This topic is locked
I'm running Windows 8.1 on a laptop, and today it started crashing and getting blue screens. Windows popped up a message about low memory (though I wasn't running anything unusual, nor was I running an unusually high number of programs), asking to close programs and pointing out Firefox as the biggest resource hogger. After closing Firefox, a BSOD comes up (with an error code that I don't remember). Now I get a BSOD each time I try to run GMER(the blue screen shows the code "WHEA_UNCORRECTABLE_ERROR"). The computer seems to be noticably slower, as well.
I'd much appreciate if someone could help determine whether this might be due to malware.
OTL logfile created on: 20.1.2014 22:20:19 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\username\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 0000040B | Country: Finland | Language: FIN | Date Format: d.M.yyyy
3,89 Gb Total Physical Memory | 2,87 Gb Available Physical Memory | 73,85% Memory free
7,89 Gb Paging File | 6,43 Gb Available in Paging File | 81,56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 185,96 Gb Total Space | 153,64 Gb Free Space | 82,62% Space Free | Partition Type: NTFS
Drive D: | 258,34 Gb Total Space | 256,94 Gb Free Space | 99,46% Space Free | Partition Type: NTFS
Computer Name: ABC | User Name: username2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014.01.20 22:15:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\username\Desktop\OTL.exe
PRC - [2014.01.08 13:22:04 | 002,098,880 | ---- | M] () -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
PRC - [2013.12.13 14:12:00 | 000,525,480 | ---- | M] (AdTrustMedia) -- C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.18\trustedadssvc.exe
PRC - [2013.08.08 20:17:56 | 000,020,280 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
PRC - [2013.06.19 22:49:58 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files\ASUS\P4G\InsOnSrv.exe
PRC - [2013.06.19 22:49:56 | 000,594,744 | ---- | M] (ASUS) -- C:\Program Files\ASUS\P4G\InsOnWMI.exe
PRC - [2013.06.03 23:55:02 | 000,055,416 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
PRC - [2013.06.03 23:06:10 | 000,184,432 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
PRC - [2013.05.30 16:17:48 | 000,205,624 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2013.05.29 19:11:48 | 000,303,928 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2013.05.21 11:50:34 | 000,406,328 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2013.04.24 17:27:32 | 000,323,584 | R--- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2013.03.08 17:18:34 | 000,095,192 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2013.01.15 18:20:54 | 000,107,320 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2012.09.18 14:51:54 | 001,124,032 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
PRC - [2012.07.17 16:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012.07.17 16:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012.06.27 14:47:02 | 000,129,856 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012.06.25 12:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012.05.28 12:04:48 | 000,113,312 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2012.04.24 16:37:56 | 000,169,752 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
PRC - [2011.11.21 16:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
========== Modules (No Company Name) ==========
MOD - [2013.04.29 16:17:56 | 000,587,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013.12.19 22:25:37 | 001,302,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2013.11.27 17:36:30 | 003,395,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013.11.14 14:49:36 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2013.11.14 14:49:36 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013.11.14 14:49:35 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013.11.14 14:43:29 | 001,555,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013.11.14 14:43:29 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013.11.14 14:43:28 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2013.11.14 14:43:28 | 000,261,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013.10.20 01:23:22 | 006,254,152 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:64bit: - [2013.09.24 10:53:32 | 000,164,056 | ---- | M] (COMODO) [On_Demand | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe -- (cmdvirth)
SRV:64bit: - [2013.08.22 14:32:01 | 000,346,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2013.08.22 14:32:00 | 000,023,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013.08.22 14:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013.08.22 13:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013.08.22 13:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013.08.22 13:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013.08.22 13:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013.08.22 13:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013.08.22 12:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013.08.22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013.08.22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013.08.22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013.08.22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013.08.22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013.08.22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013.08.22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013.08.22 12:04:53 | 000,716,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013.08.22 12:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013.08.22 11:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2013.08.22 11:58:42 | 000,280,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013.08.22 11:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013.08.22 11:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013.08.22 11:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013.08.22 11:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013.08.22 11:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013.08.22 11:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013.08.22 11:40:14 | 000,398,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2013.08.22 11:39:33 | 000,198,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013.08.22 11:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013.08.22 11:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013.06.19 22:49:58 | 000,277,120 | ---- | M] (ASUS) [On_Demand | Running] -- C:\Program Files\ASUS\P4G\InsOnSrv.exe -- (ASUS InstantOn)
SRV:64bit: - [2013.06.14 11:33:42 | 001,281,640 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2012.04.20 16:16:12 | 000,635,104 | ---- | M] (Intel® Corporation) [On_Demand | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV - [2014.01.08 13:22:04 | 002,098,880 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater)
SRV - [2013.12.20 23:40:18 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.12.05 21:36:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.11.14 14:43:26 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013.10.01 13:02:42 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013.08.22 14:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013.08.22 05:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013.08.22 04:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013.04.24 18:12:22 | 000,310,400 | ---- | M] (Windows ® Win 7 DDK provider) [On_Demand | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2013.04.24 17:27:32 | 000,323,584 | R--- | M] (Atheros) [On_Demand | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt and Wlan Coex Agent)
SRV - [2013.01.15 18:20:54 | 000,107,320 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2012.12.19 08:10:38 | 000,072,192 | ---- | M] () [On_Demand | Running] -- C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe -- (Asus WebStorage Windows Service)
SRV - [2012.07.17 16:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.07.17 16:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.06.27 14:47:02 | 000,129,856 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2012.06.25 12:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012.04.24 16:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2011.11.21 16:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2010.10.12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.12.19 22:25:37 | 000,372,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013.12.19 22:25:37 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013.12.19 22:25:37 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013.12.19 22:25:37 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013.12.19 22:25:37 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013.11.14 14:49:33 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013.11.14 14:43:25 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013.11.14 14:43:25 | 000,236,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013.11.14 14:43:25 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013.11.14 14:39:45 | 000,136,536 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013.11.14 14:29:14 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013.11.14 14:29:09 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013.10.01 13:02:30 | 004,177,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013.09.24 10:54:16 | 000,023,168 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\cmderd.sys -- (cmderd)
DRV:64bit: - [2013.08.23 00:51:12 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013.08.23 00:51:12 | 000,026,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013.08.22 15:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013.08.22 15:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013.08.22 14:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013.08.22 14:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013.08.22 14:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013.08.22 14:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013.08.22 14:43:48 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013.08.22 14:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013.08.22 14:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013.08.22 14:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013.08.22 14:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013.08.22 14:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013.08.22 14:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013.08.22 14:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013.08.22 14:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013.08.22 14:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013.08.22 14:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013.08.22 14:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013.08.22 14:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013.08.22 14:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013.08.22 14:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013.08.22 14:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013.08.22 14:43:33 | 000,189,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013.08.22 14:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013.08.22 14:43:32 | 000,078,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2013.08.22 14:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013.08.22 14:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013.08.22 14:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013.08.22 14:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013.08.22 14:41:08 | 000,054,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2013.08.22 14:39:44 | 000,377,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2013.08.22 14:39:15 | 000,924,512 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2013.08.22 14:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013.08.22 14:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013.08.22 14:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013.08.22 14:34:22 | 000,265,056 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013.08.22 14:34:22 | 000,124,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2013.08.22 14:31:28 | 000,034,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013.08.22 13:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013.08.22 13:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013.08.22 13:39:28 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013.08.22 13:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013.08.22 13:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013.08.22 13:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013.08.22 13:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013.08.22 13:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013.08.22 13:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013.08.22 13:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013.08.22 13:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013.08.22 13:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013.08.22 13:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013.08.22 13:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013.08.22 13:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013.08.22 13:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013.08.22 13:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013.08.22 13:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013.08.22 13:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013.08.22 13:36:37 | 000,224,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013.08.22 13:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013.08.22 13:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013.08.22 13:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013.08.22 13:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013.08.22 10:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013.08.13 01:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013.08.10 02:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013.08.08 20:18:12 | 000,069,392 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusTP.sys -- (ATP)
DRV:64bit: - [2013.07.30 20:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013.07.25 21:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013.06.18 16:46:17 | 000,591,360 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2013.06.18 16:45:02 | 003,680,256 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athw8x.sys -- (athr)
DRV:64bit: - [2013.05.03 03:54:08 | 000,677,360 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2013.04.26 04:23:22 | 000,342,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2013.04.24 17:51:54 | 000,586,440 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2013.04.24 17:51:50 | 000,136,784 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2013.04.24 17:51:50 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2013.04.24 17:51:48 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2013.04.24 17:51:46 | 000,115,912 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2013.04.24 17:51:46 | 000,089,800 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2013.04.24 17:51:44 | 000,347,336 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2013.03.05 08:12:34 | 000,308,808 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsBaStor.sys -- (RSBASTOR)
DRV:64bit: - [2012.09.18 14:51:54 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)
DRV:64bit: - [2012.08.02 05:22:48 | 000,014,992 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2012.07.02 17:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012.05.31 05:47:44 | 000,021,152 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsHIDSwitch64.sys -- (HIDSwitch)
DRV - [2011.09.07 11:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009.07.02 19:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...R&pc=ASU2JS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...R&pc=ASU2JS
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.12
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK
[2013.12.19 19:09:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\username\AppData\Roaming\mozilla\Extensions
[2014.01.18 21:07:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\username\AppData\Roaming\mozilla\Firefox\Profiles\pecwt4wd.default\extensions
[2014.01.18 21:07:43 | 000,536,648 | ---- | M] () (No name found) -- C:\Users\username\AppData\Roaming\mozilla\firefox\profiles\pecwt4wd.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2014.01.18 16:31:16 | 000,940,775 | ---- | M] () (No name found) -- C:\Users\username\AppData\Roaming\mozilla\firefox\profiles\pecwt4wd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.12.19 19:09:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.12.19 19:09:09 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2013.08.22 15:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2:64bit: - BHO: (PrivDog Extension) - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:\Program Files\AdTrustMedia\PrivDog\1.8.0.18\trustedads.dll (AdTrustMedia)
O2 - BHO: (PrivDog Extension) - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.18\trustedads.dll (AdTrustMedia)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [ComodoFSFirefox] "C:\Program Files (x86)\AdTrustMedia\PrivDog\FinalizeSetup.exe" /f File not found
O4 - HKLM..\Run: [PrivDogService] C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.18\trustedadssvc.exe (AdTrustMedia)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" (Qualcomm Atheros Commnucations)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O9:64bit: - Extra Button: PrivDog - {2F5C139F-79BD-4C84-A95A-E7140525BC55} - C:\Program Files\AdTrustMedia\PrivDog\1.8.0.18\trustedads.dll (AdTrustMedia)
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O9 - Extra Button: PrivDog - {2F5C139F-79BD-4C84-A95A-E7140525BC55} - C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.18\trustedads.dll (AdTrustMedia)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AB5B1262-DE69-4978-B726-9A1BFE106E41}: DhcpNameServer = 192.168.100.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AB5B1262-DE69-4978-B726-9A1BFE106E41}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF400304-6CA2-455B-A0B9-40D23514EC79}: NameServer = 156.154.70.22,156.154.71.22
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014.01.20 22:15:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\username\Desktop\OTL.exe
[2014.01.20 21:27:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2014.01.07 23:40:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014.01.07 23:40:02 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014.01.02 01:00:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
[2014.01.02 00:29:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2014.01.02 00:25:28 | 002,693,530 | ---- | C] (Blizzard Entertainment) -- C:\Users\username\Desktop\Downloader_Warcraft3_Reign_of_Chaos_enGB.exe
[2013.12.25 01:49:35 | 000,000,000 | ---D | C] -- C:\Users\username\AppData\Roaming\cef-cache
[2013.12.25 01:49:33 | 000,000,000 | ---D | C] -- C:\Users\username\AppData\Roaming\Party
[2013.12.25 01:49:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\partypoker
[2013.12.25 01:21:36 | 000,000,000 | ---D | C] -- C:\Programs
[2013.12.24 23:23:56 | 000,000,000 | ---D | C] -- C:\Users\username\AppData\Local\AdTrustMedia
[2013.12.23 02:07:49 | 000,000,000 | ---D | C] -- C:\Users\username\AppData\Roaming\3909
[2013.12.23 00:16:20 | 000,000,000 | ---D | C] -- C:\Users\username\AppData\Local\Diagnostics
========== Files - Modified Within 30 Days ==========
[2014.01.20 22:30:13 | 001,359,344 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\sfi.dat
[2014.01.20 22:16:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014.01.20 22:15:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\username\Desktop\OTL.exe
[2014.01.20 22:04:52 | 000,000,062 | ---- | M] () -- C:\Users\username\AppData\Roaming\sp_data.sys
[2014.01.20 22:02:23 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.01.20 22:00:22 | 369,949,653 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2014.01.20 22:00:22 | 3340,120,064 | -HS- | M] () -- C:\hiberfil.sys
[2014.01.20 22:00:22 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014.01.20 21:32:43 | 000,379,904 | ---- | M] () -- C:\Users\username\Desktop\8dxdgrql.exe
[2014.01.20 21:27:37 | 435,752,021 | ---- | M] () -- C:\Users\username\Desktop\MEMORY.DMP
[2014.01.13 18:10:37 | 000,198,063 | ---- | M] () -- C:\Users\username\Desktop\type2.jpg
[2014.01.13 18:08:39 | 000,190,046 | ---- | M] () -- C:\Users\username\Desktop\type.jpg
[2014.01.09 22:17:43 | 000,057,096 | ---- | M] (COMODO CA Limited) -- C:\WINDOWS\SysNative\certsentry.dll
[2014.01.09 22:17:43 | 000,048,392 | ---- | M] (COMODO CA Limited) -- C:\WINDOWS\SysWow64\certsentry.dll
[2014.01.07 23:40:03 | 000,000,836 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014.01.02 01:00:31 | 000,000,630 | ---- | M] () -- C:\Users\Public\Desktop\Warcraft III.lnk
[2014.01.02 00:25:30 | 002,693,530 | ---- | M] (Blizzard Entertainment) -- C:\Users\username\Desktop\Downloader_Warcraft3_Reign_of_Chaos_enGB.exe
[2013.12.25 01:49:16 | 000,001,543 | ---- | M] () -- C:\Users\username\Desktop\partypoker.lnk
[2013.12.24 23:27:27 | 000,347,158 | ---- | M] () -- C:\Users\username\Desktop\Untitled.jpg
[2013.12.24 23:24:44 | 000,000,000 | ---- | M] () -- C:\Users\username\Desktop\New Bitmap Image.bmp
========== Files Created - No Company Name ==========
[2014.01.20 21:36:42 | 435,752,021 | ---- | C] () -- C:\Users\username\Desktop\MEMORY.DMP
[2014.01.20 21:32:40 | 000,379,904 | ---- | C] () -- C:\Users\username\Desktop\8dxdgrql.exe
[2014.01.20 21:27:37 | 369,949,653 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP
[2014.01.16 00:47:56 | 000,138,240 | ---- | C] () -- C:\WINDOWS\SysNative\OEMLicense.dll
[2014.01.16 00:47:56 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014.01.13 18:10:37 | 000,198,063 | ---- | C] () -- C:\Users\username\Desktop\type2.jpg
[2014.01.13 18:08:39 | 000,190,046 | ---- | C] () -- C:\Users\username\Desktop\type.jpg
[2014.01.07 23:40:03 | 000,000,836 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014.01.02 01:00:18 | 000,000,630 | ---- | C] () -- C:\Users\Public\Desktop\Warcraft III.lnk
[2013.12.25 01:44:53 | 000,001,543 | ---- | C] () -- C:\Users\username\Desktop\partypoker.lnk
[2013.12.24 23:27:27 | 000,347,158 | ---- | C] () -- C:\Users\username\Desktop\Untitled.jpg
[2013.12.24 23:24:44 | 000,000,000 | ---- | C] () -- C:\Users\username\Desktop\New Bitmap Image.bmp
[2013.12.19 20:31:15 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013.12.19 09:38:21 | 000,000,062 | ---- | C] () -- C:\Users\username\AppData\Roaming\sp_data.sys
[2013.10.01 13:02:30 | 000,303,104 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2013.10.01 13:02:26 | 000,180,736 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013.10.01 13:02:26 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2013.08.22 17:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013.08.22 17:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013.08.22 16:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.08.22 09:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013.08.22 05:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013.08.22 01:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013.08.22 01:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013.05.01 17:32:07 | 000,024,576 | ---- | C] () -- C:\ProgramData\SetStretch.exe
[2013.05.01 17:32:07 | 000,000,256 | ---- | C] () -- C:\ProgramData\SetStretch.cmd
[2013.05.01 17:32:07 | 000,000,103 | ---- | C] () -- C:\ProgramData\SetStretch.VBS
[2012.07.25 22:22:56 | 000,267,284 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin
[2012.07.25 22:22:54 | 000,963,376 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin
[2012.04.20 15:59:44 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll
========== ZeroAccess Check ==========
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.11.14 15:05:17 | 021,196,664 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.11.14 15:05:17 | 018,642,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013.08.22 11:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013.08.22 04:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013.08.22 11:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.12.23 02:07:49 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\3909
[2013.12.19 09:37:54 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\ASUS WebStorage
[2013.12.25 01:49:35 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\cef-cache
[2013.12.25 01:49:33 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\Party
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 199 bytes -> C:\Users\username\SkyDrive:ms-properties
< End of report >
OTL Extras logfile created on: 20.1.2014 22:20:19 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\username\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 0000040B | Country: Finland | Language: FIN | Date Format: d.M.yyyy
3,89 Gb Total Physical Memory | 2,87 Gb Available Physical Memory | 73,85% Memory free
7,89 Gb Paging File | 6,43 Gb Available in Paging File | 81,56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 185,96 Gb Total Space | 153,64 Gb Free Space | 82,62% Space Free | Partition Type: NTFS
Drive D: | 258,34 Gb Total Space | 256,94 Gb Free Space | 99,46% Space Free | Partition Type: NTFS
Computer Name: ABC | User Name: username2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{BD42D0FC-2AEA-4926-BF78-42E068C8D8EC}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{DE692E01-855C-4797-A158-5A618BE176F2}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05D53C9A-CC19-4156-A4BC-BA93ECB51A7E}" = dir=out | name=@{microsoft.bingnews_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{089F79B5-322D-498E-A40D-046B5B508FB7}" = dir=out | name=@{microsoft.zunevideo_2.2.338.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{09224476-1147-4D22-A561-B6132A3DC482}" = dir=out | name=juniper networks junos pulse |
"{0A3EF993-3FF1-4096-B5FD-0FFDC81A2391}" = dir=out | name=@{microsoft.bingmaps_2.0.2210.2401_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{0CAED937-CB7B-43D8-BD63-BB7FB39E630E}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{0D988EA0-53EC-40C8-9C71-6EE84B8468BD}" = dir=in | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{0F666DD3-D381-4A6C-B325-15A9C6BC7F0E}" = dir=in | name=pinball fx2 |
"{1459BCBF-75D8-49F4-92AE-C1AF0C369248}" = dir=out | name=@{microsoft.bingweather_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{158E88AF-8C15-4AFD-B093-E49BAFE6C7DD}" = dir=out | name=fresh paint |
"{17E7EE96-8CA8-41A5-9841-CE2B2C17DBCC}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.1.335_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{18A7316A-654C-4E4B-ABB8-83919EC05538}" = dir=in | name=f5 vpn |
"{19C592B3-D2AF-4006-BBFD-BEC0117BAC50}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{210755A7-99AC-4791-966B-26EB736730D6}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{24646791-0BE9-4219-8059-9373D7CC5780}" = dir=out | name=@{microsoft.bingfinance_3.0.1.299_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{25D20BFC-DBDA-4BCD-B428-85F8EF37D800}" = dir=out | name=skype |
"{26179A63-37DE-4210-91D0-7919AD530B9C}" = dir=in | name=sonicwall mobile connect |
"{30CCCD0F-46C8-433E-A8D2-82C4D1E2EBD8}" = dir=out | name=@{microsoft.bingsports_1.8.0.51_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{33958CFE-BEE1-4285-868E-B30472F0F5C7}" = dir=out | name=@{microsoft.zunemusic_2.2.339.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{3653D8F3-9357-4AE2-9F70-0AEC03CC058E}" = dir=out | name=sonicwall mobile connect |
"{36E70713-7733-40C9-9F68-78FC856D36ED}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{3BC0F16C-FBAA-48BF-9E08-3BC1EE76453E}" = dir=out | name=@{magix.musicmakerjam_2.0.1020.2_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} |
"{41C3978C-E52C-4A2A-B032-BE37DC2DB0D3}" = dir=out | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{45134309-98BA-44F4-ABA5-01ABEF359527}" = dir=in | name=@{magix.musicmakerjam_2.0.1020.2_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} |
"{486FF9B6-A5EB-468A-8899-A2282897C26C}" = dir=out | name=@{microsoft.bingsports_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{4BB7E79B-DAD7-4313-9591-7D1B3F2AC51F}" = dir=out | name=juniper networks junos pulse |
"{4E935EB0-2B54-4221-8976-C06D18C9D07B}" = dir=out | name=@{microsoft.zunemusic_2.2.41.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{5012E1EE-42F5-470C-BBB3-4AA3C59F4B63}" = dir=out | name=check point vpn |
"{50F63C3F-4974-4DC7-8D56-15AA85A28FAD}" = dir=out | name=f5 vpn |
"{51C04E3E-509D-479F-B4FA-7D4484099D7A}" = dir=out | name=windows_ie_ac_001 |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{57E114AA-1C6E-4E3F-8746-96277AB773D9}" = dir=out | name=fresh paint |
"{58D83969-C0A0-4067-BD19-5E0F6B73CE43}" = dir=out | name=@{microsoft.zunevideo_2.2.41.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{5914664A-EBB1-42C3-9F3B-12C4BB7E2447}" = dir=out | name=f5 vpn |
"{59AA906A-581B-45F1-848F-32C5286FE603}" = dir=in | name=check point vpn |
"{5A954C1A-2A3C-415F-A5BA-B3A218DC4FC4}" = dir=in | name=juniper networks junos pulse |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{63B099C8-6D68-4219-94C0-C0B09BCFC959}" = dir=out | name=check point vpn |
"{65E29788-77B6-41F3-B882-0E4FFE34F22F}" = dir=out | name=@{microsoft.bingfinance_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{69033B75-5322-45C1-BCA1-3F6FB0F26F81}" = dir=out | name=@{microsoft.bingsports_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{6C02F709-E0DA-4282-A581-0F272197BECE}" = dir=in | name=music maker jam |
"{6C4A2789-F012-41D0-82E0-2F03E17AD4A4}" = dir=out | name=@{microsoft.bingnews_1.7.0.38_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{6F430E94-9993-4D63-B756-7BA3FE4FF95C}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.1.177_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{70C3B52C-548C-45FE-B337-8823CAE95592}" = dir=out | name=@{microsoft.skypeapp_1.3.0.112_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{70CCD6DE-43F5-4F16-B791-B83C971B863F}" = dir=out | name=@{microsoft.bingtravel_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{75A666E5-3A14-4DC2-89E1-0FC489B72A8C}" = dir=out | name=@{microsoft.zunemusic_1.1.144.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{786075C2-39CA-4A78-B735-C4109D3EAEBE}" = dir=out | name=pinball fx2 |
"{79684DFB-63D5-457F-9EE9-45F921004CC4}" = dir=in | name=pinball fx2 |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{81AC331A-08D3-415D-9F6A-7AA52BC6A0A2}" = dir=out | name=@{microsoft.xboxlivegames_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{8262F5AD-CDFF-48D9-A3A2-1824B3BF9C5A}" = dir=in | name=skype |
"{82AC78C0-7E04-45ED-B2F8-42AA12E34A99}" = dir=out | name=- games app - |
"{82B451B6-34F5-428A-BAD6-856E6BD39F32}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{82ED95FC-935E-483C-88FF-9AB00B832E51}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{8A9D09A0-A44B-40DC-86E5-D6BD5847DB26}" = dir=out | name=windows_ie_ac_001 |
"{8CF71FBE-3D84-45F7-ACA0-4C830A5A42A3}" = dir=in | name=@{microsoft.skypeapp_1.3.0.112_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{90E55719-D235-4E4F-ADD8-7E513ACC8F65}" = dir=out | name=sonicwall mobile connect |
"{952ADAB1-F461-42CF-BB54-214A11952C47}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9600.16384_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{9F9F6EF0-3A1E-4D71-B9C3-21F3021DFA42}" = dir=out | name=@{microsoft.bingweather_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{A0402B6D-E67E-4750-AB9D-454186DFBF06}" = dir=out | name=@{microsoft.zunevideo_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{A9CC95B5-8859-4235-BABC-FB3D653A3B73}" = dir=in | name=check point vpn |
"{ACA25A8A-A0CE-4DBD-8CE0-2B4AA813EACF}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{B03D7794-0107-4912-86EE-227D50E4EA89}" = dir=out | name=music maker jam |
"{B0E8B815-8BA6-4DB4-8BC1-46D558315707}" = dir=out | name=skype |
"{B3B0695F-33F6-42A3-BF06-EB1632934883}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.1.176_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{B556FD4E-ACF1-494F-9F69-FA003B21AF0E}" = dir=out | name=@{microsoft.bingtravel_3.0.1.202_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{BCA63B38-6B35-40E6-9241-A1C3149C957B}" = dir=out | name=@{microsoft.bingtravel_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{BF7226A6-B3EB-4F79-8A5A-73CBBF5A4F1C}" = dir=out | name=@{microsoft.xboxlivegames_2.0.20.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{C05DF854-FFB0-43E2-BC09-A8B87AFD7EA5}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{C24DC314-DC1C-472E-9768-44E46AF4F36A}" = dir=out | name=- games app - |
"{C3EAF101-7118-4DDE-BB83-B400DCB611C9}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9600.16384_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{CEA33F38-A7B6-42AA-A5E5-CD9CAFD6CE04}" = dir=out | name=@{microsoft.bingweather_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{D221E423-4DFC-4A46-929F-BBA11FC87CFE}" = dir=in | name=juniper networks junos pulse |
"{D46B28C9-DA5E-4E8A-91B3-29B2AA01B1A8}" = dir=in | name=sonicwall mobile connect |
"{D4F25BE3-CBD1-4600-B8EA-E29B95957DD8}" = dir=out | name=windows_ie_ac_001 |
"{D623A387-6B80-4A42-87C8-5F30637F5583}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D9AC71BD-8512-421D-908D-7DEECA6B09BD}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{DA35D1A8-E6C5-4DCB-AB15-EDE10DAFD45E}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{E01C5105-30EC-4799-B0C8-D6F59D81EF48}" = dir=out | name=@{microsoft.bingmaps_2.0.2009.2356_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{E07C65A2-5BE2-4AFD-AC0D-186BF1D730A0}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{E58D37B2-7B33-403F-AE25-F0DB2035F3A0}" = dir=out | name=@{microsoft.bingmaps_1.5.1.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EBBB49BD-3A15-406B-9A8A-2BFF346ADE77}" = dir=out | name=@{microsoft.bingnews_3.0.1.321_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/apptitle} |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EEAD8F65-3A30-459E-99B0-EFD02ED24E00}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{EF6B923C-2C5F-40CD-AC68-60EA954730CC}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{F1DE769E-FF80-4C02-BB2C-5C1F4D6D8F91}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F7E2701C-1EAB-4927-92E4-590E5ED8C8D9}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.1.337_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{FA7EB325-A282-44D5-B9D6-EA43D7C60E3C}" = dir=in | name=skype |
"{FAD3090C-34EF-4431-AF20-D8F46615A813}" = dir=out | name=@{microsoft.bingfinance_1.7.0.38_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{FF6CE7A7-2604-4913-8219-C849A77DFCCD}" = dir=out | name=pinball fx2 |
"{FFB17E2C-331D-4EEB-B64B-1D4444E67C49}" = dir=in | name=f5 vpn |
"TCP Query User{C37E7F75-7538-4B13-AA85-DDBCFE3EE71C}D:\warcraft iii\war3.exe" = protocol=6 | dir=in | app=d:\warcraft iii\war3.exe |
"UDP Query User{F54B7BCC-B16E-454E-93DE-22884793551D}D:\warcraft iii\war3.exe" = protocol=17 | dir=in | app=d:\warcraft iii\war3.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}" = ASUS Screen Saver
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{901D1D88-408D-48E5-80DD-CC3145BD8456}" = COMODO Internet Security Premium
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"16D5A24C881B7CEE31FBA6DD5EC1C194C188F85A" = Windows Driver Package - ASUS (ATP) Mouse (07/16/2013 1.0.0.181)
"CCleaner" = CCleaner
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048C8498-C20B-4AF7-9978-7A79E567D74C}" = Photo Common
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0E1BB4B4-00FF-45B1-914B-AB8D8B9862B3}" = Windows Live UX Platform Language Pack
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros Client Installation Program
"{28B2947F-FC0B-4450-80E3-6DF698E824A6}" = Windows Liven peruspaketti
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{306C7AEF-16C7-428D-93AA-99D4A4090243}" = Movie Maker
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{36BEC461-B58A-414D-993E-E2BDD1F1A14B}" = Movie Maker
"{49110532-D289-4BFF-807C-45B782E66A7C}" = Photo Common
"{49F068F2-4323-417B-AFC8-1E43F479D46C}" = Windows Live Essentials
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4D3286A6-F6AB-498A-82A4-E4F040529F3D}" = ASUS Smart Gesture
"{5078CEC3-A56F-4080-8CD4-ED7BCBE5686B}" = Photo Common
"{537B16E0-A39F-47CB-9C1E-50978862B108}" = Windows Live UX Platform Language Pack
"{63824BC0-B747-43F3-9863-1066D64AD919}" = Photo Gallery
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6CEA775F-E70A-4D72-A3B4-1EB3A5AD4B5C}" = Windows Live Essentials
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus" = WildTangent Games App
"{7E63F102-A9E9-4F4C-8004-BC62974736BF}" = Movie Maker
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{88809C3E-8C92-4454-AEB7-B26166E3D6CD}" = Windows Live UX Platform Language Pack
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E6E8CBB-8E58-493C-943F-4664F5F2FEDB}" = Movie Maker
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9F470E17-4FC3-4091-A508-D5347A16A2B9}" = Fotogalleriet
"{A37F2060-813A-4325-9456-272B10EE75EF}" = Windows Live Essentials
"{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}" = ASUS USB Charger Plus
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI
"{BA068968-594F-40BE-8EE8-99119123C991}" = Windows Live UX Platform Language Pack
"{BAD4B8FA-4BDA-4A59-BE64-9741031680C7}" = Movie Maker
"{C32F4F5A-C9FB-427C-9F6F-9DB157611FFF}" = Valokuvavalikoima
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C7929038-EDFB-416D-A2C9-CC65416DA0DF}" = Photo Common
"{C9661090-C134-46E8-90B2-76D72355C2A6}" = Realtek PCIE Card Reader
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = ASUSDVD
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0E0FB88-D570-463E-A98E-733B7B656867}" = Photo Gallery
"{E354D495-5DA4-4CCF-AB39-080F6A4141BE}" = Fotogalleri
"{EC33D375-5164-4374-9061-43F5C6073219}" = Photo Common
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1CA7DAE-F998-499C-8CA5-FC58CA2416EC}" = Windows Live Essentials
"{F21F0424-B2FF-40BF-A984-9E0D7FB4C97E}" = Windows Live UX Platform Language Pack
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® SDK for OpenCL - CPU Only Runtime Package
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ASUS WebStorage" = ASUS WebStorage Sync Agent
"Asus Vibe2.0" = AsusVibe2.0
"Comodo Dragon" = Comodo Dragon
"GOGPACKPAPERSPLEASE_is1" = Papers, Please
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = ASUSDVD
"Mozilla Firefox 26.0 (x86 en-GB)" = Mozilla Firefox 26.0 (x86 en-GB)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MyBitCast" = MyBitCast 2.0
"PartyPoker" = partypoker
"PrivDog" = PrivDog
"Warcraft III" = Warcraft III
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"WTA-466cdf2f-4168-4e36-a689-2c262874b93c" = Tales of Lagoona
"WTA-5f82a783-b8b4-4922-a116-2892d831962e" = Cut the Rope
"WTA-6bd9b7ce-5f31-4fe4-badb-9d3f349ad3cd" = Peggle
"WTA-9afc60ac-3cef-458f-94ba-6dcac798b639" = Azteca
"WTA-ce64c5c9-7f31-4800-b70b-2899c34698ce" = Penguins!
"WTA-fb7d2541-998e-483a-8f3e-739886263206" = Bejeweled 3
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 19.12.2013 11:30:17 | Computer Name = abc | Source = Software Protection Platform Service | ID = 8200
Description = License acquisition failure details. hr=0x80072EE7
Error - 19.12.2013 11:30:17 | Computer Name = abc | Source = Software Protection Platform Service | ID = 1014
Description = Acquisition of End User License failed. hr=0x80072EE7 Sku Id=9e4b231b-3e45-41f4-967f-c914f178b6ac
Error - 19.12.2013 11:30:17 | Computer Name = abc | Source = Software Protection Platform Service | ID = 8198
Description = License Activation (slui.exe) failed with the following error code:
hr=0x80072EE7
Command-line
arguments: RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=9e4b231b-3e45-41f4-967f-c914f178b6ac;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error - 19.12.2013 17:46:13 | Computer Name = abc | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of application microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
failed with error: -2147023564 See the Microsoft-Windows-TWinUI/Operational log
for additional information.
Error - 20.12.2013 15:59:11 | Computer Name = abc | Source = MsiInstaller | ID = 1002
Description =
Error - 24.12.2013 17:25:27 | Computer Name = abc | Source = Microsoft-Windows-Immersive-Shell | ID = 2486
Description = App Microsoft.FreshPaint_2.0.13345.1_x86__8wekyb3d8bbwe+Microsoft.FreshPaint
did not launch within its allotted time.
Error - 24.12.2013 17:25:33 | Computer Name = abc | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of application Microsoft.FreshPaint_8wekyb3d8bbwe!Microsoft.FreshPaint
failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log
for additional information.
Error - 24.12.2013 19:26:07 | Computer Name = abc | Source = Application Hang | ID = 1002
Description = The program SmartInstaller.exe version 1.0.0.1 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1338 Start
Time: 01cf00fed1a86990 Termination Time: 15 Application Path: C:\Users\username\Downloads\partypoker_Installer\SmartInstaller.exe
Report
Id: bcd55822-6cf2-11e3-be84-bcee7bb62fbf Faulting package full name: Faulting package-relative
application ID:
Error - 24.12.2013 19:37:38 | Computer Name = abc | Source = Application Hang | ID = 1002
Description = The program SmartInstaller.exe version 1.0.0.1 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 958 Start
Time: 01cf0100c1884dbd Termination Time: 9 Application Path: C:\Users\username\Downloads\partypoker_Installer\SmartInstaller.exe
Report
Id: 5c3a6ffa-6cf4-11e3-be84-bcee7bb62fbf Faulting package full name: Faulting package-relative
application ID:
Error - 24.12.2013 19:49:39 | Computer Name = abc | Source = Application Error | ID = 1000
Error - 28.12.2013 1:27:08 | Computer Name = abc | Source = Application Error |
ID = 1000
Description = Faulting application name: firefox.exe, version: 26.0.0.5087, time stamp: 0x52a0d273
Faulting module name: xul.dll, version: 26.0.0.5087, time stamp: 0x52a0d20a
Exception code: 0xc0000005
Fault offset: 0x0014e1a8
Faulting process ID: 0xcbc
Faulting application start time: 0x01cf03651777b736
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: C:\Program Files (x86)\Mozilla Firefox\xul.dll
Report ID: b12cca84-6f80-11e3-be8a-bcee7bb62fbf
Faulting package full name:
Faulting package-relative application ID:
Error encountered while reading event logs.
< End of report >
Edited by jn1000, 23 January 2014 - 04:42 PM.
Sign In
Create Account
