION> History [..]
01/21/2009 05:28 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
01/21/2009 05:28 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
01/21/2009 05:28 PM <JUNCTION> History [..]
01/21/2009 05:28 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
01/21/2009 05:28 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
01/21/2009 05:28 PM <JUNCTION> History [..]
01/21/2009 05:28 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
01/21/2009 05:28 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
01/21/2009 05:28 PM <JUNCTION> History [..]
01/21/2009 05:28 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
01/21/2009 05:28 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
01/21/2009 05:28 PM <JUNCTION> History [..]
01/21/2009 05:28 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
01/21/2009 05:28 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
01/21/2009 05:28 PM <JUNCTION> History [..]
01/21/2009 05:28 PM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
01/21/2009 05:28 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
01/21/2009 05:28 PM <JUNCTION> History [..]
01/21/2009 05:28 PM <JUNCTION> Temporary Internet Files [.]
0 File(s) 0 bytes
Total Files Listed:
1 File(s) 0 bytes
408 Dir(s) 55,527,383,040 bytes free

< End of report >
  • 0

#15
Jasmyne

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
The ComboFix Scan may have taken forever, but it did it's job! There are a few more things to remove and then we will need to scan for renmants to make sure all the malware is gone.

Step 1 - Remove Chrome extentions

To disable extensions in Chrome:
  • Open Chrome and type chrome://extensions/ in the address bar
  • On the Extensions page, click to disable Coupon Companion and then click the trash can icon beside it.

Step 2 - OTL Fix

Warning: This fix is relevant for this system and no other. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

1. Please copy all of the text in the code box below. To do this, highlight everything inside the code box, right click and click Copy.

:Commands
[createrestorepoint]

:OTL
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {7C5C0F58-E061-457D-9033-77307F5ED00C} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {7C5C0F58-E061-457D-9033-77307F5ED00C} - No CLSID value found.

:Commands
[emptytemp]

2. Please re-open Posted Image on your desktop.
3. Place the mouse pointer inside the Posted Image textbox, right click and click Paste. This will put the above script inside the textbox.
4. Click the Posted Image button.
5. Let the program run unhindered.
6. OTL may ask to reboot the machine. Please do so if asked.
7. Click the Posted Image button.
8. A report will open. Copy and Paste that report in your next reply.
9. If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, (where mmddyyyy_hhmmss is the date of the tool run).
10. Run OTL again and click the Posted Image button. Post the log it produces in your next reply.

Step 3 - MalwareBytes Scan

Posted Image Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Step 4 - ESET Online Scan

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here

  • You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.
  • Please go here then click on: Posted Image

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

  • All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: Posted Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Scan archives is checked.
  • Make sure that the option Remove found threats is NOT checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Posted Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Posted Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan

Step 5 - Security Check

Download Security Check from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

~~~~~~~~~~~~~~~~~~~~ Things Needed for Your Next Post ~~~~~~~~~~~~~~~~~~~~
1. OTL Fix
2. New OTL Log
3. MalwareBytes Log
4. ESET Scan log
5. Security Check Log (checkup.txt)
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP