This topic is locked
I was browsing spankwire and running a Microsoft Security Essentials quickscan after downloading a video (from a different website), which I also scanned using MSE. The video was a screensaver file. I right clicked it and clicked "test". At that point, the video opened up in vlc.
After the MSE scan, I kept getting a pop up message:
Svchost.exe - Application Error
"The application was unable to start correctly (0xc0000018). Click OK to close the application."
I am not sure if this is the result of being infected, but after some googling, I thought it might be possible.
I'm looking at C:\Users\DT\AppData\Roaming, and there seem to be some suspicious files that appeared around the time I got the first pop-up. These are: DTlog.dat; DT-wchelper.dll; the folder vlc was modified; new folders: install, 701D5E50, WinDir.
EDIT: I ran a Malwarebytes scan and it came up with two infections by backdoor.spynet.m.
Below is the OTL log:
Spoiler
OTL logfile created on: 7/7/2013 8:28:13 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\DT\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.99 Gb Total Physical Memory | 1.34 Gb Available Physical Memory | 33.67% Memory free
7.98 Gb Paging File | 4.60 Gb Available in Paging File | 57.65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 60.00 Gb Total Space | 0.16 Gb Free Space | 0.27% Space Free | Partition Type: NTFS
Drive D: | 150.00 Gb Total Space | 57.31 Gb Free Space | 38.20% Space Free | Partition Type: NTFS
Drive F: | 100.00 Gb Total Space | 16.15 Gb Free Space | 16.15% Space Free | Partition Type: NTFS
Drive J: | 48.83 Gb Total Space | 13.37 Gb Free Space | 27.38% Space Free | Partition Type: NTFS
Computer Name: DT-PC | User Name: DT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/07/07 20:26:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DT\Desktop\OTL.exe
PRC - [2013/07/07 20:15:02 | 000,266,752 | ---- | M] () -- C:\Users\DT\AppData\Roaming\install\Svchost.exe
PRC - [2013/05/03 14:24:46 | 000,755,080 | ---- | M] (Samsung) -- C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.09\AllShareFrameworkDMS.exe
PRC - [2012/09/23 21:43:48 | 003,477,640 | ---- | M] (Adobe Systems Inc.) -- D:\Adobe Acrobat XI Pro\Acrobat\acrotray.exe
PRC - [2012/09/23 21:43:36 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/10 04:46:17 | 002,673,064 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012/07/10 04:46:16 | 007,445,416 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
PRC - [2012/07/10 04:41:11 | 000,106,408 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe
PRC - [2011/10/01 17:43:14 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/03/04 13:45:08 | 001,529,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\explorer.exe
PRC - [2010/07/26 22:30:28 | 000,552,448 | ---- | M] (Hauppauge Computer Works) -- C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
PRC - [2010/07/20 17:48:02 | 000,311,808 | ---- | M] (Hauppauge Computer Works) -- C:\Program Files (x86)\WinTV\TVServer\CaptureGenPCI.exe
PRC - [2010/04/29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
PRC - [2009/08/28 23:00:12 | 000,966,656 | ---- | M] () -- C:\Users\DT\Local Settings\Apps\F.lux\flux.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
========== Modules (No Company Name) ==========
MOD - [2013/07/07 20:15:02 | 000,266,752 | ---- | M] () -- C:\Users\DT\AppData\Roaming\install\Svchost.exe
MOD - [2013/06/14 18:28:42 | 000,393,168 | ---- | M] () -- C:\Users\DT\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppgooglenaclpluginchrome.dll
MOD - [2013/06/14 18:28:41 | 013,140,432 | ---- | M] () -- C:\Users\DT\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
MOD - [2013/06/14 18:28:40 | 004,051,408 | ---- | M] () -- C:\Users\DT\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll
MOD - [2013/06/14 18:27:51 | 000,599,504 | ---- | M] () -- C:\Users\DT\AppData\Local\Google\Chrome\Application\27.0.1453.116\libglesv2.dll
MOD - [2013/06/14 18:27:50 | 000,124,368 | ---- | M] () -- C:\Users\DT\AppData\Local\Google\Chrome\Application\27.0.1453.116\libegl.dll
MOD - [2013/06/14 18:27:48 | 001,597,392 | ---- | M] () -- C:\Users\DT\AppData\Local\Google\Chrome\Application\27.0.1453.116\ffmpegsumo.dll
MOD - [2010/04/29 15:39:36 | 000,079,696 | ---- | M] () -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\zlib.dll
MOD - [2009/08/28 23:00:12 | 000,966,656 | ---- | M] () -- C:\Users\DT\Local Settings\Apps\F.lux\flux.exe
========== Services (SafeList) ==========
SRV:64bit: - [2013/05/03 14:25:36 | 000,405,896 | ---- | M] (Samsung) [Auto | Running] -- C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.09\AllShareFrameworkManagerDMS.exe -- (AllShare Framework DMS)
SRV:64bit: - [2013/01/27 12:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/01/27 12:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2012/12/19 12:56:00 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/07/30 10:00:04 | 000,422,472 | ---- | M] () [Auto | Running] -- C:\Program Files\Synergy\synergyd.exe -- (Synergy)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 18:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/06/11 18:12:21 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/06/06 15:06:24 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/04/19 15:14:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/03/18 17:26:37 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/19 19:10:40 | 000,147,888 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint)
SRV - [2012/10/19 19:10:34 | 000,375,728 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2012/09/23 21:43:36 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/08/24 15:41:30 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2012/07/10 04:46:17 | 002,673,064 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011/10/01 17:43:14 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/03/04 13:45:08 | 001,529,856 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2010/07/26 22:30:28 | 000,552,448 | ---- | M] (Hauppauge Computer Works) [Auto | Running] -- C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe -- (HauppaugeTVServer)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/01/20 16:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/12/19 13:48:48 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/12/19 12:32:54 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/11/06 04:11:52 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/10/19 19:11:06 | 000,088,008 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2012/10/02 15:26:46 | 000,066,360 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:64bit: - [2012/09/19 11:02:08 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/09/19 11:02:06 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/28 19:37:10 | 000,052,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/04 13:51:50 | 000,306,536 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 04:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/07/31 23:17:00 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/07/29 17:06:16 | 000,230,352 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)
DRV:64bit: - [2010/07/09 13:19:02 | 000,021,480 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz134_x64.sys -- (cpuz134)
DRV:64bit: - [2010/06/11 11:51:24 | 001,634,176 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hcw89.sys -- (hcw89)
DRV:64bit: - [2010/05/06 02:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/02/08 09:32:00 | 000,014,992 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVirtA64.sys -- (CVirtA)
DRV:64bit: - [2010/01/27 12:22:02 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2010/01/27 12:21:36 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2010/01/22 12:22:22 | 000,180,224 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/01/22 12:22:18 | 000,077,824 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009/11/23 18:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009/11/23 18:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009/11/12 14:48:56 | 000,005,504 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\StarOpen.sys -- (StarOpen)
DRV:64bit: - [2009/10/19 09:56:10 | 000,115,312 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009/09/17 19:04:18 | 001,250,816 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009/08/13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/02 17:35:30 | 000,438,784 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr6164.sys -- (rt61x64)
DRV:64bit: - [2009/05/22 22:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2008/11/16 19:39:44 | 000,157,968 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dne64x.sys -- (DNE)
DRV:64bit: - [2008/07/03 22:49:26 | 000,252,928 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTwindrvr6.sys -- (VSTWinDriver6)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2007/08/02 09:33:04 | 000,012,672 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dadder.sys -- (DAdderFltr)
DRV:64bit: - [2005/03/29 01:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2013/07/07 20:05:22 | 000,035,664 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{29E42B3B-7EB6-4831-980E-B5ED09785B15}\MpKsl9e0d32e9.sys -- (MpKsl9e0d32e9)
DRV - [2010/01/27 12:22:02 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg....sa&d=2012-05-24 12:54:49&v=11.1.1.7&sap=hp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2E BD 26 23 78 2F CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://search.babylon.com/home
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...c=browsersearch
IE - HKCU\..\SearchScopes\{1748628F-AACD-44C1-8C25-3277D58FEE61}: "URL" = http://websearch.ask...D6-8F66DA296BE4
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg....sa&d=2012-05-24 12:54:49&v=11.1.1.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-se...q={searchTerms}
IE - HKCU\..\SearchScopes\{CE3A3FD1-0A27-07DC-3FED-9D0FBEBC1CD0}: "URL" = http://www.bing.com/...eferrer:source}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = http://proxy.ucla.edu/cgi/proxy
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledAddons: {EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}:2.0
FF - prefs.js..extensions.enabledAddons: [email protected]:2.0
FF - prefs.js..extensions.enabledAddons: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.22
FF - prefs.js..extensions.enabledAddons: [email protected]:3.1.11
FF - prefs.js..extensions.enabledAddons: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.16
FF - prefs.js..extensions.enabledAddons: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:6.9.0.12585
FF - prefs.js..extensions.enabledAddons: [email protected]:3.8.8
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: vshareus@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {5911488E-9D1E-40ec-8CBB-06B231CC153F}:2.5.0
FF - prefs.js..extensions.enabledItems: {EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}:2.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30
FF - prefs.js..extensions.enabledItems: [email protected]:3.1.6
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.15
FF - prefs.js..extensions.enabledItems: [email protected]:3.15.9.100013
FF - prefs.js..extensions.enabledItems: [email protected]:3.8.7
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=0.80.0: C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Software Company)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: D:\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: D:\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: D:\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: D:\Adobe Acrobat XI Pro\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\DT\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\DT\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\DT\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\DT\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\DT\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\DT\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\samsung.com/SamsungLinkPCPlugin: D:\Samsung Link\Samsung Link\utils\npSamsungLinkPCPlugin.dll (Samsung)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/09/18 15:57:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/05/31 15:39:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: D:\Adobe Acrobat XI Pro\Acrobat\Browser\WCFirefoxExtn [2013/01/21 13:11:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/05/26 12:36:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/06/12 11:13:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/09/18 15:57:07 | 000,000,000 | ---D | M]
[2010/08/01 11:06:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DT\AppData\Roaming\Mozilla\Extensions
[2013/06/24 17:56:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DT\AppData\Roaming\Mozilla\Firefox\Profiles\6zcaeo2z.default\extensions
[2013/03/18 17:40:48 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\DT\AppData\Roaming\Mozilla\Firefox\Profiles\6zcaeo2z.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/10/01 17:44:05 | 000,000,000 | ---D | M] (DealPly) -- C:\Users\DT\AppData\Roaming\Mozilla\Firefox\Profiles\6zcaeo2z.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
[2010/11/02 12:18:20 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Users\DT\AppData\Roaming\Mozilla\Firefox\Profiles\6zcaeo2z.default\extensions\vshareus@toolbar
[2013/03/18 17:43:00 | 000,000,000 | ---D | M] (Zotero) -- C:\Users\DT\AppData\Roaming\Mozilla\Firefox\Profiles\6zcaeo2z.default\extensions\[email protected]
[2013/03/20 00:09:48 | 000,000,000 | ---D | M] (Zotero Word for Windows Integration) -- C:\Users\DT\AppData\Roaming\Mozilla\Firefox\Profiles\6zcaeo2z.default\extensions\[email protected]
[2013/06/24 17:56:25 | 000,304,556 | ---- | M] () (No name found) -- C:\Users\DT\AppData\Roaming\Mozilla\Firefox\Profiles\6zcaeo2z.default\extensions\[email protected]
[2013/04/28 01:20:28 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\DT\AppData\Roaming\Mozilla\Firefox\Profiles\6zcaeo2z.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/04/28 01:18:34 | 000,714,654 | ---- | M] () (No name found) -- C:\Users\DT\AppData\Roaming\Mozilla\Firefox\Profiles\6zcaeo2z.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2013/05/12 23:27:22 | 000,002,584 | ---- | M] () -- C:\Users\DT\AppData\Roaming\Mozilla\Firefox\Profiles\6zcaeo2z.default\searchplugins\askcom.xml
[2011/10/01 17:44:21 | 000,001,945 | ---- | M] () -- C:\Users\DT\AppData\Roaming\Mozilla\Firefox\Profiles\6zcaeo2z.default\searchplugins\bing-zugo.xml
[2013/03/18 17:26:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/05/24 22:38:50 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/05/24 22:38:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/05/24 22:38:55 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/01/21 13:11:40 | 000,000,000 | ---D | M] (Adobe Acrobat - Create PDF) -- D:\ADOBE ACROBAT XI PRO\ACROBAT\BROWSER\WCFIREFOXEXTN
[2013/03/18 17:26:38 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/05/21 14:56:16 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files (x86)\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2012/05/24 12:54:39 | 000,003,751 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2010/07/29 17:24:38 | 000,002,191 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2013/03/18 17:26:35 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/03/18 17:26:35 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.yahoo.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\DT\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\DT\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\DT\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Disabled) = c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Disabled) = c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll
CHR - Extension: Google Docs = C:\Users\DT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\DT\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\DT\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\DT\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4.1_0\
CHR - Extension: Google Search = C:\Users\DT\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Adobe Acrobat - Create PDF = C:\Users\DT\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\11.0.0.379_0\
CHR - Extension: Black Menu for Google\u2122 = C:\Users\DT\AppData\Local\Google\Chrome\User Data\Default\Extensions\eignhdfgaldabilaaegmdfbajngjmoke\4.2.1_0\
CHR - Extension: Photo Zoom for Facebook = C:\Users\DT\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1208.30.1_0\
CHR - Extension: PanicButton = C:\Users\DT\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm\0.14.2.2_0\
CHR - Extension: Team Liquid Streams++ = C:\Users\DT\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilgkaggfllbomabebbgkibkmbloibgfd\0.0.4.0_0\
CHR - Extension: Reddit Enhancement Suite = C:\Users\DT\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.2.0.1_0\
CHR - Extension: Skype Click to Call = C:\Users\DT\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0\
CHR - Extension: Docs PDF/PowerPoint Viewer (by Google) = C:\Users\DT\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn\3.10_0\
CHR - Extension: imo messenger = C:\Users\DT\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocaebkdojpikfmhmnekiflipcicedobi\1.4.1_0\
CHR - Extension: Gmail = C:\Users\DT\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe Acrobat Create PDF Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - D:\MegaIEMn.dll File not found
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Samsung Link] D:\Samsung Link\Samsung Link\utils\Samsung Link Launcher.exe (Samsung Electronics)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] D:\Adobe Acrobat XI Pro\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" File not found
O4 - HKLM..\Run: [HF_G_Jul] "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe" /DoAction File not found
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [F.lux] C:\Users\DT\Local Settings\Apps\F.lux\flux.exe ()
O4 - HKCU..\Run: [Facebook Update] C:\Users\DT\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [googletalk] C:\Users\DT\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - HKCU..\Run: [HKCU] C:\Users\DT\AppData\Roaming\install\Svchost.exe ()
F3:64bit: - HKCU WinNT: Load - (C:\Users\DT\AppData\Roaming\Microsoft\Windows\Templates\VaultCmd.exe) - C:\Users\DT\AppData\Roaming\Microsoft\Windows\Templates\VaultCmd.exe (Microsoft Corporation)
F3 - HKCU WinNT: Load - (C:\Users\DT\AppData\Roaming\Microsoft\Windows\Templates\VaultCmd.exe) - C:\Users\DT\AppData\Roaming\Microsoft\Windows\Templates\VaultCmd.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: UseOEMBackground = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisplayLastLogonInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.17.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{01DD9932-FDDE-48C8-8201-69CF83E964BD}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{71068429-316E-430B-BC8B-99AC1635E15D}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/07/29 23:19:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{520fcbe1-bcfb-11df-92de-e0cb4eb1216f}\Shell - "" = AutoRun
O33 - MountPoints2\{520fcbe1-bcfb-11df-92de-e0cb4eb1216f}\Shell\AutoRun\command - "" = H:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/07/07 20:26:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\DT\Desktop\OTL.exe
[2013/07/07 20:10:27 | 000,000,000 | ---D | C] -- C:\Users\DT\AppData\Roaming\install
[2013/07/07 20:09:08 | 000,000,000 | ---D | C] -- C:\Users\DT\AppData\Roaming\WinDir
[2013/06/29 21:19:01 | 000,000,000 | ---D | C] -- C:\Users\DT\AppData\Local\WpfApplication1
[2012/02/21 00:34:43 | 001,382,912 | ---- | C] (Video Furnace, Inc.) -- C:\Users\DT\.vftv1329809683393
========== Files - Modified Within 30 Days ==========
[2013/07/07 20:34:43 | 000,002,206 | -H-- | M] () -- C:\Users\DT\AppData\Roaming\DTlog.dat
[2013/07/07 20:26:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DT\Desktop\OTL.exe
[2013/07/07 20:26:08 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/07 20:11:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/07/07 20:09:08 | 000,154,283 | -H-- | M] () -- C:\Users\DT\AppData\Roaming\DT-wchelper.dll
[2013/07/07 19:37:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3833990729-1644493534-363746626-1000UA.job
[2013/07/07 18:27:17 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3833990729-1644493534-363746626-1000UA.job
[2013/07/07 16:35:00 | 000,013,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/07 16:35:00 | 000,013,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/07 16:33:33 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/07 16:27:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/07/07 16:27:20 | 3214,188,544 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/07 10:37:48 | 000,783,354 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/07/07 10:37:48 | 000,663,222 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/07/07 10:37:48 | 000,122,090 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/07/07 00:37:01 | 000,000,844 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3833990729-1644493534-363746626-1000Core.job
[2013/07/06 21:27:01 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3833990729-1644493534-363746626-1000Core.job
[2013/06/13 14:32:20 | 000,001,030 | ---- | M] () -- C:\Users\DT\Desktop\script.exe
[2013/06/12 11:29:51 | 000,497,560 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
========== Files Created - No Company Name ==========
[2013/07/07 20:09:08 | 000,154,283 | -H-- | C] () -- C:\Users\DT\AppData\Roaming\DT-wchelper.dll
[2013/07/07 20:09:07 | 018,037,573 | ---- | C] () -- C:\Users\DT\Desktop\asian mb.mov
[2013/06/13 14:32:19 | 000,001,030 | ---- | C] () -- C:\Users\DT\Desktop\script.exe
[2013/06/01 01:10:35 | 000,000,530 | ---- | C] () -- C:\Users\DT\.swfinfo
[2013/05/20 00:36:08 | 000,000,426 | RHS- | C] () -- C:\Users\DT\ntuser.pol
[2013/04/19 16:38:54 | 000,025,600 | ---- | C] () -- C:\Windows\SysWow64\MediaDB.dll
[2013/04/19 16:37:54 | 000,704,000 | ---- | C] () -- C:\Windows\SysWow64\ContentDirectoryPresenter.dll
[2013/04/15 18:53:12 | 000,046,592 | ---- | C] () -- C:\Windows\SysWow64\boost_thread-vc90-mt-1_47.dll
[2013/04/15 18:53:00 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\boost_date_time-vc90-mt-1_47.dll
[2013/04/15 18:52:44 | 000,227,840 | ---- | C] () -- C:\Windows\SysWow64\boost_serialization-vc90-mt-1_47.dll
[2013/04/15 18:52:42 | 000,704,000 | ---- | C] () -- C:\Windows\SysWow64\boost_regex-vc90-mt-1_47.dll
[2013/04/15 18:52:40 | 000,012,800 | ---- | C] () -- C:\Windows\SysWow64\boost_system-vc90-mt-1_47.dll
[2013/04/15 18:52:24 | 000,130,048 | ---- | C] () -- C:\Windows\SysWow64\boost_filesystem-vc90-mt-1_47.dll
[2013/03/25 14:50:52 | 000,000,837 | ---- | C] () -- C:\Users\DT\.recently-used.xbel
[2012/12/03 21:37:42 | 000,000,604 | -H-- | C] () -- C:\Program Files (x86)\_Z2
[2012/08/28 10:04:34 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012/08/28 10:04:34 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012/08/28 10:04:34 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012/08/28 10:04:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012/08/28 10:04:32 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012/05/02 22:34:29 | 000,000,042 | ---- | C] () -- C:\Users\DT\jagex_cl_runescape_LIVE1.dat
[2012/05/02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/03/11 22:07:07 | 106,017,697 | ---- | C] () -- C:\Program Files\Sony Vegas Pro 10.0a Build 387 Portable.exe
[2012/03/08 21:31:26 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/03/08 21:31:26 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011/12/30 01:20:43 | 000,051,270 | ---- | C] () -- C:\Users\DT\AppData\Roaming\room_v3.dat
[2011/12/27 23:32:02 | 000,000,024 | ---- | C] () -- C:\Users\DT\random.dat
[2011/10/25 19:02:04 | 000,000,041 | ---- | C] () -- C:\Users\DT\jagex_cl_runescape_LIVE.dat
[2011/09/14 09:09:02 | 000,000,009 | ---- | C] () -- C:\Users\DT\AppData\Roaming\RSBuddy Login.ini
[2011/09/12 16:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/09/09 19:36:19 | 000,000,837 | ---- | C] () -- C:\Users\DT\AppData\Roaming\MPQEditor.ini
[2011/07/26 18:39:33 | 000,165,710 | ---- | C] () -- C:\Windows\hpoins28.dat.temp
[2011/07/26 18:39:33 | 000,000,442 | ---- | C] () -- C:\Windows\hpomdl28.dat.temp
[2011/07/23 21:57:44 | 000,000,340 | ---- | C] () -- C:\Users\DT\AppData\Roaming\RSBuddy_odysseus8.ini
[2011/05/03 20:52:35 | 000,000,600 | ---- | C] () -- C:\Users\DT\AppData\Roaming\winscp.rnd
[2011/02/15 01:00:30 | 000,016,896 | ---- | C] () -- C:\Users\DT\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/18 10:24:33 | 000,000,024 | ---- | C] () -- C:\Users\DT\jagexappletviewer.preferences
[2010/08/01 18:15:41 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/07/29 23:20:02 | 000,000,129 | ---- | C] () -- C:\Users\DT\jagex_runescape_preferences2.dat
[2010/07/29 23:20:02 | 000,000,000 | ---- | C] () -- C:\Users\DT\jagex__preferences3.dat
[2010/07/29 23:18:41 | 000,000,046 | ---- | C] () -- C:\Users\DT\jagex_runescape_preferences.dat
[2010/07/29 16:56:25 | 000,000,017 | ---- | C] () -- C:\Users\DT\AppData\Local\resmon.resmoncfg
[2005/04/07 19:16:43 | 000,001,651 | -H-- | C] () -- C:\Users\DT\AppData\Roaming\DTlog.dat
========== ZeroAccess Check ==========
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/26 22:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/26 21:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2011/03/14 21:43:56 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\.purple
[2013/07/07 20:10:25 | 000,000,000 | -H-D | M] -- C:\Users\DT\AppData\Roaming\701D5E50
[2011/04/28 17:03:33 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\acccore
[2013/06/11 18:19:37 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Audacity
[2012/12/03 21:29:56 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Avid
[2013/04/20 14:57:00 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\avidemux
[2010/07/29 17:12:46 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Canneverbe Limited
[2010/09/10 21:50:02 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Canon
[2013/01/21 12:52:56 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/12/10 11:38:44 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\com.adobe.formscentral.FormsCentralForAcrobat
[2010/07/31 23:41:55 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\DAEMON Tools Lite
[2010/09/08 10:54:17 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\dBpoweramp
[2010/08/25 00:23:23 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Dev-Cpp
[2013/05/30 18:22:13 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\e-academy Inc
[2010/08/05 16:17:26 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\EndNote
[2011/12/20 23:19:08 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\foobar2000
[2012/02/13 03:11:36 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Foxit Software
[2012/01/08 01:35:08 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\GarenaPlus
[2012/05/05 20:43:59 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\GetRightToGo
[2013/03/25 14:46:59 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\gtk-2.0
[2013/06/30 23:31:53 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\HandBrake
[2013/07/07 20:10:27 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\install
[2013/06/02 23:12:17 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\JetBrains
[2010/08/08 11:24:48 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\KeePass
[2010/08/20 10:56:18 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Leadertech
[2012/01/29 20:03:28 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\LolClient
[2012/05/26 00:39:27 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\LolClient2
[2012/10/12 02:10:25 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\LolMatches Client
[2010/07/31 10:48:11 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Megaupload
[2012/01/04 13:57:24 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Mumble
[2010/08/01 00:11:52 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\My Games
[2010/08/24 21:00:06 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Notepad++
[2011/10/23 17:56:25 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Origin
[2011/07/27 13:58:23 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Publish Providers
[2011/12/21 15:18:40 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\rockbox.org
[2013/06/15 16:01:14 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Samsung
[2012/06/03 17:11:55 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Sony
[2012/02/17 22:54:19 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\SplitMediaLabs
[2013/06/03 10:16:33 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Sports Interactive
[2012/12/14 01:49:46 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Spotify
[2013/01/29 23:20:42 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\TrueCrypt
[2011/06/06 16:54:50 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Ubisoft
[2012/07/11 09:47:23 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Unified Remote
[2013/07/07 00:57:19 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\uTorrent
[2012/08/10 19:12:59 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\VirtuaWin
[2013/07/07 20:09:08 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\WinDir
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 4096 bytes -> C:\Users\Public\Documents\desktop.ini:gs5sys
@Alternate Data Stream - 4096 bytes -> C:\ProgramData:gs5sys
@Alternate Data Stream - 1536 bytes -> C:\Users\DT\Documents\desktop.ini:gs5sys
@Alternate Data Stream - 1536 bytes -> C:\Users\DT\Desktop\desktop.ini:gs5sys
< End of report >
OTL Extras logfile created on: 7/7/2013 8:28:13 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\DT\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.99 Gb Total Physical Memory | 1.34 Gb Available Physical Memory | 33.67% Memory free
7.98 Gb Paging File | 4.60 Gb Available in Paging File | 57.65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 60.00 Gb Total Space | 0.16 Gb Free Space | 0.27% Space Free | Partition Type: NTFS
Drive D: | 150.00 Gb Total Space | 57.31 Gb Free Space | 38.20% Space Free | Partition Type: NTFS
Drive F: | 100.00 Gb Total Space | 16.15 Gb Free Space | 16.15% Space Free | Partition Type: NTFS
Drive J: | 48.83 Gb Total Space | 13.37 Gb Free Space | 27.38% Space Free | Partition Type: NTFS
Computer Name: DT-PC | User Name: DT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" ()
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" ()
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01A6F62B-0E3F-438C-AE28-7BE8CFD0E049}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{05E62ECB-D901-4E08-83F3-485B182A7521}" = rport=139 | protocol=6 | dir=out | app=system |
"{061D4FC1-3901-4A5C-BA1B-32A6CEEA2C50}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{07F30754-06EA-4826-8C2B-F6E53B2E7FAA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0DE3D9D7-D31C-40BD-9C49-C13BECBB9D89}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{22310FB1-B4FD-4FE3-9454-965C2C9F3003}" = lport=56338 | protocol=17 | dir=in | name=color network scangear |
"{26C3FF26-8B66-4EF7-AAC5-006B480144E1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{371481E1-EB8F-49CE-BE4E-3F48A49A2D99}" = lport=139 | protocol=6 | dir=in | app=system |
"{4DA8B27A-37B7-4C4A-900C-0848E375A7CD}" = lport=7676 | protocol=6 | dir=in | name=allshareframeworkdms service tcp port1 |
"{55DFEF1D-FEA9-4080-AAD0-86FD040E0648}" = rport=138 | protocol=17 | dir=out | app=system |
"{5DFAA835-7A3F-45EF-B189-F45178C10655}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{652B65B0-6D59-474B-9F4E-797EFE28D80D}" = lport=24234 | protocol=6 | dir=in | name=allshareframework dms service udp port1 |
"{6C1D6AE2-A9EA-44DF-9E33-A41051FAED30}" = lport=8743 | protocol=6 | dir=in | name=allshareframeworkdms action tcp port |
"{73C93FF2-BBCC-434D-AD31-C415C4F110ED}" = rport=137 | protocol=17 | dir=out | app=system |
"{7CC093D4-B75E-4C2C-894A-1AF2A5353F48}" = lport=10243 | protocol=6 | dir=in | app=system |
"{89907BFD-FA18-43C1-A4A3-6139B52B042B}" = rport=10243 | protocol=6 | dir=out | app=system |
"{8C4677F4-0EA1-4C6C-A033-4BCD910967D5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8F5688B7-7387-448E-85A8-36E65E43EC2D}" = lport=7679 | protocol=6 | dir=in | name=allshareframeworkdms service tcp port2 |
"{9987665D-E299-4C53-A670-814FABA8C7C4}" = lport=137 | protocol=17 | dir=in | app=system |
"{9C40E39A-F4EA-4101-BC23-73F0C22FC07D}" = lport=7900 | protocol=6 | dir=in | name=allshareframework dms service udp port2 |
"{9DD6CED2-16CE-444A-9B02-9CF1CE14A55E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AA8A1789-DA10-4333-87FB-22A4E1BC93EE}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{B01C1F03-AD2B-472A-AA79-569CF2EAAFC7}" = lport=8643 | protocol=6 | dir=in | name=allshareframeworkdms event tcp port |
"{BD953798-0694-4D91-8D49-4352AD424D15}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{C2234A57-B379-4755-ACBD-7FDEC5495EED}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{C35C44B8-BAFB-4A4B-99F8-44302A7394E3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CB7D2CF2-96DA-473E-B158-ED3002E17E16}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{D8E444FD-D44C-4D5F-8354-5C0FF965DD1C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D905D4E3-7932-4FDC-B3CC-A5EB676C1829}" = lport=445 | protocol=6 | dir=in | app=system |
"{DC0B9A33-8A0C-444F-A1A6-2B1D5143D5BD}" = lport=1900 | protocol=6 | dir=in | name=upnp multicast port |
"{E30FF5CE-A4DA-46D5-9688-3C05BBFB60F2}" = lport=138 | protocol=17 | dir=in | app=system |
"{EB1282F0-AFE3-4709-8847-1A8F7F5B2DE0}" = rport=445 | protocol=6 | dir=out | app=system |
"{EBA46A92-1159-46E4-A2B9-9B85D75431EF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F4E9EDEC-0A60-4903-A77F-5D17EC901CF2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F52E8A83-67A7-4625-8BE0-33038DD7716F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0015AFA0-3798-4E8D-A4EE-10DBBB95F940}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{05503187-DAD5-4D7B-8014-832D357BD693}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{0638B07A-6C14-4352-BC01-5C444FBCBEB9}" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base15405\sc2.exe |
"{063F9B94-B359-41E6-B5FC-E49B9BA2623D}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{0ABD0942-EE49-433E-A8CC-0147F7C21E88}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{0BFC2148-51F4-4818-94CB-3ED358AFE882}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{0D5E91C0-85E5-4832-9731-79F6396029D7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{102278D2-3FB3-40A5-BBD0-737CA686F9B4}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{18E02F56-F426-4269-9FC3-CE0B231B5A30}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{191857B0-5203-4DDB-957C-CCD0EBF07EBD}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.0\sonarhost.exe |
"{1A2B7B8F-1382-4E9D-A242-8A6C71FFA9CF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{1EE56F1F-D4AB-4CD2-9E00-3FBDFC70187E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{1F48C40A-1D9A-48EC-BF90-232E00E4B384}" = protocol=6 | dir=in | app=d:\veetle\player\veetlenet.exe |
"{24725412-0AD0-43D2-8657-005D17214C80}" = protocol=6 | dir=in | app=c:\program files\samsung\allshare framework dms\1.3.09\allshareframeworkdms.exe |
"{25108A63-BC14-4011-B1DD-D33BD701949D}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{28FA7641-358E-4880-8892-066407AD0637}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\deus ex\system\deusex.exe |
"{29D306A5-E786-4ABF-BDAD-7B02023F2C16}" = protocol=1 | dir=in | [email protected],-28543 |
"{2D79E64B-2496-4C75-9FB1-788CB6C69BEB}" = protocol=17 | dir=in | app=d:\starcraft 2\starcraft ii\starcraft ii.exe |
"{3111D20F-09B0-4C9D-9682-74BDAAECA1B4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{316FE1FF-2DD4-4618-9249-B69F35BBB67D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{3500C6D5-F2B1-40C7-9C7E-D7C58F03E5E0}" = protocol=6 | dir=in | app=d:\warcraft iii\war3.exe |
"{35025EA3-5899-457E-A148-C416CB5F03C6}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{3637001A-9A62-462E-B378-4E81C0CA6D70}" = protocol=6 | dir=in | app=j:\combat arms\nmservice.exe |
"{367FE6EB-1558-43C1-A0FF-7DE7F8243AB3}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dota 2 beta\dota.exe |
"{36AB4AFC-DC1B-4060-98E6-6C3E18820FD5}" = protocol=17 | dir=in | app=c:\program files\samsung\allshare framework dms\1.3.09\allshareframeworkdms.exe |
"{376761AB-4994-4569-AB3D-3661B4237581}" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.exe |
"{3B7FD6D8-AB08-46F2-802F-BF1812ABF014}" = protocol=17 | dir=in | app=d:\steam\steamapps\dean_tran\day of defeat source\hl2.exe |
"{3C1A1646-7A9A-42CA-8660-DF12AD9EEFD2}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{401FDF02-4F29-40BB-80C0-BFB967D24029}" = protocol=6 | dir=in | app=d:\civilization 4\beyond the sword\civ4beyondsword.exe |
"{40BC1F4D-D5BD-4DAD-8E63-CDA4FE41A7C6}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{41631820-4AFC-4425-B019-C0FC237D7C58}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{439AFF36-C761-4915-90B6-64AA601D66A3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{43F1E742-DE25-4F1F-ABBB-0E20CC9719C4}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{44F09050-25D7-45E2-93A8-B36B58D0DC45}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{46173F0E-51AA-44AE-B05A-D9B64CD0EC86}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{46F075D5-F4E5-43E3-AD8E-20D7B9CEBAB2}" = protocol=6 | dir=in | app=d:\ventrilo\ventrilo.exe |
"{4804652C-EE0B-4D11-85B0-9938A65D5210}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{497341D8-5385-4924-B132-116AAD8CFD9E}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\shattered_horizon\client_exe\shattered_horizon.exe |
"{4CF5EB55-2CE5-4C7C-ACB9-A7334D6CDEF4}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{4E0C131E-1D22-499B-851D-CD7D49691B98}" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"{4E18FA0E-406A-4DF7-8B50-F00C150B5600}" = protocol=17 | dir=in | app=d:\civilization 4\warlords\civ4warlords.exe |
"{4E445FB4-971B-4682-9DEE-3CD5801F5F93}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{4F267B86-BB30-42F7-BAA7-E24FA4E8ADDF}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{5384BAB4-E62E-4061-B70B-827CD261AB01}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{58A9E626-1A22-4CAD-A662-F32894A583A4}" = protocol=6 | dir=in | app=d:\civilization 4\warlords\civ4warlords_pitboss.exe |
"{5B45BCDA-9FC3-48E5-9468-73128AE5D99B}" = protocol=58 | dir=out | [email protected],-28546 |
"{5D610083-AFE9-4ED2-AEDB-CAFF5F2C4625}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{5E693C3B-A8B0-40ED-9B57-A4936ED5B658}" = protocol=17 | dir=in | app=d:\warcraft iii\war3.exe |
"{5E87D23D-B14D-4629-9D5E-8FC9BA0EF269}" = protocol=6 | dir=in | app=d:\steam\steamapps\dean_tran\day of defeat source\hl2.exe |
"{60298D85-4951-4524-AE2D-094C550A2306}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{66D23401-3D68-4DD3-B159-D46F33D39218}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{6759FC31-CB5E-46DC-85AE-C736D0DB9EE4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{68E11CBA-929B-44A4-842D-EE76D92F578E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{6A0508BA-154B-4AE5-8191-0FD487E1440A}" = protocol=17 | dir=in | app=d:\civilization 4\beyond the sword\civ4beyondsword_pitboss.exe |
"{6ABB6597-5806-4054-9B05-90EFDC4FE426}" = protocol=6 | dir=in | app=d:\civilization 4\warlords\civ4warlords.exe |
"{6BAA0B5D-7703-4FFF-BB93-17B1FA829154}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{6D142241-4256-4AD0-B32B-304E34729592}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{715FF77D-A355-4D1A-A925-5AD6D04C8630}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7341B3D5-45A9-47D1-8391-0BDBF836CBE0}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\deus ex\system\deusex.exe |
"{73589A89-4550-4B10-BC3E-61BEF863FF3C}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{7619E892-FEB0-4934-8DF1-316861E3D7C5}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{78399110-7F4E-4A19-B8AA-500290F712A8}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshare.exe |
"{7CDF8E1E-71B8-40B6-817D-D4CB0A10FE8D}" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.patch.exe |
"{802DCC29-8A85-4947-B11C-805587D2905E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{813EB259-F03A-48E7-8937-45D99AC17646}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{815D958F-EB3D-493B-9A3E-5AA93B622D13}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{81D4F771-934F-4E37-9CDD-F926BFA06E7E}" = protocol=6 | dir=in | app=d:\starcraft ii\starcraft ii.exe |
"{82CE5619-D8B2-4ED5-96FF-CE045B29118D}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8520F3A6-688A-47BE-B92B-FAB52AA4C0AE}" = protocol=17 | dir=in | app=d:\steam\steamapps\dean_tran\day of defeat source\hl2.exe |
"{868D440E-7DE7-4A49-8218-A3D84912D86D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{872207F4-3538-4621-AFB1-CA107EFE264C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{87CBD4BD-0013-4BB2-B020-C08C0D40625F}" = protocol=6 | dir=in | app=d:\civilization 4\beyond the sword\civ4beyondsword_pitboss.exe |
"{8ACFEEEB-1EFD-4974-B260-76F36BF07997}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{8C1B0CB7-7604-4189-BF4D-7A6E3AF0CB2A}" = protocol=17 | dir=in | app=c:\program files (x86)\canon\color network scangear\sgtool.exe |
"{900722CB-003C-49E2-840C-798056756997}" = protocol=17 | dir=in | app=d:\starcraft ii\starcraft ii.exe |
"{90B2DF1A-DFCB-480A-B4C6-DDA4C09A669B}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{91CB69D0-573D-4BBC-9410-9B721A50062E}" = protocol=6 | dir=out | app=system |
"{92A7F147-22D8-4840-AFB5-11643D5683AE}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{92F6625C-C173-43DE-A77A-F96D1D8639CE}" = protocol=17 | dir=in | app=d:\starcraft ii\starcraft ii.exe |
"{92FD0669-035E-4E90-8BDF-BF41385D3C29}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{9312C12C-6580-4C0C-9725-257AE7CE1716}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{93E3D923-3235-4695-B29D-2BDAC2798A0D}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dota 2 beta\dota.exe |
"{95C0C2EA-7B4F-4451-AC15-0555256075EE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{967D81E0-24EA-4B0A-BB2A-1E07FB864F76}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{9A17847D-82CB-4087-B6FB-89D1699924A5}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{9A461BF4-3964-4A56-BF48-A2CBEB4D275B}" = protocol=1 | dir=out | [email protected],-28544 |
"{A0CBEB6C-BF28-46D3-8EA8-2A8401EAD63D}" = dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\allsharedms.exe |
"{A83F4BAA-A634-4C06-9A40-9EFD4720DA56}" = protocol=6 | dir=in | app=d:\civilization 4\civilization4.exe |
"{A94C872F-69D5-4A6E-83E8-C6791FC5F358}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{AC424B5C-701D-4F19-9BDD-787BA618B8E6}" = protocol=6 | dir=in | app=c:\program files (x86)\canon\color network scangear\sgtool.exe |
"{AC79D7F2-6FC4-4F89-AC31-F1EC887D8B2E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{B073E426-EB14-49E1-846D-00CAF52AE613}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{B1516C57-DFBB-4C0B-97B7-0F23BAB4B87A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{B27C0156-2DC7-40E6-8F3B-89A132E1D4C8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{B4B6EB21-17DE-4B63-9A14-B77F06EF79EA}" = protocol=17 | dir=in | app=d:\starcraft 2\starcraft ii\starcraft ii public test.exe |
"{B9205BF3-1DDF-4BAE-8817-669C8AB3959A}" = protocol=17 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"{BE1C7C32-FB65-4919-A225-8925A9863414}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{BFDB3AD6-CA25-49FD-A533-2639F5EB9E54}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{C18D1C3B-F789-4E77-96CD-FA5CDE8FF30C}" = dir=in | app=c:\users\dt\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{C520D631-677E-406B-9E7D-804EB959916F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C68FE857-A825-4938-8FF1-7ED2C1562978}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{C6BFCDF5-BDEB-4964-96CC-35BC9C39D31A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{CA7994D4-87DC-4A88-B48B-51C6AA8E7B65}" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"{CABC8774-2F25-4DF6-B697-B6FD79339BEA}" = dir=out | app=d:\samsung link\samsung link\samsung link.exe |
"{CDC03609-BC2C-420A-9866-195F10B2E742}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{CEB3F80D-B6EC-421C-B4A6-727D29B24D6B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CF4C02EB-FEC0-4FCB-8D1E-34687D5241AB}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{D1E8D970-35D9-49CA-8742-6318B9BDAB99}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D35B5C8F-9802-4761-8A48-2EEFEE39B4E5}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{D52010D5-E728-4FDC-B0C8-6D339710A59D}" = protocol=17 | dir=in | app=d:\civilization 4\beyond the sword\civ4beyondsword.exe |
"{D968A221-69F7-4F56-B728-338A85AB23B7}" = protocol=17 | dir=in | app=d:\civilization 4\civilization4.exe |
"{DA53D584-0482-4438-9122-3D41EA51E063}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{DB319827-F84F-4DCA-8243-C685EB3F0E17}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.0\sonarhost.exe |
"{DDDB6BD7-5BF1-451C-88BD-35335B7FE1FC}" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.exe |
"{DFFF6767-F889-45CF-886D-446DA689DCD8}" = protocol=17 | dir=in | app=d:\civilization 4\warlords\civ4warlords_pitboss.exe |
"{E1C0BFFD-99C0-4D47-9C02-D8034F813736}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{E3455D55-6CBC-43A9-AC28-D5BF41CAB111}" = protocol=6 | dir=in | app=d:\starcraft 2\starcraft ii\starcraft ii.exe |
"{E409AF25-57FC-4040-8879-E0343888EC55}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{E48589E0-A798-404A-8861-83545BB38349}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{E4E08DE0-7673-48C9-AAC7-7FC6A359E899}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E51EA58A-DB07-4F1F-A611-447EEEA4B263}" = protocol=17 | dir=in | app=d:\ventrilo\ventrilo.exe |
"{E5B61224-8C41-437B-9AA4-C67161820C1A}" = protocol=17 | dir=in | app=j:\combat arms\nmservice.exe |
"{E5F9174E-486F-43A3-977A-BB30EEAC458A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E82404F0-79DF-4F97-8B4D-0BE681FBF9F3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E9921CB9-24E2-4A5C-971C-C994E7CF0722}" = protocol=58 | dir=in | [email protected],-28545 |
"{EC165D14-E065-4040-AC6B-34292BB12EFC}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{ECA7DA97-4FB0-4CCA-8B41-E06A163E57F1}" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.patch.exe |
"{EE957058-C59D-467F-AA4F-1A791CD008D7}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{EF123182-2887-4CD6-AFBC-8839412285A2}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshareagent.exe |
"{F04D9F39-49C0-4522-96EC-4266D0662945}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F1398761-4B51-410C-AD63-FE26245C382B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F2396D92-43BB-45CE-A6E8-B481068368D6}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{F42268CA-77AA-4B9B-A32A-D6411A2607B4}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{F42A4C89-4ABF-4C3C-AC2E-1FBADC5E54AF}" = protocol=6 | dir=in | app=d:\starcraft ii\starcraft ii.exe |
"{F4909929-B29E-4E9B-9EFB-E6A89B1681A6}" = protocol=6 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"{F50868B1-2215-457E-9AB2-F2956BE16AEC}" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base15405\sc2.exe |
"{F7C5FE9C-7BE1-4970-82C8-5ECAD2937A53}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\shattered_horizon\client_exe\shattered_horizon.exe |
"{F7C966CB-30F4-4F38-9745-8B3E4C8C5FF4}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{FB60A554-F5D7-499C-A1EC-98C737F5C6FD}" = protocol=6 | dir=in | app=d:\starcraft 2\starcraft ii\starcraft ii public test.exe |
"{FC214660-C223-4D12-B6BB-7F8803ACD790}" = protocol=6 | dir=in | app=d:\steam\steamapps\dean_tran\day of defeat source\hl2.exe |
"{FD2A9AD3-DEA0-4157-8243-52AC7527A865}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{FFD75FFD-7F86-4419-9B7B-BBC0F4B980EF}" = dir=in | app=d:\samsung link\samsung link\samsung link.exe |
"TCP Query User{018671DC-6867-46FF-97EB-3DE381A1AA84}C:\programdata\battle.net\agent\agent.1363\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"TCP Query User{03AF49CF-985B-45B1-AC91-D11607DAB099}D:\python\python.exe" = protocol=6 | dir=in | app=d:\python\python.exe |
"TCP Query User{0CA77E61-BDD3-4FFF-BC23-E78712F1EEDE}D:\scbw\starcraft.exe" = protocol=6 | dir=in | app=d:\scbw\starcraft.exe |
"TCP Query User{0FE3C2BC-09BC-4316-9DFA-A93CE4D563BB}D:\starcraft ii\versions\base19679\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base19679\sc2.exe |
"TCP Query User{12E91BB3-D910-43EA-A465-6FAD1D6D3CC1}D:\spotify\spotify.exe" = protocol=6 | dir=in | app=d:\spotify\spotify.exe |
"TCP Query User{13C0C5BD-7058-4991-9CB6-FB922D4152FD}D:\starcraft ii\versions\base19679\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base19679\sc2.exe |
"TCP Query User{151854D4-9388-47C1-AE7C-43A809CD5997}D:\starcraft ii\versions\base18574\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base18574\sc2.exe |
"TCP Query User{20178F45-402A-4A93-8735-54F5D513133E}B:\torchlight 2\surprise.exe" = protocol=6 | dir=in | app=b:\torchlight 2\surprise.exe |
"TCP Query User{2700AD36-42AB-41E7-BEB1-FDF3A2E04D9C}J:\downloads\starcraft_2_na_en-us (3).exe" = protocol=6 | dir=in | app=j:\downloads\starcraft_2_na_en-us (3).exe |
"TCP Query User{28CD9EDB-C88C-448A-93CB-DF61EB779A6D}J:\unified remote\remoteserver.exe" = protocol=6 | dir=in | app=j:\unified remote\remoteserver.exe |
"TCP Query User{2AC991B1-ABDD-4E6C-877C-BBAD903CA0AD}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{2C1375CA-D31B-4FD2-9B44-7556CD4B7D8C}D:\starcraft ii\versionstest\base17326\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versionstest\base17326\sc2.exe |
"TCP Query User{2C3EDE76-1728-42AC-9C43-16901BD58903}D:\starcraft 2\starcraft ii\versions\base21029\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft 2\starcraft ii\versions\base21029\sc2.exe |
"TCP Query User{2DF61642-B8AC-45C8-9ED5-D278F721D1BC}C:\users\dt\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\dt\appdata\local\temp\gw2.exe |
"TCP Query User{2FD88CAE-A95C-4C13-AF8A-C1B3F8FBC168}D:\starcraft ii\versions\base15405\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base15405\sc2.exe |
"TCP Query User{31C68D7F-B169-4907-956F-C6990C03CEBC}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{332433F9-E83E-4F29-829F-4ADFBEB91175}C:\programdata\battle.net\agent\agent.1225\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"TCP Query User{36AA19BF-F8E9-41C1-A06B-6B96C89940DC}C:\program files\synergy\synergys.exe" = protocol=6 | dir=in | app=c:\program files\synergy\synergys.exe |
"TCP Query User{3761268C-9C7C-48D5-A2D7-F79CB6C51558}D:\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe |
"TCP Query User{3A4874C5-BCBD-44FA-9DAD-EB1151638505}D:\vindictus 2\vindictus\en-us\nmservice.exe" = protocol=6 | dir=in | app=d:\vindictus 2\vindictus\en-us\nmservice.exe |
"TCP Query User{3E294675-C2B1-4B02-BCE3-289B5EDC5F15}D:\starcraft 2\starcraft ii\versions\base24944\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft 2\starcraft ii\versions\base24944\sc2.exe |
"TCP Query User{43A8E8DC-5A80-4F6B-94C4-29F721B96522}J:\combat arms\engine.exe" = protocol=6 | dir=in | app=j:\combat arms\engine.exe |
"TCP Query User{45C12B65-C353-4F49-A2C9-9C7858C99663}D:\garena\garena plus\room\garena_room.exe" = protocol=6 | dir=in | app=d:\garena\garena plus\room\garena_room.exe |
"TCP Query User{460B29BA-543F-4723-BDB4-8D560782B379}D:\starcraft 2\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=6 | dir=in | app=d:\starcraft 2\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe |
"TCP Query User{4B22EE2F-DA24-4B10-A2CD-3A54D4EA37EF}D:\sopcast\sopcast.exe" = protocol=6 | dir=in | app=d:\sopcast\sopcast.exe |
"TCP Query User{4E45A3EC-72FA-47CD-8D8B-58A538365D05}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{4F0F425E-2B01-4EBC-A0BD-427C0647629A}D:\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=d:\sopcast\adv\sopadver.exe |
"TCP Query User{4F396DA7-925F-43E2-AA84-5801CD70F219}D:\starcraft ii\starcraft ii public test.exe" = protocol=6 | dir=in | app=d:\starcraft ii\starcraft ii public test.exe |
"TCP Query User{5E449ECF-EBDB-46B0-8290-CA7342B9911C}D:\heroes of newerth\hon.exe" = protocol=6 | dir=in | app=d:\heroes of newerth\hon.exe |
"TCP Query User{610229EE-14E6-4F71-BB05-C3E8A35CC46C}D:\fifa\game\fifa.exe" = protocol=6 | dir=in | app=d:\fifa\game\fifa.exe |
"TCP Query User{66E08F17-42F7-4164-8C87-3C5F2372C44A}J:\pokegen\pokegen\pokegen.exe" = protocol=6 | dir=in | app=j:\pokegen\pokegen\pokegen.exe |
"TCP Query User{69A6B418-D849-4F95-A792-972EADB7A6DC}D:\vindictus 2\vindictus\en-us\nmservice.exe" = protocol=6 | dir=in | app=d:\vindictus 2\vindictus\en-us\nmservice.exe |
"TCP Query User{7381C507-E153-4098-AB69-554499D10D6D}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{7754BB88-6740-4392-B16B-86497CE7E4BF}D:\steam\steamapps\dean_tran\source sdk base 2007\hl2.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\dean_tran\source sdk base 2007\hl2.exe |
"TCP Query User{77857958-CCC9-4014-9C69-97AFB0C903B8}D:\starcraft 2\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=d:\starcraft 2\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{78689C36-D2C7-443C-A86C-55F1D3288AD0}D:\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe |
"TCP Query User{89EA5C8C-DFB8-4538-BC71-5321E3322F23}D:\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=d:\guild wars 2\gw2.exe |
"TCP Query User{8C25BFD7-5631-4E52-B1A0-B07FBE796D25}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"TCP Query User{8D5430C3-2315-4558-9EC4-47895943B1BC}C:\program files (x86)\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"TCP Query User{8E2C571A-CCD1-4C21-BBF5-4B93A0E5F84E}J:\pokegen\shinygts\shinygts.exe" = protocol=6 | dir=in | app=j:\pokegen\shinygts\shinygts.exe |
"TCP Query User{8ED2731D-8745-477B-A33C-65A97C8BB1E2}D:\warcraft iii\war3.exe" = protocol=6 | dir=in | app=d:\warcraft iii\war3.exe |
"TCP Query User{93A6F345-86D0-491F-AE7D-CE0040D3820E}D:\starcraft ii\versions\base16939\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base16939\sc2.exe |
"TCP Query User{95DDB163-106C-4CA1-816C-F229A47B0939}B:\origin\battlefield 3 beta\bf3.exe" = protocol=6 | dir=in | app=b:\origin\battlefield 3 beta\bf3.exe |
"TCP Query User{9C8A330A-6E72-4B58-98F4-DB6EDB51C720}J:\downloads\fifa.12.clonedvd-p2p\fifa.12\game\fifa.exe" = protocol=6 | dir=in | app=j:\downloads\fifa.12.clonedvd-p2p\fifa.12\game\fifa.exe |
"TCP Query User{A0938366-0524-4490-8ED7-FF304941D558}D:\starcraft ii\versions\base17326\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base17326\sc2.exe |
"TCP Query User{A38AB1C4-5903-4061-BDFF-99E0A2702FBC}D:\sopcast\sopcast.exe" = protocol=6 | dir=in | app=d:\sopcast\sopcast.exe |
"TCP Query User{AE2FCFA2-0B67-4C3D-829A-6DAC7A62E2CA}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{AE38A99F-27D2-40D5-B63B-12DD68D3E3A7}C:\program files\synergy\synergys.exe" = protocol=6 | dir=in | app=c:\program files\synergy\synergys.exe |
"TCP Query User{B159DB93-233C-48A6-AF22-E9494B611B04}D:\starcraft ii\versions\base19132\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base19132\sc2.exe |
"TCP Query User{B52347BE-E910-4DF6-9EBA-AFDC34770B25}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{B7B07C4F-F51A-4320-9295-A2C0B10BF5F4}C:\program files (x86)\unified remote\remoteserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\unified remote\remoteserver.exe |
"TCP Query User{B97213DF-4E5F-4F49-AF36-CBAA16F7E3E5}D:\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=d:\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{BE72BD91-4D99-4945-9E66-27BE4C4A520F}D:\digsby\app\lib\digsby-app.exe" = protocol=6 | dir=in | app=d:\digsby\app\lib\digsby-app.exe |
"TCP Query User{C4339E46-F0A5-4F05-B213-6CC2BBE0E2F8}D:\starcraft 2\starcraft ii\versions\base19679\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft 2\starcraft ii\versions\base19679\sc2.exe |
"TCP Query User{C7C026E1-6FE2-45EA-90F0-0C2BE90441FC}C:\program files (x86)\unified remote\remoteserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\unified remote\remoteserver.exe |
"TCP Query User{CA106311-7B69-4F47-B122-50DC66F0502E}D:\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=d:\guild wars 2\gw2.exe |
"TCP Query User{CB2999CD-EDBB-4698-A2BC-0C7880E9322D}C:\users\dt\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\dt\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{CC706FBC-E400-4661-8E56-3A16BF946932}D:\starcraft 2\starcraft ii\starcraft ii.exe" = protocol=6 | dir=in | app=d:\starcraft 2\starcraft ii\starcraft ii.exe |
"TCP Query User{CF517893-0ADB-4A2C-8FBA-0F7E61474746}D:\spotify\spotify.exe" = protocol=6 | dir=in | app=d:\spotify\spotify.exe |
"TCP Query User{D374D5E6-186A-48F7-9ECB-6710518F7886}D:\starcraft ii\versions\base18574\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base18574\sc2.exe |
"TCP Query User{D811A091-CDFC-4775-BA68-478986EB3406}D:\steam\steamapps\dean_tran\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\dean_tran\team fortress 2\hl2.exe |
"TCP Query User{DE56E53E-2AF5-4A06-BFBE-79D132823A74}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{E15D7A6E-0054-407F-B305-B68621F2DDC5}D:\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=d:\sopcast\adv\sopadver.exe |
"TCP Query User{E5DA2232-AD26-41BC-A3B7-8E1996846285}C:\program files (x86)\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"TCP Query User{E679D4C8-3934-4D07-B5E1-D09DDC7F766E}C:\users\dt\appdata\local\temp\instream00000185\instream.app\instream.exe" = protocol=6 | dir=in | app=c:\users\dt\appdata\local\temp\instream00000185\instream.app\instream.exe |
"TCP Query User{E6E4E6EF-2F30-4BEA-86AD-4424C9565CA8}D:\starcraft 2\starcraft ii\versions\base23260\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft 2\starcraft ii\versions\base23260\sc2.exe |
"TCP Query User{E92DF015-B6C7-4D02-AB60-CBEAB2F3CAFE}D:\starcraft ii\versions\base18092\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base18092\sc2.exe |
"TCP Query User{EBACD4E8-7746-4052-8AFE-019D621DF86D}C:\program files (x86)\gretech\gomtvstreamer\gomtvstreamerstream.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gretech\gomtvstreamer\gomtvstreamerstream.exe |
"TCP Query User{F23DDAC7-FFE3-48E8-AE83-0F419B9CD31C}D:\starcraft 2\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=d:\starcraft 2\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{F343ACB8-9D9E-457A-A74F-86D71301ABB7}D:\starcraft 2\starcraft ii\versions\base22612\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft 2\starcraft ii\versions\base22612\sc2.exe |
"TCP Query User{F4787A36-8E6E-4899-B119-621D4FA05EDA}D:\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe |
"TCP Query User{F6FC76FE-EC25-4D06-B8E4-7D6031EB929D}C:\program files (x86)\gretech\gomtvstreamer\gomtvstreamerlive.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gretech\gomtvstreamer\gomtvstreamerlive.exe |
"TCP Query User{FA4EBC3F-546E-4D43-996A-C007B3DE4770}D:\starcraft 2\starcraft ii\versions\base21029\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft 2\starcraft ii\versions\base21029\sc2.exe |
"UDP Query User{04EA0D23-EBDD-4C65-961E-A6E6FC0764CB}D:\scbw\starcraft.exe" = protocol=17 | dir=in | app=d:\scbw\starcraft.exe |
"UDP Query User{074B4790-8CE1-4C70-A765-BDAE4184BC3B}D:\starcraft ii\versions\base15405\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base15405\sc2.exe |
"UDP Query User{07A048ED-2CBC-4A88-9000-98BD5AC85DB7}D:\starcraft 2\starcraft ii\versions\base24944\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft 2\starcraft ii\versions\base24944\sc2.exe |
"UDP Query User{07FF2464-CB65-4880-9941-4669C74F93FD}D:\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=d:\sopcast\adv\sopadver.exe |
"UDP Query User{138732A3-506E-47CA-885F-BEF602B46EB0}C:\program files (x86)\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"UDP Query User{14793365-5223-4D32-A0D0-7FDF112E8885}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{17892DB3-006B-406A-A055-82919D43ED2D}J:\downloads\starcraft_2_na_en-us (3).exe" = protocol=17 | dir=in | app=j:\downloads\starcraft_2_na_en-us (3).exe |
"UDP Query User{1816BB1E-EC9C-43D5-AA4D-14A13E1798C9}D:\starcraft ii\versions\base19679\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base19679\sc2.exe |
"UDP Query User{1830854A-1208-46DF-8A25-A5CA2AD6F77B}D:\spotify\spotify.exe" = protocol=17 | dir=in | app=d:\spotify\spotify.exe |
"UDP Query User{1CDE0EA4-7CA7-4053-8D39-1F6AFFB06DE6}J:\downloads\fifa.12.clonedvd-p2p\fifa.12\game\fifa.exe" = protocol=17 | dir=in | app=j:\downloads\fifa.12.clonedvd-p2p\fifa.12\game\fifa.exe |
"UDP Query User{21317E65-322C-40F9-AE23-A8F9AA9BAD1A}D:\garena\garena plus\room\garena_room.exe" = protocol=17 | dir=in | app=d:\garena\garena plus\room\garena_room.exe |
"UDP Query User{269EF205-3BDB-48E5-98C2-CF01B5A1EED7}D:\starcraft 2\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=d:\starcraft 2\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{2BF0FB03-4476-45F6-9BE9-D8F0C11A89F0}D:\starcraft 2\starcraft ii\versions\base21029\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft 2\starcraft ii\versions\base21029\sc2.exe |
"UDP Query User{30CBA6EB-B410-4C45-9834-1F08E86636CA}J:\pokegen\shinygts\shinygts.exe" = protocol=17 | dir=in | app=j:\pokegen\shinygts\shinygts.exe |
"UDP Query User{323BD001-EFF3-4415-A8A4-A89C06E94D31}D:\spotify\spotify.exe" = protocol=17 | dir=in | app=d:\spotify\spotify.exe |
"UDP Query User{37C722C5-2932-4729-81E1-C6A4F91FB7FE}D:\python\python.exe" = protocol=17 | dir=in | app=d:\python\python.exe |
"UDP Query User{3B85721E-924E-4621-AFD6-6F7F2FF2F368}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{3C662980-88C4-4668-8BE7-CDEC7177FE09}D:\steam\steamapps\dean_tran\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\dean_tran\team fortress 2\hl2.exe |
"UDP Query User{3CE2DB66-A1BF-4732-943D-D8EFD58E5193}D:\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe |
"UDP Query User{3CEAD467-05A9-40EA-9594-5DFC8DF3B6A0}B:\origin\battlefield 3 beta\bf3.exe" = protocol=17 | dir=in | app=b:\origin\battlefield 3 beta\bf3.exe |
"UDP Query User{41558146-D2D1-4018-BA13-475FFB7875C8}C:\programdata\battle.net\agent\agent.1225\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"UDP Query User{4662A6AC-E183-43D0-808E-55F5B88B9E53}C:\programdata\battle.net\agent\agent.1363\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"UDP Query User{47CC84A5-FE2B-42D8-A09C-5B58770C5B0D}D:\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=d:\guild wars 2\gw2.exe |
"UDP Query User{4FA57ABE-CEEF-4C9C-B445-BE5148EEA1C5}D:\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=d:\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{4FA68ACE-7774-407E-B497-855A0110ACD0}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{50FEBCB6-D8C7-4260-B2DC-3CA86FAF22DD}D:\starcraft ii\versions\base19132\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base19132\sc2.exe |
"UDP Query User{5606B01D-0EF6-4852-8242-5AE7DE159BBA}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{5EA089A4-6C9E-48DB-ACF6-D411B4129B3C}D:\starcraft ii\versions\base17326\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base17326\sc2.exe |
"UDP Query User{5F9E8D1A-E192-481E-845E-B3E2E0C07132}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{5FAB60D2-3EA6-48A9-950B-903770BD332C}D:\starcraft 2\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=d:\starcraft 2\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{608670DE-E71A-4E43-9AAE-6AD6D2F06BBF}C:\program files (x86)\unified remote\remoteserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\unified remote\remoteserver.exe |
"UDP Query User{631CF4D4-E105-4219-AE45-70CA265AD314}D:\starcraft 2\starcraft ii\versions\base23260\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft 2\starcraft ii\versions\base23260\sc2.exe |
"UDP Query User{67C26577-E659-4514-B0C2-AC19572F21D1}D:\fifa\game\fifa.exe" = protocol=17 | dir=in | app=d:\fifa\game\fifa.exe |
"UDP Query User{67D9283E-2E72-468F-BB90-8A2DB9400AC0}J:\pokegen\pokegen\pokegen.exe" = protocol=17 | dir=in | app=j:\pokegen\pokegen\pokegen.exe |
"UDP Query User{685A15E2-1A65-4CD2-BCB8-C7AEB5913F3E}C:\program files (x86)\gretech\gomtvstreamer\gomtvstreamerstream.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gretech\gomtvstreamer\gomtvstreamerstream.exe |
"UDP Query User{6886777C-EA9B-45F2-8D3F-74CAA5FA96DA}C:\users\dt\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\dt\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{6A302EC4-6C20-4448-9CF0-05FC665A9267}D:\warcraft iii\war3.exe" = protocol=17 | dir=in | app=d:\warcraft iii\war3.exe |
"UDP Query User{6A4ABD86-ED67-4DD2-B6C6-AB05E03EA0B7}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"UDP Query User{6FB7163B-E825-48DB-B349-E31A572A2315}C:\users\dt\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\dt\appdata\local\temp\gw2.exe |
"UDP Query User{72BC6636-53B1-422F-B708-9B01A04D4FCC}D:\starcraft 2\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=17 | dir=in | app=d:\starcraft 2\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe |
"UDP Query User{72BD8D0B-F6DE-4317-AA76-9867F1040E8B}D:\sopcast\sopcast.exe" = protocol=17 | dir=in | app=d:\sopcast\sopcast.exe |
"UDP Query User{7836192A-5A22-406F-AEDC-E8B0F3546F88}D:\starcraft ii\versionstest\base17326\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versionstest\base17326\sc2.exe |
"UDP Query User{86D510D0-996D-4A1C-AE4E-3A8ADEC8AD23}D:\starcraft 2\starcraft ii\versions\base22612\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft 2\starcraft ii\versions\base22612\sc2.exe |
"UDP Query User{87636FFD-2076-42A8-B8A8-B5CBAB833CE1}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{89B00564-EF2A-461A-AD2B-20BE102CF346}D:\heroes of newerth\hon.exe" = protocol=17 | dir=in | app=d:\heroes of newerth\hon.exe |
"UDP Query User{8DA6EECC-0A31-4153-B51B-F7C7D48A5CA1}J:\combat arms\engine.exe" = protocol=17 | dir=in | app=j:\combat arms\engine.exe |
"UDP Query User{90554C24-A000-4407-9C79-8E60F9E15AA2}C:\program files\synergy\synergys.exe" = protocol=17 | dir=in | app=c:\program files\synergy\synergys.exe |
"UDP Query User{90A510FB-C3C9-46F9-A93D-7E6B881515F2}D:\starcraft ii\versions\base16939\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base16939\sc2.exe |
"UDP Query User{97412EC7-A4F8-4A51-872C-54C6173C77B4}C:\program files (x86)\gretech\gomtvstreamer\gomtvstreamerlive.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gretech\gomtvstreamer\gomtvstreamerlive.exe |
"UDP Query User{99A43182-BA12-46CB-9ED0-8D28FE287D62}D:\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=d:\sopcast\adv\sopadver.exe |
"UDP Query User{A512FF18-D526-4BB8-BB1A-CABF9C4F570D}D:\starcraft ii\versions\base18092\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base18092\sc2.exe |
"UDP Query User{A84A3EDE-AA78-4DFF-96D7-8340BD4A5BAD}D:\digsby\app\lib\digsby-app.exe" = protocol=17 | dir=in | app=d:\digsby\app\lib\digsby-app.exe |
"UDP Query User{AAE9F195-81D0-4E8C-B7EC-F0398DB24DC7}C:\program files\synergy\synergys.exe" = protocol=17 | dir=in | app=c:\program files\synergy\synergys.exe |
"UDP Query User{AAECD166-796C-43CA-9F60-7D730DC3ABC6}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{AC3C2E35-B32D-41CF-BFAF-EE9A52594A0F}D:\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe |
"UDP Query User{B3291D29-0406-4E2D-B516-3BF308D40EEE}D:\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe |
"UDP Query User{B39B7CA1-70BF-4DF4-AED3-1FAAC8D8EE74}C:\program files (x86)\unified remote\remoteserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\unified remote\remoteserver.exe |
"UDP Query User{B76BAF51-2EB7-482D-A094-8D898C9F24AC}D:\sopcast\sopcast.exe" = protocol=17 | dir=in | app=d:\sopcast\sopcast.exe |
"UDP Query User{BB13C429-A602-4136-B267-8218A8BDC735}B:\torchlight 2\surprise.exe" = protocol=17 | dir=in | app=b:\torchlight 2\surprise.exe |
"UDP Query User{BB81ADB2-77D9-4E32-8BAB-30A7160F2498}D:\starcraft ii\versions\base19679\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base19679\sc2.exe |
"UDP Query User{C88867CD-22E5-4020-B6EE-8FE4A447D7A6}D:\starcraft 2\starcraft ii\versions\base19679\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft 2\starcraft ii\versions\base19679\sc2.exe |
"UDP Query User{CD32EA2B-5C01-48FB-9A8A-91189D9C79C9}D:\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=d:\guild wars 2\gw2.exe |
"UDP Query User{D1E84550-C4AA-4F69-9420-0F6FBA02C5B5}D:\steam\steamapps\dean_tran\source sdk base 2007\hl2.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\dean_tran\source sdk base 2007\hl2.exe |
"UDP Query User{DA581A34-0859-4E44-BFD5-30512E419659}D:\vindictus 2\vindictus\en-us\nmservice.exe" = protocol=17 | dir=in | app=d:\vindictus 2\vindictus\en-us\nmservice.exe |
"UDP Query User{DDF26D8E-CF4C-473B-AEE1-7DD2EAF7781B}J:\unified remote\remoteserver.exe" = protocol=17 | dir=in | app=j:\unified remote\remoteserver.exe |
"UDP Query User{E868BC61-49FC-4A3B-94C6-7735ED26E2F2}D:\starcraft ii\starcraft ii public test.exe" = protocol=17 | dir=in | app=d:\starcraft ii\starcraft ii public test.exe |
"UDP Query User{ED44EF96-C6EB-45B6-B04C-F69A532E24B3}D:\vindictus 2\vindictus\en-us\nmservice.exe" = protocol=17 | dir=in | app=d:\vindictus 2\vindictus\en-us\nmservice.exe |
"UDP Query User{EF3E140E-B38F-4342-99C9-DE1F72CCEC1F}D:\starcraft 2\starcraft ii\starcraft ii.exe" = protocol=17 | dir=in | app=d:\starcraft 2\starcraft ii\starcraft ii.exe |
"UDP Query User{EF8A6D27-B481-440E-A438-0C1707DA4224}D:\starcraft ii\versions\base18574\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base18574\sc2.exe |
"UDP Query User{F26F5992-C73D-425A-BC83-72BE7D83ED82}D:\starcraft ii\versions\base18574\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base18574\sc2.exe |
"UDP Query User{F45AB6D2-A9CF-4791-9494-E9D57AAC68B8}D:\starcraft 2\starcraft ii\versions\base21029\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft 2\starcraft ii\versions\base21029\sc2.exe |
"UDP Query User{F4B8976B-B533-4749-A4E3-8B7C5E3E2A30}C:\users\dt\appdata\local\temp\instream00000185\instream.app\instream.exe" = protocol=17 | dir=in | app=c:\users\dt\appdata\local\temp\instream00000185\instream.app\instream.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417021FF}" = Java 7 Update 21 (64-bit)
"{28A0318C-B98D-B6B1-64D1-4E4755A8E668}" = AMD Drag and Drop Transcoding
"{2E295B5B-1AD4-4d36-97C2-A316084722C0}" = Python 2.7.2 (64-bit)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4975DE61-6BF6-B9BC-1FDE-C04C5EC78E4C}" = AMD Media Foundation Decoders
"{49F6DFDE-8DF7-11E1-9E5F-F04DA23A5C58}" = MSVCRT Redists
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5E03A267-415E-5383-FA8F-3CE4145663B9}" = AMD Catalyst Install Manager
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}" = Cisco Systems VPN Client 5.0.07.0440
"{64A3A4F4-B792-11D6-A78A-00B0D0170210}" = Java SE Development Kit 7 Update 21 (64-bit)
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7F801000-A1D5-11E0-9092-0013D3D69929}" = MSVCRT Redists
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89EE4A30-080F-2C95-6F78-C98D18FBD74D}" = AMD Accelerated Video Transcoding
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
"{9CF11D16-ECEB-90A5-A028-CA9E068D848B}" = ccc-utility64
"{A00C9114-40E6-4C70-A619-7DF264B23485}" = HP Deskjet F4200 All-In-One Driver Software 13.0 Rel. 3
"{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FC655E43-0E90-4FAC-AF88-7CF8635C6ADC}" = AllShare Framework DMS
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"7511B29C86C398B4D11A0B0E4176CAD68D1B7057" = Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB (09/02/2009 1.0.0.1)
"8474-7877-9059-0204" = Samsung Link 1.5.0.1305092012
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.55
"EC3E466026556D3EB760B01C4772277614354E11" = Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB (06/11/2009 1.0.0.0)
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Logitech Gaming Software" = Logitech Gaming Software 8.40
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Security Client" = Microsoft Security Essentials
"Shop for HP Supplies" = Shop for HP Supplies
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{017F8447-2A1D-0DDB-B5D7-CA2BFACE2886}" = CCC Help French
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{054E9A1C-3EA2-C657-E787-FD8DCF5C3D3B}" = CCC Help Czech
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DE2BD51-0300-772D-5E18-F337D95D5687}" = CCC Help German
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{224E8FEB-5C1F-077F-6FC5-602AC1AE644D}" = CCC Help Danish
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java™ 6 Update 30
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{275E9C49-C72F-D754-DEB7-77F10A9C00D8}" = CCC Help Japanese
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{30049739-BE95-6591-B504-E6D7057D49CC}" = CCC Help Spanish
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}" = Google Earth Plug-in
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{363CEA5C-C9D0-45DD-9511-A461DBDEE94B}" = DJ_AIO_03_F4200_Software_Min
"{36A52BCF-AC3D-32F1-AD5F-A09769EB8887}" = Google Talk Plugin
"{37D4AB78-5281-44EE-91D8-B65CFE509851}" = Unified Remote
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}" = Mega Manager
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3F1EB155-F96E-EB7B-2EF2-7375490E0FA9}" = CCC Help English
"{4377F918-E6C9-4ECA-A7F5-754B310B7ED8}" = Sid Meier's Civilization 4
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{4475560E-9418-4908-A158-472D873AE139}" = LogMeIn
"{46F8CF66-AB83-38A7-99B2-A5BE507EE472}" = Microsoft Visual C++ 2010 Express - ENU
"{49471DB8-7F3C-42DB-89C2-AC50FA0C5290}" = Camtasia Studio 7
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A5667B2-5D13-46C2-85B5-9D46A6096F61}" = Secure Download Manager
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4B023D7B-9E67-795D-FB31-B5E1F6DCA451}" = CCC Help Italian
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{55F6C486-8C75-2A72-DAFE-CE78A624C9F7}" = CCC Help Russian
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5AF23993-7152-1620-E43F-1B4542FB4F84}" = CCC Help Thai
"{63326924-3CAF-C858-3A8F-8598C87019D7}" = Catalyst Control Center
"{63822E89-11AA-F8EC-D433-F72A85799EC0}" = CCC Help Greek
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{66361420-4905-AEB8-17AE-172FDD164A7E}" = CCC Help Polish
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69488E1A-B0AF-498F-85D3-9AA057A682FF}" = Finestra Virtual Desktops
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{769F2A4B-84A3-9486-ADD2-9E5AB4B4E1E3}" = Catalyst Control Center InstallProxy
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8773DD1C-5FB2-95B5-5A93-0EFEAC900A4D}" = CCC Help Norwegian
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8CCBB0BF-9CC1-1A65-BB93-56012A460EE6}" = CCC Help Portuguese
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{989FB5FD-9B00-4B32-8663-849CB1370DD1}" = Google Drive
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C684A01-7F9C-40E7-AF94-BFE24BC89C97}" = XSplit
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A0A3CE05-96CB-52E9-434E-074F3BB7807E}" = CCC Help Turkish
"{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}" = FIFA 13
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{A9C64319-932F-D02B-B14C-FFFC3EC49E77}" = CCC Help Chinese Standard
"{AC2C1BDB-1E91-4F94-B99C-E716FE2E9C75}_is1" = MinGW-Get version 0.5-beta-20120426-1
"{AC76BA86-1033-FFFF-7760-000000000006}" = Adobe Acrobat XI Pro
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}" = Mumble 1.2.3
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C09DB932-7619-7B56-30E3-C0454811D6D7}" = CCC Help Korean
"{C1FCDCA1-2759-4E5E-84EE-3A665BB2F513}" = iPhoneBrowser
"{C22A4697-BD77-ACB1-744F-1FD0A0BFF798}" = CCC Help Swedish
"{C2524280-A5CF-4458-B809-167F13FAB56D}" = F4200
"{C41DABFE-49B1-4B24-9DF0-6DF70B485737}" = Mega Manager
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C8773FDB-D0DB-BE52-D536-F48F9886B57B}" = Adobe Download Assistant
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4B457B2-260F-C561-CA87-703BD3B724CA}" = Catalyst Control Center Graphics Previews Common
"{D6CDB506-297D-AE70-0EF6-DE5185F961BE}" = CCC Help Chinese Traditional
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{ECFD508E-68A2-91B2-46DD-1D03D783D94B}" = Catalyst Control Center Localization All
"{EDE361D5-35A5-DA7D-3462-C3DABD24029B}" = CCC Help Hungarian
"{EFD17D49-7394-40FA-8719-8C56B49418CB}" = Foxit Reader
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F1658760-1173-4D65-B709-A0591C104AE1}" = Color Network ScanGear Ver.2.61
"{F1E7DD6A-AE2D-D706-BEB3-937F76CA6AE9}" = CCC Help Finnish
"{F56F54DD-BCB2-1221-2CB7-E983A5CF9D15}" = CCC Help Dutch
"{FAB1F336-1B7C-4057-A7BC-2922CD82A781}" = Ralink RT6x Wireless LAN Card
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FECDEFFF-D7FC-4502-96CA-C9E0BF62CCA5}" = Skype Voice Changer
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Android Studio" = Android Studio
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"AutoHotkey" = AutoHotkey 1.0.48.05
"Avidemux 2.6 (64-bit)" = Avidemux 2.6
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"CDisplay_is1" = CDisplay 1.8
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Daum Screensaver High" = Daum ½ºÅ©¸°¼¼À̹ö °íÈÁú¹öÀü
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"Digsby" = Digsby
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"foobar2000" = foobar2000 v1.2
"Foxit Creator" = Foxit Creator
"Fraps" = Fraps
"GoldenEye: Source" = GoldenEye: Source - HalfLife 2 Mod
"GOM Player" = GOM Player
"GomTVStreamer" = GOMTV Streamer
"Guild Wars" = Guild Wars
"Guild Wars 2" = Guild Wars 2
"HandBrake" = HandBrake 0.9.8
"Hauppauge WinTV 7" = Hauppauge WinTV 7
"Hauppauge WinTV Infrared Remote" = Hauppauge WinTV Infrared Remote
"Hauppauge WinTV IR Blaster" = Hauppauge WinTV IR Blaster
"HDTP" = Deus Ex - HDTP
"hon" = Heroes of Newerth
"im" = Garena Plus
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.3.0 (Basic)
"LAME_is1" = LAME v3.99.3 (for Windows)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mendeley Desktop" = Mendeley Desktop 1.6
"Microsoft Visual C++ 2010 Express - ENU" = Microsoft Visual C++ 2010 Express - ENU
"mIRC" = mIRC
"Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"Origin" = Origin
"Pidgin" = Pidgin
"PunkBusterSvc" = PunkBuster Services
"QuickPar" = QuickPar 0.9
"RealAlt_is1" = Real Alternative 1.8.0
"RealPlayer 12.0" = RealPlayer
"RivaTuner" = RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
"SopCast" = SopCast 3.2.9
"SpeedFan" = SpeedFan (remove only)
"Spotify" = Spotify
"StarCraft II" = StarCraft II
"Steam App 218" = Source SDK Base 2007
"Steam App 219640" = Chivalry: Medieval Warfare
"Steam App 300" = Day of Defeat: Source
"Steam App 440" = Team Fortress 2
"Steam App 564" = Left 4 Dead 2 Add-on Support
"Steam App 730" = Counter-Strike: Global Offensive Beta
"SumatraPDF" = SumatraPDF
"Synergy" = Synergy
"TeamViewer 7" = TeamViewer 7
"TrueCrypt" = TrueCrypt
"Veetle TV" = Veetle TV
"VLC media player" = VLC media player 2.0.6
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
"winscp3_is1" = WinSCP 4.3.2
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{32E4F0D2-C135-475E-A841-1D59A0D22989}" = Sid Meier's Civilization 4 - Beyond the Sword
"{3E4B349F-10B5-4586-9D99-489A90A8B228}" = Sid Meier's Civilization 4 - Warlords
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"Flux" = F.lux
"Google Chrome" = Google Chrome
"MusicManager" = Music Manager
"MyFreeCodec" = MyFreeCodec
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 7/5/2013 12:25:56 PM | Computer Name = DT-PC | Source = AllShare Framework DMS | ID = 131073
Description =
Error - 7/6/2013 1:06:02 PM | Computer Name = DT-PC | Source = AllShare Framework DMS | ID = 131073
Description =
Error - 7/6/2013 1:06:02 PM | Computer Name = DT-PC | Source = AllShare Framework DMS | ID = 131073
Description =
Error - 7/7/2013 1:09:08 PM | Computer Name = DT-PC | Source = AllShare Framework DMS | ID = 131073
Description =
Error - 7/7/2013 1:09:08 PM | Computer Name = DT-PC | Source = AllShare Framework DMS | ID = 131073
Description =
Error - 7/7/2013 7:27:44 PM | Computer Name = DT-PC | Source = AllShare Framework DMS | ID = 131073
Description =
Error - 7/7/2013 7:27:44 PM | Computer Name = DT-PC | Source = AllShare Framework DMS | ID = 131073
Description =
Error - 7/7/2013 8:42:30 PM | Computer Name = DT-PC | Source = AllShare Framework DMS | ID = 131073
Description =
Error - 7/7/2013 8:42:33 PM | Computer Name = DT-PC | Source = AllShare Framework DMS | ID = 131073
Description =
Error - 7/7/2013 10:00:01 PM | Computer Name = DT-PC | Source = Windows Backup | ID = 4103
Description =
[ Media Center Events ]
Error - 5/21/2012 7:45:00 AM | Computer Name = DT-PC | Source = MCUpdate | ID = 0
Description = 4:45:00 AM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )
Error - 5/22/2012 7:03:07 AM | Computer Name = DT-PC | Source = MCUpdate | ID = 0
Description = 4:03:07 AM - Failed to retrieve SportsSchedule.enc (Error: HTTP status
404: The requested URL does not exist on the server. )
Error - 5/22/2012 8:15:22 AM | Computer Name = DT-PC | Source = MCUpdate | ID = 0
Description = 5:14:42 AM - Failed to retrieve SportsSchedule.enc (Error: HTTP status
404: The requested URL does not exist on the server. )
Error - 5/22/2012 9:15:46 AM | Computer Name = DT-PC | Source = MCUpdate | ID = 0
Description = 6:15:34 AM - Failed to retrieve SportsSchedule.enc (Error: HTTP status
404: The requested URL does not exist on the server. )
Error - 5/22/2012 10:16:44 AM | Computer Name = DT-PC | Source = MCUpdate | ID = 0
Description = 7:16:01 AM - Failed to retrieve SportsSchedule.enc (Error: HTTP status
404: The requested URL does not exist on the server. )
Error - 5/22/2012 7:47:43 PM | Computer Name = DT-PC | Source = MCUpdate | ID = 0
Description = 4:46:58 PM - Failed to retrieve SportsSchedule.enc (Error: HTTP status
404: The requested URL does not exist on the server. )
Error - 5/23/2012 7:28:34 AM | Computer Name = DT-PC | Source = MCUpdate | ID = 0
Description = 4:28:34 AM - Failed to retrieve SportsSchedule.enc (Error: HTTP status
404: The requested URL does not exist on the server. )
Error - 6/25/2012 2:31:38 AM | Computer Name = DT-PC | Source = MCUpdate | ID = 0
Description = 11:31:38 PM - Error connecting to the internet. 11:31:38 PM - Unable
to contact server..
Error - 11/17/2012 6:02:43 PM | Computer Name = DT-PC | Source = ehRecvr | ID = 3
Description = TV tuner encountered an error. (0xc0040524) Hauppauge WinTV-7164 BDA
ATSC/QAM Tuner
Error - 11/17/2012 6:02:44 PM | Computer Name = DT-PC | Source = ehRecvr | ID = 3
Description = TV tuner encountered an error. (0xc0040524) Hauppauge WinTV-7164 BDA
ATSC/QAM Tuner
[ OSession Events ]
Error - 6/3/2012 7:21:15 PM | Computer Name = DT-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 106 seconds with 60 seconds of active time. This session ended with a crash.
Error - 6/3/2012 7:23:03 PM | Computer Name = DT-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 75 seconds with 60 seconds of active time. This session ended with a crash.
Error - 11/20/2012 1:20:47 AM | Computer Name = DT-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 78903
seconds with 4920 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 7/4/2013 2:22:42 PM | Computer Name = DT-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
Error - 7/5/2013 7:53:04 PM | Computer Name = DT-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
Error - 7/6/2013 2:59:49 PM | Computer Name = DT-PC | Source = volsnap | ID = 393251
Description = The shadow copies of volume C: were aborted because the shadow copy
storage failed to grow.
Error - 7/6/2013 5:41:09 PM | Computer Name = DT-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Steam
Client Service service to connect.
Error - 7/6/2013 5:41:09 PM | Computer Name = DT-PC | Source = Service Control Manager | ID = 7000
Description = The Steam Client Service service failed to start due to the following
error: %%1053
Error - 7/7/2013 2:50:59 AM | Computer Name = DT-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
Error - 7/7/2013 2:51:29 AM | Computer Name = DT-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the LanmanServer service.
Error - 7/7/2013 2:51:59 AM | Computer Name = DT-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the WSearch service.
Error - 7/7/2013 2:52:01 AM | Computer Name = DT-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
Error - 7/7/2013 7:33:40 PM | Computer Name = DT-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
< End of report >
OTL logfile created on: 7/7/2013 8:28:13 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\DT\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.99 Gb Total Physical Memory | 1.34 Gb Available Physical Memory | 33.67% Memory free
7.98 Gb Paging File | 4.60 Gb Available in Paging File | 57.65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 60.00 Gb Total Space | 0.16 Gb Free Space | 0.27% Space Free | Partition Type: NTFS
Drive D: | 150.00 Gb Total Space | 57.31 Gb Free Space | 38.20% Space Free | Partition Type: NTFS
Drive F: | 100.00 Gb Total Space | 16.15 Gb Free Space | 16.15% Space Free | Partition Type: NTFS
Drive J: | 48.83 Gb Total Space | 13.37 Gb Free Space | 27.38% Space Free | Partition Type: NTFS
Computer Name: DT-PC | User Name: DT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/07/07 20:26:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DT\Desktop\OTL.exe
PRC - [2013/07/07 20:15:02 | 000,266,752 | ---- | M] () -- C:\Users\DT\AppData\Roaming\install\Svchost.exe
PRC - [2013/05/03 14:24:46 | 000,755,080 | ---- | M] (Samsung) -- C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.09\AllShareFrameworkDMS.exe
PRC - [2012/09/23 21:43:48 | 003,477,640 | ---- | M] (Adobe Systems Inc.) -- D:\Adobe Acrobat XI Pro\Acrobat\acrotray.exe
PRC - [2012/09/23 21:43:36 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/10 04:46:17 | 002,673,064 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012/07/10 04:46:16 | 007,445,416 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
PRC - [2012/07/10 04:41:11 | 000,106,408 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe
PRC - [2011/10/01 17:43:14 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/03/04 13:45:08 | 001,529,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\explorer.exe
PRC - [2010/07/26 22:30:28 | 000,552,448 | ---- | M] (Hauppauge Computer Works) -- C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
PRC - [2010/07/20 17:48:02 | 000,311,808 | ---- | M] (Hauppauge Computer Works) -- C:\Program Files (x86)\WinTV\TVServer\CaptureGenPCI.exe
PRC - [2010/04/29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
PRC - [2009/08/28 23:00:12 | 000,966,656 | ---- | M] () -- C:\Users\DT\Local Settings\Apps\F.lux\flux.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
========== Modules (No Company Name) ==========
MOD - [2013/07/07 20:15:02 | 000,266,752 | ---- | M] () -- C:\Users\DT\AppData\Roaming\install\Svchost.exe
MOD - [2013/06/14 18:28:42 | 000,393,168 | ---- | M] () -- C:\Users\DT\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppgooglenaclpluginchrome.dll
MOD - [2013/06/14 18:28:41 | 013,140,432 | ---- | M] () -- C:\Users\DT\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
MOD - [2013/06/14 18:28:40 | 004,051,408 | ---- | M] () -- C:\Users\DT\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll
MOD - [2013/06/14 18:27:51 | 000,599,504 | ---- | M] () -- C:\Users\DT\AppData\Local\Google\Chrome\Application\27.0.1453.116\libglesv2.dll
MOD - [2013/06/14 18:27:50 | 000,124,368 | ---- | M] () -- C:\Users\DT\AppData\Local\Google\Chrome\Application\27.0.1453.116\libegl.dll
MOD - [2013/06/14 18:27:48 | 001,597,392 | ---- | M] () -- C:\Users\DT\AppData\Local\Google\Chrome\Application\27.0.1453.116\ffmpegsumo.dll
MOD - [2010/04/29 15:39:36 | 000,079,696 | ---- | M] () -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\zlib.dll
MOD - [2009/08/28 23:00:12 | 000,966,656 | ---- | M] () -- C:\Users\DT\Local Settings\Apps\F.lux\flux.exe
========== Services (SafeList) ==========
SRV:64bit: - [2013/05/03 14:25:36 | 000,405,896 | ---- | M] (Samsung) [Auto | Running] -- C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.09\AllShareFrameworkManagerDMS.exe -- (AllShare Framework DMS)
SRV:64bit: - [2013/01/27 12:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/01/27 12:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2012/12/19 12:56:00 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/07/30 10:00:04 | 000,422,472 | ---- | M] () [Auto | Running] -- C:\Program Files\Synergy\synergyd.exe -- (Synergy)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 18:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/06/11 18:12:21 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/06/06 15:06:24 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/04/19 15:14:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/03/18 17:26:37 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/19 19:10:40 | 000,147,888 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint)
SRV - [2012/10/19 19:10:34 | 000,375,728 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2012/09/23 21:43:36 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/08/24 15:41:30 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2012/07/10 04:46:17 | 002,673,064 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011/10/01 17:43:14 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/03/04 13:45:08 | 001,529,856 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2010/07/26 22:30:28 | 000,552,448 | ---- | M] (Hauppauge Computer Works) [Auto | Running] -- C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe -- (HauppaugeTVServer)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/01/20 16:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/12/19 13:48:48 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/12/19 12:32:54 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/11/06 04:11:52 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/10/19 19:11:06 | 000,088,008 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2012/10/02 15:26:46 | 000,066,360 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:64bit: - [2012/09/19 11:02:08 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/09/19 11:02:06 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/28 19:37:10 | 000,052,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/04 13:51:50 | 000,306,536 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 04:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/07/31 23:17:00 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/07/29 17:06:16 | 000,230,352 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)
DRV:64bit: - [2010/07/09 13:19:02 | 000,021,480 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz134_x64.sys -- (cpuz134)
DRV:64bit: - [2010/06/11 11:51:24 | 001,634,176 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hcw89.sys -- (hcw89)
DRV:64bit: - [2010/05/06 02:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/02/08 09:32:00 | 000,014,992 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVirtA64.sys -- (CVirtA)
DRV:64bit: - [2010/01/27 12:22:02 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2010/01/27 12:21:36 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2010/01/22 12:22:22 | 000,180,224 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/01/22 12:22:18 | 000,077,824 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009/11/23 18:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009/11/23 18:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009/11/12 14:48:56 | 000,005,504 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\StarOpen.sys -- (StarOpen)
DRV:64bit: - [2009/10/19 09:56:10 | 000,115,312 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009/09/17 19:04:18 | 001,250,816 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009/08/13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/02 17:35:30 | 000,438,784 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr6164.sys -- (rt61x64)
DRV:64bit: - [2009/05/22 22:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2008/11/16 19:39:44 | 000,157,968 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dne64x.sys -- (DNE)
DRV:64bit: - [2008/07/03 22:49:26 | 000,252,928 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTwindrvr6.sys -- (VSTWinDriver6)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2007/08/02 09:33:04 | 000,012,672 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dadder.sys -- (DAdderFltr)
DRV:64bit: - [2005/03/29 01:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2013/07/07 20:05:22 | 000,035,664 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{29E42B3B-7EB6-4831-980E-B5ED09785B15}\MpKsl9e0d32e9.sys -- (MpKsl9e0d32e9)
DRV - [2010/01/27 12:22:02 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg....sa&d=2012-05-24 12:54:49&v=11.1.1.7&sap=hp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2E BD 26 23 78 2F CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://search.babylon.com/home
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...c=browsersearch
IE - HKCU\..\SearchScopes\{1748628F-AACD-44C1-8C25-3277D58FEE61}: "URL" = http://websearch.ask...D6-8F66DA296BE4
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg....sa&d=2012-05-24 12:54:49&v=11.1.1.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-se...q={searchTerms}
IE - HKCU\..\SearchScopes\{CE3A3FD1-0A27-07DC-3FED-9D0FBEBC1CD0}: "URL" = http://www.bing.com/...eferrer:source}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = http://proxy.ucla.edu/cgi/proxy
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledAddons: {EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}:2.0
FF - prefs.js..extensions.enabledAddons: [email protected]:2.0
FF - prefs.js..extensions.enabledAddons: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.22
FF - prefs.js..extensions.enabledAddons: [email protected]:3.1.11
FF - prefs.js..extensions.enabledAddons: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.16
FF - prefs.js..extensions.enabledAddons: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:6.9.0.12585
FF - prefs.js..extensions.enabledAddons: [email protected]:3.8.8
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: vshareus@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {5911488E-9D1E-40ec-8CBB-06B231CC153F}:2.5.0
FF - prefs.js..extensions.enabledItems: {EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}:2.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30
FF - prefs.js..extensions.enabledItems: [email protected]:3.1.6
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.15
FF - prefs.js..extensions.enabledItems: [email protected]:3.15.9.100013
FF - prefs.js..extensions.enabledItems: [email protected]:3.8.7
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=0.80.0: C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Software Company)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: D:\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: D:\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: D:\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: D:\Adobe Acrobat XI Pro\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\DT\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\DT\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\DT\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\DT\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\DT\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\DT\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\samsung.com/SamsungLinkPCPlugin: D:\Samsung Link\Samsung Link\utils\npSamsungLinkPCPlugin.dll (Samsung)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/09/18 15:57:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/05/31 15:39:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: D:\Adobe Acrobat XI Pro\Acrobat\Browser\WCFirefoxExtn [2013/01/21 13:11:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/05/26 12:36:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/06/12 11:13:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/09/18 15:57:07 | 000,000,000 | ---D | M]
[2010/08/01 11:06:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DT\AppData\Roaming\Mozilla\Extensions
[2013/06/24 17:56:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DT\AppData\Roaming\Mozilla\Firefox\Profiles\6zcaeo2z.default\extensions
[2013/03/18 17:40:48 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\DT\AppData\Roaming\Mozilla\Firefox\Profiles\6zcaeo2z.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/10/01 17:44:05 | 000,000,000 | ---D | M] (DealPly) -- C:\Users\DT\AppData\Roaming\Mozilla\Firefox\Profiles\6zcaeo2z.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
[2010/11/02 12:18:20 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Users\DT\AppData\Roaming\Mozilla\Firefox\Profiles\6zcaeo2z.default\extensions\vshareus@toolbar
[2013/03/18 17:43:00 | 000,000,000 | ---D | M] (Zotero) -- C:\Users\DT\AppData\Roaming\Mozilla\Firefox\Profiles\6zcaeo2z.default\extensions\[email protected]
[2013/03/20 00:09:48 | 000,000,000 | ---D | M] (Zotero Word for Windows Integration) -- C:\Users\DT\AppData\Roaming\Mozilla\Firefox\Profiles\6zcaeo2z.default\extensions\[email protected]
[2013/06/24 17:56:25 | 000,304,556 | ---- | M] () (No name found) -- C:\Users\DT\AppData\Roaming\Mozilla\Firefox\Profiles\6zcaeo2z.default\extensions\[email protected]
[2013/04/28 01:20:28 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\DT\AppData\Roaming\Mozilla\Firefox\Profiles\6zcaeo2z.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/04/28 01:18:34 | 000,714,654 | ---- | M] () (No name found) -- C:\Users\DT\AppData\Roaming\Mozilla\Firefox\Profiles\6zcaeo2z.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2013/05/12 23:27:22 | 000,002,584 | ---- | M] () -- C:\Users\DT\AppData\Roaming\Mozilla\Firefox\Profiles\6zcaeo2z.default\searchplugins\askcom.xml
[2011/10/01 17:44:21 | 000,001,945 | ---- | M] () -- C:\Users\DT\AppData\Roaming\Mozilla\Firefox\Profiles\6zcaeo2z.default\searchplugins\bing-zugo.xml
[2013/03/18 17:26:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/05/24 22:38:50 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/05/24 22:38:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/05/24 22:38:55 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/01/21 13:11:40 | 000,000,000 | ---D | M] (Adobe Acrobat - Create PDF) -- D:\ADOBE ACROBAT XI PRO\ACROBAT\BROWSER\WCFIREFOXEXTN
[2013/03/18 17:26:38 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/05/21 14:56:16 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files (x86)\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2012/05/24 12:54:39 | 000,003,751 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2010/07/29 17:24:38 | 000,002,191 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2013/03/18 17:26:35 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/03/18 17:26:35 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.yahoo.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\DT\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\DT\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\DT\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Disabled) = c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Disabled) = c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll
CHR - Extension: Google Docs = C:\Users\DT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\DT\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\DT\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\DT\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4.1_0\
CHR - Extension: Google Search = C:\Users\DT\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Adobe Acrobat - Create PDF = C:\Users\DT\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\11.0.0.379_0\
CHR - Extension: Black Menu for Google\u2122 = C:\Users\DT\AppData\Local\Google\Chrome\User Data\Default\Extensions\eignhdfgaldabilaaegmdfbajngjmoke\4.2.1_0\
CHR - Extension: Photo Zoom for Facebook = C:\Users\DT\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1208.30.1_0\
CHR - Extension: PanicButton = C:\Users\DT\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm\0.14.2.2_0\
CHR - Extension: Team Liquid Streams++ = C:\Users\DT\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilgkaggfllbomabebbgkibkmbloibgfd\0.0.4.0_0\
CHR - Extension: Reddit Enhancement Suite = C:\Users\DT\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.2.0.1_0\
CHR - Extension: Skype Click to Call = C:\Users\DT\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0\
CHR - Extension: Docs PDF/PowerPoint Viewer (by Google) = C:\Users\DT\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn\3.10_0\
CHR - Extension: imo messenger = C:\Users\DT\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocaebkdojpikfmhmnekiflipcicedobi\1.4.1_0\
CHR - Extension: Gmail = C:\Users\DT\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe Acrobat Create PDF Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - D:\MegaIEMn.dll File not found
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Samsung Link] D:\Samsung Link\Samsung Link\utils\Samsung Link Launcher.exe (Samsung Electronics)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] D:\Adobe Acrobat XI Pro\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" File not found
O4 - HKLM..\Run: [HF_G_Jul] "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe" /DoAction File not found
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [F.lux] C:\Users\DT\Local Settings\Apps\F.lux\flux.exe ()
O4 - HKCU..\Run: [Facebook Update] C:\Users\DT\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [googletalk] C:\Users\DT\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - HKCU..\Run: [HKCU] C:\Users\DT\AppData\Roaming\install\Svchost.exe ()
F3:64bit: - HKCU WinNT: Load - (C:\Users\DT\AppData\Roaming\Microsoft\Windows\Templates\VaultCmd.exe) - C:\Users\DT\AppData\Roaming\Microsoft\Windows\Templates\VaultCmd.exe (Microsoft Corporation)
F3 - HKCU WinNT: Load - (C:\Users\DT\AppData\Roaming\Microsoft\Windows\Templates\VaultCmd.exe) - C:\Users\DT\AppData\Roaming\Microsoft\Windows\Templates\VaultCmd.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: UseOEMBackground = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisplayLastLogonInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.17.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{01DD9932-FDDE-48C8-8201-69CF83E964BD}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{71068429-316E-430B-BC8B-99AC1635E15D}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/07/29 23:19:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{520fcbe1-bcfb-11df-92de-e0cb4eb1216f}\Shell - "" = AutoRun
O33 - MountPoints2\{520fcbe1-bcfb-11df-92de-e0cb4eb1216f}\Shell\AutoRun\command - "" = H:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/07/07 20:26:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\DT\Desktop\OTL.exe
[2013/07/07 20:10:27 | 000,000,000 | ---D | C] -- C:\Users\DT\AppData\Roaming\install
[2013/07/07 20:09:08 | 000,000,000 | ---D | C] -- C:\Users\DT\AppData\Roaming\WinDir
[2013/06/29 21:19:01 | 000,000,000 | ---D | C] -- C:\Users\DT\AppData\Local\WpfApplication1
[2012/02/21 00:34:43 | 001,382,912 | ---- | C] (Video Furnace, Inc.) -- C:\Users\DT\.vftv1329809683393
========== Files - Modified Within 30 Days ==========
[2013/07/07 20:34:43 | 000,002,206 | -H-- | M] () -- C:\Users\DT\AppData\Roaming\DTlog.dat
[2013/07/07 20:26:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DT\Desktop\OTL.exe
[2013/07/07 20:26:08 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/07 20:11:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/07/07 20:09:08 | 000,154,283 | -H-- | M] () -- C:\Users\DT\AppData\Roaming\DT-wchelper.dll
[2013/07/07 19:37:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3833990729-1644493534-363746626-1000UA.job
[2013/07/07 18:27:17 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3833990729-1644493534-363746626-1000UA.job
[2013/07/07 16:35:00 | 000,013,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/07 16:35:00 | 000,013,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/07 16:33:33 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/07 16:27:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/07/07 16:27:20 | 3214,188,544 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/07 10:37:48 | 000,783,354 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/07/07 10:37:48 | 000,663,222 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/07/07 10:37:48 | 000,122,090 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/07/07 00:37:01 | 000,000,844 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3833990729-1644493534-363746626-1000Core.job
[2013/07/06 21:27:01 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3833990729-1644493534-363746626-1000Core.job
[2013/06/13 14:32:20 | 000,001,030 | ---- | M] () -- C:\Users\DT\Desktop\script.exe
[2013/06/12 11:29:51 | 000,497,560 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
========== Files Created - No Company Name ==========
[2013/07/07 20:09:08 | 000,154,283 | -H-- | C] () -- C:\Users\DT\AppData\Roaming\DT-wchelper.dll
[2013/07/07 20:09:07 | 018,037,573 | ---- | C] () -- C:\Users\DT\Desktop\asian mb.mov
[2013/06/13 14:32:19 | 000,001,030 | ---- | C] () -- C:\Users\DT\Desktop\script.exe
[2013/06/01 01:10:35 | 000,000,530 | ---- | C] () -- C:\Users\DT\.swfinfo
[2013/05/20 00:36:08 | 000,000,426 | RHS- | C] () -- C:\Users\DT\ntuser.pol
[2013/04/19 16:38:54 | 000,025,600 | ---- | C] () -- C:\Windows\SysWow64\MediaDB.dll
[2013/04/19 16:37:54 | 000,704,000 | ---- | C] () -- C:\Windows\SysWow64\ContentDirectoryPresenter.dll
[2013/04/15 18:53:12 | 000,046,592 | ---- | C] () -- C:\Windows\SysWow64\boost_thread-vc90-mt-1_47.dll
[2013/04/15 18:53:00 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\boost_date_time-vc90-mt-1_47.dll
[2013/04/15 18:52:44 | 000,227,840 | ---- | C] () -- C:\Windows\SysWow64\boost_serialization-vc90-mt-1_47.dll
[2013/04/15 18:52:42 | 000,704,000 | ---- | C] () -- C:\Windows\SysWow64\boost_regex-vc90-mt-1_47.dll
[2013/04/15 18:52:40 | 000,012,800 | ---- | C] () -- C:\Windows\SysWow64\boost_system-vc90-mt-1_47.dll
[2013/04/15 18:52:24 | 000,130,048 | ---- | C] () -- C:\Windows\SysWow64\boost_filesystem-vc90-mt-1_47.dll
[2013/03/25 14:50:52 | 000,000,837 | ---- | C] () -- C:\Users\DT\.recently-used.xbel
[2012/12/03 21:37:42 | 000,000,604 | -H-- | C] () -- C:\Program Files (x86)\_Z2
[2012/08/28 10:04:34 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012/08/28 10:04:34 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012/08/28 10:04:34 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012/08/28 10:04:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012/08/28 10:04:32 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012/05/02 22:34:29 | 000,000,042 | ---- | C] () -- C:\Users\DT\jagex_cl_runescape_LIVE1.dat
[2012/05/02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/03/11 22:07:07 | 106,017,697 | ---- | C] () -- C:\Program Files\Sony Vegas Pro 10.0a Build 387 Portable.exe
[2012/03/08 21:31:26 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/03/08 21:31:26 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011/12/30 01:20:43 | 000,051,270 | ---- | C] () -- C:\Users\DT\AppData\Roaming\room_v3.dat
[2011/12/27 23:32:02 | 000,000,024 | ---- | C] () -- C:\Users\DT\random.dat
[2011/10/25 19:02:04 | 000,000,041 | ---- | C] () -- C:\Users\DT\jagex_cl_runescape_LIVE.dat
[2011/09/14 09:09:02 | 000,000,009 | ---- | C] () -- C:\Users\DT\AppData\Roaming\RSBuddy Login.ini
[2011/09/12 16:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/09/09 19:36:19 | 000,000,837 | ---- | C] () -- C:\Users\DT\AppData\Roaming\MPQEditor.ini
[2011/07/26 18:39:33 | 000,165,710 | ---- | C] () -- C:\Windows\hpoins28.dat.temp
[2011/07/26 18:39:33 | 000,000,442 | ---- | C] () -- C:\Windows\hpomdl28.dat.temp
[2011/07/23 21:57:44 | 000,000,340 | ---- | C] () -- C:\Users\DT\AppData\Roaming\RSBuddy_odysseus8.ini
[2011/05/03 20:52:35 | 000,000,600 | ---- | C] () -- C:\Users\DT\AppData\Roaming\winscp.rnd
[2011/02/15 01:00:30 | 000,016,896 | ---- | C] () -- C:\Users\DT\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/18 10:24:33 | 000,000,024 | ---- | C] () -- C:\Users\DT\jagexappletviewer.preferences
[2010/08/01 18:15:41 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/07/29 23:20:02 | 000,000,129 | ---- | C] () -- C:\Users\DT\jagex_runescape_preferences2.dat
[2010/07/29 23:20:02 | 000,000,000 | ---- | C] () -- C:\Users\DT\jagex__preferences3.dat
[2010/07/29 23:18:41 | 000,000,046 | ---- | C] () -- C:\Users\DT\jagex_runescape_preferences.dat
[2010/07/29 16:56:25 | 000,000,017 | ---- | C] () -- C:\Users\DT\AppData\Local\resmon.resmoncfg
[2005/04/07 19:16:43 | 000,001,651 | -H-- | C] () -- C:\Users\DT\AppData\Roaming\DTlog.dat
========== ZeroAccess Check ==========
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/26 22:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/26 21:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2011/03/14 21:43:56 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\.purple
[2013/07/07 20:10:25 | 000,000,000 | -H-D | M] -- C:\Users\DT\AppData\Roaming\701D5E50
[2011/04/28 17:03:33 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\acccore
[2013/06/11 18:19:37 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Audacity
[2012/12/03 21:29:56 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Avid
[2013/04/20 14:57:00 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\avidemux
[2010/07/29 17:12:46 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Canneverbe Limited
[2010/09/10 21:50:02 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Canon
[2013/01/21 12:52:56 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/12/10 11:38:44 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\com.adobe.formscentral.FormsCentralForAcrobat
[2010/07/31 23:41:55 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\DAEMON Tools Lite
[2010/09/08 10:54:17 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\dBpoweramp
[2010/08/25 00:23:23 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Dev-Cpp
[2013/05/30 18:22:13 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\e-academy Inc
[2010/08/05 16:17:26 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\EndNote
[2011/12/20 23:19:08 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\foobar2000
[2012/02/13 03:11:36 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Foxit Software
[2012/01/08 01:35:08 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\GarenaPlus
[2012/05/05 20:43:59 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\GetRightToGo
[2013/03/25 14:46:59 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\gtk-2.0
[2013/06/30 23:31:53 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\HandBrake
[2013/07/07 20:10:27 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\install
[2013/06/02 23:12:17 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\JetBrains
[2010/08/08 11:24:48 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\KeePass
[2010/08/20 10:56:18 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Leadertech
[2012/01/29 20:03:28 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\LolClient
[2012/05/26 00:39:27 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\LolClient2
[2012/10/12 02:10:25 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\LolMatches Client
[2010/07/31 10:48:11 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Megaupload
[2012/01/04 13:57:24 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Mumble
[2010/08/01 00:11:52 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\My Games
[2010/08/24 21:00:06 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Notepad++
[2011/10/23 17:56:25 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Origin
[2011/07/27 13:58:23 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Publish Providers
[2011/12/21 15:18:40 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\rockbox.org
[2013/06/15 16:01:14 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Samsung
[2012/06/03 17:11:55 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Sony
[2012/02/17 22:54:19 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\SplitMediaLabs
[2013/06/03 10:16:33 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Sports Interactive
[2012/12/14 01:49:46 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Spotify
[2013/01/29 23:20:42 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\TrueCrypt
[2011/06/06 16:54:50 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Ubisoft
[2012/07/11 09:47:23 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\Unified Remote
[2013/07/07 00:57:19 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\uTorrent
[2012/08/10 19:12:59 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\VirtuaWin
[2013/07/07 20:09:08 | 000,000,000 | ---D | M] -- C:\Users\DT\AppData\Roaming\WinDir
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 4096 bytes -> C:\Users\Public\Documents\desktop.ini:gs5sys
@Alternate Data Stream - 4096 bytes -> C:\ProgramData:gs5sys
@Alternate Data Stream - 1536 bytes -> C:\Users\DT\Documents\desktop.ini:gs5sys
@Alternate Data Stream - 1536 bytes -> C:\Users\DT\Desktop\desktop.ini:gs5sys
< End of report >
OTL Extras logfile created on: 7/7/2013 8:28:13 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\DT\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.99 Gb Total Physical Memory | 1.34 Gb Available Physical Memory | 33.67% Memory free
7.98 Gb Paging File | 4.60 Gb Available in Paging File | 57.65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 60.00 Gb Total Space | 0.16 Gb Free Space | 0.27% Space Free | Partition Type: NTFS
Drive D: | 150.00 Gb Total Space | 57.31 Gb Free Space | 38.20% Space Free | Partition Type: NTFS
Drive F: | 100.00 Gb Total Space | 16.15 Gb Free Space | 16.15% Space Free | Partition Type: NTFS
Drive J: | 48.83 Gb Total Space | 13.37 Gb Free Space | 27.38% Space Free | Partition Type: NTFS
Computer Name: DT-PC | User Name: DT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" ()
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" ()
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01A6F62B-0E3F-438C-AE28-7BE8CFD0E049}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{05E62ECB-D901-4E08-83F3-485B182A7521}" = rport=139 | protocol=6 | dir=out | app=system |
"{061D4FC1-3901-4A5C-BA1B-32A6CEEA2C50}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{07F30754-06EA-4826-8C2B-F6E53B2E7FAA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0DE3D9D7-D31C-40BD-9C49-C13BECBB9D89}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{22310FB1-B4FD-4FE3-9454-965C2C9F3003}" = lport=56338 | protocol=17 | dir=in | name=color network scangear |
"{26C3FF26-8B66-4EF7-AAC5-006B480144E1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{371481E1-EB8F-49CE-BE4E-3F48A49A2D99}" = lport=139 | protocol=6 | dir=in | app=system |
"{4DA8B27A-37B7-4C4A-900C-0848E375A7CD}" = lport=7676 | protocol=6 | dir=in | name=allshareframeworkdms service tcp port1 |
"{55DFEF1D-FEA9-4080-AAD0-86FD040E0648}" = rport=138 | protocol=17 | dir=out | app=system |
"{5DFAA835-7A3F-45EF-B189-F45178C10655}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{652B65B0-6D59-474B-9F4E-797EFE28D80D}" = lport=24234 | protocol=6 | dir=in | name=allshareframework dms service udp port1 |
"{6C1D6AE2-A9EA-44DF-9E33-A41051FAED30}" = lport=8743 | protocol=6 | dir=in | name=allshareframeworkdms action tcp port |
"{73C93FF2-BBCC-434D-AD31-C415C4F110ED}" = rport=137 | protocol=17 | dir=out | app=system |
"{7CC093D4-B75E-4C2C-894A-1AF2A5353F48}" = lport=10243 | protocol=6 | dir=in | app=system |
"{89907BFD-FA18-43C1-A4A3-6139B52B042B}" = rport=10243 | protocol=6 | dir=out | app=system |
"{8C4677F4-0EA1-4C6C-A033-4BCD910967D5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8F5688B7-7387-448E-85A8-36E65E43EC2D}" = lport=7679 | protocol=6 | dir=in | name=allshareframeworkdms service tcp port2 |
"{9987665D-E299-4C53-A670-814FABA8C7C4}" = lport=137 | protocol=17 | dir=in | app=system |
"{9C40E39A-F4EA-4101-BC23-73F0C22FC07D}" = lport=7900 | protocol=6 | dir=in | name=allshareframework dms service udp port2 |
"{9DD6CED2-16CE-444A-9B02-9CF1CE14A55E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AA8A1789-DA10-4333-87FB-22A4E1BC93EE}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{B01C1F03-AD2B-472A-AA79-569CF2EAAFC7}" = lport=8643 | protocol=6 | dir=in | name=allshareframeworkdms event tcp port |
"{BD953798-0694-4D91-8D49-4352AD424D15}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{C2234A57-B379-4755-ACBD-7FDEC5495EED}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{C35C44B8-BAFB-4A4B-99F8-44302A7394E3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CB7D2CF2-96DA-473E-B158-ED3002E17E16}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{D8E444FD-D44C-4D5F-8354-5C0FF965DD1C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D905D4E3-7932-4FDC-B3CC-A5EB676C1829}" = lport=445 | protocol=6 | dir=in | app=system |
"{DC0B9A33-8A0C-444F-A1A6-2B1D5143D5BD}" = lport=1900 | protocol=6 | dir=in | name=upnp multicast port |
"{E30FF5CE-A4DA-46D5-9688-3C05BBFB60F2}" = lport=138 | protocol=17 | dir=in | app=system |
"{EB1282F0-AFE3-4709-8847-1A8F7F5B2DE0}" = rport=445 | protocol=6 | dir=out | app=system |
"{EBA46A92-1159-46E4-A2B9-9B85D75431EF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F4E9EDEC-0A60-4903-A77F-5D17EC901CF2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F52E8A83-67A7-4625-8BE0-33038DD7716F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0015AFA0-3798-4E8D-A4EE-10DBBB95F940}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{05503187-DAD5-4D7B-8014-832D357BD693}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{0638B07A-6C14-4352-BC01-5C444FBCBEB9}" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base15405\sc2.exe |
"{063F9B94-B359-41E6-B5FC-E49B9BA2623D}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{0ABD0942-EE49-433E-A8CC-0147F7C21E88}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{0BFC2148-51F4-4818-94CB-3ED358AFE882}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{0D5E91C0-85E5-4832-9731-79F6396029D7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{102278D2-3FB3-40A5-BBD0-737CA686F9B4}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{18E02F56-F426-4269-9FC3-CE0B231B5A30}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{191857B0-5203-4DDB-957C-CCD0EBF07EBD}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.0\sonarhost.exe |
"{1A2B7B8F-1382-4E9D-A242-8A6C71FFA9CF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{1EE56F1F-D4AB-4CD2-9E00-3FBDFC70187E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{1F48C40A-1D9A-48EC-BF90-232E00E4B384}" = protocol=6 | dir=in | app=d:\veetle\player\veetlenet.exe |
"{24725412-0AD0-43D2-8657-005D17214C80}" = protocol=6 | dir=in | app=c:\program files\samsung\allshare framework dms\1.3.09\allshareframeworkdms.exe |
"{25108A63-BC14-4011-B1DD-D33BD701949D}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{28FA7641-358E-4880-8892-066407AD0637}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\deus ex\system\deusex.exe |
"{29D306A5-E786-4ABF-BDAD-7B02023F2C16}" = protocol=1 | dir=in | [email protected],-28543 |
"{2D79E64B-2496-4C75-9FB1-788CB6C69BEB}" = protocol=17 | dir=in | app=d:\starcraft 2\starcraft ii\starcraft ii.exe |
"{3111D20F-09B0-4C9D-9682-74BDAAECA1B4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{316FE1FF-2DD4-4618-9249-B69F35BBB67D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{3500C6D5-F2B1-40C7-9C7E-D7C58F03E5E0}" = protocol=6 | dir=in | app=d:\warcraft iii\war3.exe |
"{35025EA3-5899-457E-A148-C416CB5F03C6}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{3637001A-9A62-462E-B378-4E81C0CA6D70}" = protocol=6 | dir=in | app=j:\combat arms\nmservice.exe |
"{367FE6EB-1558-43C1-A0FF-7DE7F8243AB3}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dota 2 beta\dota.exe |
"{36AB4AFC-DC1B-4060-98E6-6C3E18820FD5}" = protocol=17 | dir=in | app=c:\program files\samsung\allshare framework dms\1.3.09\allshareframeworkdms.exe |
"{376761AB-4994-4569-AB3D-3661B4237581}" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.exe |
"{3B7FD6D8-AB08-46F2-802F-BF1812ABF014}" = protocol=17 | dir=in | app=d:\steam\steamapps\dean_tran\day of defeat source\hl2.exe |
"{3C1A1646-7A9A-42CA-8660-DF12AD9EEFD2}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{401FDF02-4F29-40BB-80C0-BFB967D24029}" = protocol=6 | dir=in | app=d:\civilization 4\beyond the sword\civ4beyondsword.exe |
"{40BC1F4D-D5BD-4DAD-8E63-CDA4FE41A7C6}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{41631820-4AFC-4425-B019-C0FC237D7C58}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{439AFF36-C761-4915-90B6-64AA601D66A3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{43F1E742-DE25-4F1F-ABBB-0E20CC9719C4}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{44F09050-25D7-45E2-93A8-B36B58D0DC45}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{46173F0E-51AA-44AE-B05A-D9B64CD0EC86}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{46F075D5-F4E5-43E3-AD8E-20D7B9CEBAB2}" = protocol=6 | dir=in | app=d:\ventrilo\ventrilo.exe |
"{4804652C-EE0B-4D11-85B0-9938A65D5210}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{497341D8-5385-4924-B132-116AAD8CFD9E}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\shattered_horizon\client_exe\shattered_horizon.exe |
"{4CF5EB55-2CE5-4C7C-ACB9-A7334D6CDEF4}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{4E0C131E-1D22-499B-851D-CD7D49691B98}" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"{4E18FA0E-406A-4DF7-8B50-F00C150B5600}" = protocol=17 | dir=in | app=d:\civilization 4\warlords\civ4warlords.exe |
"{4E445FB4-971B-4682-9DEE-3CD5801F5F93}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{4F267B86-BB30-42F7-BAA7-E24FA4E8ADDF}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{5384BAB4-E62E-4061-B70B-827CD261AB01}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{58A9E626-1A22-4CAD-A662-F32894A583A4}" = protocol=6 | dir=in | app=d:\civilization 4\warlords\civ4warlords_pitboss.exe |
"{5B45BCDA-9FC3-48E5-9468-73128AE5D99B}" = protocol=58 | dir=out | [email protected],-28546 |
"{5D610083-AFE9-4ED2-AEDB-CAFF5F2C4625}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{5E693C3B-A8B0-40ED-9B57-A4936ED5B658}" = protocol=17 | dir=in | app=d:\warcraft iii\war3.exe |
"{5E87D23D-B14D-4629-9D5E-8FC9BA0EF269}" = protocol=6 | dir=in | app=d:\steam\steamapps\dean_tran\day of defeat source\hl2.exe |
"{60298D85-4951-4524-AE2D-094C550A2306}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{66D23401-3D68-4DD3-B159-D46F33D39218}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{6759FC31-CB5E-46DC-85AE-C736D0DB9EE4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{68E11CBA-929B-44A4-842D-EE76D92F578E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{6A0508BA-154B-4AE5-8191-0FD487E1440A}" = protocol=17 | dir=in | app=d:\civilization 4\beyond the sword\civ4beyondsword_pitboss.exe |
"{6ABB6597-5806-4054-9B05-90EFDC4FE426}" = protocol=6 | dir=in | app=d:\civilization 4\warlords\civ4warlords.exe |
"{6BAA0B5D-7703-4FFF-BB93-17B1FA829154}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{6D142241-4256-4AD0-B32B-304E34729592}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{715FF77D-A355-4D1A-A925-5AD6D04C8630}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7341B3D5-45A9-47D1-8391-0BDBF836CBE0}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\deus ex\system\deusex.exe |
"{73589A89-4550-4B10-BC3E-61BEF863FF3C}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{7619E892-FEB0-4934-8DF1-316861E3D7C5}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{78399110-7F4E-4A19-B8AA-500290F712A8}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshare.exe |
"{7CDF8E1E-71B8-40B6-817D-D4CB0A10FE8D}" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.patch.exe |
"{802DCC29-8A85-4947-B11C-805587D2905E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{813EB259-F03A-48E7-8937-45D99AC17646}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{815D958F-EB3D-493B-9A3E-5AA93B622D13}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{81D4F771-934F-4E37-9CDD-F926BFA06E7E}" = protocol=6 | dir=in | app=d:\starcraft ii\starcraft ii.exe |
"{82CE5619-D8B2-4ED5-96FF-CE045B29118D}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8520F3A6-688A-47BE-B92B-FAB52AA4C0AE}" = protocol=17 | dir=in | app=d:\steam\steamapps\dean_tran\day of defeat source\hl2.exe |
"{868D440E-7DE7-4A49-8218-A3D84912D86D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{872207F4-3538-4621-AFB1-CA107EFE264C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{87CBD4BD-0013-4BB2-B020-C08C0D40625F}" = protocol=6 | dir=in | app=d:\civilization 4\beyond the sword\civ4beyondsword_pitboss.exe |
"{8ACFEEEB-1EFD-4974-B260-76F36BF07997}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{8C1B0CB7-7604-4189-BF4D-7A6E3AF0CB2A}" = protocol=17 | dir=in | app=c:\program files (x86)\canon\color network scangear\sgtool.exe |
"{900722CB-003C-49E2-840C-798056756997}" = protocol=17 | dir=in | app=d:\starcraft ii\starcraft ii.exe |
"{90B2DF1A-DFCB-480A-B4C6-DDA4C09A669B}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{91CB69D0-573D-4BBC-9410-9B721A50062E}" = protocol=6 | dir=out | app=system |
"{92A7F147-22D8-4840-AFB5-11643D5683AE}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{92F6625C-C173-43DE-A77A-F96D1D8639CE}" = protocol=17 | dir=in | app=d:\starcraft ii\starcraft ii.exe |
"{92FD0669-035E-4E90-8BDF-BF41385D3C29}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{9312C12C-6580-4C0C-9725-257AE7CE1716}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{93E3D923-3235-4695-B29D-2BDAC2798A0D}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dota 2 beta\dota.exe |
"{95C0C2EA-7B4F-4451-AC15-0555256075EE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{967D81E0-24EA-4B0A-BB2A-1E07FB864F76}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{9A17847D-82CB-4087-B6FB-89D1699924A5}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{9A461BF4-3964-4A56-BF48-A2CBEB4D275B}" = protocol=1 | dir=out | [email protected],-28544 |
"{A0CBEB6C-BF28-46D3-8EA8-2A8401EAD63D}" = dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\allsharedms.exe |
"{A83F4BAA-A634-4C06-9A40-9EFD4720DA56}" = protocol=6 | dir=in | app=d:\civilization 4\civilization4.exe |
"{A94C872F-69D5-4A6E-83E8-C6791FC5F358}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{AC424B5C-701D-4F19-9BDD-787BA618B8E6}" = protocol=6 | dir=in | app=c:\program files (x86)\canon\color network scangear\sgtool.exe |
"{AC79D7F2-6FC4-4F89-AC31-F1EC887D8B2E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{B073E426-EB14-49E1-846D-00CAF52AE613}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{B1516C57-DFBB-4C0B-97B7-0F23BAB4B87A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{B27C0156-2DC7-40E6-8F3B-89A132E1D4C8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{B4B6EB21-17DE-4B63-9A14-B77F06EF79EA}" = protocol=17 | dir=in | app=d:\starcraft 2\starcraft ii\starcraft ii public test.exe |
"{B9205BF3-1DDF-4BAE-8817-669C8AB3959A}" = protocol=17 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"{BE1C7C32-FB65-4919-A225-8925A9863414}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{BFDB3AD6-CA25-49FD-A533-2639F5EB9E54}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{C18D1C3B-F789-4E77-96CD-FA5CDE8FF30C}" = dir=in | app=c:\users\dt\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{C520D631-677E-406B-9E7D-804EB959916F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C68FE857-A825-4938-8FF1-7ED2C1562978}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{C6BFCDF5-BDEB-4964-96CC-35BC9C39D31A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{CA7994D4-87DC-4A88-B48B-51C6AA8E7B65}" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"{CABC8774-2F25-4DF6-B697-B6FD79339BEA}" = dir=out | app=d:\samsung link\samsung link\samsung link.exe |
"{CDC03609-BC2C-420A-9866-195F10B2E742}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{CEB3F80D-B6EC-421C-B4A6-727D29B24D6B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CF4C02EB-FEC0-4FCB-8D1E-34687D5241AB}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{D1E8D970-35D9-49CA-8742-6318B9BDAB99}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D35B5C8F-9802-4761-8A48-2EEFEE39B4E5}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{D52010D5-E728-4FDC-B0C8-6D339710A59D}" = protocol=17 | dir=in | app=d:\civilization 4\beyond the sword\civ4beyondsword.exe |
"{D968A221-69F7-4F56-B728-338A85AB23B7}" = protocol=17 | dir=in | app=d:\civilization 4\civilization4.exe |
"{DA53D584-0482-4438-9122-3D41EA51E063}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{DB319827-F84F-4DCA-8243-C685EB3F0E17}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.0\sonarhost.exe |
"{DDDB6BD7-5BF1-451C-88BD-35335B7FE1FC}" = protocol=6 | dir=in | app=d:\world of warcraft\launcher.exe |
"{DFFF6767-F889-45CF-886D-446DA689DCD8}" = protocol=17 | dir=in | app=d:\civilization 4\warlords\civ4warlords_pitboss.exe |
"{E1C0BFFD-99C0-4D47-9C02-D8034F813736}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{E3455D55-6CBC-43A9-AC28-D5BF41CAB111}" = protocol=6 | dir=in | app=d:\starcraft 2\starcraft ii\starcraft ii.exe |
"{E409AF25-57FC-4040-8879-E0343888EC55}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{E48589E0-A798-404A-8861-83545BB38349}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{E4E08DE0-7673-48C9-AAC7-7FC6A359E899}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E51EA58A-DB07-4F1F-A611-447EEEA4B263}" = protocol=17 | dir=in | app=d:\ventrilo\ventrilo.exe |
"{E5B61224-8C41-437B-9AA4-C67161820C1A}" = protocol=17 | dir=in | app=j:\combat arms\nmservice.exe |
"{E5F9174E-486F-43A3-977A-BB30EEAC458A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E82404F0-79DF-4F97-8B4D-0BE681FBF9F3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E9921CB9-24E2-4A5C-971C-C994E7CF0722}" = protocol=58 | dir=in | [email protected],-28545 |
"{EC165D14-E065-4040-AC6B-34292BB12EFC}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{ECA7DA97-4FB0-4CCA-8B41-E06A163E57F1}" = protocol=17 | dir=in | app=d:\world of warcraft\launcher.patch.exe |
"{EE957058-C59D-467F-AA4F-1A791CD008D7}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{EF123182-2887-4CD6-AFBC-8839412285A2}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshareagent.exe |
"{F04D9F39-49C0-4522-96EC-4266D0662945}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F1398761-4B51-410C-AD63-FE26245C382B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F2396D92-43BB-45CE-A6E8-B481068368D6}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{F42268CA-77AA-4B9B-A32A-D6411A2607B4}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{F42A4C89-4ABF-4C3C-AC2E-1FBADC5E54AF}" = protocol=6 | dir=in | app=d:\starcraft ii\starcraft ii.exe |
"{F4909929-B29E-4E9B-9EFB-E6A89B1681A6}" = protocol=6 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"{F50868B1-2215-457E-9AB2-F2956BE16AEC}" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base15405\sc2.exe |
"{F7C5FE9C-7BE1-4970-82C8-5ECAD2937A53}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\shattered_horizon\client_exe\shattered_horizon.exe |
"{F7C966CB-30F4-4F38-9745-8B3E4C8C5FF4}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{FB60A554-F5D7-499C-A1EC-98C737F5C6FD}" = protocol=6 | dir=in | app=d:\starcraft 2\starcraft ii\starcraft ii public test.exe |
"{FC214660-C223-4D12-B6BB-7F8803ACD790}" = protocol=6 | dir=in | app=d:\steam\steamapps\dean_tran\day of defeat source\hl2.exe |
"{FD2A9AD3-DEA0-4157-8243-52AC7527A865}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{FFD75FFD-7F86-4419-9B7B-BBC0F4B980EF}" = dir=in | app=d:\samsung link\samsung link\samsung link.exe |
"TCP Query User{018671DC-6867-46FF-97EB-3DE381A1AA84}C:\programdata\battle.net\agent\agent.1363\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"TCP Query User{03AF49CF-985B-45B1-AC91-D11607DAB099}D:\python\python.exe" = protocol=6 | dir=in | app=d:\python\python.exe |
"TCP Query User{0CA77E61-BDD3-4FFF-BC23-E78712F1EEDE}D:\scbw\starcraft.exe" = protocol=6 | dir=in | app=d:\scbw\starcraft.exe |
"TCP Query User{0FE3C2BC-09BC-4316-9DFA-A93CE4D563BB}D:\starcraft ii\versions\base19679\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base19679\sc2.exe |
"TCP Query User{12E91BB3-D910-43EA-A465-6FAD1D6D3CC1}D:\spotify\spotify.exe" = protocol=6 | dir=in | app=d:\spotify\spotify.exe |
"TCP Query User{13C0C5BD-7058-4991-9CB6-FB922D4152FD}D:\starcraft ii\versions\base19679\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base19679\sc2.exe |
"TCP Query User{151854D4-9388-47C1-AE7C-43A809CD5997}D:\starcraft ii\versions\base18574\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base18574\sc2.exe |
"TCP Query User{20178F45-402A-4A93-8735-54F5D513133E}B:\torchlight 2\surprise.exe" = protocol=6 | dir=in | app=b:\torchlight 2\surprise.exe |
"TCP Query User{2700AD36-42AB-41E7-BEB1-FDF3A2E04D9C}J:\downloads\starcraft_2_na_en-us (3).exe" = protocol=6 | dir=in | app=j:\downloads\starcraft_2_na_en-us (3).exe |
"TCP Query User{28CD9EDB-C88C-448A-93CB-DF61EB779A6D}J:\unified remote\remoteserver.exe" = protocol=6 | dir=in | app=j:\unified remote\remoteserver.exe |
"TCP Query User{2AC991B1-ABDD-4E6C-877C-BBAD903CA0AD}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{2C1375CA-D31B-4FD2-9B44-7556CD4B7D8C}D:\starcraft ii\versionstest\base17326\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versionstest\base17326\sc2.exe |
"TCP Query User{2C3EDE76-1728-42AC-9C43-16901BD58903}D:\starcraft 2\starcraft ii\versions\base21029\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft 2\starcraft ii\versions\base21029\sc2.exe |
"TCP Query User{2DF61642-B8AC-45C8-9ED5-D278F721D1BC}C:\users\dt\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\dt\appdata\local\temp\gw2.exe |
"TCP Query User{2FD88CAE-A95C-4C13-AF8A-C1B3F8FBC168}D:\starcraft ii\versions\base15405\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base15405\sc2.exe |
"TCP Query User{31C68D7F-B169-4907-956F-C6990C03CEBC}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{332433F9-E83E-4F29-829F-4ADFBEB91175}C:\programdata\battle.net\agent\agent.1225\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"TCP Query User{36AA19BF-F8E9-41C1-A06B-6B96C89940DC}C:\program files\synergy\synergys.exe" = protocol=6 | dir=in | app=c:\program files\synergy\synergys.exe |
"TCP Query User{3761268C-9C7C-48D5-A2D7-F79CB6C51558}D:\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe |
"TCP Query User{3A4874C5-BCBD-44FA-9DAD-EB1151638505}D:\vindictus 2\vindictus\en-us\nmservice.exe" = protocol=6 | dir=in | app=d:\vindictus 2\vindictus\en-us\nmservice.exe |
"TCP Query User{3E294675-C2B1-4B02-BCE3-289B5EDC5F15}D:\starcraft 2\starcraft ii\versions\base24944\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft 2\starcraft ii\versions\base24944\sc2.exe |
"TCP Query User{43A8E8DC-5A80-4F6B-94C4-29F721B96522}J:\combat arms\engine.exe" = protocol=6 | dir=in | app=j:\combat arms\engine.exe |
"TCP Query User{45C12B65-C353-4F49-A2C9-9C7858C99663}D:\garena\garena plus\room\garena_room.exe" = protocol=6 | dir=in | app=d:\garena\garena plus\room\garena_room.exe |
"TCP Query User{460B29BA-543F-4723-BDB4-8D560782B379}D:\starcraft 2\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=6 | dir=in | app=d:\starcraft 2\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe |
"TCP Query User{4B22EE2F-DA24-4B10-A2CD-3A54D4EA37EF}D:\sopcast\sopcast.exe" = protocol=6 | dir=in | app=d:\sopcast\sopcast.exe |
"TCP Query User{4E45A3EC-72FA-47CD-8D8B-58A538365D05}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{4F0F425E-2B01-4EBC-A0BD-427C0647629A}D:\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=d:\sopcast\adv\sopadver.exe |
"TCP Query User{4F396DA7-925F-43E2-AA84-5801CD70F219}D:\starcraft ii\starcraft ii public test.exe" = protocol=6 | dir=in | app=d:\starcraft ii\starcraft ii public test.exe |
"TCP Query User{5E449ECF-EBDB-46B0-8290-CA7342B9911C}D:\heroes of newerth\hon.exe" = protocol=6 | dir=in | app=d:\heroes of newerth\hon.exe |
"TCP Query User{610229EE-14E6-4F71-BB05-C3E8A35CC46C}D:\fifa\game\fifa.exe" = protocol=6 | dir=in | app=d:\fifa\game\fifa.exe |
"TCP Query User{66E08F17-42F7-4164-8C87-3C5F2372C44A}J:\pokegen\pokegen\pokegen.exe" = protocol=6 | dir=in | app=j:\pokegen\pokegen\pokegen.exe |
"TCP Query User{69A6B418-D849-4F95-A792-972EADB7A6DC}D:\vindictus 2\vindictus\en-us\nmservice.exe" = protocol=6 | dir=in | app=d:\vindictus 2\vindictus\en-us\nmservice.exe |
"TCP Query User{7381C507-E153-4098-AB69-554499D10D6D}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{7754BB88-6740-4392-B16B-86497CE7E4BF}D:\steam\steamapps\dean_tran\source sdk base 2007\hl2.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\dean_tran\source sdk base 2007\hl2.exe |
"TCP Query User{77857958-CCC9-4014-9C69-97AFB0C903B8}D:\starcraft 2\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=d:\starcraft 2\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{78689C36-D2C7-443C-A86C-55F1D3288AD0}D:\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe |
"TCP Query User{89EA5C8C-DFB8-4538-BC71-5321E3322F23}D:\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=d:\guild wars 2\gw2.exe |
"TCP Query User{8C25BFD7-5631-4E52-B1A0-B07FBE796D25}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"TCP Query User{8D5430C3-2315-4558-9EC4-47895943B1BC}C:\program files (x86)\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"TCP Query User{8E2C571A-CCD1-4C21-BBF5-4B93A0E5F84E}J:\pokegen\shinygts\shinygts.exe" = protocol=6 | dir=in | app=j:\pokegen\shinygts\shinygts.exe |
"TCP Query User{8ED2731D-8745-477B-A33C-65A97C8BB1E2}D:\warcraft iii\war3.exe" = protocol=6 | dir=in | app=d:\warcraft iii\war3.exe |
"TCP Query User{93A6F345-86D0-491F-AE7D-CE0040D3820E}D:\starcraft ii\versions\base16939\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base16939\sc2.exe |
"TCP Query User{95DDB163-106C-4CA1-816C-F229A47B0939}B:\origin\battlefield 3 beta\bf3.exe" = protocol=6 | dir=in | app=b:\origin\battlefield 3 beta\bf3.exe |
"TCP Query User{9C8A330A-6E72-4B58-98F4-DB6EDB51C720}J:\downloads\fifa.12.clonedvd-p2p\fifa.12\game\fifa.exe" = protocol=6 | dir=in | app=j:\downloads\fifa.12.clonedvd-p2p\fifa.12\game\fifa.exe |
"TCP Query User{A0938366-0524-4490-8ED7-FF304941D558}D:\starcraft ii\versions\base17326\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base17326\sc2.exe |
"TCP Query User{A38AB1C4-5903-4061-BDFF-99E0A2702FBC}D:\sopcast\sopcast.exe" = protocol=6 | dir=in | app=d:\sopcast\sopcast.exe |
"TCP Query User{AE2FCFA2-0B67-4C3D-829A-6DAC7A62E2CA}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{AE38A99F-27D2-40D5-B63B-12DD68D3E3A7}C:\program files\synergy\synergys.exe" = protocol=6 | dir=in | app=c:\program files\synergy\synergys.exe |
"TCP Query User{B159DB93-233C-48A6-AF22-E9494B611B04}D:\starcraft ii\versions\base19132\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base19132\sc2.exe |
"TCP Query User{B52347BE-E910-4DF6-9EBA-AFDC34770B25}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{B7B07C4F-F51A-4320-9295-A2C0B10BF5F4}C:\program files (x86)\unified remote\remoteserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\unified remote\remoteserver.exe |
"TCP Query User{B97213DF-4E5F-4F49-AF36-CBAA16F7E3E5}D:\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=d:\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{BE72BD91-4D99-4945-9E66-27BE4C4A520F}D:\digsby\app\lib\digsby-app.exe" = protocol=6 | dir=in | app=d:\digsby\app\lib\digsby-app.exe |
"TCP Query User{C4339E46-F0A5-4F05-B213-6CC2BBE0E2F8}D:\starcraft 2\starcraft ii\versions\base19679\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft 2\starcraft ii\versions\base19679\sc2.exe |
"TCP Query User{C7C026E1-6FE2-45EA-90F0-0C2BE90441FC}C:\program files (x86)\unified remote\remoteserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\unified remote\remoteserver.exe |
"TCP Query User{CA106311-7B69-4F47-B122-50DC66F0502E}D:\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=d:\guild wars 2\gw2.exe |
"TCP Query User{CB2999CD-EDBB-4698-A2BC-0C7880E9322D}C:\users\dt\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\dt\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{CC706FBC-E400-4661-8E56-3A16BF946932}D:\starcraft 2\starcraft ii\starcraft ii.exe" = protocol=6 | dir=in | app=d:\starcraft 2\starcraft ii\starcraft ii.exe |
"TCP Query User{CF517893-0ADB-4A2C-8FBA-0F7E61474746}D:\spotify\spotify.exe" = protocol=6 | dir=in | app=d:\spotify\spotify.exe |
"TCP Query User{D374D5E6-186A-48F7-9ECB-6710518F7886}D:\starcraft ii\versions\base18574\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base18574\sc2.exe |
"TCP Query User{D811A091-CDFC-4775-BA68-478986EB3406}D:\steam\steamapps\dean_tran\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\dean_tran\team fortress 2\hl2.exe |
"TCP Query User{DE56E53E-2AF5-4A06-BFBE-79D132823A74}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{E15D7A6E-0054-407F-B305-B68621F2DDC5}D:\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=d:\sopcast\adv\sopadver.exe |
"TCP Query User{E5DA2232-AD26-41BC-A3B7-8E1996846285}C:\program files (x86)\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"TCP Query User{E679D4C8-3934-4D07-B5E1-D09DDC7F766E}C:\users\dt\appdata\local\temp\instream00000185\instream.app\instream.exe" = protocol=6 | dir=in | app=c:\users\dt\appdata\local\temp\instream00000185\instream.app\instream.exe |
"TCP Query User{E6E4E6EF-2F30-4BEA-86AD-4424C9565CA8}D:\starcraft 2\starcraft ii\versions\base23260\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft 2\starcraft ii\versions\base23260\sc2.exe |
"TCP Query User{E92DF015-B6C7-4D02-AB60-CBEAB2F3CAFE}D:\starcraft ii\versions\base18092\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base18092\sc2.exe |
"TCP Query User{EBACD4E8-7746-4052-8AFE-019D621DF86D}C:\program files (x86)\gretech\gomtvstreamer\gomtvstreamerstream.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gretech\gomtvstreamer\gomtvstreamerstream.exe |
"TCP Query User{F23DDAC7-FFE3-48E8-AE83-0F419B9CD31C}D:\starcraft 2\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=d:\starcraft 2\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{F343ACB8-9D9E-457A-A74F-86D71301ABB7}D:\starcraft 2\starcraft ii\versions\base22612\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft 2\starcraft ii\versions\base22612\sc2.exe |
"TCP Query User{F4787A36-8E6E-4899-B119-621D4FA05EDA}D:\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe |
"TCP Query User{F6FC76FE-EC25-4D06-B8E4-7D6031EB929D}C:\program files (x86)\gretech\gomtvstreamer\gomtvstreamerlive.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gretech\gomtvstreamer\gomtvstreamerlive.exe |
"TCP Query User{FA4EBC3F-546E-4D43-996A-C007B3DE4770}D:\starcraft 2\starcraft ii\versions\base21029\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft 2\starcraft ii\versions\base21029\sc2.exe |
"UDP Query User{04EA0D23-EBDD-4C65-961E-A6E6FC0764CB}D:\scbw\starcraft.exe" = protocol=17 | dir=in | app=d:\scbw\starcraft.exe |
"UDP Query User{074B4790-8CE1-4C70-A765-BDAE4184BC3B}D:\starcraft ii\versions\base15405\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base15405\sc2.exe |
"UDP Query User{07A048ED-2CBC-4A88-9000-98BD5AC85DB7}D:\starcraft 2\starcraft ii\versions\base24944\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft 2\starcraft ii\versions\base24944\sc2.exe |
"UDP Query User{07FF2464-CB65-4880-9941-4669C74F93FD}D:\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=d:\sopcast\adv\sopadver.exe |
"UDP Query User{138732A3-506E-47CA-885F-BEF602B46EB0}C:\program files (x86)\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"UDP Query User{14793365-5223-4D32-A0D0-7FDF112E8885}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{17892DB3-006B-406A-A055-82919D43ED2D}J:\downloads\starcraft_2_na_en-us (3).exe" = protocol=17 | dir=in | app=j:\downloads\starcraft_2_na_en-us (3).exe |
"UDP Query User{1816BB1E-EC9C-43D5-AA4D-14A13E1798C9}D:\starcraft ii\versions\base19679\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base19679\sc2.exe |
"UDP Query User{1830854A-1208-46DF-8A25-A5CA2AD6F77B}D:\spotify\spotify.exe" = protocol=17 | dir=in | app=d:\spotify\spotify.exe |
"UDP Query User{1CDE0EA4-7CA7-4053-8D39-1F6AFFB06DE6}J:\downloads\fifa.12.clonedvd-p2p\fifa.12\game\fifa.exe" = protocol=17 | dir=in | app=j:\downloads\fifa.12.clonedvd-p2p\fifa.12\game\fifa.exe |
"UDP Query User{21317E65-322C-40F9-AE23-A8F9AA9BAD1A}D:\garena\garena plus\room\garena_room.exe" = protocol=17 | dir=in | app=d:\garena\garena plus\room\garena_room.exe |
"UDP Query User{269EF205-3BDB-48E5-98C2-CF01B5A1EED7}D:\starcraft 2\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=d:\starcraft 2\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{2BF0FB03-4476-45F6-9BE9-D8F0C11A89F0}D:\starcraft 2\starcraft ii\versions\base21029\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft 2\starcraft ii\versions\base21029\sc2.exe |
"UDP Query User{30CBA6EB-B410-4C45-9834-1F08E86636CA}J:\pokegen\shinygts\shinygts.exe" = protocol=17 | dir=in | app=j:\pokegen\shinygts\shinygts.exe |
"UDP Query User{323BD001-EFF3-4415-A8A4-A89C06E94D31}D:\spotify\spotify.exe" = protocol=17 | dir=in | app=d:\spotify\spotify.exe |
"UDP Query User{37C722C5-2932-4729-81E1-C6A4F91FB7FE}D:\python\python.exe" = protocol=17 | dir=in | app=d:\python\python.exe |
"UDP Query User{3B85721E-924E-4621-AFD6-6F7F2FF2F368}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{3C662980-88C4-4668-8BE7-CDEC7177FE09}D:\steam\steamapps\dean_tran\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\dean_tran\team fortress 2\hl2.exe |
"UDP Query User{3CE2DB66-A1BF-4732-943D-D8EFD58E5193}D:\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe |
"UDP Query User{3CEAD467-05A9-40EA-9594-5DFC8DF3B6A0}B:\origin\battlefield 3 beta\bf3.exe" = protocol=17 | dir=in | app=b:\origin\battlefield 3 beta\bf3.exe |
"UDP Query User{41558146-D2D1-4018-BA13-475FFB7875C8}C:\programdata\battle.net\agent\agent.1225\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"UDP Query User{4662A6AC-E183-43D0-808E-55F5B88B9E53}C:\programdata\battle.net\agent\agent.1363\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"UDP Query User{47CC84A5-FE2B-42D8-A09C-5B58770C5B0D}D:\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=d:\guild wars 2\gw2.exe |
"UDP Query User{4FA57ABE-CEEF-4C9C-B445-BE5148EEA1C5}D:\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=d:\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{4FA68ACE-7774-407E-B497-855A0110ACD0}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{50FEBCB6-D8C7-4260-B2DC-3CA86FAF22DD}D:\starcraft ii\versions\base19132\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base19132\sc2.exe |
"UDP Query User{5606B01D-0EF6-4852-8242-5AE7DE159BBA}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{5EA089A4-6C9E-48DB-ACF6-D411B4129B3C}D:\starcraft ii\versions\base17326\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base17326\sc2.exe |
"UDP Query User{5F9E8D1A-E192-481E-845E-B3E2E0C07132}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{5FAB60D2-3EA6-48A9-950B-903770BD332C}D:\starcraft 2\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=d:\starcraft 2\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{608670DE-E71A-4E43-9AAE-6AD6D2F06BBF}C:\program files (x86)\unified remote\remoteserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\unified remote\remoteserver.exe |
"UDP Query User{631CF4D4-E105-4219-AE45-70CA265AD314}D:\starcraft 2\starcraft ii\versions\base23260\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft 2\starcraft ii\versions\base23260\sc2.exe |
"UDP Query User{67C26577-E659-4514-B0C2-AC19572F21D1}D:\fifa\game\fifa.exe" = protocol=17 | dir=in | app=d:\fifa\game\fifa.exe |
"UDP Query User{67D9283E-2E72-468F-BB90-8A2DB9400AC0}J:\pokegen\pokegen\pokegen.exe" = protocol=17 | dir=in | app=j:\pokegen\pokegen\pokegen.exe |
"UDP Query User{685A15E2-1A65-4CD2-BCB8-C7AEB5913F3E}C:\program files (x86)\gretech\gomtvstreamer\gomtvstreamerstream.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gretech\gomtvstreamer\gomtvstreamerstream.exe |
"UDP Query User{6886777C-EA9B-45F2-8D3F-74CAA5FA96DA}C:\users\dt\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\dt\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{6A302EC4-6C20-4448-9CF0-05FC665A9267}D:\warcraft iii\war3.exe" = protocol=17 | dir=in | app=d:\warcraft iii\war3.exe |
"UDP Query User{6A4ABD86-ED67-4DD2-B6C6-AB05E03EA0B7}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"UDP Query User{6FB7163B-E825-48DB-B349-E31A572A2315}C:\users\dt\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\dt\appdata\local\temp\gw2.exe |
"UDP Query User{72BC6636-53B1-422F-B708-9B01A04D4FCC}D:\starcraft 2\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=17 | dir=in | app=d:\starcraft 2\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe |
"UDP Query User{72BD8D0B-F6DE-4317-AA76-9867F1040E8B}D:\sopcast\sopcast.exe" = protocol=17 | dir=in | app=d:\sopcast\sopcast.exe |
"UDP Query User{7836192A-5A22-406F-AEDC-E8B0F3546F88}D:\starcraft ii\versionstest\base17326\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versionstest\base17326\sc2.exe |
"UDP Query User{86D510D0-996D-4A1C-AE4E-3A8ADEC8AD23}D:\starcraft 2\starcraft ii\versions\base22612\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft 2\starcraft ii\versions\base22612\sc2.exe |
"UDP Query User{87636FFD-2076-42A8-B8A8-B5CBAB833CE1}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{89B00564-EF2A-461A-AD2B-20BE102CF346}D:\heroes of newerth\hon.exe" = protocol=17 | dir=in | app=d:\heroes of newerth\hon.exe |
"UDP Query User{8DA6EECC-0A31-4153-B51B-F7C7D48A5CA1}J:\combat arms\engine.exe" = protocol=17 | dir=in | app=j:\combat arms\engine.exe |
"UDP Query User{90554C24-A000-4407-9C79-8E60F9E15AA2}C:\program files\synergy\synergys.exe" = protocol=17 | dir=in | app=c:\program files\synergy\synergys.exe |
"UDP Query User{90A510FB-C3C9-46F9-A93D-7E6B881515F2}D:\starcraft ii\versions\base16939\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base16939\sc2.exe |
"UDP Query User{97412EC7-A4F8-4A51-872C-54C6173C77B4}C:\program files (x86)\gretech\gomtvstreamer\gomtvstreamerlive.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gretech\gomtvstreamer\gomtvstreamerlive.exe |
"UDP Query User{99A43182-BA12-46CB-9ED0-8D28FE287D62}D:\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=d:\sopcast\adv\sopadver.exe |
"UDP Query User{A512FF18-D526-4BB8-BB1A-CABF9C4F570D}D:\starcraft ii\versions\base18092\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base18092\sc2.exe |
"UDP Query User{A84A3EDE-AA78-4DFF-96D7-8340BD4A5BAD}D:\digsby\app\lib\digsby-app.exe" = protocol=17 | dir=in | app=d:\digsby\app\lib\digsby-app.exe |
"UDP Query User{AAE9F195-81D0-4E8C-B7EC-F0398DB24DC7}C:\program files\synergy\synergys.exe" = protocol=17 | dir=in | app=c:\program files\synergy\synergys.exe |
"UDP Query User{AAECD166-796C-43CA-9F60-7D730DC3ABC6}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{AC3C2E35-B32D-41CF-BFAF-EE9A52594A0F}D:\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\backgrounddownloader.exe |
"UDP Query User{B3291D29-0406-4E2D-B516-3BF308D40EEE}D:\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe |
"UDP Query User{B39B7CA1-70BF-4DF4-AED3-1FAAC8D8EE74}C:\program files (x86)\unified remote\remoteserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\unified remote\remoteserver.exe |
"UDP Query User{B76BAF51-2EB7-482D-A094-8D898C9F24AC}D:\sopcast\sopcast.exe" = protocol=17 | dir=in | app=d:\sopcast\sopcast.exe |
"UDP Query User{BB13C429-A602-4136-B267-8218A8BDC735}B:\torchlight 2\surprise.exe" = protocol=17 | dir=in | app=b:\torchlight 2\surprise.exe |
"UDP Query User{BB81ADB2-77D9-4E32-8BAB-30A7160F2498}D:\starcraft ii\versions\base19679\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base19679\sc2.exe |
"UDP Query User{C88867CD-22E5-4020-B6EE-8FE4A447D7A6}D:\starcraft 2\starcraft ii\versions\base19679\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft 2\starcraft ii\versions\base19679\sc2.exe |
"UDP Query User{CD32EA2B-5C01-48FB-9A8A-91189D9C79C9}D:\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=d:\guild wars 2\gw2.exe |
"UDP Query User{D1E84550-C4AA-4F69-9420-0F6FBA02C5B5}D:\steam\steamapps\dean_tran\source sdk base 2007\hl2.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\dean_tran\source sdk base 2007\hl2.exe |
"UDP Query User{DA581A34-0859-4E44-BFD5-30512E419659}D:\vindictus 2\vindictus\en-us\nmservice.exe" = protocol=17 | dir=in | app=d:\vindictus 2\vindictus\en-us\nmservice.exe |
"UDP Query User{DDF26D8E-CF4C-473B-AEE1-7DD2EAF7781B}J:\unified remote\remoteserver.exe" = protocol=17 | dir=in | app=j:\unified remote\remoteserver.exe |
"UDP Query User{E868BC61-49FC-4A3B-94C6-7735ED26E2F2}D:\starcraft ii\starcraft ii public test.exe" = protocol=17 | dir=in | app=d:\starcraft ii\starcraft ii public test.exe |
"UDP Query User{ED44EF96-C6EB-45B6-B04C-F69A532E24B3}D:\vindictus 2\vindictus\en-us\nmservice.exe" = protocol=17 | dir=in | app=d:\vindictus 2\vindictus\en-us\nmservice.exe |
"UDP Query User{EF3E140E-B38F-4342-99C9-DE1F72CCEC1F}D:\starcraft 2\starcraft ii\starcraft ii.exe" = protocol=17 | dir=in | app=d:\starcraft 2\starcraft ii\starcraft ii.exe |
"UDP Query User{EF8A6D27-B481-440E-A438-0C1707DA4224}D:\starcraft ii\versions\base18574\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base18574\sc2.exe |
"UDP Query User{F26F5992-C73D-425A-BC83-72BE7D83ED82}D:\starcraft ii\versions\base18574\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base18574\sc2.exe |
"UDP Query User{F45AB6D2-A9CF-4791-9494-E9D57AAC68B8}D:\starcraft 2\starcraft ii\versions\base21029\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft 2\starcraft ii\versions\base21029\sc2.exe |
"UDP Query User{F4B8976B-B533-4749-A4E3-8B7C5E3E2A30}C:\users\dt\appdata\local\temp\instream00000185\instream.app\instream.exe" = protocol=17 | dir=in | app=c:\users\dt\appdata\local\temp\instream00000185\instream.app\instream.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417021FF}" = Java 7 Update 21 (64-bit)
"{28A0318C-B98D-B6B1-64D1-4E4755A8E668}" = AMD Drag and Drop Transcoding
"{2E295B5B-1AD4-4d36-97C2-A316084722C0}" = Python 2.7.2 (64-bit)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4975DE61-6BF6-B9BC-1FDE-C04C5EC78E4C}" = AMD Media Foundation Decoders
"{49F6DFDE-8DF7-11E1-9E5F-F04DA23A5C58}" = MSVCRT Redists
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5E03A267-415E-5383-FA8F-3CE4145663B9}" = AMD Catalyst Install Manager
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}" = Cisco Systems VPN Client 5.0.07.0440
"{64A3A4F4-B792-11D6-A78A-00B0D0170210}" = Java SE Development Kit 7 Update 21 (64-bit)
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7F801000-A1D5-11E0-9092-0013D3D69929}" = MSVCRT Redists
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89EE4A30-080F-2C95-6F78-C98D18FBD74D}" = AMD Accelerated Video Transcoding
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
"{9CF11D16-ECEB-90A5-A028-CA9E068D848B}" = ccc-utility64
"{A00C9114-40E6-4C70-A619-7DF264B23485}" = HP Deskjet F4200 All-In-One Driver Software 13.0 Rel. 3
"{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FC655E43-0E90-4FAC-AF88-7CF8635C6ADC}" = AllShare Framework DMS
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"7511B29C86C398B4D11A0B0E4176CAD68D1B7057" = Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB (09/02/2009 1.0.0.1)
"8474-7877-9059-0204" = Samsung Link 1.5.0.1305092012
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.55
"EC3E466026556D3EB760B01C4772277614354E11" = Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB (06/11/2009 1.0.0.0)
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Logitech Gaming Software" = Logitech Gaming Software 8.40
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Security Client" = Microsoft Security Essentials
"Shop for HP Supplies" = Shop for HP Supplies
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{017F8447-2A1D-0DDB-B5D7-CA2BFACE2886}" = CCC Help French
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{054E9A1C-3EA2-C657-E787-FD8DCF5C3D3B}" = CCC Help Czech
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DE2BD51-0300-772D-5E18-F337D95D5687}" = CCC Help German
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{224E8FEB-5C1F-077F-6FC5-602AC1AE644D}" = CCC Help Danish
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java™ 6 Update 30
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{275E9C49-C72F-D754-DEB7-77F10A9C00D8}" = CCC Help Japanese
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{30049739-BE95-6591-B504-E6D7057D49CC}" = CCC Help Spanish
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}" = Google Earth Plug-in
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{363CEA5C-C9D0-45DD-9511-A461DBDEE94B}" = DJ_AIO_03_F4200_Software_Min
"{36A52BCF-AC3D-32F1-AD5F-A09769EB8887}" = Google Talk Plugin
"{37D4AB78-5281-44EE-91D8-B65CFE509851}" = Unified Remote
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}" = Mega Manager
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3F1EB155-F96E-EB7B-2EF2-7375490E0FA9}" = CCC Help English
"{4377F918-E6C9-4ECA-A7F5-754B310B7ED8}" = Sid Meier's Civilization 4
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{4475560E-9418-4908-A158-472D873AE139}" = LogMeIn
"{46F8CF66-AB83-38A7-99B2-A5BE507EE472}" = Microsoft Visual C++ 2010 Express - ENU
"{49471DB8-7F3C-42DB-89C2-AC50FA0C5290}" = Camtasia Studio 7
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A5667B2-5D13-46C2-85B5-9D46A6096F61}" = Secure Download Manager
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4B023D7B-9E67-795D-FB31-B5E1F6DCA451}" = CCC Help Italian
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{55F6C486-8C75-2A72-DAFE-CE78A624C9F7}" = CCC Help Russian
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5AF23993-7152-1620-E43F-1B4542FB4F84}" = CCC Help Thai
"{63326924-3CAF-C858-3A8F-8598C87019D7}" = Catalyst Control Center
"{63822E89-11AA-F8EC-D433-F72A85799EC0}" = CCC Help Greek
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{66361420-4905-AEB8-17AE-172FDD164A7E}" = CCC Help Polish
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69488E1A-B0AF-498F-85D3-9AA057A682FF}" = Finestra Virtual Desktops
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{769F2A4B-84A3-9486-ADD2-9E5AB4B4E1E3}" = Catalyst Control Center InstallProxy
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8773DD1C-5FB2-95B5-5A93-0EFEAC900A4D}" = CCC Help Norwegian
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8CCBB0BF-9CC1-1A65-BB93-56012A460EE6}" = CCC Help Portuguese
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{989FB5FD-9B00-4B32-8663-849CB1370DD1}" = Google Drive
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C684A01-7F9C-40E7-AF94-BFE24BC89C97}" = XSplit
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A0A3CE05-96CB-52E9-434E-074F3BB7807E}" = CCC Help Turkish
"{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}" = FIFA 13
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{A9C64319-932F-D02B-B14C-FFFC3EC49E77}" = CCC Help Chinese Standard
"{AC2C1BDB-1E91-4F94-B99C-E716FE2E9C75}_is1" = MinGW-Get version 0.5-beta-20120426-1
"{AC76BA86-1033-FFFF-7760-000000000006}" = Adobe Acrobat XI Pro
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}" = Mumble 1.2.3
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C09DB932-7619-7B56-30E3-C0454811D6D7}" = CCC Help Korean
"{C1FCDCA1-2759-4E5E-84EE-3A665BB2F513}" = iPhoneBrowser
"{C22A4697-BD77-ACB1-744F-1FD0A0BFF798}" = CCC Help Swedish
"{C2524280-A5CF-4458-B809-167F13FAB56D}" = F4200
"{C41DABFE-49B1-4B24-9DF0-6DF70B485737}" = Mega Manager
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C8773FDB-D0DB-BE52-D536-F48F9886B57B}" = Adobe Download Assistant
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4B457B2-260F-C561-CA87-703BD3B724CA}" = Catalyst Control Center Graphics Previews Common
"{D6CDB506-297D-AE70-0EF6-DE5185F961BE}" = CCC Help Chinese Traditional
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{ECFD508E-68A2-91B2-46DD-1D03D783D94B}" = Catalyst Control Center Localization All
"{EDE361D5-35A5-DA7D-3462-C3DABD24029B}" = CCC Help Hungarian
"{EFD17D49-7394-40FA-8719-8C56B49418CB}" = Foxit Reader
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F1658760-1173-4D65-B709-A0591C104AE1}" = Color Network ScanGear Ver.2.61
"{F1E7DD6A-AE2D-D706-BEB3-937F76CA6AE9}" = CCC Help Finnish
"{F56F54DD-BCB2-1221-2CB7-E983A5CF9D15}" = CCC Help Dutch
"{FAB1F336-1B7C-4057-A7BC-2922CD82A781}" = Ralink RT6x Wireless LAN Card
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FECDEFFF-D7FC-4502-96CA-C9E0BF62CCA5}" = Skype Voice Changer
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Android Studio" = Android Studio
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"AutoHotkey" = AutoHotkey 1.0.48.05
"Avidemux 2.6 (64-bit)" = Avidemux 2.6
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"CDisplay_is1" = CDisplay 1.8
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Daum Screensaver High" = Daum ½ºÅ©¸°¼¼À̹ö °íÈÁú¹öÀü
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"Digsby" = Digsby
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"foobar2000" = foobar2000 v1.2
"Foxit Creator" = Foxit Creator
"Fraps" = Fraps
"GoldenEye: Source" = GoldenEye: Source - HalfLife 2 Mod
"GOM Player" = GOM Player
"GomTVStreamer" = GOMTV Streamer
"Guild Wars" = Guild Wars
"Guild Wars 2" = Guild Wars 2
"HandBrake" = HandBrake 0.9.8
"Hauppauge WinTV 7" = Hauppauge WinTV 7
"Hauppauge WinTV Infrared Remote" = Hauppauge WinTV Infrared Remote
"Hauppauge WinTV IR Blaster" = Hauppauge WinTV IR Blaster
"HDTP" = Deus Ex - HDTP
"hon" = Heroes of Newerth
"im" = Garena Plus
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.3.0 (Basic)
"LAME_is1" = LAME v3.99.3 (for Windows)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mendeley Desktop" = Mendeley Desktop 1.6
"Microsoft Visual C++ 2010 Express - ENU" = Microsoft Visual C++ 2010 Express - ENU
"mIRC" = mIRC
"Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"Origin" = Origin
"Pidgin" = Pidgin
"PunkBusterSvc" = PunkBuster Services
"QuickPar" = QuickPar 0.9
"RealAlt_is1" = Real Alternative 1.8.0
"RealPlayer 12.0" = RealPlayer
"RivaTuner" = RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
"SopCast" = SopCast 3.2.9
"SpeedFan" = SpeedFan (remove only)
"Spotify" = Spotify
"StarCraft II" = StarCraft II
"Steam App 218" = Source SDK Base 2007
"Steam App 219640" = Chivalry: Medieval Warfare
"Steam App 300" = Day of Defeat: Source
"Steam App 440" = Team Fortress 2
"Steam App 564" = Left 4 Dead 2 Add-on Support
"Steam App 730" = Counter-Strike: Global Offensive Beta
"SumatraPDF" = SumatraPDF
"Synergy" = Synergy
"TeamViewer 7" = TeamViewer 7
"TrueCrypt" = TrueCrypt
"Veetle TV" = Veetle TV
"VLC media player" = VLC media player 2.0.6
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
"winscp3_is1" = WinSCP 4.3.2
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{32E4F0D2-C135-475E-A841-1D59A0D22989}" = Sid Meier's Civilization 4 - Beyond the Sword
"{3E4B349F-10B5-4586-9D99-489A90A8B228}" = Sid Meier's Civilization 4 - Warlords
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"Flux" = F.lux
"Google Chrome" = Google Chrome
"MusicManager" = Music Manager
"MyFreeCodec" = MyFreeCodec
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 7/5/2013 12:25:56 PM | Computer Name = DT-PC | Source = AllShare Framework DMS | ID = 131073
Description =
Error - 7/6/2013 1:06:02 PM | Computer Name = DT-PC | Source = AllShare Framework DMS | ID = 131073
Description =
Error - 7/6/2013 1:06:02 PM | Computer Name = DT-PC | Source = AllShare Framework DMS | ID = 131073
Description =
Error - 7/7/2013 1:09:08 PM | Computer Name = DT-PC | Source = AllShare Framework DMS | ID = 131073
Description =
Error - 7/7/2013 1:09:08 PM | Computer Name = DT-PC | Source = AllShare Framework DMS | ID = 131073
Description =
Error - 7/7/2013 7:27:44 PM | Computer Name = DT-PC | Source = AllShare Framework DMS | ID = 131073
Description =
Error - 7/7/2013 7:27:44 PM | Computer Name = DT-PC | Source = AllShare Framework DMS | ID = 131073
Description =
Error - 7/7/2013 8:42:30 PM | Computer Name = DT-PC | Source = AllShare Framework DMS | ID = 131073
Description =
Error - 7/7/2013 8:42:33 PM | Computer Name = DT-PC | Source = AllShare Framework DMS | ID = 131073
Description =
Error - 7/7/2013 10:00:01 PM | Computer Name = DT-PC | Source = Windows Backup | ID = 4103
Description =
[ Media Center Events ]
Error - 5/21/2012 7:45:00 AM | Computer Name = DT-PC | Source = MCUpdate | ID = 0
Description = 4:45:00 AM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )
Error - 5/22/2012 7:03:07 AM | Computer Name = DT-PC | Source = MCUpdate | ID = 0
Description = 4:03:07 AM - Failed to retrieve SportsSchedule.enc (Error: HTTP status
404: The requested URL does not exist on the server. )
Error - 5/22/2012 8:15:22 AM | Computer Name = DT-PC | Source = MCUpdate | ID = 0
Description = 5:14:42 AM - Failed to retrieve SportsSchedule.enc (Error: HTTP status
404: The requested URL does not exist on the server. )
Error - 5/22/2012 9:15:46 AM | Computer Name = DT-PC | Source = MCUpdate | ID = 0
Description = 6:15:34 AM - Failed to retrieve SportsSchedule.enc (Error: HTTP status
404: The requested URL does not exist on the server. )
Error - 5/22/2012 10:16:44 AM | Computer Name = DT-PC | Source = MCUpdate | ID = 0
Description = 7:16:01 AM - Failed to retrieve SportsSchedule.enc (Error: HTTP status
404: The requested URL does not exist on the server. )
Error - 5/22/2012 7:47:43 PM | Computer Name = DT-PC | Source = MCUpdate | ID = 0
Description = 4:46:58 PM - Failed to retrieve SportsSchedule.enc (Error: HTTP status
404: The requested URL does not exist on the server. )
Error - 5/23/2012 7:28:34 AM | Computer Name = DT-PC | Source = MCUpdate | ID = 0
Description = 4:28:34 AM - Failed to retrieve SportsSchedule.enc (Error: HTTP status
404: The requested URL does not exist on the server. )
Error - 6/25/2012 2:31:38 AM | Computer Name = DT-PC | Source = MCUpdate | ID = 0
Description = 11:31:38 PM - Error connecting to the internet. 11:31:38 PM - Unable
to contact server..
Error - 11/17/2012 6:02:43 PM | Computer Name = DT-PC | Source = ehRecvr | ID = 3
Description = TV tuner encountered an error. (0xc0040524) Hauppauge WinTV-7164 BDA
ATSC/QAM Tuner
Error - 11/17/2012 6:02:44 PM | Computer Name = DT-PC | Source = ehRecvr | ID = 3
Description = TV tuner encountered an error. (0xc0040524) Hauppauge WinTV-7164 BDA
ATSC/QAM Tuner
[ OSession Events ]
Error - 6/3/2012 7:21:15 PM | Computer Name = DT-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 106 seconds with 60 seconds of active time. This session ended with a crash.
Error - 6/3/2012 7:23:03 PM | Computer Name = DT-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 75 seconds with 60 seconds of active time. This session ended with a crash.
Error - 11/20/2012 1:20:47 AM | Computer Name = DT-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 78903
seconds with 4920 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 7/4/2013 2:22:42 PM | Computer Name = DT-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
Error - 7/5/2013 7:53:04 PM | Computer Name = DT-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
Error - 7/6/2013 2:59:49 PM | Computer Name = DT-PC | Source = volsnap | ID = 393251
Description = The shadow copies of volume C: were aborted because the shadow copy
storage failed to grow.
Error - 7/6/2013 5:41:09 PM | Computer Name = DT-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Steam
Client Service service to connect.
Error - 7/6/2013 5:41:09 PM | Computer Name = DT-PC | Source = Service Control Manager | ID = 7000
Description = The Steam Client Service service failed to start due to the following
error: %%1053
Error - 7/7/2013 2:50:59 AM | Computer Name = DT-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
Error - 7/7/2013 2:51:29 AM | Computer Name = DT-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the LanmanServer service.
Error - 7/7/2013 2:51:59 AM | Computer Name = DT-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the WSearch service.
Error - 7/7/2013 2:52:01 AM | Computer Name = DT-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
Error - 7/7/2013 7:33:40 PM | Computer Name = DT-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
< End of report >
Thanks for the help!
Edited by irishunter, 07 July 2013 - 11:45 PM.
Sign In
Create Account
