Hello Gerrit,
I had to get someone else's laptop to access this forum. And it would not let me edit my previous post for additional info.
Also I cannot connect to the internet at all on my laptop, I've been doing so only to connect to this forum and unplugging it all other times, I connect directly and do not use wireless it is disabled. It's not so much my internet connection as it shows that I am connected, but my browsers that cannot connect to proxy. When running the troubleshooter it says
the remote device or resource won't accept the connection.
Also I don't know if this info will help you with anything or not but my skydrive online and on my computer had/havent been working right or sometimes don't seem to really work at all.
This is the awd cleaner file:
# AdwCleaner v3.012 - Report created 12/11/2013 at 21:24:01
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Administrator - OWNERPC-P0SPPR1
# Running from : C:\Users\Administrator\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : hshld
[#] Service Deleted : hsstrayservice
Service Deleted : hsswd
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\hotspot shield
Folder Deleted : C:\ProgramData\StarApp
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\hotspot shield
Folder Deleted : C:\Program Files (x86)\Vittalia
Folder Deleted : C:\Windows\SysWOW64\hotspot shield
Folder Deleted : C:\Users\Administrator\AppData\Local\Conduit
Folder Deleted : C:\Users\Administrator\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Administrator\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Administrator\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Administrator\AppData\LocalLow\Vuze_Remote
Folder Deleted : C:\Users\Administrator\AppData\Roaming\hotspot shield
File Deleted : C:\END
File Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstallerStub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstallerStub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_java-runtime-environment_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_java-runtime-environment_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{87EAB409-97D7-4889-ACFA-C548FC6F3ECF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7C28CEF1-A4A6-4B6A-8B97-C44F1267753C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKCU\Software\anchorfree
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\hotspotshield
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
Key Deleted : HKLM\Software\Application Updater
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\hotspotshield
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\Software\Vittalia
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vittalia
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16720
-\\ Google Chrome v30.0.1599.101
[ File : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted : homepage
Deleted : icon_url
Deleted : urls_to_restore_on_startup
*************************
AdwCleaner[R0].txt - [6596 octets] - [12/11/2013 21:22:12]
AdwCleaner[S0].txt - [5899 octets] - [12/11/2013 21:24:01]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5959 octets] ##########
This one is the OTL file:
OTL logfile created on: 12/11/2013 10:03:37 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Administrator\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
11.91 Gb Total Physical Memory | 9.24 Gb Available Physical Memory | 77.62% Memory free
23.81 Gb Paging File | 20.81 Gb Available in Paging File | 87.39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 698.54 Gb Total Space | 149.43 Gb Free Space | 21.39% Space Free | Partition Type: NTFS
Drive D: | 7.42 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 1.26 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 14.66 Gb Total Space | 0.73 Gb Free Space | 4.96% Space Free | Partition Type: NTFS
Drive H: | 931.51 Gb Total Space | 32.59 Gb Free Space | 3.50% Space Free | Partition Type: NTFS
Drive I: | 3.70 Gb Total Space | 3.00 Gb Free Space | 81.09% Space Free | Partition Type: FAT32
Computer Name: OWNERPC-P0SPPR1 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2013/11/10 21:47:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL (1).exe
PRC - [2013/10/20 23:41:59 | 001,384,288 | ---- | M] () -- C:\Program Files (x86)\Opera\17.0.1241.53\opera_crashreporter.exe
PRC - [2013/10/20 23:41:58 | 042,239,328 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\17.0.1241.53\opera.exe
PRC - [2013/08/04 11:33:28 | 004,686,848 | ---- | M] (Veoh Networks) -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\VeohWebPlayer.exe
PRC - [2013/07/03 14:39:22 | 001,028,896 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013/07/03 14:32:38 | 001,887,520 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/07/03 14:32:25 | 001,205,024 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
PRC - [2013/06/05 00:01:52 | 004,489,472 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe
PRC - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 13:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/07/13 15:27:00 | 000,769,432 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2011/10/28 11:18:46 | 000,049,208 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Software Update\hpwuschd2.exe
========== Modules (No Company Name) ========== MOD - [2013/10/20 23:42:01 | 000,881,504 | ---- | M] () -- C:\Program Files (x86)\Opera\17.0.1241.53\libGLESv2.dll
MOD - [2013/10/20 23:42:00 | 000,109,408 | ---- | M] () -- C:\Program Files (x86)\Opera\17.0.1241.53\libEGL.dll
MOD - [2013/10/20 23:41:59 | 001,384,288 | ---- | M] () -- C:\Program Files (x86)\Opera\17.0.1241.53\opera_crashreporter.exe
MOD - [2013/10/20 23:41:59 | 000,868,704 | ---- | M] () -- C:\Program Files (x86)\Opera\17.0.1241.53\ffmpegsumo.dll
MOD - [2013/04/21 20:44:32 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/04/21 20:44:04 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/12/03 08:47:14 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2011/06/21 06:48:28 | 000,910,336 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\QtNetwork4.dll
MOD - [2011/06/20 06:37:16 | 010,836,992 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\QtWebKit4.dll
MOD - [2011/06/20 04:52:20 | 001,283,584 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\QtScript4.dll
MOD - [2011/06/20 04:32:40 | 000,266,752 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\phonon4.dll
MOD - [2011/06/20 04:21:50 | 007,994,880 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\QtGui4.dll
MOD - [2011/06/20 04:04:56 | 002,233,344 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\QtCore4.dll
MOD - [2011/05/26 02:38:06 | 000,120,320 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\imageformats\qjpeg4.dll
MOD - [2011/05/26 02:38:06 | 000,022,016 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\imageformats\qgif4.dll
========== Services (SafeList) ========== SRV:
64bit: - [2013/08/12 13:11:04 | 000,366,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:
64bit: - [2013/08/12 13:11:04 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:
64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:
64bit: - [2009/07/13 18:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/10/08 22:14:24 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/03 14:32:38 | 001,887,520 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/12/14 02:42:10 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/11/19 17:03:24 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/07/13 15:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011/03/13 09:58:30 | 000,074,912 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2011/01/17 22:28:28 | 000,024,576 | ---- | M] (Intuit) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2010/10/22 12:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/11/18 03:42:52 | 000,253,568 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2009/11/18 03:16:42 | 000,137,344 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/18 15:45:28 | 000,061,440 | ---- | M] (Intuit Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2005/03/09 19:50:18 | 000,018,944 | ---- | M] (
http://libusb-win32.sourceforge.net) [Auto | Stopped] -- C:\Windows\SysWOW64\libusbd-nt.exe -- (libusbd)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2013/10/15 18:42:02 | 000,044,744 | ---- | M] (AnchorFree Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\hssdrv6.sys -- (HssDRV6)
DRV:
64bit: - [2013/10/10 02:00:58 | 000,294,248 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\VMM.sys -- (vmm)
DRV:
64bit: - [2013/06/21 05:06:36 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:
64bit: - [2013/06/20 18:09:46 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:
64bit: - [2013/06/18 20:50:08 | 000,139,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:
64bit: - [2013/04/04 13:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:
64bit: - [2013/03/18 00:28:45 | 000,142,424 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AnyDVD.sys -- (AnyDVD)
DRV:
64bit: - [2013/03/04 05:24:27 | 000,040,344 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:
64bit: - [2012/12/14 02:42:22 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:
64bit: - [2012/12/13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:
64bit: - [2012/11/08 01:52:06 | 000,077,040 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh)
DRV:
64bit: - [2012/11/08 01:42:06 | 000,249,584 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc)
DRV:
64bit: - [2012/09/10 09:41:06 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:
64bit: - [2012/09/04 13:17:13 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:
64bit: - [2012/08/23 07:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:
64bit: - [2012/08/23 07:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:
64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:
64bit: - [2012/07/30 23:04:12 | 000,690,832 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:
64bit: - [2012/07/04 13:48:00 | 000,093,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetndis64.sys -- (andnetndis)
DRV:
64bit: - [2012/07/03 11:50:00 | 000,036,352 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetmodem64.sys -- (ANDNetModem)
DRV:
64bit: - [2012/07/03 11:50:00 | 000,029,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetdiag64.sys -- (AndNetDiag)
DRV:
64bit: - [2012/06/12 21:00:48 | 000,726,160 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:
64bit: - [2012/03/25 09:26:34 | 000,115,272 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:
64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2011/12/07 18:42:28 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:
64bit: - [2011/12/06 03:23:10 | 000,331,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:
64bit: - [2011/11/03 02:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:
64bit: - [2011/10/16 10:24:57 | 000,032,848 | ---- | M] (ip-shield.net LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipshtap.sys -- (ipshtap)
DRV:
64bit: - [2011/06/27 00:37:00 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:
64bit: - [2011/03/13 09:58:44 | 000,280,224 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:
64bit: - [2011/03/13 09:58:44 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:
64bit: - [2011/03/13 09:58:44 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:
64bit: - [2011/03/13 09:58:44 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:
64bit: - [2011/03/13 09:58:42 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:
64bit: - [2011/03/13 09:58:42 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:
64bit: - [2011/03/13 09:58:42 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:
64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2010/11/16 13:23:56 | 000,106,752 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\swiwdmbusx64.sys -- (swiwdmbus)
DRV:
64bit: - [2010/11/16 13:12:10 | 000,211,072 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\swumxa3.sys -- (SWUMXA3)
DRV:
64bit: - [2010/11/16 13:11:50 | 000,245,760 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\swnc8ua3.sys -- (SWNC8UA3)
DRV:
64bit: - [2010/11/11 01:11:52 | 000,141,384 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdserd.sys -- (sscdserd)
DRV:
64bit: - [2010/11/11 01:11:50 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:
64bit: - [2010/11/11 01:11:50 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus)
DRV:
64bit: - [2010/11/11 01:11:50 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:
64bit: - [2010/10/19 22:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:
64bit: - [2010/09/08 18:39:32 | 000,129,024 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:
64bit: - [2010/09/07 13:27:24 | 000,038,912 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PcaSp60.sys -- (PcaSp60)
DRV:
64bit: - [2009/11/20 14:26:50 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:
64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009/07/13 17:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:
64bit: - [2009/07/12 05:16:06 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.SYS -- (SSPORT)
DRV:
64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:
64bit: - [2008/05/06 15:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:
64bit: - [2008/02/05 00:50:42 | 000,079,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2013/07/02 12:55:03 | 000,077,004 | ---- | M] (Oak Technology Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysWow64\drivers\AFS.SYS -- (AFS)
DRV - [2013/03/18 00:28:45 | 000,142,424 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2012/12/09 21:57:03 | 000,089,560 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\AeriaGames\EdenEternal\avital\ussjcs64.sys -- (usj)
DRV - [2011/06/02 10:08:34 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2010/09/07 13:27:24 | 000,038,912 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PcaSp60.sys -- (PcaSp60)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005/03/09 19:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\libusb0.sys -- (libusb0)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:
64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRCIE:
64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.co...g}&sourceid=ie7IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRCIE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.co...g}&sourceid=ie7 IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1436811410-1753281251-3049770552-1002\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1436811410-1753281251-3049770552-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://google.ca/IE - HKU\S-1-5-21-1436811410-1753281251-3049770552-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://ca.msn.com/?r...opt=0&ocid=iehpIE - HKU\S-1-5-21-1436811410-1753281251-3049770552-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-1436811410-1753281251-3049770552-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 57 F2 F5 45 AA 84 CD 01 [binary data]
IE - HKU\S-1-5-21-1436811410-1753281251-3049770552-500\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1436811410-1753281251-3049770552-500\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.co...1I7AURU_enCA499IE - HKU\S-1-5-21-1436811410-1753281251-3049770552-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-1436811410-1753281251-3049770552-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;<local>
IE - HKU\S-1-5-21-1436811410-1753281251-3049770552-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8555;https=127.0.0.1:8555
========== FireFox ========== FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:
64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=4.0: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox [2013/07/02 19:40:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2013/07/24 10:59:24 | 000,000,000 | ---D | M]
[2013/11/12 20:52:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions
========== Chrome ========== CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - Extension: No name found = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\
CHR - Extension: No name found = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: MixiDJ V8 = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.0.62_0\
CHR - Extension: No name found = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojkdcodhlkmiakbangobnmdhieapagic\1.0.0_0\
O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:
64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:
64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:
64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:
64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
O3:
64bit: - HKU\S-1-5-21-1436811410-1753281251-3049770552-500\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:
64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:
64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)
O4:
64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:
64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:
64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:
64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [FLxHCIm] C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe (Windows ® Win 7 DDK provider)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\Hewlett-Packard\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1436811410-1753281251-3049770552-1002..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1436811410-1753281251-3049770552-500..\Run: [Akamai NetSession Interface] C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-1436811410-1753281251-3049770552-500..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1436811410-1753281251-3049770552-500..\Run: [DS3 Tool] C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe (www.motioninjoy.com)
O4 - HKU\S-1-5-21-1436811410-1753281251-3049770552-500..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-21-1436811410-1753281251-3049770552-500..\Run: [SkyDrive] C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1436811410-1753281251-3049770552-500..\Run: [uTorrent] C:\Users\Administrator\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKU\S-1-5-21-1436811410-1753281251-3049770552-500..\Run: [VeohPlugin] C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1436811410-1753281251-3049770552-1002..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1436811410-1753281251-3049770552-500..\RunOnce: [Uninstall C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530_1] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530_1" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\S-1-5-21-1436811410-1753281251-3049770552-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:
64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:
64bit: - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O9:
64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13
64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:
64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16:
64bit: - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_07)
O16:
64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9}
http://support.asus....k_sys_ctrl3.cab (asusTek_sysctrl Class)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F}
http://content.syste...tel_4.5.5.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{25DFF212-CB9A-4D9C-897E-F37041D30E72}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3656380A-593C-446E-A327-14031E4898E7}: DhcpNameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5BF6E015-86D4-4B85-A85D-DDC5AAC54796}: DhcpNameServer = 209.91.107.11 209.121.225.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74F2496C-A4AE-4BC8-A53C-4350286FBA7C}: DhcpNameServer = 209.91.107.11 209.121.225.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FFF4CFA2-3033-4FCE-90C2-4BDA9DE2797F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FFF4CFA2-3033-4FCE-90C2-4BDA9DE2797F}: NameServer = 8.8.8.8,8.8.4.4
O18:
64bit: - Protocol\Handler\intu-help-qb2 - No CLSID value found
O18:
64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:
64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:
64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:
64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/03/02 00:05:09 | 000,000,000 | ---D | M] - H:\autorun -- [ NTFS ]
O32 - AutoRun File - [2012/03/02 00:05:09 | 000,000,036 | ---- | M] () - H:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
NetSvcs:
64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2013/11/12 21:18:12 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/12 20:50:27 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/11/11 20:00:00 | 000,000,000 | ---D | C] -- C:\Users\Administrator\.appwork
[2013/11/10 23:04:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL (1).exe
[2013/11/08 15:02:01 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\Regency Toyota Pre-Owned Vehicles 2008 Toyota Yaris 2008 $13,995_files
[2013/11/08 14:29:57 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\Used 2009 Toyota Yaris, $12,998 - New Westminster Westminster Toyota_files
[2013/11/04 12:23:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeTime
[2013/11/04 12:03:22 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\
Studio
[2013/11/04 12:03:21 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\
Studio
[2013/11/04 12:03:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\
[2013/11/04 12:03:11 | 000,000,000 | ---D | C] -- C:\ProgramData\
Studio
[2013/11/04 12:03:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\
Studio
[2013/11/01 12:55:16 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
[2013/10/31 20:36:45 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Veoh Networks, Inc
[2013/10/31 20:36:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Veoh Networks
[2013/10/26 02:00:35 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2013/10/25 18:57:43 | 000,044,744 | ---- | C] (AnchorFree Inc.) -- C:\Windows\SysNative\drivers\hssdrv6.sys
[2013/10/17 22:26:05 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2013/10/17 22:26:05 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2013/10/17 21:02:13 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\PlayFirst
[2013/10/17 21:02:13 | 000,000,000 | ---D | C] -- C:\ProgramData\PlayFirst
[2013/10/16 17:43:06 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\walkthrough's
[2013/10/16 17:36:40 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Ayurvedic course
[2013/10/16 17:35:59 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Intrnet xplornet bills
[2013/10/16 17:25:38 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Indigo Chapters documents
[1 C:\Users\Administrator\Documents\*.tmp files -> C:\Users\Administrator\Documents\*.tmp -> ]
[1 C:\Users\Administrator\Desktop\*.tmp files -> C:\Users\Administrator\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2013/11/12 21:43:31 | 001,321,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/11/12 21:43:31 | 000,660,122 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/11/12 21:43:31 | 000,420,586 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2013/11/12 21:43:31 | 000,124,796 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/11/12 21:43:31 | 000,123,028 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2013/11/12 21:38:05 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/12 21:38:05 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/12 21:27:37 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/12 21:26:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/12 21:26:01 | 999,092,222 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/12 21:22:38 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/12 21:12:10 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/11/12 20:47:38 | 001,085,542 | ---- | M] () -- C:\Users\Administrator\Desktop\AdwCleaner.exe
[2013/11/12 20:41:37 | 005,625,688 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/11/10 21:47:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL (1).exe
[2013/11/10 18:57:51 | 000,402,986 | ---- | M] () -- C:\Users\Administrator\Desktop\pptc054.pdf
[2013/11/08 15:02:01 | 000,076,979 | ---- | M] () -- C:\Users\Administrator\Desktop\Regency Toyota Pre-Owned Vehicles 2008 Toyota Yaris 2008 $13,995.htm
[2013/11/08 14:29:57 | 000,090,811 | ---- | M] () -- C:\Users\Administrator\Desktop\Used 2009 Toyota Yaris, $12,998 - New Westminster Westminster Toyota.htm
[2013/11/05 13:00:52 | 000,001,048 | ---- | M] () -- C:\Users\Public\Desktop\Hotspot Shield.lnk
[2013/11/04 23:41:10 | 005,297,551 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 13 [1E580435].mp4
[2013/11/04 23:41:04 | 149,670,408 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 12 [7729E599].mp4
[2013/11/04 23:35:31 | 136,817,561 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 11 [90DCD193].mp4
[2013/11/04 23:29:54 | 159,378,722 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 10 [A53F6183].mp4
[2013/11/04 23:23:52 | 143,395,492 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 09 [B3D6746D].mp4
[2013/11/04 23:17:58 | 133,504,883 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 08 [A52BC8DD].mp4
[2013/11/04 23:12:21 | 159,323,910 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 07 [DCEA53CA].mp4
[2013/11/04 23:06:19 | 159,463,195 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 06 [68A52627].mp4
[2013/11/04 23:00:22 | 159,384,225 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 05 [798DDFF5].mp4
[2013/11/04 22:54:11 | 140,460,381 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 04 [E45A3D8F].mp4
[2013/11/04 22:48:40 | 159,371,360 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 03 [C1279952].mp4
[2013/11/04 22:42:14 | 153,779,427 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 02 [30F330DD].mp4
[2013/11/04 22:36:26 | 152,018,493 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 01 [CC187CB1].mp4
[2013/11/04 22:17:32 | 000,002,415 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\
Video Converter Platinum.lnk
[2013/11/04 22:17:32 | 000,002,391 | ---- | M] () -- C:\Users\Public\Desktop\
Video Converter Platinum.lnk
[2013/11/01 12:55:17 | 000,002,565 | ---- | M] () -- C:\Users\Administrator\Desktop\Windows 7 USB DVD Download Tool.lnk
[2013/10/31 20:36:45 | 000,002,233 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Veoh Web Player Beta.lnk
[2013/10/31 20:36:45 | 000,002,211 | ---- | M] () -- C:\Users\Administrator\Desktop\Veoh Web Player.lnk
[2013/10/24 14:34:56 | 000,020,254 | ---- | M] () -- C:\Users\Administrator\Desktop\c1e1e55bba60201f1b15ef16b0e52092.jpg
[2013/10/24 14:34:14 | 000,082,441 | ---- | M] () -- C:\Users\Administrator\Desktop\il_570xN.390938365_l06k.jpg
[2013/10/24 14:34:00 | 000,030,921 | ---- | M] () -- C:\Users\Administrator\Desktop\leaf_shaped_copper_wire_wrapped_stone_necklace_with_brown_cotton_cord_13001b5c.jpg
[2013/10/24 14:33:54 | 000,029,265 | ---- | M] () -- C:\Users\Administrator\Desktop\e74619c0f64c9ce4ce796a9381422ac8.jpg
[2013/10/24 14:33:47 | 000,035,893 | ---- | M] () -- C:\Users\Administrator\Desktop\il_340x270.445656455_myvc.jpg
[2013/10/24 14:33:34 | 000,067,955 | ---- | M] () -- C:\Users\Administrator\Desktop\4773757104_d07ffa57bd.jpg
[2013/10/20 19:34:45 | 009,727,677 | ---- | M] () -- C:\Users\Administrator\Desktop\How to Care for Your Teeth! with David Wolfe.mp3
[2013/10/20 19:33:23 | 004,750,301 | ---- | M] () -- C:\Users\Administrator\Desktop\David Wolfe Explains Enzymes ( Rawfood Superfood ).mp3
[2013/10/20 19:33:12 | 009,345,141 | ---- | M] () -- C:\Users\Administrator\Desktop\Daniel Vitalis - Milk Myths.mp3
[2013/10/20 19:26:56 | 002,904,727 | ---- | M] () -- C:\Users\Administrator\Desktop\David Wolfe on Calcium pt 7.mp3
[2013/10/20 19:26:54 | 007,133,170 | ---- | M] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 6.mp3
[2013/10/20 19:26:48 | 009,610,083 | ---- | M] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 5.mp3
[2013/10/20 19:26:42 | 007,099,679 | ---- | M] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 4.mp3
[2013/10/20 19:26:36 | 007,276,524 | ---- | M] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 3.mp3
[2013/10/20 19:26:30 | 007,054,920 | ---- | M] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 2.mp3
[2013/10/20 19:26:24 | 006,627,675 | ---- | M] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 1.mp3
[2013/10/19 13:14:25 | 000,300,686 | ---- | M] () -- C:\Users\Administrator\Documents\Superfoods2.pdf
[2013/10/17 20:41:31 | 000,189,826 | ---- | M] () -- C:\Windows\hpoins46.dat
[2013/10/16 12:05:57 | 000,231,582 | ---- | M] () -- C:\Users\Administrator\Documents\super immune tonic system david wolfe.pdf
[2013/10/16 09:31:32 | 020,947,072 | ---- | M] () -- C:\Users\Administrator\Desktop\osteoporosis for joan.mp3
[2013/10/16 02:02:12 | 000,002,155 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/10/15 18:42:02 | 000,044,744 | ---- | M] (AnchorFree Inc.) -- C:\Windows\SysNative\drivers\hssdrv6.sys
[1 C:\Users\Administrator\Documents\*.tmp files -> C:\Users\Administrator\Documents\*.tmp -> ]
[1 C:\Users\Administrator\Desktop\*.tmp files -> C:\Users\Administrator\Desktop\*.tmp -> ]
========== Files Created - No Company Name ========== [2013/11/12 20:47:21 | 001,085,542 | ---- | C] () -- C:\Users\Administrator\Desktop\AdwCleaner.exe
[2013/11/10 18:57:50 | 000,402,986 | ---- | C] () -- C:\Users\Administrator\Desktop\pptc054.pdf
[2013/11/08 15:01:53 | 000,076,979 | ---- | C] () -- C:\Users\Administrator\Desktop\Regency Toyota Pre-Owned Vehicles 2008 Toyota Yaris 2008 $13,995.htm
[2013/11/08 14:29:47 | 000,090,811 | ---- | C] () -- C:\Users\Administrator\Desktop\Used 2009 Toyota Yaris, $12,998 - New Westminster Westminster Toyota.htm
[2013/11/04 23:41:04 | 005,297,551 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 13 [1E580435].mp4
[2013/11/04 23:35:32 | 149,670,408 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 12 [7729E599].mp4
[2013/11/04 23:29:54 | 136,817,561 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 11 [90DCD193].mp4
[2013/11/04 23:23:52 | 159,378,722 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 10 [A53F6183].mp4
[2013/11/04 23:17:58 | 143,395,492 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 09 [B3D6746D].mp4
[2013/11/04 23:12:21 | 133,504,883 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 08 [A52BC8DD].mp4
[2013/11/04 23:06:19 | 159,323,910 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 07 [DCEA53CA].mp4
[2013/11/04 23:00:22 | 159,463,195 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 06 [68A52627].mp4
[2013/11/04 22:54:11 | 159,384,225 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 05 [798DDFF5].mp4
[2013/11/04 22:48:40 | 140,460,381 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 04 [E45A3D8F].mp4
[2013/11/04 22:42:15 | 159,371,360 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 03 [C1279952].mp4
[2013/11/04 22:28:10 | 153,779,427 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 02 [30F330DD].mp4
[2013/11/04 22:22:09 | 152,018,493 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 01 [CC187CB1].mp4
[2013/11/04 22:17:32 | 000,002,415 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\
Video Converter Platinum.lnk
[2013/11/04 22:17:32 | 000,002,391 | ---- | C] () -- C:\Users\Public\Desktop\
Video Converter Platinum.lnk
[2013/11/04 11:37:16 | 268,100,293 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 01 [CC187CB1].mkv
[2013/11/01 12:55:17 | 000,002,565 | ---- | C] () -- C:\Users\Administrator\Desktop\Windows 7 USB DVD Download Tool.lnk
[2013/10/31 20:36:45 | 000,002,233 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Veoh Web Player Beta.lnk
[2013/10/31 20:36:45 | 000,002,211 | ---- | C] () -- C:\Users\Administrator\Desktop\Veoh Web Player.lnk
[2013/10/25 18:57:22 | 000,001,048 | ---- | C] () -- C:\Users\Public\Desktop\Hotspot Shield.lnk
[2013/10/24 14:34:56 | 000,020,254 | ---- | C] () -- C:\Users\Administrator\Desktop\c1e1e55bba60201f1b15ef16b0e52092.jpg
[2013/10/24 14:34:14 | 000,082,441 | ---- | C] () -- C:\Users\Administrator\Desktop\il_570xN.390938365_l06k.jpg
[2013/10/24 14:34:00 | 000,030,921 | ---- | C] () -- C:\Users\Administrator\Desktop\leaf_shaped_copper_wire_wrapped_stone_necklace_with_brown_cotton_cord_13001b5c.jpg
[2013/10/24 14:33:54 | 000,029,265 | ---- | C] () -- C:\Users\Administrator\Desktop\e74619c0f64c9ce4ce796a9381422ac8.jpg
[2013/10/24 14:33:46 | 000,035,893 | ---- | C] () -- C:\Users\Administrator\Desktop\il_340x270.445656455_myvc.jpg
[2013/10/24 14:33:30 | 000,067,955 | ---- | C] () -- C:\Users\Administrator\Desktop\4773757104_d07ffa57bd.jpg
[2013/10/20 19:33:25 | 009,727,677 | ---- | C] () -- C:\Users\Administrator\Desktop\How to Care for Your Teeth! with David Wolfe.mp3
[2013/10/20 19:33:14 | 004,750,301 | ---- | C] () -- C:\Users\Administrator\Desktop\David Wolfe Explains Enzymes ( Rawfood Superfood ).mp3
[2013/10/20 19:32:58 | 009,345,141 | ---- | C] () -- C:\Users\Administrator\Desktop\Daniel Vitalis - Milk Myths.mp3
[2013/10/20 19:26:54 | 002,904,727 | ---- | C] () -- C:\Users\Administrator\Desktop\David Wolfe on Calcium pt 7.mp3
[2013/10/20 19:26:48 | 007,133,170 | ---- | C] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 6.mp3
[2013/10/20 19:26:42 | 009,610,083 | ---- | C] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 5.mp3
[2013/10/20 19:26:36 | 007,099,679 | ---- | C] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 4.mp3
[2013/10/20 19:26:30 | 007,276,524 | ---- | C] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 3.mp3
[2013/10/20 19:26:25 | 007,054,920 | ---- | C] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 2.mp3
[2013/10/20 19:26:19 | 006,627,675 | ---- | C] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 1.mp3
[2013/10/19 16:43:01 | 000,003,043 | ---- | C] () -- C:\Users\Administrator\Documents\ATT00002
[2013/10/19 16:43:01 | 000,000,402 | ---- | C] () -- C:\Users\Administrator\Documents\ATT00001
[2013/10/19 13:14:22 | 000,300,686 | ---- | C] () -- C:\Users\Administrator\Documents\Superfoods2.pdf
[2013/10/16 12:05:57 | 000,231,582 | ---- | C] () -- C:\Users\Administrator\Documents\super immune tonic system david wolfe.pdf
[2013/10/16 09:30:44 | 020,947,072 | ---- | C] () -- C:\Users\Administrator\Desktop\osteoporosis for joan.mp3
[2013/10/01 22:30:51 | 000,000,145 | ---- | C] () -- C:\Windows\game.INI
[2013/09/27 16:22:37 | 000,268,968 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2013/09/25 15:58:15 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\drivers\libusb0.sys
[2013/08/27 13:27:06 | 000,000,218 | ---- | C] () -- C:\Users\Administrator\.recently-used.xbel
[2013/07/08 00:18:34 | 000,091,264 | ---- | C] () -- C:\Windows\SysWow64\EasyHook32.dll
[2013/07/02 19:33:09 | 000,207,031 | ---- | C] () -- C:\Windows\hpoins46.dat.temp
[2013/07/02 19:33:09 | 000,000,574 | ---- | C] () -- C:\Windows\hpomdl46.dat.temp
[2013/07/02 12:49:56 | 000,016,618 | ---- | C] () -- C:\Windows\hpomdl01.dat
[2013/05/07 08:14:48 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2013/02/08 12:54:42 | 000,703,117 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\technic-launcher.jar
[2012/12/14 02:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/10/29 09:28:33 | 000,007,600 | ---- | C] () -- C:\Users\Administrator\AppData\Local\Resmon.ResmonCfg
[2012/10/10 02:22:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012/10/10 02:22:20 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2012/10/03 10:35:24 | 000,001,456 | ---- | C] () -- C:\Users\Administrator\AppData\Local\Adobe Save for Web 13.0 Prefs
[2012/09/22 19:50:41 | 000,000,090 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2012/09/22 10:03:34 | 000,000,054 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2012/09/17 13:23:37 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2012/09/06 15:11:14 | 001,313,970 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/09/03 17:36:35 | 000,000,132 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012/08/28 16:07:17 | 000,000,454 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/08/28 15:59:53 | 000,000,190 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2012/08/28 11:33:12 | 000,189,826 | ---- | C] () -- C:\Windows\hpoins46.dat
[2012/08/28 11:33:12 | 000,000,574 | ---- | C] () -- C:\Windows\hpomdl46.dat
[2012/08/27 17:43:41 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL
[2012/08/27 17:43:37 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
[2012/03/19 22:31:16 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012/03/19 22:31:16 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012/03/19 22:31:16 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
========== ZeroAccess Check ========== [2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 19:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 18:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ========== [2013/08/27 13:22:44 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\.anomos
[2013/02/08 12:54:40 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\.techniclauncher
[2013/09/27 17:13:28 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Azureus
[2013/03/30 18:43:28 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\calibre
[2013/04/23 16:53:35 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\CDisplayEx
[2012/10/18 19:20:19 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/10/25 13:47:50 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DAEMON Tools Lite
[2012/09/03 19:24:01 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DAEMON Tools Pro
[2013/09/14 18:56:47 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DMCache
[2013/04/22 18:32:16 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Doblon
[2013/10/08 21:19:16 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Eipix
[2013/09/24 18:23:13 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\EQATEC Analytics
[2013/06/18 11:46:56 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\EurekaLog
[2013/02/04 16:47:55 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\EuroTalk
[2013/09/11 14:02:00 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\GlarySoft
[2013/10/09 11:26:18 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Gogii Games
[2013/08/27 13:23:36 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\gtk-2.0
[2013/09/27 16:19:31 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\IObit
[2012/12/29 22:33:02 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\IonFx
[2012/12/29 16:14:48 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Kalypso Media
[2013/02/08 13:48:43 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\logs
[2013/10/07 17:14:34 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Mad Head Games
[2013/09/25 15:34:43 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\MotioninJoy
[2013/10/01 22:48:01 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Opera Software
[2013/09/24 19:28:36 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Orbit
[2012/09/13 09:16:52 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\OverPlay.net, LP
[2012/09/17 13:23:36 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\PACE Anti-Piracy
[2013/10/17 21:02:13 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\PlayFirst
[2013/09/24 18:33:50 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ProgSense
[2013/06/18 09:12:34 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\S.A.D
[2013/07/16 09:36:47 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Sierra Wireless
[2012/08/27 20:55:24 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013/04/26 12:39:34 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\sylteditor
[2013/01/03 09:22:24 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\SystemRequirementsLab
[2013/10/25 13:40:32 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\The Longest Journey
[2013/10/09 16:34:29 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\TheBookofLegends_Saves
[2013/07/12 14:14:00 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\TheSage
[2013/11/12 21:30:51 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\uTorrent
[2013/10/15 12:28:31 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\IObit
[2013/10/15 12:28:31 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\IObit
========== Purity Check ========== ========== Custom Scans ========== ========== Base Services ==========SRV:
64bit: - [2009/07/13 18:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:
64bit: - [2013/02/26 22:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:
64bit: - [2009/07/13 18:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:
64bit: - [2010/11/20 06:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:
64bit: - [2010/11/20 06:25:45 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:
64bit: - [2011/11/16 23:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:
64bit: - [2009/07/13 18:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/13 18:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:
64bit: - [2012/07/04 15:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:
64bit: - [2013/07/08 22:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2013/07/08 21:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:
64bit: - [2010/11/20 06:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:
64bit: - [2010/11/20 06:26:04 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 05:18:30 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:
64bit: - [2011/03/02 23:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:
64bit: - [2009/07/13 18:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:
64bit: - [2009/07/13 18:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/13 18:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:
64bit: - [2009/07/13 18:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:
64bit: - [2010/11/20 06:26:39 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
SRV:
64bit: - [2013/08/12 13:11:04 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:
64bit: - [2013/08/12 13:11:04 | 000,366,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:
64bit: - [2009/07/13 18:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:
64bit: - [2009/07/13 18:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:
64bit: - [2009/07/13 18:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:
64bit: - [2009/07/13 18:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/13 18:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:
64bit: - [2012/10/03 10:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:
64bit: - [2009/07/13 18:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:
64bit: - [2011/05/24 04:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:
64bit: - [2012/02/10 23:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:
64bit: - [2011/11/16 23:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:
64bit: - [2009/07/13 18:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:
64bit: - [2010/11/20 06:27:24 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:
64bit: - [2010/11/20 06:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:
64bit: - [2010/11/20 06:27:25 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:
64bit: - [2011/11/16 23:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:
64bit: - [2009/07/13 18:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:
64bit: - [2010/11/20 06:27:26 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:
64bit: - [2010/11/20 06:27:25 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 05:21:19 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:
64bit: - [2010/11/20 06:27:25 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:
64bit: - [2010/11/20 06:27:26 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 05:21:28 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:
64bit: - [2009/07/13 18:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:
64bit: - [2012/04/30 22:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:
64bit: - [2010/11/20 06:25:27 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:
64bit: - [2010/11/20 06:25:42 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:
64bit: - [2010/11/20 06:25:42 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:
64bit: - [2010/11/20 06:27:25 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:
64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:
64bit: - [2010/11/20 06:27:28 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:
64bit: - [2010/11/20 06:26:59 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:
64bit: - [2010/11/20 06:27:28 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:
64bit: - [2010/11/20 06:24:58 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/20 05:17:22 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:
64bit: - [2009/07/13 18:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:
64bit: - [2012/06/02 15:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:
64bit: - [2010/11/20 06:26:07 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:
64bit: - [2009/07/13 18:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:
64bit: - [2010/11/20 06:27:28 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
< %SYSTEMDRIVE%\*.exe >[2007/11/07 07:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
< MD5 for: EXPLORER.EXE >[2011/02/25 22:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/24 23:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/24 23:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/25 23:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[1995/07/11 08:50:00 | 000,204,288 | ---- | M] (Microsoft Corporation) MD5=40978DF82DAAFAD93117A0D81FAE5C5F -- C:\Users\Administrator\Documents\windows 95\WIN95_DSK18\explorer.exe
[2010/11/20 05:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 06:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: QMGR.DLL >[2010/11/20 06:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\SysNative\qmgr.dll
[2010/11/20 06:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_81b6ca5c101195cd\qmgr.dll
< MD5 for: SERVICES >[1995/07/11 08:50:00 | 000,006,007 | ---- | M] () MD5=D5E21E6DD81F7E6BEF32A67898362A85 -- C:\Users\Administrator\Documents\windows 95\WIN95_DSK21\services
[2009/06/10 14:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services
< MD5 for: SERVICES.CFG >[2013/09/03 06:53:56 | 000,558,864 | ---- | M] () MD5=4097D9DB7F5DB4533DDA8271136C9B7B -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2011/06/06 11:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\services.cfg
< MD5 for: SERVICES.CSS >[2005/06/29 14:48:58 | 000,014,339 | ---- | M] () MD5=9D415BDEF74ADF7B0CD791E40A911A38 -- C:\Program Files (x86)\Intuit\QuickBooks 2010\Components\Services\services.css
< MD5 for: SERVICES.EXE >[2009/07/13 18:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 18:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: SERVICES.EXE.MUI >[2009/07/13 18:19:58 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=130B7341F5446430B3FFB7DCD9A786E3 -- C:\Windows\SysNative\ja-JP\services.exe.mui
[2009/07/13 18:19:58 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=130B7341F5446430B3FFB7DCD9A786E3 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_f4c280f4fcec33c8\services.exe.mui
[2009/07/13 19:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\SysNative\en-US\services.exe.mui
[2009/07/13 19:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui
< MD5 for: SERVICES.LNK >[2009/07/13 21:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/13 21:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
< MD5 for: SERVICES.MOF >[2009/06/10 13:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2009/06/10 13:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof
< MD5 for: SERVICES.MSC >[2009/07/13 19:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2009/06/10 13:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2009/07/13 19:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 14:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2009/07/13 19:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 13:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2009/07/13 19:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 14:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc
[2009/07/13 18:11:32 | 000,092,779 | ---- | M] () MD5=DD14A9FE7CD992573F40FC169551BBAB -- C:\Windows\SysNative\ja-JP\services.msc
[2009/07/13 18:29:36 | 000,092,779 | ---- | M] () MD5=DD14A9FE7CD992573F40FC169551BBAB -- C:\Windows\SysWOW64\ja-JP\services.msc
[2009/07/13 18:11:32 | 000,092,779 | ---- | M] () MD5=DD14A9FE7CD992573F40FC169551BBAB -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_2f0450e0d355cdbb\services.msc
[2009/07/13 18:29:36 | 000,092,779 | ---- | M] () MD5=DD14A9FE7CD992573F40FC169551BBAB -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_d2e5b55d1af85c85\services.msc
< MD5 for: SERVICES.PTXML >[2009/07/13 13:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 13:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml
< MD5 for: SERVICES.SBS >[2010/04/19 08:25:26 | 000,033,457 | ---- | M] () MD5=3171D886B2782CE1B51E0210BCD4E50C -- C:\Users\Administrator\Documents\Tools\111 Quick Tools\Installs\spybot\Includes\Services.sbs
< MD5 for: SVCHOST.EXE >[2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013/04/04 13:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 18:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 18:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: USERINIT.EXE >[2010/11/20 05:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 05:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 06:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 06:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >[2010/11/20 06:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 06:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2013/04/04 13:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
< MD5 for: WINSOCK.DLL >[1995/07/11 08:50:00 | 000,042,080 | ---- | M] (Microsoft Corporation) MD5=2A316E08790F0A4CABFBC9F5AC30CF1A -- C:\Users\Administrator\Documents\windows 95\WIN95_DSK19\winsock.dll
< dir "%systemdrive%\*" /S /A:L /C > Volume in drive C has no label.
Volume Serial Number is 6A91-EEA5
Directory of C:\
13/07/2009 10:08 PM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
13/07/2009 10:08 PM <JUNCTION> Application Data [C:\ProgramData]
13/07/2009 10:08 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
13/07/2009 10:08 PM <JUNCTION> Documents [C:\Users\Public\Documents]
13/07/2009 10:08 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
13/07/2009 10:08 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
13/07/2009 10:08 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
13/07/2009 10:08 PM <SYMLINKD> All Users [C:\ProgramData]
13/07/2009 10:08 PM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\Administrator
27/08/2012 02:40 PM <JUNCTION> Application Data [C:\Users\Administrator\AppData\Roaming]
27/08/2012 02:40 PM <JUNCTION> Cookies [C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies]
27/08/2012 02:40 PM <JUNCTION> Local Settings [C:\Users\Administrator\AppData\Local]
27/08/2012 02:40 PM <JUNCTION> My Documents [C:\Users\Administrator\Documents]
27/08/2012 02:40 PM <JUNCTION> NetHood [C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
27/08/2012 02:40 PM <JUNCTION> PrintHood [C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
27/08/2012 02:40 PM <JUNCTION> Recent [C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Recent]
27/08/2012 02:40 PM <JUNCTION> SendTo [C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\SendTo]
27/08/2012 02:40 PM <JUNCTION> Start Menu [C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu]
27/08/2012 02:40 PM <JUNCTION> Templates [C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Administrator\AppData\Local
27/08/2012 02:40 PM <JUNCTION> Application Data [C:\Users\Administrator\AppData\Local]
27/08/2012 02:40 PM <JUNCTION> History [C:\Users\Administrator\AppData\Local\Microsoft\Windows\History]
27/08/2012 02:40 PM <JUNCTION> Temporary Internet Files [C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Administrator\Documents
27/08/2012 02:40 PM <JUNCTION> My Music [C:\Users\Administrator\Music]
27/08/2012 02:40 PM <JUNCTION> My Pictures [C:\Users\Administrator\Pictures]
27/08/2012 02:40 PM <JUNCTION> My Videos [C:\Users\Administrator\Videos]
0 File(s) 0 bytes
Directory of C:\Users\All Users
13/07/2009 10:08 PM <JUNCTION> Application Data [C:\ProgramData]
13/07/2009 10:08 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
13/07/2009 10:08 PM <JUNCTION> Documents [C:\Users\Public\Documents]
13/07/2009 10:08 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
13/07/2009 10:08 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
13/07/2009 10:08 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default
13/07/2009 10:08 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
13/07/2009 10:08 PM <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
13/07/2009 10:08 PM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
13/07/2009 10:08 PM <JUNCTION> My Documents [C:\Users\Default\Documents]
13/07/2009 10:08 PM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
13/07/2009 10:08 PM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
13/07/2009 10:08 PM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
13/07/2009 10:08 PM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
13/07/2009 10:08 PM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
13/07/2009 10:08 PM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
13/07/2009 10:08 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
13/07/2009 10:08 PM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
13/07/2009 10:08 PM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
13/07/2009 10:08 PM <JUNCTION> My Music [C:\Users\Default\Music]
13/07/2009 10:08 PM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
13/07/2009 10:08 PM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\fbwuser
11/07/2013 11:32 AM <JUNCTION> Application Data [C:\Users\fbwuser\AppData\Roaming]
11/07/2013 11:32 AM <JUNCTION> Cookies [C:\Users\fbwuser\AppData\Roaming\Microsoft\Windows\Cookies]
11/07/2013 11:32 AM <JUNCTION> Local Settings [C:\Users\fbwuser\AppData\Local]
11/07/2013 11:32 AM <JUNCTION> My Documents [C:\Users\fbwuser\Documents]
11/07/2013 11:32 AM <JUNCTION> NetHood [C:\Users\fbwuser\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
11/07/2013 11:32 AM <JUNCTION> PrintHood [C:\Users\fbwuser\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
11/07/2013 11:32 AM <JUNCTION> Recent [C:\Users\fbwuser\AppData\Roaming\Microsoft\Windows\Recent]
11/07/2013 11:32 AM <JUNCTION> SendTo [C:\Users\fbwuser\AppData\Roaming\Microsoft\Windows\SendTo]
11/07/2013 11:32 AM <JUNCTION> Start Menu [C:\Users\fbwuser\AppData\Roaming\Microsoft\Windows\Start Menu]
11/07/2013 11:32 AM <JUNCTION> Templates [C:\Users\fbwuser\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\fbwuser\AppData\Local
11/07/2013 11:32 AM <JUNCTION> Application Data [C:\Users\fbwuser\AppData\Local]
11/07/2013 11:32 AM <JUNCTION> History [C:\Users\fbwuser\AppData\Local\Microsoft\Windows\History]
11/07/2013 11:32 AM <JUNCTION> Temporary Internet Files [C:\Users\fbwuser\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\fbwuser\Documents
11/07/2013 11:32 AM <JUNCTION> My Music [C:\Users\fbwuser\Music]
11/07/2013 11:32 AM <JUNCTION> My Pictures [C:\Users\fbwuser\Pictures]
11/07/2013 11:32 AM <JUNCTION> My Videos [C:\Users\fbwuser\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
13/07/2009 10:08 PM <JUNCTION> My Music [C:\Users\Public\Music]
13/07/2009 10:08 PM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
13/07/2009 10:08 PM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\UpdatusUser
15/01/2013 12:29 PM <JUNCTION> Application Data [C:\Users\UpdatusUser\AppData\Roaming]
15/01/2013 12:29 PM <JUNCTION> Cookies [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Cookies]
15/01/2013 12:29 PM <JUNCTION> Local Settings [C:\Users\UpdatusUser\AppData\Local]
15/01/2013 12:29 PM <JUNCTION> My Documents [C:\Users\UpdatusUser\Documents]
15/01/2013 12:29 PM <JUNCTION> NetHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
15/01/2013 12:29 PM <JUNCTION> PrintHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
15/01/2013 12:29 PM <JUNCTION> Recent [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Recent]
15/01/2013 12:29 PM <JUNCTION> SendTo [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\SendTo]
15/01/2013 12:29 PM <JUNCTION> Start Menu [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu]
15/01/2013 12:29 PM <JUNCTION> Templates [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\UpdatusUser\AppData\Local
15/01/2013 12:29 PM <JUNCTION> Application Data [C:\Users\UpdatusUser\AppData\Local]
15/01/2013 12:29 PM <JUNCTION> History [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\History]
15/01/2013 12:29 PM <JUNCTION> Temporary Internet Files [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\UpdatusUser\Documents
15/01/2013 12:29 PM <JUNCTION> My Music [C:\Users\UpdatusUser\Music]
15/01/2013 12:29 PM <JUNCTION> My Pictures [C:\Users\UpdatusUser\Pictures]
15/01/2013 12:29 PM <JUNCTION> My Videos [C:\Users\UpdatusUser\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
82 Dir(s) 160,429,043,712 bytes free
========== Files - Unicode (All) ==========[2013/09/15 14:21:00 | 000,002,009 | ---- | M] ()(C:\Users\Public\Desktop\?1?e?I‰S.lnk) -- C:\Users\Public\Desktop\¹–ë‚̉S.lnk
[2013/09/15 14:21:00 | 000,002,009 | ---- | C] ()(C:\Users\Public\Desktop\?1?e?I‰S.lnk) -- C:\Users\Public\Desktop\¹–ë‚̉S.lnk
< End of report >
This next one is the extra's OTL::
OTL Extras logfile created on: 12/11/2013 10:03:37 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Administrator\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
11.91 Gb Total Physical Memory | 9.24 Gb Available Physical Memory | 77.62% Memory free
23.81 Gb Paging File | 20.81 Gb Available in Paging File | 87.39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 698.54 Gb Total Space | 149.43 Gb Free Space | 21.39% Space Free | Partition Type: NTFS
Drive D: | 7.42 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 1.26 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 14.66 Gb Total Space | 0.73 Gb Free Space | 4.96% Space Free | Partition Type: NTFS
Drive H: | 931.51 Gb Total Space | 32.59 Gb Free Space | 3.50% Space Free | Partition Type: NTFS
Drive I: | 3.70 Gb Total Space | 3.00 Gb Free Space | 81.09% Space Free | Partition Type: FAT32
Computer Name: OWNERPC-P0SPPR1 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)
[HKEY_USERS\S-1-5-21-1436811410-1753281251-3049770552-500\SOFTWARE\Classes\<extension>]
.html [@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02E15B26-829F-4CAC-8BBB-B7B8DAE77262}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{030F0992-2FBE-4250-BAA2-987E3CFC75D0}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{0478E5D8-CA17-41D1-90C9-1CF1FCB96921}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0A098DE1-223D-46AB-A093-4181DE5B1E1B}" = rport=138 | protocol=17 | dir=out | app=system |
"{153E3F92-56DD-4831-8F6F-CD666E1C030E}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{17A36959-CC0E-4693-86C9-F1F8C5789DB5}" = lport=443 | protocol=6 | dir=out | app=system |
"{1EBDCCC2-1D17-4443-AA66-D4AC317C50BB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2012EB90-A233-4FE3-9B33-D8E3903C0EF3}" = rport=445 | protocol=6 | dir=out | app=system |
"{24F25C6E-BF8F-4685-899D-331C24B383C4}" = rport=443 | protocol=6 | dir=out | app=system |
"{27B8528C-6280-48E8-B8D3-D42D9DE1A7F4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2A8FA3C2-EB3B-4590-9696-ED7E84814925}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2B102B30-07EA-4079-AA49-2B4EEB076AAD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2B85F947-73AB-4ECE-8410-54B12AC3FA6C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2D907B9A-2478-42E1-B8BC-8876F39A034C}" = rport=3702 | protocol=17 | dir=out | svc=peerdistsvc | app=%systemroot%\system32\svchost.exe |
"{300F632B-8359-447E-A7E5-6741C81C5BF4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{31E49EDD-E1A3-4FF2-8F74-7EB214588D44}" = lport=443 | protocol=6 | dir=in | app=system |
"{339DE419-0BAD-454F-9A54-DF133A260E6A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4176C38D-1ADC-4C72-8FD1-077BD0E25EA9}" = lport=80 | protocol=6 | dir=in | app=system |
"{50BEA5F3-811F-45E9-A247-BAA493AFAF34}" = lport=445 | protocol=6 | dir=in | app=system |
"{521D912D-8A4A-4DC8-98F9-88FB54B01B19}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{52F81EF8-FEF8-42DE-B83A-F18187A83695}" = lport=10243 | protocol=6 | dir=in | app=system |
"{55EABC07-4F97-422A-A09E-E99268E5CD64}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5863031B-C8A8-4DA6-80D7-42483121B0C0}" = rport=137 | protocol=17 | dir=out | app=system |
"{5C12A466-7870-4A4A-95C4-47607791D42B}" = lport=139 | protocol=6 | dir=in | app=system |
"{769D12F4-8A6E-4135-B820-068A6BA454E2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{85DFB84D-B34B-40C4-A425-0D061B7A31AA}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |
"{89E3C5D4-99D6-45FA-B095-73472E0D8E93}" = lport=137 | protocol=17 | dir=in | app=system |
"{8B205925-2D97-47A6-BCB6-9018EFD71B18}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{995F05BB-A80D-4FBC-81A4-B7DA78117F75}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{9E96074C-CF89-43FB-B061-F06CB67CD15E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A3B1978D-0A7A-491B-8390-F1D62328B4B1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A3F9A14B-5B0D-4C34-9182-CAE8404F7957}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{ABFA310D-5C3C-40C3-A768-865AE4FEFE78}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C36C4670-FA63-4F17-9623-A54C706D64F6}" = lport=3702 | protocol=17 | dir=in | svc=peerdistsvc | app=%systemroot%\system32\svchost.exe |
"{C8A8DF6D-588A-4738-8F7B-F2171EA63248}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C932430D-E725-407D-B152-4F3A6EE3D2FC}" = rport=80 | protocol=6 | dir=out | app=system |
"{D93C1066-13BD-4C58-9B05-BC3A7916B1E7}" = lport=138 | protocol=17 | dir=in | app=system |
"{E09AC44B-422E-4E5B-8E14-13BAE78A3B9B}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{E9B9FE10-19E3-437B-BD59-5603FE68A3C2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss |
[email protected],-28539 |
"{EAF6BB38-0CC2-47F5-95D2-7DE0983CF02E}" = rport=139 | protocol=6 | dir=out | app=system |
"{EF294970-894F-4B77-818E-B290D7BEE529}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F14A9A1A-6637-4457-9AA1-739B314B7937}" = rport=10243 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{051E4BFA-BF20-4985-B4D6-ED2B17C703C7}" = dir=in | app=c:\program files (x86)\hewlett-packard\digital imaging\bin\hpqscnvw.exe |
"{06535A34-429E-4193-85DE-7E626741E2E0}" = protocol=58 | dir=out |
[email protected],-28546 |
"{0AAFA0B1-96BC-4CAF-B036-4AC3652BF6F3}" = protocol=58 | dir=in |
[email protected],-28545 |
"{11A10CD8-B6D3-4107-9EBD-2BF43B243232}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"{184BE7D6-4265-4EF7-9B5E-0BCE3E9C738A}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp software update\hpwucli.exe |
"{19193540-F1AB-480C-9853-BF8307FA9E4D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1977583F-FD9F-4928-928B-5FB4CD0B9F41}" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader\jdownloader.exe |
"{19D11154-9764-4815-955C-24F46368B397}" = protocol=1 | dir=in |
[email protected],-28543 |
"{1CB5C300-2822-42FC-8B17-3A14A98173A0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\adam's venture 1\binaries\win32\venturegame.exe |
"{1DF13C72-E947-4173-8AE9-0811F469696D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragonnest\dragonnest.exe |
"{1E46D2D7-533D-4986-9AD8-7FA36A1AA913}" = dir=in | app=c:\program files (x86)\hewlett-packard\digital imaging\bin\hpoews01.exe |
"{1EAC9928-1DF7-49BF-AFB9-CDF4B50EC45F}" = dir=in | app=c:\program files (x86)\hewlett-packard\digital imaging\bin\hpqusgh.exe |
"{1EEF6913-F30D-41D7-91B1-2EC49A27B5C6}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\rescue.exe |
"{210C8BD4-AD26-4A4C-9FDB-EBE6EF9B31EC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragonnest\dnlauncher.exe |
"{217A83DF-794B-449F-8D4B-97A62BF62EFC}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{243C8566-31EB-44C0-B992-AAC878C2D923}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\anna\anna.exe |
"{2604B37C-D55D-48E4-A96B-7DF040924A5F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{290C0690-01FF-4FCC-91DD-1C192735E93F}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\discovery.exe |
"{29560FC7-C755-4E15-A529-E4DF2E5892C8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{29946260-D911-44D6-8770-09AF7E25249B}" = protocol=6 | dir=in | app=c:\program files\motioninjoy\ds3\ds3_tool.exe |
"{29C16454-4759-42B9-A84E-C4C83C867DE5}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\launcher.exe |
"{2A59A2AA-B20B-401E-A831-5C1F27EFDA9F}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaws.exe |
"{2A5F8401-E64E-4678-84D5-B4DFAA738C55}" = protocol=6 | dir=in | app=c:\aeriagames\edeneternal\_launcher.exe |
"{2B96C257-9F77-4D4A-BF47-83D7A50F69D9}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\qiswizard.exe |
"{2C94FE83-AC48-4FC0-95DC-97F632892D6F}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"{2D1C5691-B583-45DE-85A2-713914810C65}" = protocol=6 | dir=in | app=c:\games\tomb raider\tombraider.exe |
"{2D484360-FD85-4995-BE0C-412D26EA06C8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{30930023-29C5-4888-B822-44C417ECBA6D}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero blu-ray player\blu-rayplayer.exe |
"{31671978-F898-4A6C-BEF5-0B1D61533FDD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rose online\wplauncher.exe |
"{32281D25-6934-4723-8E9A-DE9C1125911B}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{33894534-52E2-4440-95D4-94789B295869}" = dir=in | app=c:\program files (x86)\hewlett-packard\digital imaging\bin\hpqgpc01.exe |
"{3F19B784-2EDC-4813-A09D-41DEC3612632}" = dir=in | app=c:\program files (x86)\hewlett-packard\digital imaging\bin\hpqtra08.exe |
"{46698A8B-D70B-43E3-8676-BB98591957EB}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\discovery.exe |
"{4B7F506E-33B7-439C-98D0-E9DBBC1ABD90}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mabinogi\nxsteam.exe |
"{4C7FE828-994C-4C0A-B92F-91E5D31332A5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rose online\wplauncher.exe |
"{4F31DB86-02EC-44BB-B431-8837DD28D3A8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragonnest\dragonnest.exe |
"{4FD53F65-BBFC-4099-85E8-2180C8CCB8CE}" = protocol=6 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"{55D73536-1B23-4FF9-B045-02B0D4E707B2}" = protocol=6 | dir=in | app=c:\program files\microsoft security client\msseces.exe |
"{56885DA3-21A0-4CF0-94E1-A801DCBDAE30}" = dir=in | app=c:\program files (x86)\hewlett-packard\digital imaging\bin\hpqusgm.exe |
"{58DDD669-8218-442C-A555-C3B7029C353E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{58F4C153-F135-43A7-9B7A-3BD0B85126C4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\adams_venture_3\binaries\win32\venturegame.exe |
"{5A25C831-0AFE-4FDA-B50A-25910B8C7E69}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{60156D96-7238-4F55-9A1A-3C348C738AB1}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{63632DAD-EA2D-4D97-8F7F-92EA501E3AEE}" = protocol=17 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"{655485ED-C58B-4470-A646-273DE69F1D90}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{673A8979-E1DD-4F7B-9345-E5B35C4AE308}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\discovery.exe |
"{67CF80DA-7B6D-46E9-84DA-03183DD687DC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragonnest\dragonnest.exe |
"{67F3EF30-ECEA-4621-B1B1-B52303DE42E3}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaws.exe |
"{69DBF0F5-7A73-4223-8721-48A7CF2CB110}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{6E43E14D-338E-4197-860C-DA58EE96AC2B}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{71C6D2C5-A78A-469F-809E-BC4A5E35F5DC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{738D8F3A-3FD4-4A2D-B70A-19F085A5DEB4}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\rescue.exe |
"{73BCEEB5-6401-4399-A398-FBFAD2B9DD22}" = protocol=17 | dir=in | app=c:\program files\motioninjoy\ds3\ds3_tool.exe |
"{759A6E52-5700-4D91-81B1-0003AAFB5F14}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"{793DC66B-60F8-49B2-B6FA-25E5316A61BD}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\qiswizard.exe |
"{7A70252A-083B-4D8D-83EC-F05AFBA08194}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{7D1F3695-2DA5-40A4-B65F-A8002D0A6132}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\rescue.exe |
"{7E283BF2-CF67-42EB-AD2F-1F8B3512EF1C}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\launcher.exe |
"{83180475-7C43-4324-95E6-F1EA92DB07BB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\adamsventure2\binaries\win32\venturegame.exe |
"{8483453B-5C20-4EAA-AEDF-5BE2952277F5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{885721FC-D755-416C-9EE7-4DB6DB6024CC}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8B412A21-4205-4BE1-A177-05F583BDAEB0}" = protocol=1 | dir=out |
[email protected],-28544 |
"{8B78619B-1CBB-447A-926D-BEF32BAEAAB7}" = dir=in | app=c:\program files (x86)\hewlett-packard\digital imaging\bin\hpqste08.exe |
"{8DA63663-6AF4-4FAD-A51F-AAB2F5E6D091}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8E0554BE-05B8-4060-B436-62D3FB780330}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8F6480D7-D9D9-48C4-B200-31A89AEAEBF6}" = protocol=17 | dir=in | app=c:\users\administrator\appdata\roaming\utorrent\utorrent.exe |
"{902DB0E2-9101-4F02-9AED-3909DA30F46A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{92DFE177-AC19-4F23-B7C9-B395B5370923}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{936EFFF6-8126-4C4F-84E7-E52ABA9199D2}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{9650481C-E7BD-474B-B9A1-DA6AA8DE6C9C}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{9716E5EE-35D4-4114-9A7A-4B3DEF3BC82D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\adams_venture_3\binaries\win32\venturegame.exe |
"{973C198A-7ABF-47C0-87D3-A3EFACA55908}" = dir=in | app=c:\users\administrator\appdata\local\microsoft\skydrive\skydrive.exe |
"{9D91449B-0B8B-4D9B-8724-F859CDF0A242}" = protocol=17 | dir=in | app=c:\games\tomb raider\tombraider.exe |
"{9E43CB0C-A640-42F0-9D6D-E6AD81F463A0}" = dir=in | app=c:\program files (x86)\hewlett-packard\digital imaging\bin\hpqgplgtupl.exe |
"{9F399563-9ED4-4804-9D1A-6E39040EC1F6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{9F87E700-2B7D-4506-AD39-0BB9BFF58237}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\discovery.exe |
"{A0B18D54-3F6E-4C8A-AF18-50CD2B007CF5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mabinogi\nxsteam.exe |
"{A2C2FD2F-0AF8-4AD8-8501-41A11CC1E937}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A2ED5474-72BF-4864-A5DB-095FF83594D0}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{A50E7C0C-5496-4243-AD13-982CB0955238}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A669F69F-DC73-4AE7-BB9A-1B2AB556B85C}" = protocol=17 | dir=in | app=c:\aeriagames\edeneternal\_launcher.exe |
"{ABD68459-CA76-464E-9840-057641D79C50}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B1D29C7D-6EFF-43DA-8E1B-BA4BF0FE916E}" = protocol=6 | dir=in | app=c:\aeriagames\edeneternal\_launcher.exe |
"{B2A368F2-4051-4170-B98A-C4CACA84EBA2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B399DC8F-DBC7-4026-B760-3B6878EACAAE}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"{B714E75B-F163-4BB2-9C68-FF0A7BD24ED2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mabinogi\nxsteam.exe |
"{B7C69025-A9A7-4841-86A9-2DCFA8BA206C}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe |
"{BA7272E2-41A9-4669-AD34-0DFD9D3A8EC9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\adamsventure2\binaries\win32\venturegame.exe |
"{BAE6832B-736E-4735-84E5-A50A0C53EC30}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\km\kwikmedia.exe |
"{BEB5AA26-A4B9-44B1-9225-3B8BCEED3FED}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{BF1D2A27-118D-43A5-87A0-93FE98D2B164}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\anna\anna.exe |
"{C09BBDEF-6DD2-42A0-A77D-BE63C06CF998}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mabinogi\nxsteam.exe |
"{C6A7C2D9-A134-4655-B26F-D274D0CA795E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragonnest\dnlauncher.exe |
"{C6F950E6-D2B8-485C-B6BC-7EC05DD79F6A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragonnest\dnlauncher.exe |
"{CF4C13CE-FFFE-4BD6-B30F-FF84080CE88E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\miasmata\miasmata.exe |
"{D1447317-2419-4B59-9FF0-9C8C8AC46B72}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\qiswizard.exe |
"{D50F9FB3-AE1C-49B0-BF92-B2E47BE0A854}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DA5F2F53-4D33-4818-9A83-372BA95792AA}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\rescue.exe |
"{DF7404D0-F725-46D8-BBD7-E0F79DADC3C3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\adam's venture 1\binaries\win32\venturegame.exe |
"{E2A170CC-A193-4B07-9A29-64471B2E4BBB}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\qiswizard.exe |
"{E333E86E-A2B7-4A69-A266-58C4CA26F26A}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero blu-ray player\blu-rayplayer.exe |
"{E36F5E63-6EEB-4BF0-92EC-5A1CE437CBAB}" = protocol=17 | dir=in | app=c:\aeriagames\edeneternal\_launcher.exe |
"{E6C44D40-349B-4867-8D40-ABFFAD9E1F91}" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader\jdownloader.exe |
"{E6F78EB8-884C-4285-88BC-AFDDDE317418}" = protocol=17 | dir=in | app=c:\program files\microsoft security client\msseces.exe |
"{E8C67A06-B622-40B2-A72A-A5BA26CE8DDC}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\km\kwikmedia.exe |
"{E9EFA5B0-AE7E-425E-8EA3-200977AB186B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragonnest\dragonnest.exe |
"{EBD94467-C2D6-4C34-87C4-E0C8B2F07EDB}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{EC6784D2-8429-45E2-855E-16F6924E7E36}" = protocol=6 | dir=in | app=c:\users\administrator\appdata\roaming\utorrent\utorrent.exe |
"{F18E12AC-0ECF-4084-A791-48CC642284A8}" = protocol=6 | dir=out | app=system |
"{F1B1957C-14BB-427A-B3B3-59422D1CA3DD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragonnest\dnlauncher.exe |
"{F43C0577-75B2-43A8-A0CB-AB005410667A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\miasmata\miasmata.exe |
"{F441F534-3F59-4220-968C-77536FBD483D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F655BBE6-A231-4B59-BA62-D503567C700E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F71168F4-8643-47B9-8F02-3F1B201B3FB7}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{F7182550-1FB1-4F1F-9C94-6035052ECA87}" = dir=in | app=c:\program files (x86)\hewlett-packard\digital imaging\bin\hposid01.exe |
"TCP Query User{05FDC4DD-3425-453A-A80A-D8089438B041}C:\users\administrator\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\administrator\appdata\local\akamai\netsession_win.exe |
"TCP Query User{16C4CF22-E135-4DFA-B32B-5A744A2F7CB6}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"TCP Query User{1AF00278-2F27-45CC-A546-B793F9397C31}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"TCP Query User{2020AE43-45C7-4022-AA59-FAE546959D26}C:\windows\kmsemulator.exe" = protocol=6 | dir=in | app=c:\windows\kmsemulator.exe |
"TCP Query User{5D84D83B-7556-442C-93E3-4D07EBC4767C}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{B97D3921-B60C-4807-8BB3-E81C072464FC}C:\users\administrator\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\administrator\appdata\local\akamai\netsession_win.exe |
"TCP Query User{E20BAFF7-BE5F-4636-ABBD-5F37FEDBFAEF}C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"UDP Query User{0E190494-6998-44B4-9AC7-D3C9F38CDD3F}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"UDP Query User{1DFA14E9-7880-4F19-BB0A-2964E20281BA}C:\windows\kmsemulator.exe" = protocol=17 | dir=in | app=c:\windows\kmsemulator.exe |
"UDP Query User{4260A3C8-4C30-4191-87F5-F9C5F90D908F}C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"UDP Query User{9305EB60-E5FF-41DE-92E0-6CF208B83F97}C:\users\administrator\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\administrator\appdata\local\akamai\netsession_win.exe |
"UDP Query User{A7BF1588-6E3D-4B04-ADFD-9C9F1653758D}C:\users\administrator\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\administrator\appdata\local\akamai\netsession_win.exe |
"UDP Query User{DC2BB93D-2154-4A97-BD58-408E7152CFCA}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{FA46A657-0732-48E1-A405-450039301A4F}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{14BC6853-A74E-4874-B50D-679889D1544D}" = HP Photosmart D110 All-In-One Driver 14.0 Rel. 7
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit)
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy Gamepad tool 0.7.0000
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5B9F1BB4-4C06-41E8-877D-B458742B0D0A}" = Fresco Logic USB3.0 Host Controller
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6CA934E5-416C-4E33-95E0-F0E629F5804A}" = calibre 64bit
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D26D58C-3464-4C03-BB61-5695F984EFEF}" = Microsoft Security Client
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A535111D-95C8-487F-869E-CE4C239972D2}" = iTunes
"{AD483998-2E9A-4405-83FF-6E503AF49CBB}" = Microsoft Virtual PC 2007 SP1
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.5.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 6.4.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 6.4.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{DBC1DE57-B55A-4D57-9769-1DB9BE506AF7}" = HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"CutePDF Writer Installation" = CutePDF Writer 3.0
"Elantech" = ETDWare PS/2-x64 7.0.5.16_WHQL
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"TheSage" = TheSage
"WinRAR archiver" = WinRAR 4.20 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052A1E34-A54B-458C-A4E3-24C3E054754A}" = Nero Kwik Media
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{0708FF30-78C0-47B0-81F0-C84604DC769C}" = Nero Express Help (CHM)
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = MSN ツールバー
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B311221-05A5-4766-8D03-7A6446794156}" = Nero RescueAgent Help (CHM)
"{0DBC021C-95D9-435A-A4B0-E6515AFD1A71}" = Nero Prerequisite Installer 2.0
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{148E1C03-9ED1-4194-845E-159DE3ABC6A1}_is1" =
Walkman Video Converter 6.1.50
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{1845470B-EB14-4ABC-835B-E36C693DC07D}" = Skype™ 5.10
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph
"{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}" = iSEEK AnswerWorks English Runtime
"{1943C3BD-4462-4612-92C3-D36DD917C447}" = Nero Recode
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 4.5.1
"{1B6F5E51-575E-4693-BCA2-7543570D076D}" = Nero Kwik Themes Basic
"{1EE9D482-3C07-4EE1-8968-6B364238FFE4}_is1" = "Tomb Raider"
"{1F16820E-D0E7-4636-939E-45CBFEFB06E1}" = Nero Kwik Media Help (CHM)
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 40
"{2890E324-6F3B-4975-8B95-E7D6D80E0226}" = Nero Burning ROM Help (CHM)
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{29F67D84-3A70-456E-806A-52301B02070B}" = Nero Effects Basic
"{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{42BBA4CC-EFB6-4653-A2CC-F305D4B399C3}" = PS_AIO_07_D110_SW_Min
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{560FC78C-A4B2-461D-9B47-820C1EEF87B8}" = Nero 12
"{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}" = HPAppStudio
"{58E65E96-6649-4CBE-9382-35326D694E6F}" = MSN Toolbar Platform
"{58F2F72A-B8C9-4CCC-B253-4F1509193EC3}" = ASUS RT-N12 Wireless Router Utilities
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{5B79E730-D897-4B8F-A1AD-7BB2D1F22B96}" = Nero Blu-ray Player Help (CHM)
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{5CD2E27A-F2C9-4A87-9A06-DFAF9A182481}" = Nero Express
"{61174B54-26FC-48F3-AF5C-7C9B9A9E9A8C}" = Human Japanese 2.0
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{69CAC0F3-5CA1-4AFB-8DF9-BD982998B36F}" = QuickBooks Premier: Retail Edition 2010
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP Photo and Imaging 2.0 - All-in-One Drivers
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7F9B5855-7850-41E3-AAAE-DADD09B68B12}" = IObit Apps Toolbar v7.9
"{828175FA-7307-4DBF-95AD-9CEE086B6F45}" = Welcome App (Start-up experience)
"{82D040D1-F95B-4C96-AF5C-B6A1E138EC6E}" = ¹–ë‚̉S
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FCCFCD-46E3-43FB-A397-78BFD5A8980A}" = Nero Video
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{86847081-B387-4F49-AED1-C9B0A090D66C}" = Nero Recode Help (CHM)
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8A95C2DC-779A-4EA8-9DE3-B118D1411E8B}_is1" = Freelang Dictionary 3.74 beta
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{91D3AD6F-09CD-4695-9FA3-8FB15429BE97}" = D110
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{95140000-0081-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP Photo and Imaging 2.0 - All-in-One
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}" = Nero Blu-ray Player
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.8)
"{AC76BA86-7AD7-5760-0000-A00000000003}" = Japanese Fonts Support For Adobe Reader X
"{ACE49D50-19CD-44A6-B192-46F985283B26}" = Nero PiP Effects Basic
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B128179D-A5E1-43AC-9422-12A109ECD2A0}" = Nero Video Help (CHM)
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Memories Disc
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B953732D-B623-4E84-B369-CFFF7B1AE06F}" = Nero RescueAgent
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}" = System Requirements Lab for Intel
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CF508721-0E1E-4F99-A359-59E4EA8DAEC1}" = Nero Burning ROM
"{D4B26DED-9DE0-4DA9-AA4A-4AF44FC3B41B}" = Aeria Ignite
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{DA2D3078-A58C-45E8-8EE0-18B8BE6B34F7}" = Nero BackItUp
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}" = Nero Disc Menus Basic
"{E2B53C96-C9FC-4FC3-8324-1BCE50DEA7E7}" = QuickBooks
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E5F05232-96B6-4552-A480-785A60A94B21}" = System Requirements Lab CYRI
"{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}" = Adobe Creative Suite 6 Master Collection
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EF0D1292-8FC1-41BE-9740-DBC134F66415}" = Nero BackItUp Help (CHM)
"{EFBE6DD5-B224-96E5-72B9-68D328CB12A6}" = Adobe Widget Browser
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F4A43B47-0518-4a39-B377-15DC62076AC0}_is1" =
Video Converter Platinum 6.2.16
"{F929096B-54A0-4C5C-B125-1E7EB1917412}" = MySQL Connector/ODBC 3.51
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® OpenCL CPU Runtime
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AccelerateTab_is1" = AccelerateTab
"Adobe AIR" = Adobe AIR
"Adobe Digital Editions 2.0" = Adobe Digital Editions 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Aeria Ignite 1.11.2111" = Aeria Ignite
"AnyDVD" = AnyDVD
"Book of Legends 1.00" = Book of Legends 1.00
"CDisplayEx_is1" = CDisplayEx 1.8
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"com.adobe.WidgetBrowser" = Adobe Widget Browser
"DAEMON Tools Lite" = DAEMON Tools Lite
"Declan's Japanese Dictionary_is1" = Declan's Japanese Dictionary v1.0
"Eden Eternal" = Eden Eternal
"Google Chrome" = Google Chrome
"HP Photo Creations" = HP Photo Creations
"LibUSB-Win32_is1" = LibUSB-Win32-0.1.10.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"OpenSSL Light (32-bit)_is1" = OpenSSL 0.9.8l Light (32-bit)
"Opera 17.0.1241.53" = Opera Stable 17.0.1241.53
"pcsx2-r5350" = PCSX2 - Playstation 2 Emulator
"ReadWrite Katakana_is1" = ReadWrite Katakana version 1.0
"Steam App 108100" = Adam's Venture Episode 1: The Search For The Lost Garden
"Steam App 11610" = Dragon Nest
"Steam App 210390" = Adam's Venture Episode 2: Solomon's Secret
"Steam App 212200" = Mabinogi
"Steam App 214310" = Adam's Venture Episode 3: Revelations
"Steam App 215120" = ROSE Online
"Steam App 217690" = Anna
"Steam App 223510" = Miasmata
"Tagaini Jisho" = Tagaini Jisho
"The Longest Journey" = The Longest Journey
"TheSage" = TheSage
"Veoh Web Player Beta" = Veoh Web Player
"VLC media player" = VLC media player 2.0.8
"WinLiveSuite" = Windows Live Essentials
"Xuse 永遠のアセリア - この大地の果てで -" = Xuse 永遠のアセリア - この大地の果てで - (Remove Only)
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1436811410-1753281251-3049770552-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"SkyDriveSetup.exe" = Microsoft SkyDrive
"uTorrent" = µTorrent
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 11/11/2013 3:32:24 AM | Computer Name = OWNERPC-P0SPPR1 | Source = Application Error | ID = 1000
Description = Faulting application name: ApplicationUpdater.exe, version: 7.9.0.2,
time stamp: 0x523c7fda Faulting module name: ole32.dll, version: 6.1.7601.17514,
time stamp: 0x4ce7b96f Exception code: 0xc0000005 Fault offset: 0x00039342 Faulting
process id: 0x7f4 Faulting application start time: 0x01cede9563d3cc85 Faulting application
path: C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe Faulting
module path: C:\Windows\syswow64\ole32.dll Report Id: 67cc02f6-4aa3-11e3-9173-14dae9ce8f5d
Error - 12/11/2013 11:39:59 PM | Computer Name = OWNERPC-P0SPPR1 | Source = ESENT | ID = 490
Description = taskhost (1864) WebCacheLocal: An attempt to open the file "C:\Users\Administrator\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat"
for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ". The open
file operation will fail with error -1032 (0xfffffbf8).
Error - 12/11/2013 11:39:59 PM | Computer Name = OWNERPC-P0SPPR1 | Source = ESENT | ID = 439
Description = taskhost (1864) WebCacheLocal: Unable to write a shadowed header for
file C:\Users\Administrator\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat.
Error -1032.
Error - 12/11/2013 11:40:09 PM | Computer Name = OWNERPC-P0SPPR1 | Source = ESENT | ID = 489
Description = taskhost (1864) WebCacheLocal: An attempt to open the file "C:\Users\Administrator\AppData\Local\Microsoft\Windows\WebCache\V01.log"
for read only access failed with system error 32 (0x00000020): "The process cannot
access the file because it is being used by another process. ". The open file
operation will fail with error -1032 (0xfffffbf8).
Error - 12/11/2013 11:40:09 PM | Computer Name = OWNERPC-P0SPPR1 | Source = ESENT | ID = 455
Description = taskhost (1864) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while
opening logfile C:\Users\Administrator\AppData\Local\Microsoft\Windows\WebCache\V01.log.
Error - 12/11/2013 11:40:09 PM | Computer Name = OWNERPC-P0SPPR1 | Source = ESENT | ID = 454
Description = taskhost (1864) WebCacheLocal: Database recovery/restore failed with
unexpected error -1032.
Error - 12/11/2013 11:40:20 PM | Computer Name = OWNERPC-P0SPPR1 | Source = ESENT | ID = 489
Description = taskhost (1864) WebCacheLocal: An attempt to open the file "C:\Users\Administrator\AppData\Local\Microsoft\Windows\WebCache\V01.log"
for read only access failed with system error 32 (0x00000020): "The process cannot
access the file because it is being used by another process. ". The open file
operation will fail with error -1032 (0xfffffbf8).
Error - 12/11/2013 11:40:20 PM | Computer Name = OWNERPC-P0SPPR1 | Source = ESENT | ID = 455
Description = taskhost (1864) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while
opening logfile C:\Users\Administrator\AppData\Local\Microsoft\Windows\WebCache\V01.log.
Error - 12/11/2013 11:40:30 PM | Computer Name = OWNERPC-P0SPPR1 | Source = ESENT | ID = 489
Description = taskhost (1864) WebCacheLocal: An attempt to open the file "C:\Users\Administrator\AppData\Local\Microsoft\Windows\WebCache\V01.log"
for read only access failed with system error 32 (0x00000020): "The process cannot
access the file because it is being used by another process. ". The open file
operation will fail with error -1032 (0xfffffbf8).
Error - 12/11/2013 11:40:30 PM | Computer Name = OWNERPC-P0SPPR1 | Source = ESENT | ID = 455
Description = taskhost (1864) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while
opening logfile C:\Users\Administrator\AppData\Local\Microsoft\Windows\WebCache\V01.log.
[ System Events ]
Error - 12/11/2013 11:41:30 PM | Computer Name = OWNERPC-P0SPPR1 | Source = Service Control Manager | ID = 7034
Description = The SecureUpdate service terminated unexpectedly. It has done this
1 time(s).
Error - 12/11/2013 11:48:24 PM | Computer Name = OWNERPC-P0SPPR1 | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the LanmanServer service.
Error - 12/11/2013 11:49:27 PM | Computer Name = OWNERPC-P0SPPR1 | Source = Service Control Manager | ID = 7022
Description = The Windows Update service hung on starting.
Error - 12/11/2013 11:50:27 PM | Computer Name = OWNERPC-P0SPPR1 | Source = Service Control Manager | ID = 7034
Description = The Adobe Acrobat Update Service service terminated unexpectedly.
It has done this 1 time(s).
Error - 13/11/2013 12:10:31 AM | Computer Name = OWNERPC-P0SPPR1 | Source = Service Control Manager | ID = 7000
Description = The LibUsb-Win32 - Daemon, Version 0.1.10.1 service failed to start
due to the following error: %%2
Error - 13/11/2013 12:11:04 AM | Computer Name = OWNERPC-P0SPPR1 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AFS
Error - 13/11/2013 12:17:01 AM | Computer Name = OWNERPC-P0SPPR1 | Source = Service Control Manager | ID = 7022
Description = The Windows Update service hung on starting.
Error - 13/11/2013 12:17:38 AM | Computer Name = OWNERPC-P0SPPR1 | Source = Server | ID = 2505
Description = The server could not bind to the transport \Device\NetBT_Tcpip_{FFF4CFA2-3033-4FCE-90C2-4BDA9DE2797F}
because another computer on the network has the same name. The server could not
start.
Error - 13/11/2013 12:27:10 AM | Computer Name = OWNERPC-P0SPPR1 | Source = Service Control Manager | ID = 7000
Description = The LibUsb-Win32 - Daemon, Version 0.1.10.1 service failed to start
due to the following error: %%2
Error - 13/11/2013 12:28:40 AM | Computer Name = OWNERPC-P0SPPR1 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AFS
< End of report >
Also I'm really hoping to be able to just do a really good clean on this laptop, reinstalling would be too big a job and life right now is pretty busy enough as is. I would be willing to do as much with you as possible to clean it as best as possible and would appreciate all your help if you would be so kind as to give me more of your time. I do appreciate it and I thank you.
Blessings.
Edited by Destiny000, 12 November 2013 - 11:31 PM.