Here is the OTL.txt :
OTL logfile created on: 2014/02/12 1:04:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = I:\
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd
3.87 Gb Total Physical Memory | 2.29 Gb Available Physical Memory | 59.20% Memory free
8.52 Gb Paging File | 6.71 Gb Available in Paging File | 78.77% Paging File free
Paging file location(s): c:\pagefile.sys 4765 5600 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284.87 Gb Total Space | 29.32 Gb Free Space | 10.29% Space Free | Partition Type: NTFS
Drive D: | 6.31 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 29.88 Gb Total Space | 1.42 Gb Free Space | 4.74% Space Free | Partition Type: FAT32
Drive I: | 7.46 Gb Total Space | 1.60 Gb Free Space | 21.48% Space Free | Partition Type: FAT32
Computer Name: USER-VAIO | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2014/02/12 00:57:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- I:\OTL.exe
PRC - [2014/01/10 17:40:04 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2014/01/10 17:40:02 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2013/12/21 14:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/08/15 15:50:24 | 000,076,136 | ---- | M] (Black Oak Computers, Inc.) -- C:\Program Files (x86)\StrongVPN\StrongService.exe
PRC - [2013/07/08 10:42:48 | 001,922,600 | ---- | M] (Pandora.TV) -- C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
PRC - [2013/07/08 10:42:38 | 001,798,696 | ---- | M] (PandoraTV) -- C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
PRC - [2013/04/04 10:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 10:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 10:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/10/08 22:15:50 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Pen\WacomHost.exe
PRC - [2012/02/23 07:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
PRC - [2012/02/20 11:53:58 | 001,679,360 | ---- | M] (Wondershare) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
PRC - [2011/10/24 09:49:14 | 000,958,112 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2011/08/31 00:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011/06/26 21:00:23 | 003,077,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2011/04/06 07:17:11 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010/06/01 18:01:56 | 000,367,456 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2010/06/01 18:01:54 | 000,600,928 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2010/06/01 10:18:32 | 000,217,968 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2010/06/01 10:18:32 | 000,120,176 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2010/06/01 08:01:52 | 000,673,136 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2010/03/04 11:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/02/24 04:52:00 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2008/09/19 01:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
========== Modules (No Company Name) ========== MOD - [2014/01/10 17:40:32 | 019,336,120 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\libcef.dll
MOD - [2013/07/15 16:53:37 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\01b47a246b4ec7bfec31bf4503aceda1\System.Runtime.Remoting.ni.dll
MOD - [2013/07/15 16:53:28 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\dd2d0cf72eac6e5b113a0059aeb3cab5\IAStorUtil.ni.dll
MOD - [2013/07/15 16:53:21 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\05682429807d34d6ff05a77ea153935f\System.Windows.Forms.ni.dll
MOD - [2013/07/15 16:53:04 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\e2ee5d77ebe0bd025e7a7a317a43d677\System.Drawing.ni.dll
MOD - [2013/07/15 16:52:46 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\3bf9b4653554fbf94881143bfe5e5b66\System.Xml.ni.dll
MOD - [2013/07/15 16:52:38 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\96a3b737db1e72adaf32d2b350e50c23\System.Configuration.ni.dll
MOD - [2013/07/15 16:52:34 | 007,974,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c54750e64ba10d0fb7b6a636fb3695ca\System.ni.dll
MOD - [2013/07/15 16:52:18 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b0b8554c05f194f546a8ed531320760b\mscorlib.ni.dll
MOD - [2011/06/26 21:00:23 | 003,077,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2011/06/24 18:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 18:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
========== Services (SafeList) ========== SRV:
64bit: - [2014/01/10 17:40:02 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:
64bit: - [2013/10/11 06:54:28 | 000,144,152 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:
64bit: - [2012/11/14 20:45:32 | 000,619,904 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\WTabletServiceCon.exe -- (WTabletServiceCon)
SRV:
64bit: - [2012/10/26 09:44:28 | 001,286,784 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Update\VUAgent.exe -- (VUAgent)
SRV:
64bit: - [2011/09/23 14:18:38 | 000,289,952 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV:
64bit: - [2011/09/08 11:44:00 | 000,549,408 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:
64bit: - [2011/09/08 10:29:16 | 000,381,488 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV:
64bit: - [2011/08/26 13:47:26 | 000,101,600 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:
64bit: - [2011/02/14 09:23:50 | 000,044,736 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Care\VCService.exe -- (VCService)
SRV:
64bit: - [2011/01/29 01:36:18 | 000,259,192 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV:
64bit: - [2011/01/15 05:35:58 | 000,341,296 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe -- (NitroReaderDriverReadSpool)
SRV:
64bit: - [2010/08/12 00:46:06 | 000,845,312 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV:
64bit: - [2010/06/22 09:00:52 | 000,575,856 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:
64bit: - [2010/06/09 14:55:14 | 000,952,096 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:
64bit: - [2010/03/06 01:26:38 | 001,425,168 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:
64bit: - [2010/03/06 01:06:22 | 000,831,760 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:
64bit: - [2009/07/14 09:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/12/21 14:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/12/12 09:22:41 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/12 03:40:36 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/08/15 15:50:24 | 000,076,136 | ---- | M] (Black Oak Computers, Inc.) [Auto | Running] -- C:\Program Files (x86)\StrongVPN\StrongService.exe -- (StrongVPN Service)
SRV - [2013/07/08 10:42:48 | 001,922,600 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe -- (PanService)
SRV - [2013/04/19 11:14:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/04/04 10:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 10:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/04/02 13:58:27 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/01/18 09:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011/11/03 15:30:26 | 000,138,392 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2011/11/03 15:30:26 | 000,074,904 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2011/10/24 09:49:14 | 000,958,112 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2011/08/31 00:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011/04/06 07:17:11 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/08/25 03:08:50 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/06/18 22:07:12 | 000,423,280 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2010/06/02 06:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/06/01 18:01:56 | 000,367,456 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2010/06/01 10:18:32 | 000,217,968 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2010/03/19 05:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/19 03:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/04 11:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/02/24 04:52:04 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/02/24 04:52:00 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/09/19 01:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2014/01/10 17:40:44 | 000,082,744 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:
64bit: - [2014/01/10 17:40:43 | 001,034,464 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:
64bit: - [2014/01/10 17:40:43 | 000,422,216 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:
64bit: - [2014/01/10 17:40:43 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:
64bit: - [2014/01/10 17:40:43 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:
64bit: - [2014/01/10 17:40:43 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:
64bit: - [2014/01/10 17:40:42 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:
64bit: - [2013/12/19 21:11:27 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:
64bit: - [2013/08/11 10:18:13 | 000,035,520 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tapstrong.sys -- (tapstrong)
DRV:
64bit: - [2013/04/04 10:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:
64bit: - [2012/12/13 09:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:
64bit: - [2012/10/12 15:54:54 | 000,015,776 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:
64bit: - [2012/10/12 15:20:38 | 000,081,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:
64bit: - [2012/10/12 15:20:38 | 000,013,728 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:
64bit: - [2012/10/08 15:52:52 | 000,031,968 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice)
DRV:
64bit: - [2012/08/21 09:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:
64bit: - [2012/03/01 14:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2012/01/28 17:11:44 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:
64bit: - [2012/01/28 17:11:44 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:
64bit: - [2011/07/23 00:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:
64bit: - [2011/07/13 05:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:
64bit: - [2011/03/11 14:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2011/03/11 14:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2011/03/05 03:44:12 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:
64bit: - [2011/01/16 00:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:
64bit: - [2010/12/17 06:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:
64bit: - [2010/06/26 05:03:46 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:
64bit: - [2010/06/23 04:15:43 | 000,271,872 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:
64bit: - [2010/06/23 04:14:35 | 010,342,240 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:
64bit: - [2010/06/23 04:09:35 | 000,086,120 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:
64bit: - [2010/06/23 04:04:27 | 000,078,848 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe)
DRV:
64bit: - [2010/06/23 04:02:45 | 000,094,208 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci)
DRV:
64bit: - [2010/06/19 04:09:10 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:
64bit: - [2010/06/19 04:09:08 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:
64bit: - [2010/06/19 04:09:08 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:
64bit: - [2010/06/19 04:09:06 | 000,342,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:
64bit: - [2010/06/19 04:08:29 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:
64bit: - [2010/06/01 03:05:06 | 007,689,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
DRV:
64bit: - [2010/05/29 04:23:54 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:
64bit: - [2010/05/28 04:05:57 | 000,075,304 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:
64bit: - [2010/04/27 04:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:
64bit: - [2010/03/04 10:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:
64bit: - [2009/10/10 10:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:
64bit: - [2009/09/18 03:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:
64bit: - [2009/07/14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009/07/14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009/07/14 09:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2009/07/14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009/06/11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009/06/11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2009/06/11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009/06/11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:
64bit: - [2009/05/27 05:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:
64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2013/06/18 19:11:13 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\STEC3.sys -- (STEC3)
DRV - [2009/07/14 09:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2004/05/29 09:38:47 | 000,011,376 | R--- | M] () [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\SECDRV.SYS -- (SecDrv)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.comIE - HKLM\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2451559130-3535924385-1227171972-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-2451559130-3535924385-1227171972-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.bing.com/...Box&FORM=IE10SRIE - HKU\S-1-5-21-2451559130-3535924385-1227171972-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2451559130-3535924385-1227171972-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com.hk/IE - HKU\S-1-5-21-2451559130-3535924385-1227171972-1000\..\SearchScopes,DefaultScope = {0A297537-952B-42C7-94EA-F35DF6A7ABBF}
IE - HKU\S-1-5-21-2451559130-3535924385-1227171972-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...Box&FORM=IE8SRCIE - HKU\S-1-5-21-2451559130-3535924385-1227171972-1000\..\SearchScopes\{0A297537-952B-42C7-94EA-F35DF6A7ABBF}: "URL" =
http://www.google.co...utputEncoding?}IE - HKU\S-1-5-21-2451559130-3535924385-1227171972-1000\..\SearchScopes\{3BE39514-AC5F-4B0A-BC6A-3DD723FECC07}: "URL" =
http://www.bing.com/...rc=IE-SearchBoxIE - HKU\S-1-5-21-2451559130-3535924385-1227171972-1000\..\SearchScopes\{F5882302-C9FA-4FF2-A3B0-27B104DD69D2}: "URL" =
http://au.search.yah...p={searchTerms}IE - HKU\S-1-5-21-2451559130-3535924385-1227171972-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2451559130-3535924385-1227171972-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;127.0.0.1;<local>
IE - HKU\S-1-5-21-2451559130-3535924385-1227171972-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=v2401.vir.kagoya.net:80
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..extensions.enabledAddons: testpilot%40labs.mozilla.com:1.2.3
FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:4.0.8
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:
64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@baidu.com/npxbdsetup: C:\Windows\Downloaded Program Files\23260607\npxbdsetup.dll ()
FF - HKLM\Software\MozillaPlugins\@baiduwangpan.com/npxbdyy: C:\Program Files (x86)\Baidu\BaiduPlayerBaiduYun\1.19.1.23\npxbdyy.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.co.jp/NxGame: C:\ProgramData\NexonJP\NGM\npNxGameJP.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@pptv.com/plugin: C:\Program Files (x86)\Internet Explorer\PPLite\plugin\3.4.2.0158\npplugin2.dll (PPLive Corporation)
FF - HKLM\Software\MozillaPlugins\@qq.com/QQDownloadPlugin: C:\Program Files (x86)\Tencent\QQDownload\Browser\751\npXFPlugin.dll (Tencent Technology (Shenzhen) Company Limited)
FF - HKLM\Software\MozillaPlugins\@qq.com/TXSSO: C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.1.94\Bin\npSSOAxCtrlForPTLogin.dll (Tencent)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@xunlei.com/npxluser: C:\Program Files (x86)\Common Files\Thunder Network\UserAgent\npxluser2.0.2.3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\user\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@xunlei.com/npxluser: C:\Program Files (x86)\Common Files\Thunder Network\UserAgent\npxluser2.0.2.3.dll File not found
FF - HKCU\Software\MozillaPlugins\duowan.com/Checker: C:\Program Files (x86)\Common Files\duowan\yy4.0\YYSSO\1.0.0.3\npChecker.dll (广州多玩信息技术有限公司)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix [2012/06/21 23:11:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2014/01/10 17:40:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/12/31 18:47:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/28 15:18:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix [2012/06/21 23:11:06 | 000,000,000 | ---D | M]
[2011/01/16 07:58:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Extensions
[2012/04/05 11:02:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Extensions
[2012/06/21 23:11:06 | 000,000,000 | ---D | M] (Mozilla hotfix) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Extensions\MozillaHotfix
[2014/01/28 21:26:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\uog3e3c1.default\extensions
[2011/05/09 11:32:50 | 000,000,000 | ---D | M] (User Agent Switcher) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\uog3e3c1.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
[2013/05/14 19:04:34 | 000,000,000 | ---D | M] (HP Smart Print) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\uog3e3c1.default\extensions\
[email protected][2014/01/28 21:26:04 | 000,343,554 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\uog3e3c1.default\extensions\
[email protected][2013/12/05 12:53:32 | 000,479,561 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\uog3e3c1.default\extensions\
[email protected][2013/11/07 16:15:58 | 000,561,620 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\uog3e3c1.default\extensions\
[email protected][2014/01/28 21:26:04 | 000,619,291 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\uog3e3c1.default\extensions\
[email protected][2014/01/09 16:25:32 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\uog3e3c1.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/04/04 07:04:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/02/09 11:22:00 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2013/04/04 07:04:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/04/04 07:04:12 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/04/04 07:04:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\distribution\extensions
[2009/11/07 01:37:19 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2009/11/07 01:37:20 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
========== Chrome ========== CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPSWF32.dll
CHR - plugin: BaiduPlayer Browser Plugin (Enabled) = C:\Program Files (x86)\Baidu\BaiduPlayer\1.16.0.73\npxbdyy.dll
CHR - plugin: \u6B6A\u6B6A (Enabled) = C:\Program Files (x86)\Common Files\duowan\yy4.0\YYSSO\1.0.0.3\npChecker.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: PPLive PPTV Plugin (Enabled) = C:\Program Files (x86)\Internet Explorer\PPLite\plugin\npplugin2.dll
CHR - plugin: Java Platform SE 7 U10 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: RealNetworks Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\user\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Raidcall plugin (Enabled) = C:\Users\user\AppData\Roaming\RCTW\plugins\nprcplugin.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
CHR - plugin: Java Deployment Toolkit 7.0.100.18 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Google Docs = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Proxy Switchy! = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\caehdcpeofiiigpdhbabniblemipncjj\1.6.3_0\
CHR - Extension: Hide My [bleep]! Web Proxy = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmgnmcnlncejehjlnhaglpnoolgbflbd\1.2.5_0\
CHR - Extension: Google Search = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Free Smileys & Emoticons = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl\3.0.32.0_0\
CHR - Extension: ChromeVis (by Google) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\halnfobaneppemjnonmmhngbfifnafgd\2.4.4_0\
CHR - Extension: Google Wallet = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: Gmail = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012/12/31 13:48:18 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:
64bit: - BHO: (QQDownload IE Left Helper) - {00000000-12C9-4305-82F9-43058F20E8D2} - C:\Program Files (x86)\TENCENT\QQDownload\QQIEHelper64.dll (Tencent Technology (Shenzhen) Company Limited)
O2:
64bit: - BHO: (Yahoo!ツールバーフィッシング警告) - {1F68E72C-50E5-44B8-8F56-6A54D3AF1DA4} - C:\Program Files\Yahoo!J\Toolbar64\7_3_0_20\Modules\ypho.dll (Yahoo Japan Corporation. )
O2:
64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O2:
64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:
64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (QQDownload IE Left Helper) - {00000000-12C9-4305-82F9-43058F20E8D2} - C:\Program Files (x86)\TENCENT\QQDownload\QQIEHelper01.dll (Tencent Technology (Shenzhen) Company Limited)
O2 - BHO: (Yahoo!ツールバーフィッシング警告) - {1F68E72C-50E5-44B8-8F56-6A54D3AF1DA4} - C:\Program Files (x86)\Yahoo!J\Toolbar\7_3_0_15\Modules\ypho.dll (Yahoo Japan Corporation. )
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:
64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2451559130-3535924385-1227171972-1000\..\Toolbar\WebBrowser: (no name) - {AEF44653-C059-42CB-A5B7-41C640DA4A67} - No CLSID value found.
O4:
64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Wondershare)
O4 - HKU\S-1-5-21-2451559130-3535924385-1227171972-1000..\Run: [Facebook Update] C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-2451559130-3535924385-1227171972-1000..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKU\S-1-5-21-2451559130-3535924385-1227171972-1000..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-2451559130-3535924385-1227171972-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2451559130-3535924385-1227171972-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra Button: 网页图片保存能手 - {3F7C5588-6763-4791-8B8B-D73B08396DE9} - C:\Program Files (x86)\picsaver988\picsaver.exe (光明软件工作室)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - Reg Error: Key error. File not found
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{18106445-AECD-427D-AC9B-5A731B225930}: DhcpNameServer = 199.47.194.253 199.47.192.253
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B9034BED-756A-4F6A-A8A7-DBB066F128D6}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C68D5C7B-F9B0-43E1-A050-B58FD412FEC8}: DhcpNameServer = 192.168.11.1
O18:
64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:
64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:
64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:
64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:
64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:
64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:
64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:
64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:
64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/10/23 15:22:58 | 000,000,283 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ========== [2014/02/06 03:17:05 | 000,160,296 | ---- | C] (Safer Networking Limited ) -- C:\Users\user\Desktop\spybotsd162.exe.9gqwq1f.partial
[2014/02/06 00:02:12 | 000,000,000 | ---D | C] -- C:\SUPERDelete
[2014/01/29 20:59:54 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\SUPERAntiSpyware.com
[2014/01/29 20:59:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2014/01/29 20:59:46 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2014/01/29 20:59:46 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2014/01/28 21:34:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014/01/28 21:34:30 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2014/02/12 01:10:24 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/12 01:10:24 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/02/12 01:06:13 | 002,342,954 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/02/12 01:06:13 | 000,661,144 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/02/12 01:06:13 | 000,420,446 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2014/02/12 01:06:13 | 000,395,328 | ---- | M] () -- C:\Windows\SysNative\prfh0404.dat
[2014/02/12 01:06:13 | 000,378,026 | ---- | M] () -- C:\Windows\SysNative\prfh0804.dat
[2014/02/12 01:06:13 | 000,125,468 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2014/02/12 01:06:13 | 000,125,334 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/02/12 01:06:13 | 000,122,858 | ---- | M] () -- C:\Windows\SysNative\prfc0804.dat
[2014/02/12 01:06:13 | 000,117,944 | ---- | M] () -- C:\Windows\SysNative\prfc0404.dat
[2014/02/12 01:00:52 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2014/02/12 01:00:51 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/12 01:00:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/02/12 01:00:04 | 3113,390,080 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/12 00:22:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/02/11 23:44:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/11 23:16:46 | 252,659,095 | ---- | M] () -- C:\Users\user\Desktop\mc.rar
[2014/02/11 23:14:21 | 000,000,578 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2451559130-3535924385-1227171972-1000UA.job
[2014/02/06 03:24:51 | 000,160,296 | ---- | M] (Safer Networking Limited ) -- C:\Users\user\Desktop\spybotsd162.exe.9gqwq1f.partial
[2014/02/06 02:00:05 | 000,000,508 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 4f6c67b5-a020-4123-ba8a-47c988403ecc.job
[2014/02/05 22:22:19 | 000,000,508 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 4143e4bb-0c03-4f33-ab66-e3242c4628b5.job
[2014/01/29 20:59:51 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
[2014/01/29 20:10:00 | 000,000,556 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2451559130-3535924385-1227171972-1000Core.job
[2014/01/29 19:48:05 | 000,462,040 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/01/28 22:21:13 | 000,000,716 | ---- | M] () -- C:\Users\user\Desktop\cc_20140128_222110.reg
[2014/01/28 22:20:38 | 000,001,244 | ---- | M] () -- C:\Users\user\Desktop\cc_20140128_222035.reg
[2014/01/28 22:20:11 | 000,079,152 | ---- | M] () -- C:\Users\user\Desktop\cc_20140128_222003.reg
[2014/01/28 22:19:24 | 000,852,890 | ---- | M] () -- C:\Users\user\Desktop\cc_20140128_221806.reg
[2014/01/28 21:47:17 | 2683,016,144 | ---- | M] () -- C:\Users\user\Desktop\Songs.rar
[2014/01/28 21:34:37 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/01/18 02:37:35 | 000,079,844 | ---- | M] () -- C:\test.xml
[2014/01/18 00:52:52 | 001,802,859 | ---- | M] () -- C:\Users\user\Desktop\1.2.5.1.zip
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ========== [2014/02/11 23:15:33 | 252,659,095 | ---- | C] () -- C:\Users\user\Desktop\mc.rar
[2014/01/29 21:00:05 | 000,000,508 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 4143e4bb-0c03-4f33-ab66-e3242c4628b5.job
[2014/01/29 21:00:04 | 000,000,508 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 4f6c67b5-a020-4123-ba8a-47c988403ecc.job
[2014/01/29 20:59:51 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
[2014/01/28 22:21:11 | 000,000,716 | ---- | C] () -- C:\Users\user\Desktop\cc_20140128_222110.reg
[2014/01/28 22:20:36 | 000,001,244 | ---- | C] () -- C:\Users\user\Desktop\cc_20140128_222035.reg
[2014/01/28 22:20:06 | 000,079,152 | ---- | C] () -- C:\Users\user\Desktop\cc_20140128_222003.reg
[2014/01/28 22:18:10 | 000,852,890 | ---- | C] () -- C:\Users\user\Desktop\cc_20140128_221806.reg
[2014/01/28 21:34:37 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/01/28 21:26:42 | 2683,016,144 | ---- | C] () -- C:\Users\user\Desktop\Songs.rar
[2014/01/18 00:52:51 | 001,802,859 | ---- | C] () -- C:\Users\user\Desktop\1.2.5.1.zip
[2013/12/20 19:46:30 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2013/12/13 15:50:18 | 002,310,992 | ---- | C] () -- C:\Windows\SysWow64\shellfire.dll
[2013/05/13 19:00:30 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/05/10 21:36:19 | 000,065,536 | -H-- | C] () -- C:\Windows\SysWow64\WebCamLib.dll
[2013/04/27 14:20:47 | 000,000,207 | ---- | C] () -- C:\Users\user\.swfinfo
[2013/04/26 21:19:02 | 000,000,138 | ---- | C] () -- C:\Windows\vsfilter.INI
[2013/02/23 11:50:58 | 000,000,043 | ---- | C] () -- C:\Users\user\jagex_cl_oldschool_LIVE.dat
[2013/02/16 10:40:00 | 000,000,032 | ---- | C] () -- C:\Users\user\jagex_cl_runescape_LIVE.dat
[2013/02/16 09:14:13 | 000,000,045 | ---- | C] () -- C:\Users\user\jagex_cl_loginapplet_LIVE.dat
[2012/12/20 22:28:28 | 000,000,036 | ---- | C] () -- C:\Users\user\AppData\Local\housecall.guid.cache
[2012/06/30 21:13:26 | 011,843,188 | ---- | C] () -- C:\Users\user\05 深愛.mp3
[2012/06/30 21:13:23 | 014,478,451 | ---- | C] () -- C:\Users\user\17 SUPER GENERATION ―MUSEUM STYLE―.mp3
[2012/06/30 21:13:20 | 011,672,879 | ---- | C] () -- C:\Users\user\16 ROMANCERS' NEO.mp3
[2012/06/30 21:13:13 | 010,742,910 | ---- | C] () -- C:\Users\user\12 Pray.mp3
[2012/06/30 21:13:10 | 010,810,835 | ---- | C] () -- C:\Users\user\13 COSMIC LOVE.mp3
[2012/06/30 21:13:07 | 011,359,405 | ---- | C] () -- C:\Users\user\10 POP MASTER.mp3
[2012/06/30 21:13:01 | 010,921,593 | ---- | C] () -- C:\Users\user\03 Astrogation.mp3
[2012/06/30 21:09:18 | 010,461,833 | ---- | C] () -- C:\Users\user\06 夢幻.mp3
[2012/06/30 21:09:12 | 012,196,394 | ---- | C] () -- C:\Users\user\15 迷宮バタフライ ―diverse―.mp3
[2012/06/30 21:09:01 | 009,138,995 | ---- | C] () -- C:\Users\user\04 Trickster.mp3
[2012/06/27 10:09:29 | 000,000,024 | ---- | C] () -- C:\Users\user\random.dat
[2012/04/28 10:43:49 | 004,874,240 | ---- | C] () -- C:\Windows\SysWow64\DSE2_DFT.dll
[2012/03/23 06:13:23 | 000,007,597 | ---- | C] () -- C:\Users\user\AppData\Local\Resmon.ResmonCfg
[2011/04/07 06:32:40 | 000,000,092 | ---- | C] () -- C:\Users\user\AppData\Local\fusioncache.dat
[2011/02/09 11:23:29 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/02/08 17:16:07 | 000,000,037 | ---- | C] () -- C:\Users\user\AppData\Roaming\CoreAVC.ini
========== ZeroAccess Check ========== [2009/07/14 12:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 13:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 12:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 09:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 09:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 09:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Files - Unicode (All) ==========[2013/12/25 20:44:55 | 108,171,229 | ---- | C] ()(C:\Users\user\Desktop\南家三?妹III 01.rmvb) -- C:\Users\user\Desktop\南家三姊妹III 01.rmvb
[2013/12/01 11:02:56 | 371,832,507 | ---- | M] ()(C:\Users\user\Desktop\?声密?[完?].rar) -- C:\Users\user\Desktop\轻声密语[完结].rar
[2013/12/01 10:55:17 | 371,832,507 | ---- | C] ()(C:\Users\user\Desktop\?声密?[完?].rar) -- C:\Users\user\Desktop\轻声密语[完结].rar
[2013/11/17 18:41:39 | 000,002,289 | ---- | M] ()(C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\?濘7.lnk) -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\捃濘7.lnk
[2013/11/17 18:41:39 | 000,002,289 | ---- | C] ()(C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\?濘7.lnk) -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\捃濘7.lnk
[2013/04/05 19:55:22 | 016,623,423 | ---- | M] ()(C:\Users\user\Desktop\??版・魔法少女小? 叛逆的物? ?告PV【非盗?源】 - ?哩?哩 - ( ゜- ゜)つロ 乾杯~ - bilibili.tv.flv) -- C:\Users\user\Desktop\剧场版·魔法少女小圆 叛逆的物语 预告PV【非盗摄源】 - 嗶哩嗶哩 - ( ゜- ゜)つロ 乾杯~ - bilibili.tv.flv
[2013/04/05 19:54:28 | 016,623,423 | ---- | C] ()(C:\Users\user\Desktop\??版・魔法少女小? 叛逆的物? ?告PV【非盗?源】 - ?哩?哩 - ( ゜- ゜)つロ 乾杯~ - bilibili.tv.flv) -- C:\Users\user\Desktop\剧场版·魔法少女小圆 叛逆的物语 预告PV【非盗摄源】 - 嗶哩嗶哩 - ( ゜- ゜)つロ 乾杯~ - bilibili.tv.flv
[2012/04/27 09:57:32 | 021,077,154 | -H-- | M] ()(C:\Users\user\Documents\【東方手書き】か?んは?れアリスちゃん!!#3.flv) -- C:\Users\user\Documents\【東方手書き】がんばれアリスちゃん!!#3.flv
[2012/04/27 09:52:59 | 021,077,154 | -H-- | C] ()(C:\Users\user\Documents\【東方手書き】か?んは?れアリスちゃん!!#3.flv) -- C:\Users\user\Documents\【東方手書き】がんばれアリスちゃん!!#3.flv
[2009/01/07 22:06:22 | 108,171,229 | ---- | M] ()(C:\Users\user\Desktop\南家三?妹III 01.rmvb) -- C:\Users\user\Desktop\南家三姊妹III 01.rmvb
(C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\网??片保存能手) -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\网页图片保存能手
(C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\???件) -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
(C:\ProgramData\Microsoft\Windows\Start Menu\Programs\猪猪游?) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\猪猪游戏
(C:\ProgramData\Microsoft\Windows\Start Menu\Programs\迅雷?件) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\迅雷软件
(C:\ProgramData\Microsoft\Windows\Start Menu\Programs\?濘?璃) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\捃濘璃
(C:\ProgramData\Microsoft\Windows\Start Menu\Programs\???件) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯软件
< End of report >
Here is the Extra.txt:
OTL Extras logfile created on: 2014/02/12 1:04:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = I:\
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000411 | Country: 日本 | Language: JPN | Date Format: yyyy/MM/dd
3.87 Gb Total Physical Memory | 2.29 Gb Available Physical Memory | 59.20% Memory free
8.52 Gb Paging File | 6.71 Gb Available in Paging File | 78.77% Paging File free
Paging file location(s): c:\pagefile.sys 4765 5600 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284.87 Gb Total Space | 29.32 Gb Free Space | 10.29% Space Free | Partition Type: NTFS
Drive D: | 6.31 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 29.88 Gb Total Space | 1.42 Gb Free Space | 4.74% Space Free | Partition Type: FAT32
Drive I: | 7.46 Gb Total Space | 1.60 Gb Free Space | 21.48% Space Free | Partition Type: FAT32
Computer Name: USER-VAIO | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~4\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~4\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07055C6B-B55A-4811-9834-599B47349913}" = lport=10243 | protocol=6 | dir=in | app=system |
"{0CB631F5-6B67-426A-BBE1-5AA7462ED31C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0F264C3D-C042-47A4-8040-3422104A2075}" = lport=137 | protocol=17 | dir=in | app=system |
"{127C613F-7AAD-4BC8-ADA9-63598CFCD3E2}" = rport=138 | protocol=17 | dir=out | app=system |
"{1FCC6813-D1EF-4F00-BD3A-B0B41D488134}" = rport=137 | protocol=17 | dir=out | app=system |
"{26A40B29-4FAB-4F37-978D-A0EF1C7D4700}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{2F7F716C-EC80-43B9-BD6B-E11038356782}" = rport=139 | protocol=6 | dir=out | app=system |
"{311168AB-C159-4580-B55A-CD42212E0662}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{32857DEA-2030-4595-89B3-D2E60443B0B2}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{3327791D-E8FC-4A71-B299-8952E04A90A0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{37B2A35B-2E84-4C27-AC79-A416CB263290}" = lport=445 | protocol=6 | dir=in | app=system |
"{3E7BFB5C-A3FA-4DD3-BF92-1B1989DEDBFE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5E2E811F-F330-432A-982E-52C0397959D4}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{65D5771B-BE95-46DF-A73E-1F434D79A559}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{696A3242-F143-4C4B-BDF2-CF95F2578B1F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{69BBECBF-6575-4707-B096-56D6800F820F}" = rport=445 | protocol=6 | dir=out | app=system |
"{6A2BF068-6F64-4AF2-8A92-423BBBC51F8A}" = rport=10243 | protocol=6 | dir=out | app=system |
"{6F939DDC-1C16-437F-B821-6123D319CFCC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{827CE10B-9977-4750-8317-87FD82FFD0CB}" = lport=138 | protocol=17 | dir=in | app=system |
"{902A928D-DD94-43A7-8CB9-24A1FF1BA3AC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{A50B3A18-BC0F-4A9D-8727-EE917C644B67}" = lport=1900 | protocol=17 | dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohdms.exe |
"{B76AED8A-A136-4C19-B903-73D04576A170}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C63B6638-9E15-46D9-982E-2A5AC31E966E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{D096CF7E-F976-47A8-A10E-B752A41E1015}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DE59C081-9301-4CC9-BD75-817F8BB6165D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss |
[email protected],-28539 |
"{E0ACF07E-285D-45F9-965E-ED70EF7D07FA}" = lport=1900 | protocol=17 | dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohds.exe |
"{E3D27C34-31EE-418B-A4EA-559448D57F47}" = lport=139 | protocol=6 | dir=in | app=system |
"{E6DD4A50-AF52-4737-995A-EECCCC72C6DB}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F74BE1D8-8C64-4C26-BB7B-FE2446AC639B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02285D62-3FE6-47A7-B95A-41BB9D57405A}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\kmpprocess.exe |
"{036D06C5-3DC8-44CB-B51F-3E92CB3109E2}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\kmpprocess.exe |
"{0417B69E-4E55-4294-A9DB-AA077545D6D1}" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"{049F0603-E39A-429C-9647-B17397989992}" = dir=in | app=c:\program files (x86)\baidu\baiduplayerbaiduyun\1.19.1.23\baiduplayer.exe |
"{081C1C11-F121-42C4-B490-04F05E8AE2D4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0A1168D1-4B50-4EBB-9011-4AD1755F1E6D}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{10111A8F-EF28-4003-9E4F-174FE80C17A5}" = protocol=17 | dir=in | app=c:\program files (x86)\dc++\dcplusplus.exe |
"{1491D675-F8CB-4864-92DD-ABDC6CDDDB80}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{1A93E0F0-9D00-472E-9EFF-4D10C584850D}" = protocol=17 | dir=in | app=c:\windows\system32\pptvlauncher.exe |
"{1AE73821-C06D-4A2F-9C59-F50863184828}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{1DEC9CB5-CBE5-4398-A7FB-25F5E77445FD}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1EA7811F-8FE7-4C97-8C53-EE709DA3806F}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\kmpprocess.exe |
"{1F875C6D-C438-4D16-8A32-F56B67C4B333}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{22939672-F0A5-44A6-95B3-8A1CACFC8302}" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\dropbox\bin\dropbox.exe |
"{2367611B-AAF3-40A3-A428-5CE69D698026}" = dir=in | app=c:\users\user\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{272C23BB-8E5A-4E67-9C9B-A0B8AE391851}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{275392C4-4C07-49F1-90EF-4D1A8488ABF8}" = protocol=58 | dir=in |
[email protected],-28545 |
"{2AFD9F57-C247-47CA-987A-ABFE4BEE33AD}" = protocol=58 | dir=out |
[email protected],-28546 |
"{2D5B4079-0854-4EB0-99EC-102C8107DED7}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{313B6477-A6D2-4BDC-B10A-50C9C78A9B5C}" = protocol=17 | dir=in | app=c:\programdata\nexonjp\ngm\ngm.exe |
"{3336877E-EEA6-4038-B959-4A461B926F66}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{3358040F-CEC3-473B-BF28-D172870AE25A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{38CFCF6C-80C2-41A8-85E0-913AB15339D4}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{3A068E32-01D4-420D-B188-B01F56BB7EAF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{3C103F52-7D0E-4F8F-80A0-3B81CFFCE656}" = protocol=6 | dir=in | app=c:\programdata\nexonjp\ngm\ngm.exe |
"{3F4A56AB-F4C0-4491-8849-7616A385D346}" = protocol=17 | dir=in | app=c:\program files (x86)\tencent\qqdownload\qdautoupdate.exe |
"{42451B3B-7358-401C-B8F7-47CB126572C3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{43E3EB7D-760D-4D46-BA86-303F5C790EFD}" = protocol=6 | dir=in | app=c:\program files (x86)\sony\vaio media plus\vmp.exe |
"{44E36C9C-51FA-44A2-82B9-0BCD3FA13FC6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4567163B-1FC8-46A7-9733-51F743155E75}" = protocol=6 | dir=in | app=c:\program files (x86)\tencent\qqdownload\bugreport.exe |
"{466D4670-F726-4AB7-9065-5468EB4D50A5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{487E7F9B-D844-4685-8B10-D9ADA0C1CCF5}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{48C2D2EB-D0C0-46DC-9F5F-7F8FA0680C69}" = protocol=6 | dir=in | app=c:\program files (x86)\dc++\dcplusplus.exe |
"{4A5917B0-82AE-4191-9049-C47988C4B187}" = protocol=6 | dir=out | app=system |
"{4DC76966-A82A-4595-98F8-9772FDECE2FC}" = protocol=6 | dir=in | app=c:\nexon\suddenattack\ghsalncr.exe |
"{50AE1086-63BB-4C7B-B9D1-50900ACBB45A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{517953B1-2CF6-4F08-8BF7-82C335F96BE0}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of mythology\aomx.exe |
"{51CE3BCA-2A43-4EC5-8B1F-E4FB23585801}" = protocol=6 | dir=in | app=c:\windows\system32\pptvlauncher.exe |
"{541EB4B7-1ACC-43F9-8847-F1F343384A14}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{551CB68E-43EE-45B9-979D-72D30C995F5B}" = protocol=6 | dir=in | app=c:\program files (x86)\tencent\qqdownload\qqdownload.exe |
"{576A5909-90CE-4F58-AE71-387AEEA2C09E}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{5F8FE89E-3E82-4DF0-A16F-32B0946574F5}" = protocol=1 | dir=in |
[email protected],-28543 |
"{6089E751-38E3-440A-9079-D034847363D8}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{60F98ADB-6825-4099-B351-D337AD58ED7A}" = protocol=17 | dir=in | app=c:\program files (x86)\tencent\qqdownload\bugreport.exe |
"{611C0C7B-2A52-46AA-B9A5-1B59CBDBCDB7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{6273E766-1207-4EFE-8EC3-4622CCA5CC40}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{64A3ECEE-E051-41DA-A4AE-709D6FF46E01}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{68289C7D-23E1-4650-B042-C23427900020}" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\pplite\plugin\3.4.2.0158\plugininstaller.exe |
"{6DEE87C8-BF8E-414D-9210-D8C2F0232C73}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{6F8A75D0-AAC6-433C-94F7-6A116026533B}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohdms.exe |
"{7848144E-BB79-42E7-9CAF-E588079226CF}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{7914437C-0346-4CDC-B39E-94DA7D9B2473}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{796D1D2D-D273-445D-8A62-E9961A7F58E6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7B554F9A-1C96-4DD1-B6BE-2C992898FCAD}" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\dropbox\bin\dropbox.exe |
"{7D359FA6-1763-4EC0-A9E0-0F1C9297DC3A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{834A60AC-0E0B-49EF-BEB3-E2B682182DE0}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{8666DA68-025C-4E9A-A96A-56345C644CFE}" = protocol=17 | dir=in | app=c:\program files (x86)\tencent\qqdownload\qqdownload.exe |
"{8C667619-B25C-40C2-81A9-CADBFF4854F9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8FFA91F2-5228-4D1B-B6CE-118C245DC94B}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{94B36055-5BCC-448D-A665-A7FFCF8506FB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A2A725F9-739F-47DE-9AB9-BE9F1E6A7356}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{A97AF8DD-2799-4651-B98A-47C730820CCF}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B22FFA7B-6DC8-42D5-B65E-D908B382D7B3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B240284A-AB0F-4686-B4DC-4F7796A8EC42}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of mythology\aomx.exe |
"{B9D56CF0-B6D8-4832-9A7A-16E522D5A8C6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BB2D79EF-5615-4E19-ADC7-F7C9A965EE51}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\kmpprocess.exe |
"{BE09C724-3854-4A51-9EEC-9C89F3475606}" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"{C04AB33A-43B5-4CBF-AF6F-186E93DE0FFC}" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\pplite\plugin\3.4.2.0158\plugininstaller.exe |
"{C99162F4-1F3D-4273-896D-7969487EECB6}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{CD8262D2-C24D-4755-83AD-6825E2F71A38}" = dir=in | app=c:\program files (x86)\baidu\baiduplayerbaiduyun\1.19.1.23\baidup2pservice.exe |
"{D2DEEB12-CA9D-4A5B-BB29-D964BF2309FC}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{D7138437-0B56-41FA-924B-5A9CB1D7C864}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{D880BC0B-07FC-4A16-8BFF-8137911D9B51}" = protocol=17 | dir=in | app=c:\nexon\suddenattack\ghsalncr.exe |
"{DC85871E-2353-4829-987F-DF120BD0FD1C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{DC895EFF-6623-43CE-B9A5-461573CCFC72}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{DD0D1D9B-6FD3-481E-A728-7BFFBBF6D8F0}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DDCBB419-5D0A-401C-B7B0-C78C2124AA57}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{E2418E8C-94BF-48E4-9FF7-27BEAC9253BF}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{E30BF748-A0BF-4255-9430-2F003AE187CD}" = dir=in | app=c:\program files (x86)\baidu\baiduplayerbaiduyun\1.19.1.23\statreport.exe |
"{E3532FFC-AB37-4703-BEF2-459730EBA33D}" = protocol=6 | dir=in | app=c:\program files (x86)\tencent\qqdownload\qdautoupdate.exe |
"{E43C5384-8D44-4407-9697-B4978F142FC2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E5B957C9-5236-4538-87AF-7A202670A82D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EA9DF137-A7C9-4263-94C7-F44D2166D2F2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{F03EB449-084E-4AFD-8F53-F43A4F82EC97}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{F1661B39-7AEB-476C-A5E2-234A9381C6B9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{F1D7FED4-D227-458D-B31F-810840F184A9}" = protocol=1 | dir=out |
[email protected],-28544 |
"{F9194C9C-177D-43FB-A343-1835766C0CB7}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F9389000-7A4C-4235-A1BD-82B64946C03D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{FA75EF8A-85BD-4B7E-84E5-83C4E07722FE}" = protocol=6 | dir=in | app=c:\program files (x86)\sony\media gallery\vrlp.exe |
"{FB21FD51-C170-49FB-B58A-EFD177A9ECB0}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{FB953528-BB29-4F16-AA0D-6867D2125C39}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{FD76A166-79D4-4C0C-87C6-C3820F3C80FF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{FE98244E-D87A-4EF0-B3D4-293AA9770B4F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"TCP Query User{0C3296A4-CA0E-4341-815F-419B6714BF8B}C:\users\user\downloads\stronghold 2\stronghold2.exe" = protocol=6 | dir=in | app=c:\users\user\downloads\stronghold 2\stronghold2.exe |
"TCP Query User{170F6839-A326-4A4E-A3D8-FA18866DB368}C:\program files (x86)\youku\common\ikuacc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\youku\common\ikuacc.exe |
"TCP Query User{22A11C8B-A647-4DC9-80FB-F7A375AF8D83}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{30A46632-84F2-4D1B-B3D0-DC751A8C77F6}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{32C817B9-6AED-41C8-A9E0-4AA7499A983C}C:\program files (x86)\ttplayer\ttplayer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ttplayer\ttplayer.exe |
"TCP Query User{342F5266-DBD1-4D1E-A20E-562C7B6FA016}C:\program files (x86)\tencent\qqdownload\qdautoupdate.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tencent\qqdownload\qdautoupdate.exe |
"TCP Query User{39344B1D-BB84-485E-8E65-D4E4D41A184A}C:\program files (x86)\youku\common\ikuacc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\youku\common\ikuacc.exe |
"TCP Query User{4BA0A107-6FC5-418A-9F09-575FE44E96C7}C:\users\user\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\spotify\spotify.exe |
"TCP Query User{4D09A52A-B29E-4E0A-83E1-DFDB4B1D3F17}C:\program files (x86)\dc++\dcplusplus.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dc++\dcplusplus.exe |
"TCP Query User{4FDBF27B-739E-4F2B-80C4-B83072E6F113}C:\program files (x86)\duowan\yy-4\yy.exe" = protocol=6 | dir=in | app=c:\program files (x86)\duowan\yy-4\yy.exe |
"TCP Query User{6237BFCD-5481-42D3-8E1D-C69F7588C96C}C:\program files (x86)\condition zero\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\condition zero\hl.exe |
"TCP Query User{6BC51475-BD91-4DF0-B7DA-E452FEFAF8EF}C:\program files (x86)\youku\youkuclient\youkumediacenter.exe" = protocol=6 | dir=in | app=c:\program files (x86)\youku\youkuclient\youkumediacenter.exe |
"TCP Query User{904CE68A-44C0-42B0-AFFA-CD536A0626B4}C:\program files (x86)\ttplayer\ttplayer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ttplayer\ttplayer.exe |
"TCP Query User{93F9261F-27A8-47F6-83E3-F26C3B2827BE}C:\users\user\downloads\stronghold 2\stronghold2.exe" = protocol=6 | dir=in | app=c:\users\user\downloads\stronghold 2\stronghold2.exe |
"TCP Query User{95880ED1-5780-45C1-B1FF-C4313F7CC1D5}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{A392372F-697B-4030-ADDF-ED50BBAEAB67}C:\program files (x86)\microsoft games\age of mythology\aomx.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of mythology\aomx.exe |
"TCP Query User{A998BFBC-494B-425B-9236-D0B872958566}C:\program files (x86)\easymule\emule.exe" = protocol=6 | dir=in | app=c:\program files (x86)\easymule\emule.exe |
"TCP Query User{AFF9A6D3-2488-4D27-BB48-41FF1CCA507F}C:\program files (x86)\tencent\qqdownload\qqdownload.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tencent\qqdownload\qqdownload.exe |
"TCP Query User{B1EB63A9-D185-4A01-A7F9-6C6FE009FEE2}C:\program files (x86)\lucasarts\star wars jk ii jedi outcast\gamedata\jk2mp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lucasarts\star wars jk ii jedi outcast\gamedata\jk2mp.exe |
"TCP Query User{B28B3843-C280-4AA4-95AC-B9B5F94FF23B}C:\program files (x86)\condition zero\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\condition zero\hl.exe |
"TCP Query User{CC2507B4-62C2-470F-8C40-F8AE9DE5C339}C:\program files (x86)\youku\youkuclient\youkumediacenter.exe" = protocol=6 | dir=in | app=c:\program files (x86)\youku\youkuclient\youkumediacenter.exe |
"TCP Query User{EEB79F33-B186-44EE-B9AA-EFD80607D715}C:\nexon\suddenattack\suddenattack.exe" = protocol=6 | dir=in | app=c:\nexon\suddenattack\suddenattack.exe |
"TCP Query User{F06A9B4B-62E9-42CD-94A7-2329650D17C6}C:\users\user\desktop\program\jptv-v2.2.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\program\jptv-v2.2.exe |
"TCP Query User{FEE75860-D10D-447C-BE81-B59777F28E16}C:\program files (x86)\peercast\peercast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\peercast\peercast.exe |
"UDP Query User{0D4B712D-B754-4428-9930-6E9CC9405225}C:\program files (x86)\microsoft games\age of mythology\aomx.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of mythology\aomx.exe |
"UDP Query User{10EB37ED-D7DF-4972-9EFE-12B3CAC68F11}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{2A2BB4AD-C48A-4F90-A270-7F3BFDC84CBB}C:\program files (x86)\youku\youkuclient\youkumediacenter.exe" = protocol=17 | dir=in | app=c:\program files (x86)\youku\youkuclient\youkumediacenter.exe |
"UDP Query User{337D294E-20E8-4139-BB74-CAB68A7ECC17}C:\program files (x86)\youku\common\ikuacc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\youku\common\ikuacc.exe |
"UDP Query User{4677E803-384D-4ED8-9878-10612A9450B4}C:\program files (x86)\ttplayer\ttplayer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ttplayer\ttplayer.exe |
"UDP Query User{478FAF27-A23A-4102-A2BD-34D559B853C7}C:\users\user\desktop\program\jptv-v2.2.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\program\jptv-v2.2.exe |
"UDP Query User{5B2825C9-6395-461E-8570-8F27BC64B454}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{5CA32E03-84D0-48C3-AB23-275BF0F33DD6}C:\program files (x86)\condition zero\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\condition zero\hl.exe |
"UDP Query User{66EDB5A0-6AFE-4193-B6AA-CD26896CE1A9}C:\nexon\suddenattack\suddenattack.exe" = protocol=17 | dir=in | app=c:\nexon\suddenattack\suddenattack.exe |
"UDP Query User{794B5730-D111-43DD-8437-9163BA4AE7C1}C:\program files (x86)\youku\youkuclient\youkumediacenter.exe" = protocol=17 | dir=in | app=c:\program files (x86)\youku\youkuclient\youkumediacenter.exe |
"UDP Query User{83DEE0E0-98EF-4E97-A5F1-795B784831A4}C:\users\user\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\spotify\spotify.exe |
"UDP Query User{852BE9B4-5E63-4462-BAB0-77172B02C5AB}C:\program files (x86)\duowan\yy-4\yy.exe" = protocol=17 | dir=in | app=c:\program files (x86)\duowan\yy-4\yy.exe |
"UDP Query User{8E9B332E-A46E-4E19-A8B3-CF2CF30987A1}C:\program files (x86)\ttplayer\ttplayer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ttplayer\ttplayer.exe |
"UDP Query User{9813AAD6-E4D3-4B39-A18C-8455D9DB5FB2}C:\program files (x86)\tencent\qqdownload\qqdownload.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tencent\qqdownload\qqdownload.exe |
"UDP Query User{A7AE5E8D-95FC-438B-AEA9-B830796F5F13}C:\users\user\downloads\stronghold 2\stronghold2.exe" = protocol=17 | dir=in | app=c:\users\user\downloads\stronghold 2\stronghold2.exe |
"UDP Query User{A9B4B7AF-F0B9-4A34-BD91-AA7C1D26DC00}C:\program files (x86)\dc++\dcplusplus.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dc++\dcplusplus.exe |
"UDP Query User{B7DB207C-B303-446B-B77A-C2723C6A6A91}C:\program files (x86)\peercast\peercast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\peercast\peercast.exe |
"UDP Query User{BECFB52A-A75B-4883-82D2-ED1A7CB5101B}C:\program files (x86)\youku\common\ikuacc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\youku\common\ikuacc.exe |
"UDP Query User{C127C61F-702B-4B51-8B9D-4AEBD97A3596}C:\program files (x86)\tencent\qqdownload\qdautoupdate.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tencent\qqdownload\qdautoupdate.exe |
"UDP Query User{C3207595-0A9E-4498-92D9-20482E027BAE}C:\users\user\downloads\stronghold 2\stronghold2.exe" = protocol=17 | dir=in | app=c:\users\user\downloads\stronghold 2\stronghold2.exe |
"UDP Query User{CD58B838-47D9-4616-8640-C56830F47E8C}C:\program files (x86)\lucasarts\star wars jk ii jedi outcast\gamedata\jk2mp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lucasarts\star wars jk ii jedi outcast\gamedata\jk2mp.exe |
"UDP Query User{E2CB1606-C187-4017-A513-45A09C55D647}C:\program files (x86)\condition zero\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\condition zero\hl.exe |
"UDP Query User{E74F9869-9384-4A3D-B951-C5FDA18404CE}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{F879D51F-A6E2-471B-9F38-471DFB18B401}C:\program files (x86)\easymule\emule.exe" = protocol=17 | dir=in | app=c:\program files (x86)\easymule\emule.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{115B60D5-BBDB-490E-AF2E-064D37A3CE01}" = Media Gallery
"{133D3F07-D558-46CE-80E8-F4D75DBBAD63}" = PMB VAIO Edition Plug-in
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{20F2AD58-CE1D-4994-9945-B1B3F2600254}" = Nitro PDF Reader
"{26A24AE4-039D-4CA4-87B4-2F86417013FF}" = Java 7 Update 13 (64-bit)
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{5AFD1F5C-8FDA-413C-AF38-F1E7BD10D72F}" = VAIO Media plus
"{6B7DE186-374B-4873-AEC1-7464DA337DD6}" = VU5x64
"{6CF85F70-1A93-46FE-A2DE-6FF4A9A107D1}" = Prepare Your VAIO
"{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}" = MobileMe Control Panel
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B485965-8EFE-464A-842F-CF8F18C3DFD7}" = iCloud
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A3D964A6-411A-4817-9D58-5CB8808F494E}" = VAIO Media plus
"{C788B026-20BD-4E96-B698-533F1D6C5013}" = 64 Bit HP CIO Components Installer
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D16A2127-B927-4379-B153-3DEC091E4EEB}" = Intel® PROSet/Wireless WiFi Software
"{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb" = Microsoft Windows Application Compatibility Database
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 64 bit
"WinRAR archiver" = WinRAR 4.20 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0044AEC7-8924-4FB1-B4F7-FD14A5FEA9E4}" = RPGツクール2003 ランタイムパッケージ
"{00721C5E-5B17-494C-95E5-208415864F62}" =
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{019EF473-6D0A-415C-9A2E-1AF5F66AC60F}" = Windows Live Messenger
"{046885A1-B4AE-4459-A0D1-8C93706698D6}" =
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0BB3EC39-AE92-597F-D6C1-1BADA9D876C0}" = ニコ生アラート(本家)
"{0E0CA282-7F32-4B0D-B427-78B9A3CBC42F}" = Messenger Companion
"{10AB1F40-BDEC-4A8D-B427-30F9429378B0}" = Windows Live Movie Maker
"{15D95497-8F76-41E5-8894-EDDB59E39BD9}" = Windows Live メール
"{177AF091-7854-4615-8327-AC7518F62782}" = VAIO Media plus
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD YouTube Downloader & Converter 3.6
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{22008CF9-2B54-4022-AFD8-3B7D42C89E6B}" = PMB VAIO Edition Plug-in
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}" = GTA2
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}" = Star Wars? Knights of the Old Republic
"{2BD5C305-1B27-4D41-B690-7A61172D2FEB}" = Macromedia Flash 8
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{2D37F6AE-D201-4580-B91A-6BF9BB93ED2D}" = The Sims? 2 Double Deluxe
"{2F9D63BE-A891-4E39-AFB3-7402D486800C}" = VAIO Hardware Diagnostics
"{32939827-d8e5-470a-b126-870db3c69fdf}" = Python 2.7.1
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = PMB VAIO Edition Guide
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{394BE3D9-7F57-4638-A8D1-1D88671913B7}" = Microsoft AppLocale
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{3ECECC41-64EC-47F7-BCD1-6EC7039FF88A}" = YTD Toolbar v6.6
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{4685A344-6718-4923-AA9D-158A0A2E1CFB}" = SmartSound Quicktracks for Premiere Elements 8.0
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B9DA746-5AE1-4BA0-9087-BDB162242890}" = VAIO Media plus
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{50ADDF79-3249-4679-B527-3FB8C5EA99E5}" = Overture 4.0 繁體中文版
"{52F9CDDA-26F6-4499-90E0-6DDDE6D2259C}" = VAIO Media plus
"{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{576E71DA-3000-48F6-9B21-B9A70D47DFCF}" = Star Wars JK II Jedi Outcast
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO Transfer Support
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{675D8E1E-2388-4718-902C-E5FC4888AC0E}" = Windows Live Essentials
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6BF03C88-C06A-48DC-B9A1-FE72B24E5FA9}" = VAIO Media plus Opening Movie
"{6C3F8916-D6A5-4A31-9DA8-80C973CE437F}" = Windows Live Writer
"{6EB6293C-9286-4981-8672-956E1A92F33B}_is1" = StrongVPN Client
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{738F26C3-7787-7338-F455-DB166FC72007}" = tohoGolden
"{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}" = VAIO - 遠端鍵盤
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = The Sims 2 Open For Business
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" =
"{8211C280-5B02-4E7E-B55F-845A207249BA}" = VAIO Data Restore Tool
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" =
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" =
"{86B3F2D6-AC2B-0016-8AE1-F2F77F781B0C}" = EndNote X6
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{88A686A9-D687-4295-B633-50D8A4B88371}" = Windows Live Writer Resources
"{8A66A2C8-0032-4949-8D99-C293A3EACF79}" = Windows Live Photo Common
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{8D59BE38-3A4F-4525-AD0D-8980E9E31EFA}" = Windows Live フォト ギャラリー
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}" = Facebook Video Calling 2.0.0.447
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90DFD61B-8224-00C6-3D69-A983B60A394E}" = Bamboo Dock
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D12A8B5-9D41-4465-BF11-70719EB0CD02}" = VU5x86
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}" = VAIO Update
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" =
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A95FF0B9-5CFB-497E-8872-3A5F41AD9D4F}" = VOCALOID2 VSTi V2.0.4.2
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.06)
"{AC76BA86-7AD7-5760-0000-A00000000003}" = Japanese Fonts Support For Adobe Reader X
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B4EE51E6-2C80-4B04-BDE0-ED4E87BEFECD}_is1" = Pavtube Video Converter Ver 3.7.3.1865
"{B6588186-9657-486C-AEB1-F57D8E160F19}" = VOCALOID2 Expression DB (Standard)
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{B92C2C6C-F70E-497B-88A7-1FEF9888272B}" = Adobe AIR
"{B941F34C-F36A-4A6F-A97C-50B5948E451F}" = VAIO Media plus
"{BF7B6870-1B4F-4ADB-8862-8961B1BC4A34}" = Prepare Your VAIO
"{C3592426-531E-4110-911D-BFECE2CE284C}" = osu!
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO Manual
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" =
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{C83CFA47-5F5D-4E63-90B8-DC05A4633E07}" = ふたば☆ちゃんねる2.5
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D3D1D696-84A8-465A-BC61-CDAC852B24CD}_is1" = Pod to PC 4.004
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D531F5A4-18F6-4130-B9A4-9179D6E349FC}" = VAIO Care
"{D65139EC-C4D1-4687-9A02-04A5D84E7E26}" = VOCALOID2 Voice DB (Rin)
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel® Turbo Boost Technology Driver
"{DD696AF7-8A89-41D5-976A-2053E41A69BE}" = VAIO - Media Gallery
"{DD980D24-1240-4052-A5F7-411786C36AC8}" = Remote Keyboard
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
"{E0990010-9FC0-47CB-0095-C4F40C9432A9}" = The Sims 2 University
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E501347A-7A44-4c86-A34F-0EA69A9AC542}" = 九方TS繁簡專業版
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E9615818-3477-4B11-A1F7-A78DF0993DD5}" = VOCALOID2 Voice DB (Len)
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{EB9F3F92-4857-4121-AA6F-1C424AC6C266}_is1" = Screen Recording Suite V3.0.3
"{EE408577-9C0E-4E5F-BCB2-DB5B3A220958}" = Windows Live UX Platform Language Pack
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.030
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1C1C21B-F56E-400B-B0B0-270D817889F3}" = VOCALOID2 Editor V2.0.4.2J
"{F606680C-ECF5-4DFC-9396-27CD5D02171E}" = 屋上の百合霊さん
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1" = StreamTransport version: 1.0.2.2171
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = KMP Service
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Age of Mythology 1.0" = Age of Mythology
"Age of Mythology Expansion Pack 1.0" = Age of Mythology - The Titans Expansion
"Audacity_is1" = Audacity 2.0.3
"avast" = avast! Free Antivirus
"BaiduPlayerBaiduYun" = BaiduPlayerBaiduYun1.19.1.23
"Bamboo Dock" = Bamboo Dock
"Condition Zero" = Condition Zero
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"DC++" = DC++ 0.811
"easyMule" = easyMule
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FileHippo.com" = FileHippo.com Update Checker
"GameSpy Arcade" = GameSpy Arcade
"Google Chrome" = Google Chrome
"Guitar Pro 5_is1" = Guitar Pro 5.2
"InstallShield_{22008CF9-2B54-4022-AFD8-3B7D42C89E6B}" = VAIO - PMB VAIO Edition Plug-in
"InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = VAIO - PMB VAIO Edition Guide
"InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}" = SmartSound Quicktracks for Premiere Elements 8.0
"InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"iTudou" = iTudou
"LINE" = LINE
"Mabinogi" = Mabinogi
"MADIYURI" = クラス全員マヂでゆり!
"MajiroAppカタハネ" = カタハネ
"MajiroApp" =
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Firefox 21.0 (x86 en-US)" = Mozilla Firefox 21.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NicoLiveAlert.AF13000F70F492D28A0F3BBE6342BA29A9AB98CC.1" = ニコ生アラート(本家)
"picsaver" = nabocorp. picsaver (remove only)
"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software
"PunkBusterSvc" = PunkBuster Services
"QQ旋风" = QQ旋风4.4
"ResearchSoft Direct Export Helper" = ResearchSoft Direct Export Helper
"RPGツクールVX RTP_is1" = RPGツクールVX RTP
"Steam" = Steam
"Steam App 550" = Left 4 Dead 2
"SuddenAttack" = サドンアタック
"TeamViewer 6" = TeamViewer 6
"The KMPlayer" = The KMPlayer (remove only)
"ThiefGoldDeinstallKey" = Thief Gold
"TTPlayer" = 千千靜聽 5.7正式版
"TXIEHlp" = IE刲坰翑忒
"Update Engine" = Sony Ericsson Update Engine
"VirtualCloneDrive" = VirtualCloneDrive
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 32 bit
"wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1" = Bamboo Dock
"Wing IDE 101 4.0_is1" = Wing IDE 101 4.0.0-1
"WinLiveSuite" = Windows Live Essentials
"Wondershare Video Editor_is1" = Wondershare Video Editor(Build 3.0.1)
"Yahoo!Jツールバー" = Yahoo!ツールバー
"YoukuClient" = モナソ眩ヘサァカヒ
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2451559130-3535924385-1227171972-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1428B69E-DFF5-40e6-8FD8-93DE4054DCFC}" = 妹ぱらだいす!Hアニメ増量版
"Dropbox" = Dropbox
"majikoi" = 真剣で私に恋しなさい!
"PIL-py2.7" = Python 2.7 PIL-1.1.7
"Spotify" = Spotify
"YY4" = YY4
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 2014/02/05 15:09:33 | Computer Name = user-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 63180
Error - 2014/02/05 15:09:33 | Computer Name = user-VAIO | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 63180
Error - 2014/02/05 15:12:19 | Computer Name = user-VAIO | Source = KMPService.exe | ID = 0
Description =
Error - 2014/02/06 1:33:27 | Computer Name = user-VAIO | Source = KMPService.exe | ID = 0
Description =
Error - 2014/02/06 5:14:18 | Computer Name = user-VAIO | Source = Google Update | ID = 20
Description =
Error - 2014/02/10 2:23:43 | Computer Name = user-VAIO | Source = KMPService.exe | ID = 0
Description =
Error - 2014/02/11 10:31:40 | Computer Name = user-VAIO | Source = KMPService.exe | ID = 0
Description =
Error - 2014/02/11 10:38:56 | Computer Name = user-VAIO | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\duowan\yy-4\yylauncher.exe".Error
in manifest or policy file "" on line . A component version required by the application
conflicts with another component version already active. Conflicting components
are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Error - 2014/02/11 10:38:56 | Computer Name = user-VAIO | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\duowan\yy-4\yylauncher.exe".Error
in manifest or policy file "" on line . A component version required by the application
conflicts with another component version already active. Conflicting components
are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Error - 2014/02/11 11:14:21 | Computer Name = user-VAIO | Source = Google Update | ID = 20
Description =
[ Media Center Events ]
Error - 2012/09/19 19:11:58 | Computer Name = user-VAIO | Source = MCUpdate | ID = 0
Description = 11:11:58 AM - Failed to retrieve SportsSchedule (Error: The underlying
connection was closed: Could not establish trust relationship for the SSL/TLS secure
channel.)
Error - 2012/09/19 19:11:59 | Computer Name = user-VAIO | Source = MCUpdate | ID = 0
Description = 11:11:59 AM - Failed to retrieve SportsV2 (Error: The underlying connection
was closed: Could not establish trust relationship for the SSL/TLS secure channel.)
Error - 2012/09/19 19:12:03 | Computer Name = user-VAIO | Source = MCUpdate | ID = 0
Description = 11:11:59 AM - Failed to retrieve Broadband (Error: The underlying
connection was closed: Could not establish trust relationship for the SSL/TLS secure
channel.)
Error - 2012/09/19 20:12:06 | Computer Name = user-VAIO | Source = MCUpdate | ID = 0
Description = 12:12:06 PM - Failed to retrieve Directory (Error: The underlying
connection was closed: Could not establish trust relationship for the SSL/TLS secure
channel.)
Error - 2012/09/19 20:12:06 | Computer Name = user-VAIO | Source = MCUpdate | ID = 0
Description = 12:12:06 PM - Failed to retrieve NetTV (Error: The underlying connection
was closed: Could not establish trust relationship for the SSL/TLS secure channel.)
Error - 2012/09/19 20:12:06 | Computer Name = user-VAIO | Source = MCUpdate | ID = 0
Description = 12:12:06 PM - Failed to retrieve MCESpotlight (Error: The underlying
connection was closed: Could not establish trust relationship for the SSL/TLS secure
channel.)
Error - 2012/09/19 20:12:07 | Computer Name = user-VAIO | Source = MCUpdate | ID = 0
Description = 12:12:07 PM - Failed to retrieve MCEClientUX (Error: The underlying
connection was closed: Could not establish trust relationship for the SSL/TLS secure
channel.)
Error - 2012/09/19 20:12:07 | Computer Name = user-VAIO | Source = MCUpdate | ID = 0
Description = 12:12:07 PM - Failed to retrieve SportsSchedule (Error: The underlying
connection was closed: Could not establish trust relationship for the SSL/TLS secure
channel.)
Error - 2012/09/19 20:12:07 | Computer Name = user-VAIO | Source = MCUpdate | ID = 0
Description = 12:12:07 PM - Failed to retrieve SportsV2 (Error: The underlying connection
was closed: Could not establish trust relationship for the SSL/TLS secure channel.)
Error - 2012/09/19 20:12:08 | Computer Name = user-VAIO | Source = MCUpdate | ID = 0
Description = 12:12:07 PM - Failed to retrieve Broadband (Error: The underlying
connection was closed: Could not establish trust relationship for the SSL/TLS secure
channel.)
[ System Events ]
Error - 2014/02/05 15:17:35 | Computer Name = user-VAIO | Source = VDS Basic Provider | ID = 33554433
Description =
Error - 2014/02/06 1:33:09 | Computer Name = user-VAIO | Source = Service Control Manager | ID = 7000
Description = The STEC3 service failed to start due to the following error: %%2
Error - 2014/02/06 1:38:47 | Computer Name = user-VAIO | Source = VDS Basic Provider | ID = 33554433
Description =
Error - 2014/02/10 2:23:32 | Computer Name = user-VAIO | Source = Service Control Manager | ID = 7000
Description = The STEC3 service failed to start due to the following error: %%2
Error - 2014/02/10 2:28:59 | Computer Name = user-VAIO | Source = VDS Basic Provider | ID = 33554433
Description =
Error - 2014/02/10 2:29:04 | Computer Name = user-VAIO | Source = Service Control Manager | ID = 7022
Description = The Google更新 服務 (gupdate) service hung on starting.
Error - 2014/02/11 10:28:39 | Computer Name = user-VAIO | Source = Service Control Manager | ID = 7000
Description = The STEC3 service failed to start due to the following error: %%2
Error - 2014/02/11 10:37:33 | Computer Name = user-VAIO | Source = VDS Basic Provider | ID = 33554433
Description =
Error - 2014/02/11 13:01:04 | Computer Name = user-VAIO | Source = Service Control Manager | ID = 7000
Description = The STEC3 service failed to start due to the following error: %%2
Error - 2014/02/11 13:06:05 | Computer Name = user-VAIO | Source = VDS Basic Provider | ID = 33554433
Description =
< End of report >
And here is the FFS.txt:
Farbar Service Scanner Version: 02-02-2014
Ran by user (administrator) on 12-02-2014 at 01:31:55
Running from "I:\"
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error. Google IP is unreachable
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Action Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2013-02-13 15:26] - [2013-01-04 13:41] - 1893224 ____A (Microsoft Corporation) 5CFB7AB8F9524D1A1E14369DE63B83CC
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
**** End of log ****
Thank you very much!
Christie