Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

BSOD Crash - Unknown cause [Solved]

Started by GhostLoad , Jun 08 2014 12:39 PM

  • This topic is locked This topic is locked

#1
GhostLoad
Posted 08 June 2014 - 12:39 PM

GhostLoad

    Member

  • Member
  • PipPipPip
  • 419 posts

I keep getting blue screen crashes (at random times, random intervals, sometimes 3 in a row and sometimes none for days).  The only "message" I can remember (I've gotten various different ones) at the top of the screen when it goes blue is MEMORY_MANAGEMENT.

 

The rig is custom, here's my specs;
 

Motherboard:  ASUS P8Z68-V PRO/Gen3

CPU:  Intel i5 2500K

Video Card:  EVGA GTX 550 TI

RAM:  16GB (4x 4GB sticks) of G-Skill DDR3

Power Supply:  Corsair TX 750W


  • 0

Advertisements

#2
GhostLoad
Posted 09 June 2014 - 11:56 PM

GhostLoad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 419 posts

Just managed to snap this picture after the last blue screen crash.  Hope the added info helps.

 

1z4efde.jpg


  • 0

#3
Naathim
Posted 10 June 2014 - 07:27 AM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Greetings! welcome.gif

My name's Naathim, I'm a GeekU Minion and I'm pleased to meet you!
Now that we are mates and will be working together to clean your machine out of any junkware, feel free to call me Naat :)
I know that it is quite frustrating to have a corrupted machine because I was once in your shoes. Don't worry! Maybe I'm not a super-human, I don't know everything nor I am limitless, but I promise to do my best to fix your issues!

Here are some notes that should make our work faster and easier, please take a look and stay familiar with them :happy:
 

icon_exclaim.gif


icon_arrow.gif Malware removal is a long-time process due to tough analysis and research. Stay with me until I say we're done.
icon_arrow.gif Read my instructions completely before proceeding and always run the tools in the order given!
icon_arrow.gifDon't try to fix anything on your own or run any other tools. They may interfere what may lead to prevent your System from the next boot-up.
icon_arrow.gif To make my work easier post the logs directly in your replies, unless asked to attach them.



icon_question.gif


icon_idea.gifIf any unexpected problem will appear, interrupt processing and return here with a note!
icon_idea.gifNever be afraid to ask if in doubt!

Now that we have formalities out of the way, let's get started! :rockon:



As I promised, I will try to help you here. Let's see if anything malicious isn't trying to mess with your OS.


As mentioned in your previous topic in hardware forum, you have managed to run OTL. Please post the resultant logs from it. They should be located in the same location as the OTL tool:
- OTL.txt
- Extras.txt


Also let's run another scanner.



Performing general FRST scan

Please download Farbar Recovery Scan Tool and save it to your Desktop.



  • Right click on 12579.gif to Run as Administrator
    (XP users click run after receipt of Windows Security Warning - Open File).
  • When the tool opens click Yes to disclaimer.
  • You will be presented with a window like below:

    FRSTconsole-2.jpg

  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

= = = = = = = = = = = = = = = = = = = =



Now in your next reply please include these ones for my review:
icon_arrow.gif OTL.txt
icon_arrow.gif Extras.txt
icon_arrow.gif FRST.txt
icon_arrow.gif Addition.txt

I don't mind multiple posts if necessary.

Cheers,
Naat :)


  • 0

#4
GhostLoad
Posted 10 June 2014 - 10:56 AM

GhostLoad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 419 posts

Okay Naat, sounds good.  Here goes.  These seem really long so I'm gonna go ahead and split 'em up.

 

OTL.Txt

 

OTL logfile created on: 6/10/2014 12:24:01 PM - Run 2

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Miz\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
15.97 Gb Total Physical Memory | 11.58 Gb Available Physical Memory | 72.50% Memory free
31.93 Gb Paging File | 27.10 Gb Available in Paging File | 84.85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 398.84 Gb Free Space | 42.82% Space Free | Partition Type: NTFS
Drive D: | 100.00 Mb Total Space | 61.86 Mb Free Space | 61.86% Space Free | Partition Type: NTFS
Drive F: | 931.41 Gb Total Space | 875.73 Gb Free Space | 94.02% Space Free | Partition Type: NTFS
Drive L: | 3.73 Gb Total Space | 0.37 Gb Free Space | 9.98% Space Free | Partition Type: FAT32
Drive M: | 931.51 Gb Total Space | 43.73 Gb Free Space | 4.69% Space Free | Partition Type: NTFS
 
Computer Name: MIZ-PC | User Name: Miz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/06/08 12:27:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Miz\Desktop\OTL.exe
PRC - [2014/05/29 13:36:52 | 000,543,424 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2014/05/29 13:36:48 | 001,754,816 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2014/05/19 19:10:40 | 000,413,128 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014/05/13 19:40:56 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/05/13 16:02:37 | 001,863,856 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
PRC - [2014/05/12 15:14:51 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/04/30 14:28:45 | 002,199,840 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/04/30 14:28:32 | 001,617,696 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014/04/30 12:25:32 | 003,873,704 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/04/30 12:25:32 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/10/19 12:02:01 | 001,782,576 | ---- | M] (Actual Tools) -- C:\Program Files (x86)\Actual Multiple Monitors\ActualMultipleMonitorsCenter.exe
PRC - [2013/07/08 07:09:10 | 004,153,184 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2012/05/25 04:25:02 | 006,595,928 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2012/05/18 02:23:36 | 002,938,880 | ---- | M] (PACE Anti-Piracy, Inc.) -- C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
PRC - [2012/01/18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/11/25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2011/06/13 04:36:54 | 000,922,240 | R--- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
PRC - [2011/05/24 20:54:46 | 001,426,048 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
PRC - [2011/04/26 11:20:48 | 001,101,440 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
PRC - [2011/04/13 15:15:22 | 001,116,800 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
PRC - [2011/02/22 12:14:40 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/02/22 12:14:34 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2011/01/17 15:38:20 | 000,702,592 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe
PRC - [2011/01/11 16:21:14 | 001,214,080 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
PRC - [2010/12/01 22:15:14 | 000,915,584 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
PRC - [2010/11/26 21:50:04 | 002,931,328 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
PRC - [2010/11/25 03:12:56 | 002,529,920 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\EC Simulator.exe
PRC - [2010/10/21 05:52:26 | 000,586,880 | R--- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
PRC - [2010/09/24 21:29:32 | 001,115,776 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/05/29 13:37:34 | 002,139,840 | ---- | M] () -- C:\Program Files (x86)\Steam\video.dll
MOD - [2014/05/29 13:36:54 | 001,116,864 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2014/05/16 21:36:10 | 000,756,224 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2014/05/13 19:40:54 | 000,414,536 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppgooglenaclpluginchrome.dll
MOD - [2014/05/13 19:40:53 | 013,695,816 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll
MOD - [2014/05/13 19:40:50 | 004,217,672 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
MOD - [2014/05/13 19:40:45 | 000,716,616 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
MOD - [2014/05/13 19:40:44 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
MOD - [2014/05/13 19:40:43 | 001,732,424 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
MOD - [2014/05/13 16:02:37 | 016,361,136 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
MOD - [2014/05/12 15:14:50 | 003,839,088 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014/05/01 19:35:22 | 020,628,160 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2014/04/30 12:25:33 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/04/29 20:08:08 | 001,135,104 | ---- | M] () -- C:\Program Files (x86)\Steam\libavcodec-55.dll
MOD - [2014/04/29 20:08:08 | 000,471,552 | ---- | M] () -- C:\Program Files (x86)\Steam\libavutil-53.dll
MOD - [2014/04/29 20:08:08 | 000,404,992 | ---- | M] () -- C:\Program Files (x86)\Steam\libavformat-55.dll
MOD - [2014/04/29 20:08:08 | 000,340,992 | ---- | M] () -- C:\Program Files (x86)\Steam\libavresample-1.dll
MOD - [2014/04/28 20:37:22 | 000,519,168 | ---- | M] () -- C:\Program Files (x86)\Steam\libswscale-2.dll
MOD - [2013/06/14 19:49:12 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2013/06/14 19:49:12 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2013/06/14 19:49:12 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/10/01 20:37:48 | 006,522,480 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
MOD - [2012/05/25 04:25:00 | 000,921,600 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
MOD - [2012/05/25 04:25:00 | 000,078,336 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\pcre.dll
MOD - [2011/05/20 09:12:18 | 000,881,152 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
MOD - [2011/05/16 17:35:56 | 000,965,632 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
MOD - [2011/04/07 17:33:18 | 001,607,168 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
MOD - [2011/03/04 04:33:44 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
MOD - [2011/02/24 10:19:36 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
MOD - [2011/02/09 09:02:28 | 000,873,472 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
MOD - [2011/01/19 21:23:40 | 001,655,296 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Bluetooth Go!\BluetoothGO.dll
MOD - [2011/01/07 16:39:36 | 001,246,208 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
MOD - [2011/01/06 10:38:48 | 001,027,072 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
MOD - [2010/12/01 12:33:32 | 001,244,672 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
MOD - [2010/11/25 15:12:54 | 000,661,504 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\aaHMLib.dll
MOD - [2010/11/25 15:12:54 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pngio.dll
MOD - [2010/11/25 15:12:54 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\ImageHelper.dll
MOD - [2010/11/25 15:12:54 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\AsNetlib.dll
MOD - [2010/11/25 03:12:56 | 000,703,488 | R--- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\CpuFreq.dll
MOD - [2010/11/25 03:12:56 | 000,661,504 | R--- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\aaHMLib.dll
MOD - [2010/11/25 03:12:56 | 000,114,688 | R--- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AssistFunc.dll
MOD - [2010/11/25 03:12:56 | 000,061,440 | R--- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsMultiLang.dll
MOD - [2010/10/15 17:40:30 | 001,031,680 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll
MOD - [2010/08/22 22:17:40 | 000,662,016 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMLib.dll
MOD - [2010/08/06 18:13:48 | 000,886,272 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
MOD - [2010/08/06 18:11:20 | 000,850,944 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
MOD - [2010/06/21 15:21:22 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\ImageHelper.dll
MOD - [2010/06/21 15:21:22 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
MOD - [2009/08/12 20:15:52 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
MOD - [2009/05/21 10:14:14 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/04/30 17:58:07 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/04/30 14:28:23 | 021,007,192 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2014/04/30 12:25:32 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/09/27 15:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2010/08/12 15:00:20 | 000,133,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel® PROSet Monitoring Service)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014/05/29 13:36:52 | 000,543,424 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/05/19 19:10:40 | 000,413,128 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014/05/13 16:02:38 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/05/12 15:14:50 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/04/30 14:28:32 | 001,617,696 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014/02/28 15:23:54 | 000,009,216 | ---- | M] (Hi-Rez Studios) [Auto | Paused] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/07/08 07:09:10 | 004,153,184 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2012/08/03 01:30:09 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/05/18 02:23:36 | 002,938,880 | ---- | M] (PACE Anti-Piracy, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe -- (PaceLicenseDServices)
SRV - [2012/01/18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/11/25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011/06/13 04:36:54 | 000,922,240 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe -- (asComSvc)
SRV - [2011/03/13 10:58:30 | 000,074,912 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2011/03/01 18:29:58 | 000,130,976 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2011/02/22 12:14:40 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/02/22 12:14:34 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/12/01 22:15:14 | 000,915,584 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe -- (asHmComSvc)
SRV - [2010/10/21 05:52:26 | 000,586,880 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/05/19 22:44:03 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2014/05/15 12:41:25 | 001,039,096 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2014/05/15 12:41:25 | 000,423,240 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014/05/15 12:41:25 | 000,085,328 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014/04/30 14:28:22 | 000,018,776 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2014/04/30 12:25:36 | 000,208,416 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/04/30 12:25:35 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/04/30 12:25:35 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/04/30 12:25:35 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/04/30 12:25:35 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014/03/31 12:42:44 | 000,040,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013/11/06 16:55:43 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013/10/01 22:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/02/12 00:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/09/11 06:25:48 | 000,023,384 | ---- | M] (Avid Technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\diginet.sys -- (DigiNet)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/19 05:38:50 | 000,126,944 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2012/05/16 12:13:34 | 000,105,624 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Tpkd.sys -- (Tpkd)
DRV:64bit: - [2012/03/16 12:38:14 | 000,077,352 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/05 14:29:04 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2012/01/18 06:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012/01/18 06:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2012/01/18 06:44:14 | 000,025,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvbflt64.sys -- (CompFilter64)
DRV:64bit: - [2011/11/25 00:25:52 | 000,015,360 | ---- | M] (June Fabrics Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pneteth.sys -- (pneteth)
DRV:64bit: - [2011/11/03 04:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011/09/21 10:25:54 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2011/09/14 17:05:34 | 000,394,216 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011/09/14 17:05:34 | 000,129,000 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/09/02 02:30:46 | 000,042,776 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2011/09/02 02:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/09/02 02:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/03/13 10:58:44 | 000,280,224 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011/03/13 10:58:44 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011/03/13 10:58:44 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011/03/13 10:58:44 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011/03/13 10:58:42 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011/03/13 10:58:42 | 000,051,872 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AthDfu.sys -- (ATHDFU)
DRV:64bit: - [2011/03/13 10:58:42 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011/03/13 10:58:42 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/08 14:57:58 | 000,014,464 | ---- | M] (ASUSTek Computer Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AiChargerPlus.sys -- (AiChargerPlus)
DRV:64bit: - [2010/10/19 16:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/09/21 02:34:18 | 000,313,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2010/08/17 13:28:32 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2010/08/10 05:29:15 | 000,120,920 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2010/01/29 09:00:00 | 001,307,648 | ---- | M] (C-Media Electronics Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CM10664.sys -- (USBMULCD)
DRV:64bit: - [2009/11/23 21:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009/11/23 21:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009/11/13 23:05:36 | 000,036,256 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\androidusb.sys -- (androidusb)
DRV:64bit: - [2009/08/13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 20:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/07/13 20:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007/03/07 13:13:20 | 000,017,920 | ---- | M] (June Fabrics Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pnetmdm64.sys -- (pnetmdm)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2002/07/17 16:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ASPI32.SYS -- (ASPI)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.dosear...q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.dosear...q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.dosear...q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmood...E&cr=1640996009
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.dosear...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.dosear...q={searchTerms}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT3072254
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B9 51 E5 9B A7 31 CD 01  [binary data]
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT3072254
IE - HKCU\..\SearchScopes\{DCB2D4B1-2019-4C16-BB5A-10486A1A9FAF}: "URL" = http://search.genieo...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost; 127.0.0.1; <local>;*.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "dosearches"
FF - prefs.js..browser.search.selectedEngine: "dosearches"
FF - prefs.js..browser.startup.homepage: "google.com"
FF - prefs.js..extensions.enabledAddons: %7B2d3fbcf7-be69-4433-8858-c621a8d0e58d%7D:6.0.0.12442
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@raidcall.en/RCplugin: C:\Users\Miz\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Miz\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Miz\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Miz\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Miz\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Miz\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013/03/26 08:24:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/05/12 15:14:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/05/12 15:14:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/05/12 15:14:46 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/05/12 15:14:47 | 000,000,000 | ---D | M]
 
[2013/07/16 11:26:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Miz\AppData\Roaming\Mozilla\Extensions
[2012/03/16 11:46:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Miz\AppData\Roaming\Mozilla\Firefox\extensions
[2012/03/16 11:46:53 | 000,000,000 | ---D | M] (uTorrentControl Community Toolbar) -- C:\Users\Miz\AppData\Roaming\Mozilla\Firefox\extensions\{e9df9360-97f8-4690-afe6-996c80790da4}
[2013/08/27 11:34:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Miz\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions
[2012/12/04 16:40:24 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Miz\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\[email protected]
[2014/06/09 09:14:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Miz\AppData\Roaming\Mozilla\Firefox\Profiles\gkl27u1m.default\extensions
[2014/05/28 20:41:23 | 000,000,000 | ---D | M] (Widevine Media Optimizer) -- C:\Users\Miz\AppData\Roaming\Mozilla\Firefox\Profiles\gkl27u1m.default\extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d}
[2014/06/09 09:14:50 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Miz\AppData\Roaming\Mozilla\Firefox\Profiles\gkl27u1m.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/12/04 16:40:18 | 000,213,444 | ---- | M] () (No name found) -- C:\Users\Miz\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\[email protected]
[2014/05/12 15:14:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/05/12 15:14:51 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/10/01 20:43:54 | 000,034,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: 
CHR - plugin: Error reading preferences file
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: AdBlock = C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.37_0\
CHR - Extension: Google Mail Checker = C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_1\
CHR - Extension: Tiësto = C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnmeobddjkkgkglnogihcaejaleikhdh\2_1\
CHR - Extension: Google Wallet = C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Picasa = C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb\6.2.2_1\
CHR - Extension: Gmail = C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2013/03/26 08:36:25 | 000,001,026 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1                   practivate.adobe.com
O1 - Hosts: 127.0.0.1                   lmlicenses.wip4.adobe.com
O1 - Hosts: 127.0.0.1                   lm.licenses.adobe.com
O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {1C65AB57-7822-4BB8-598A-7027DCADCBF5} - No CLSID value found.
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {6D0156E2-6FED-7A8A-FCAA-EE47F4D4C375} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKCU..\Run: [Actual Multiple Monitors] C:\Program Files (x86)\Actual Multiple Monitors\ActualMultipleMonitorsCenter.exe (Actual Tools)
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 65.32.5.111 65.32.5.112
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AB7C262A-3918-497C-A440-648344E7DDDA}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA0FD075-7214-499C-88BA-3673592CA075}: DhcpNameServer = 65.32.5.111 65.32.5.112
O18:64bit: - Protocol\Handler\linkscanner - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~2\browse~1\sprote~1.dll) -  File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/12/10 03:25:04 | 000,000,067 | ---- | M] () - M:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{01cb3c68-c4d5-11e1-bfc5-0026833c0a21}\Shell - "" = AutoRun
O33 - MountPoints2\{01cb3c68-c4d5-11e1-bfc5-0026833c0a21}\Shell\AutoRun\command - "" = O:\MotoCastSetup.exe -a
O33 - MountPoints2\{aa83fab1-4704-11e3-a338-c86000307b32}\Shell - "" = AutoRun
O33 - MountPoints2\{aa83fab1-4704-11e3-a338-c86000307b32}\Shell\AutoRun\command - "" = K:\Setup.exe
O33 - MountPoints2\M\Shell - "" = AutoRun
O33 - MountPoints2\M\Shell\AutoRun\command - "" = M:\Setup.exe
O33 - MountPoints2\N\Shell - "" = AutoRun
O33 - MountPoints2\N\Shell\AutoRun\command - "" = N:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/06/10 12:24:15 | 002,080,768 | ---- | C] (Farbar) -- C:\Users\Miz\Desktop\FRST64.exe
[2014/06/10 01:52:00 | 000,000,000 | ---D | C] -- C:\Users\Miz\AppData\Local\NVIDIA Corporation
[2014/06/10 01:51:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2014/06/10 01:51:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2014/06/08 12:27:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Miz\Desktop\OTL.exe
[2014/06/03 13:14:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/06/03 13:13:24 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/06/03 13:13:23 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/06/03 13:13:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014/06/03 13:13:23 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/06/02 15:46:39 | 000,000,000 | ---D | C] -- C:\Users\Miz\Desktop\Comics
[2014/06/01 14:29:37 | 000,000,000 | ---D | C] -- C:\Users\Miz\Desktop\Transistor OST
[2014/06/01 14:16:35 | 000,000,000 | ---D | C] -- C:\Users\Miz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Black_Box
[2014/05/29 01:34:46 | 000,000,000 | ---D | C] -- C:\Users\Miz\AppData\Roaming\Mumble
[2014/05/29 01:34:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble
[2014/05/29 01:34:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mumble
[2014/05/28 20:34:48 | 000,000,000 | ---D | C] -- C:\ProgramData\IDM
[2014/05/28 20:34:44 | 000,000,000 | ---D | C] -- C:\Users\Miz\AppData\Roaming\IDM
[2014/05/28 12:29:20 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2014/05/28 12:29:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2014/05/22 18:13:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
[2014/05/22 18:07:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Heroes of the Storm
[2014/05/22 13:05:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/05/21 18:21:51 | 000,000,000 | ---D | C] -- C:\Users\Miz\Documents\Heroes of the Storm
[2014/05/20 13:37:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2014/05/20 13:37:22 | 000,000,000 | ---D | C] -- C:\Users\Miz\AppData\Roaming\Yahoo!
[2014/05/20 13:37:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
[2014/05/20 13:37:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2014/05/12 15:14:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/06/10 12:24:20 | 002,080,768 | ---- | M] (Farbar) -- C:\Users\Miz\Desktop\FRST64.exe
[2014/06/10 12:11:34 | 000,017,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/06/10 12:11:34 | 000,017,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/06/10 12:06:50 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1038818363-2529734610-2198295289-1000UA.job
[2014/06/10 12:03:22 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/10 12:02:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/06/10 12:02:11 | 4269,125,630 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/10 04:02:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/06/10 03:59:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/10 01:55:30 | 004,531,757 | ---- | M] () -- C:\Users\Miz\Desktop\BSOD (10Jun14).jpg
[2014/06/10 01:37:43 | 1151,842,695 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/06/08 20:08:49 | 1554,822,306 | ---- | M] () -- C:\Users\Miz\Desktop\The Grand Budapest Hotel.mp4
[2014/06/08 12:27:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Miz\Desktop\OTL.exe
[2014/06/08 05:06:00 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1038818363-2529734610-2198295289-1000Core.job
[2014/06/08 04:39:19 | 001,620,612 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/06/08 04:39:19 | 000,697,256 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2014/06/08 04:39:19 | 000,662,384 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/06/08 04:39:19 | 000,149,224 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2014/06/08 04:39:19 | 000,122,252 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/05/29 01:37:09 | 000,002,378 | ---- | M] () -- C:\Users\Miz\Documents\MumbleAutomaticCertificateBackup.p12
[2014/05/28 18:59:36 | 000,002,146 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/05/21 04:12:52 | 005,060,016 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/05/20 14:57:14 | 000,001,169 | ---- | M] () -- C:\Users\Public\Desktop\Firestorm.lnk
[2014/05/20 13:37:10 | 000,001,165 | ---- | M] () -- C:\Users\Miz\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2014/05/19 22:44:03 | 000,026,069 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2014/05/15 12:41:25 | 001,039,096 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsnx.sys
[2014/05/15 12:41:25 | 000,423,240 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys
[2014/05/15 12:41:25 | 000,085,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2014/05/14 19:49:42 | 003,774,821 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/06/10 01:55:28 | 004,531,757 | ---- | C] () -- C:\Users\Miz\Desktop\BSOD (10Jun14).jpg
[2014/06/08 19:48:08 | 1554,822,306 | ---- | C] () -- C:\Users\Miz\Desktop\The Grand Budapest Hotel.mp4
[2014/05/29 01:37:09 | 000,002,378 | ---- | C] () -- C:\Users\Miz\Documents\MumbleAutomaticCertificateBackup.p12
[2014/05/20 14:57:14 | 000,001,169 | ---- | C] () -- C:\Users\Public\Desktop\Firestorm.lnk
[2014/05/20 13:37:10 | 000,001,165 | ---- | C] () -- C:\Users\Miz\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2014/02/20 18:14:02 | 000,179,377 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2013/07/09 05:38:35 | 000,000,028 | ---- | C] () -- C:\Users\Miz\AppData\Roaming\Network Meter_Usage.ini
[2013/07/08 12:47:42 | 000,000,624 | ---- | C] () -- C:\Users\Miz\AppData\Roaming\All CPU MeterV3_Settings.ini
[2013/07/08 12:45:18 | 000,000,282 | ---- | C] () -- C:\Users\Miz\AppData\Roaming\GPU MeterV2_Settings.ini
[2013/07/08 12:00:00 | 000,074,832 | ---- | C] () -- C:\Users\Miz\Network_Meter_Data.js
[2013/05/26 17:17:55 | 000,000,722 | ---- | C] () -- C:\Windows\wininit.ini
[2013/04/20 19:06:07 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2013/04/20 19:06:07 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2013/04/20 19:06:07 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2013/04/01 18:19:34 | 000,000,132 | ---- | C] () -- C:\Users\Miz\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013/04/01 18:18:45 | 000,000,132 | ---- | C] () -- C:\Users\Miz\AppData\Roaming\Adobe Targa Format CS6 Prefs
[2012/09/15 16:22:03 | 001,599,720 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/08/14 06:27:14 | 000,027,520 | ---- | C] () -- C:\Users\Miz\AppData\Local\dt.dat
[2012/08/11 15:10:10 | 000,000,132 | ---- | C] () -- C:\Users\Miz\AppData\Roaming\Adobe Targa Format CS5 Prefs
[2012/07/25 18:51:44 | 000,042,440 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2012/03/20 13:04:43 | 000,000,132 | ---- | C] () -- C:\Users\Miz\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/03/16 09:39:54 | 000,000,351 | ---- | C] () -- C:\Users\Miz\AppData\Roaming\Network Meter_Settings.ini
[2012/03/16 09:39:21 | 000,000,412 | ---- | C] () -- C:\Users\Miz\AppData\Roaming\All CPU Meter_Settings.ini
 
========== ZeroAccess Check ==========
 
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 22:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 22:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013/09/18 22:46:41 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Actual Tools
[2013/07/13 19:37:26 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Armagetron
[2013/03/19 11:34:41 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Autodesk
[2014/04/30 12:26:49 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\AVAST Software
[2013/03/17 17:38:34 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\avidemux
[2013/11/24 18:20:33 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Awesomium
[2014/05/21 18:13:45 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Battle.net
[2013/04/21 01:52:12 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\bizarre creations
[2013/09/17 02:42:08 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\DAEMON Tools Lite
[2014/04/24 15:33:36 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\DarkSoulsII
[2012/03/24 04:49:17 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\DassaultSystemes
[2012/12/16 14:06:34 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\digipen
[2014/03/20 17:18:20 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\dosearches
[2013/03/17 15:20:06 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\DVDVideoSoft
[2014/03/10 20:22:38 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Firestorm
[2013/08/17 12:29:13 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Full Control
[2014/05/28 20:34:44 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\IDM
[2013/03/02 16:33:15 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\ImgBurn
[2013/08/25 13:58:28 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\IObit
[2012/03/18 06:24:15 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\IrfanView
[2012/03/16 11:07:39 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Leadertech
[2012/03/17 00:27:45 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\LolClient
[2014/05/29 01:41:42 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Mumble
[2013/02/12 05:33:39 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\PACE Anti-Piracy
[2012/08/03 01:40:00 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\PowerISO
[2013/10/16 18:23:59 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Radegast
[2013/04/19 19:55:26 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\raidcall
[2014/01/01 16:04:21 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Riot Games
[2014/01/08 17:26:01 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Rogue Legacy
[2012/07/27 03:30:30 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\SecondLife
[2013/07/13 22:26:15 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Soldat
[2012/08/08 14:48:50 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013/02/12 05:34:33 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Trillium Lane
[2012/12/14 11:20:17 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\TuneUp Software
[2013/03/25 14:11:34 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Unified Remote
[2014/04/01 15:23:22 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\Unity
[2014/06/10 03:54:10 | 000,000,000 | ---D | M] -- C:\Users\Miz\AppData\Roaming\uTorrent
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 1158 bytes -> C:\Users\Miz\AppData\Local\Iprk3ZKHP77hUS:N2cXZMUIPpdwyY3g97Too2
 
< End of report >

  • 0

#5
GhostLoad
Posted 10 June 2014 - 10:57 AM

GhostLoad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 419 posts

Extras.Txt

 

OTL Extras logfile created on: 6/8/2014 12:28:00 PM - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Miz\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
15.97 Gb Total Physical Memory | 12.90 Gb Available Physical Memory | 80.81% Memory free
31.93 Gb Paging File | 28.38 Gb Available in Paging File | 88.88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 405.38 Gb Free Space | 43.52% Space Free | Partition Type: NTFS
Drive D: | 100.00 Mb Total Space | 61.86 Mb Free Space | 61.86% Space Free | Partition Type: NTFS
Drive F: | 931.41 Gb Total Space | 876.69 Gb Free Space | 94.13% Space Free | Partition Type: NTFS
Drive L: | 3.73 Gb Total Space | 0.37 Gb Free Space | 9.98% Space Free | Partition Type: FAT32
Drive M: | 931.51 Gb Total Space | 45.37 Gb Free Space | 4.87% Space Free | Partition Type: NTFS
 
Computer Name: MIZ-PC | User Name: Miz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{081E36BE-8F65-4911-8C46-F58E4132C396}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{0C7616BC-D707-4AF6-B628-A9A2383EB962}" = lport=7935 | protocol=6 | dir=in | name=adobe flash builder 4.6 | 
"{0DC168FC-F247-44D8-B229-D1A1334A625B}" = lport=138 | protocol=17 | dir=in | app=system | 
"{122285EE-FB8E-494E-8B6F-2D97B24E26C0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{173F801C-B36B-4405-8DE5-FDFDEA4E64B5}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{26F44EEA-3329-45D2-94F0-C980B6C67D9D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{2B90F1C7-DC0D-4127-8519-D418AA03D54E}" = lport=445 | protocol=6 | dir=in | app=system | 
"{43D01833-A7AB-4534-84CC-D8BB8697FF62}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{51CFD253-42E3-4C7A-A909-AAA171A38460}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{5246CC0F-FD7E-430E-BA9B-2FD36AC1F11F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | 
"{55A98FD1-CA27-4E00-9F18-559A8DF2907F}" = rport=445 | protocol=6 | dir=out | app=system | 
"{56DC5F74-6662-48EB-9AC8-C149E29C3A31}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{5A6B3CBA-AA7E-4F09-A7AB-F2779055E6BA}" = rport=137 | protocol=17 | dir=out | app=system | 
"{6C019BFB-FDE3-431E-9E17-D4D73CEB4611}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{73B50DB9-991B-4488-AD95-20FD884B79AD}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{81FB5E8F-6BBE-4E35-BF71-DF5CCB3DAEF6}" = rport=139 | protocol=6 | dir=out | app=system | 
"{89A93431-0A00-499C-BAB4-82A8D3F2BC45}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{8E783C85-6A16-4F4F-9BED-1F57DD555106}" = rport=138 | protocol=17 | dir=out | app=system | 
"{8FB2DBD3-A6D0-4026-8647-E899312C9822}" = lport=139 | protocol=6 | dir=in | app=system | 
"{95819754-3877-4325-806F-9B049E37BF5E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{9EC7AC6F-6F7C-43A8-9621-944021C57C15}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office15\outlook.exe | 
"{A102FB54-21B9-4B83-AD66-46A76C442787}" = lport=137 | protocol=17 | dir=in | app=system | 
"{A95F2BB5-D8CE-4186-B2CE-15696052706C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{D77F17AD-25BB-43E5-8597-9403FFB15ABE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{E00EAEBF-A79A-41C8-B529-6EDDAFA7966A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{E9A122BA-FA54-4396-AC73-AF17A9ACE0D1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{F7D4738A-0D50-4708-9B4D-CF588697D6EE}" = lport=2869 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0053BEC8-7933-4CE5-8573-C6338C0FF45C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{006251EE-88A0-4691-860A-635BB7A7A04D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{0177A9A1-7BF5-4A64-BD22-D0B7B51CF1E5}" = protocol=17 | dir=in | app=c:\users\miz\desktop\unreal tournament 2004\system\ut2004.exe | 
"{01D38215-6B58-43E6-8FEF-BC9775A2CCB9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{0376EE1B-8472-4C77-9FFA-58692D1EED9E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{054DAD62-0A14-4B40-BA69-78460D820643}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{086CFF10-07C9-451E-9D2C-15B18BF0A139}" = protocol=6 | dir=in | app=c:\program files (x86)\heroes of the storm\support\heroesswitcher.exe | 
"{08CBEC9D-3EB0-4986-B8CD-C56467308C5D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2006\agent.exe | 
"{0A995A08-9A1E-4AE2-A67A-72AE84634CAF}" = protocol=17 | dir=in | app=c:\users\miz\appdata\roaming\utorrent\utorrent.exe | 
"{0BEF6EF7-19CC-4B9B-8306-34EA4979534A}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2012\3dsmax.exe | 
"{0BF8DF84-00BA-442A-A204-3B27AE60C71E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{0DAF587A-1B5A-44E2-B33E-CF8DE83707B7}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2012\3dsmax.exe | 
"{0DBBCA10-ADEF-4536-B3EA-DB9A0ED8AFC9}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | 
"{0E1015CB-495E-4818-AD16-A643D62431FC}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{0FFA5D4D-1057-41A9-86F4-45BC44CE0CFD}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2717\agent.exe | 
"{104FC6B4-B08E-45ED-95F9-697FD075496F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe | 
"{17E03A6F-0C00-47C6-9B82-F55D662429CD}" = dir=in | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe | 
"{1A0A9EC4-9123-4D04-978A-18BC596D1175}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{1B0DD3C8-A3FA-4D39-A866-91564638F9C1}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe | 
"{1B393E65-5FFB-4A71-8084-F62610359F2B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls ii\game\darksoulsii.exe | 
"{1B641DD4-2EB6-4431-AF70-A539608E6E9F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{1D7E2853-1464-4D29-9009-4FADDFF9EB20}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{1DCFA1E7-CAC3-4090-A6C3-69AB981B4F7A}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\sniper elite v2 demo\bin\sniperelitev2demo.exe | 
"{20E08312-BC73-4520-98AB-774E7D4D098D}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\ai suite ii\asus mobilink\iphone simulator\pnsvc.exe | 
"{23F2EF7E-BC88-4961-B561-9195A5CDBDF0}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe | 
"{247B5481-DFFE-41ED-8F3A-54B32D88BD80}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | 
"{27955226-93FB-468A-B0D9-9E534EF7E3B2}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe | 
"{27A3186F-BF0D-45A4-930F-3147832C42FD}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2787\agent.exe | 
"{29372271-D0CB-4604-B821-44EDBD4DBA18}" = dir=in | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe | 
"{29E56E68-B7B8-44EC-867E-FD2E072A3038}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{2C4C7FDC-6955-434C-94DF-FC6C18D272A2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{2D3CEEDD-62BA-4623-9D09-1EA28603FFF7}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2012\mentalimages\satellite\raysat_3dsmax2012_64.exe | 
"{2DA47B0E-0B6B-4D5A-B8CE-83EACFED1793}" = protocol=17 | dir=in | app=c:\program files (x86)\heroes of the storm\support\heroesswitcher.exe | 
"{2F0E47EE-0998-493B-8EC2-8907A99317A2}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe | 
"{309E1B1C-7BC9-4C58-8B3C-C6922818A174}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe | 
"{327AABB1-E19F-4525-9779-8BA9B96011FA}" = protocol=6 | dir=out | app=system | 
"{376427E4-17FD-460F-867F-E3855E7579F9}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe | 
"{38F6BCC8-1121-491D-A877-5D66F2569381}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{3998646F-9435-42C9-B584-0EC59205BE59}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe | 
"{3A69E04D-DC90-48D4-B6F2-A7A66F816337}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe | 
"{3ADDE2DA-2DCD-4DA5-AEDB-BF4FA3BE3B79}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{3E3B8BE5-E380-401C-864B-DB29233C609D}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\quantum conundrum demo\binaries\win32\trygame-win32-shipping.exe | 
"{3F97D615-9C95-42D4-A78B-9FD924EC8A33}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii beta\diablo iii.exe | 
"{4062921E-CA2F-4835-A456-7D7AA7BD796E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{4194EB59-FD75-4B76-A78E-E4D0DB963E76}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2816\agent.exe | 
"{4219E071-283B-40A7-96A1-0594F77E059E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{44858E4E-122B-4A28-8AAD-28E826EC8395}" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\adobe flash builder 4.6\flashbuilder.exe | 
"{454E9623-33ED-4B1B-9812-40E1B84A175B}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | 
"{45532388-24D5-41F2-8739-2A99BBEFF67D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\emeril322\source sdk base 2007\hl2.exe | 
"{46DCECAF-1A3D-4AD0-B5EE-AC3B86B9999C}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | 
"{48B2A1CF-CE38-4AF2-8459-68AC4BF03B0A}" = protocol=17 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe | 
"{4D26BB43-47EF-462D-93E2-76D6DBE306B8}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\dungeon defenders demo\binaries\win32\dungeondefenders.exe | 
"{4D34DC64-89E7-4D67-B35A-9A36181215C8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{50B60DEA-FC27-420D-AEE6-4E7E9B32F39F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{554130AC-7ED0-4CBA-86FD-C18F2ED8598E}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | 
"{574E1D53-4F11-40A9-ABFE-44949322063A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{58FFC9B8-5D67-4AC7-B99F-736F82BF8B21}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{592D0E4E-24B6-4C42-8BB5-BAFFEF7F5340}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2737\agent.exe | 
"{5CC9F727-C367-4604-98F9-DBA3915CB27F}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe | 
"{5CE8BA70-251A-47F5-A8AB-AD8D808F3F51}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe | 
"{5E1D4FC2-2FAB-49A4-BCBF-868610FF1652}" = protocol=6 | dir=in | app=c:\programdata\esafe\egdpsvc.exe | 
"{5FD02183-C88E-4931-BE09-AFC69D116E68}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe | 
"{634406E4-AF7C-41E1-9809-5E97F2ED0AC8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\chivlauncher.exe | 
"{666F9BBF-BBA5-4C72-A007-17555E79C3C5}" = protocol=1 | dir=in | [email protected],-28543 | 
"{6747F969-45BA-40AF-9B1C-467CDBA0CC58}" = protocol=6 | dir=out | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe | 
"{6AC8886F-7253-423C-8E2F-D4FB54B56F5E}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe | 
"{6AEB5626-F4FC-424F-9626-CE1E6E10C33D}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2717\agent.exe | 
"{6BFD2D44-AEB1-48E6-8A4C-E1AE7045F123}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | 
"{6C5381E3-42EF-4E9B-A1B8-104D0FE67FD2}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe | 
"{6C9B8C76-F294-476D-A7F6-5BFBFE59C5D0}" = protocol=6 | dir=in | app=c:\users\miz\appdata\roaming\utorrent\utorrent.exe | 
"{6D2F5DC7-9BDF-4D11-BE9D-583EB0A5E50C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\emeril322\source sdk base 2007\hl2.exe | 
"{6FED3E01-8BAA-4A61-9C8D-D27A5C8530D1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{712EBA2A-870D-4E9E-8577-962B12BB747D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe | 
"{715A9FBB-51A5-404F-9AC0-B687896743EF}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe | 
"{71CA97D3-5DF3-4E97-BEA4-98EA9924D2EA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{727FEA61-1C58-446D-A30C-903B64319751}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2006\agent.exe | 
"{757337B3-4EE0-4686-BFCB-C55E4B32BDA0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{757AC51B-39B9-4143-9B40-78AB4836206A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2737\agent.exe | 
"{781F2B5D-344C-44A3-AF98-BC1E76862214}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe | 
"{78BC9121-57C1-4A8D-AFD3-02187B98D3F0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls ii\game\darksoulsii.exe | 
"{78EC1D50-0480-47AC-A89E-8E1C7B98198E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | 
"{7B6D6AA3-D807-4599-94F0-F8BC527BE285}" = protocol=17 | dir=in | app=c:\program files (x86)\disney interactive studios\split second\splitsecond.exe | 
"{7BAF8D0D-3F48-4A69-A98F-80A8C3F980FD}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\just cause 2 demo\justcause2.exe | 
"{7BBDE725-035C-44AF-9FF9-7A1870E265E2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{7C047E96-3D9A-4D92-A9AB-D8996FBB4587}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{7D92134B-49E5-4843-B20B-639A46F8DD02}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe | 
"{80C8C56C-CC98-40DB-9A0D-3478BEF2CC09}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\vindictus\en-us\vslauncher.exe | 
"{81660110-96B2-4577-85CD-5F48F3D014E5}" = protocol=6 | dir=in | app=c:\program files (x86)\clockworkmod\tether\win32\node.exe | 
"{83E1E3CD-839D-4FD3-B10E-1F59BE142D53}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{84152B01-B7FE-494E-9746-8BD97678E472}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe | 
"{880592C2-088E-4298-BC71-260AA52AA0EC}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | 
"{8B3DF3AD-2A27-46B7-B057-AE5266430691}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{8BA771DE-FA05-4610-86A6-4E3354077263}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe | 
"{8C0AA7CD-5B3A-49B8-AA94-9E2618AF02B3}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe | 
"{8C863A28-88BF-4812-B8A0-67AC77521962}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{8C86E2CD-D137-4D10-BD3A-CE6D16018BAD}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | 
"{8DD617A3-3489-426C-A009-3E0E3445B3CA}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{8DF8F4CC-55DE-46F8-BE6B-72A9ABD20D9D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{8E62D213-FCF8-4B80-A47A-9EA4E1E9904F}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\sniper elite v2 demo\bin\sniperelitev2demo.exe | 
"{90433296-8240-4A92-87EA-C5D87F7997EC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{996A85F2-D5ED-448F-97F5-11DAC0394D14}" = protocol=58 | dir=in | [email protected],-28545 | 
"{99E5CE12-B750-4227-9D6D-DA05E290F9E7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{9A56C22B-8424-45B8-BB29-0C6BB30068BC}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe | 
"{9B32DF47-9176-473C-A1C4-17B1BE2803E7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{9EC80AB9-92B5-49AA-942D-1AD6CA4D7500}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe | 
"{9EEE7B01-F08A-4E13-958F-D95C5AEF8435}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{A3857D8F-6E77-409F-8DEB-B4C9C32299CB}" = protocol=17 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe | 
"{A4AC4436-55AF-4D07-AF6E-4A32F0D10A0C}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\rusty hearts\clientlauncher.exe | 
"{A5478D7A-F7D3-42F6-942E-C2CB059A877D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe | 
"{A56F5025-9050-4794-9E29-0E9F91EE1F68}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe | 
"{A5AF96CD-8687-430C-9C6E-2AD4AC179FF9}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe | 
"{A62A7403-3451-4C2E-9E0A-4B45B2AC4F16}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\darksouls.exe | 
"{A799B35F-46AE-455E-BC56-FC15464EE420}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe | 
"{A9CFABA8-9ADA-4DE7-9FEF-ABD2AC1E72DB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{AC118EB3-3BB3-4113-83A7-33F26656FFD7}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe | 
"{AC544183-B7FD-46ED-8229-48904B26202A}" = protocol=1 | dir=out | [email protected],-28544 | 
"{AC847EA8-7835-413D-8E5B-2F61E1F8BBFF}" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\adobe flash builder 4.6\flashbuilder.exe | 
"{AD5EED4F-07BC-445E-8432-33453727162A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\darksouls.exe | 
"{AE7A994B-5012-4406-ACB9-F1C1D7CE98AD}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii beta\diablo iii.exe | 
"{AE7BE913-08E3-43CC-AC82-EB268DCF1A43}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe | 
"{AED46DAD-D5E8-4A52-BDBE-39A1F2F43B5E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{B0404FE8-8C3A-4931-8C81-A2E6823D792A}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe | 
"{B1186C7C-B2D7-4539-B499-4EC4C4200378}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | 
"{B193D7EC-0E8D-4D2F-8F6C-5DC002AD6A10}" = protocol=6 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe | 
"{B1DAE976-9850-41CF-B06B-37C228D18BDE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{B56CF880-846C-4A92-9D71-B514AC134820}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\quantum conundrum demo\binaries\win32\trygame-win32-shipping.exe | 
"{B6176B0B-245F-4994-A70C-76C8315FD18B}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe | 
"{B7AD9714-F8D4-46A2-A57E-E36A8B736C7B}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe | 
"{BB747B39-D688-4AAD-9708-BB57BBB8749B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{BC07003C-648D-44DE-9629-D9BD4B48CFFB}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\just cause 2 demo\justcause2.exe | 
"{BD8B36AB-4DDF-49A1-85EE-F1F6CDF48C62}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe | 
"{BECCDC7E-7D24-4225-8B4F-920164F24150}" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe | 
"{BF3EA2F6-C8ED-453B-8299-D7D8C1EA49CF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{BF596EEB-1C5C-47D9-9506-C18AA42F5FEB}" = protocol=17 | dir=in | app=c:\program files (x86)\clockworkmod\tether\win32\node.exe | 
"{BF728AC4-6025-4C32-AEF6-D2F812306104}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2012\mentalimages\satellite\raysat_3dsmax2012_64.exe | 
"{BFB9FCE9-FC21-4F6E-A676-0A90BD0729F8}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe | 
"{C1334B26-D68C-4220-B889-4F5CDBECC9C2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{C2FAD0F0-7070-4F4B-BEEE-1B0E7CC77AF0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{C3400FBD-217D-4A8E-ADC6-6A6BDA7AD7C7}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe | 
"{C3C55D48-FAF4-456E-B252-5A62BD063F0D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe | 
"{C4BAA49C-3E70-4FA1-9D8A-889B0E3914BF}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe | 
"{C5326927-DAC1-4E7D-8D1D-79076B704F98}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe | 
"{C63F0EA2-332C-485F-A89E-D8144F758D89}" = protocol=6 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe | 
"{C6C7A632-D314-4793-A801-19C479DB3918}" = protocol=6 | dir=in | app=e:\program files\steam\steam.exe | 
"{C709B784-B78C-4B41-9732-969D44822D8F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2753\agent.exe | 
"{C8B18639-70F6-4502-90DE-17FF7702CF85}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{C948571C-6AAD-4751-B46D-BD0AAADE3766}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | 
"{CAB99DD9-6714-4628-AD95-AD030B488DD2}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe | 
"{CBA2673C-63F9-4840-9F45-145900B7D6E5}" = protocol=58 | dir=out | [email protected],-28546 | 
"{CBC866F9-70EF-4CB7-9225-0D04D964F74B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the walking dead\walkingdead101.exe | 
"{CBE641BA-AD10-4E51-93D1-1BE73E3967F9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{CD715E1B-F34C-40D4-9686-E0F856833EBF}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe | 
"{CD84B21A-640C-4FE6-9268-25ED99056B58}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\chivlauncher.exe | 
"{CE1DFC46-FFA4-4350-BC34-C97F691A48A8}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\dungeon defenders demo\binaries\win32\dungeondefenders.exe | 
"{CF7F3DC7-6B80-4751-BB1E-A8B9E1B7EF82}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe | 
"{D4322B29-CF1E-4041-A70C-A7DC93AFA3F9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{D484E97F-A8DE-4897-AA75-7AB981E907F6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{D680BA61-9847-42D0-9D88-3C0F0CEAD37D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{D72EEAE5-1ED5-4EB5-9B4E-11ECEF9C103E}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2753\agent.exe | 
"{DA8CEE66-0432-4A37-AE40-3E65E6565471}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{DA9E7F9C-AEEE-4CFA-9196-31EE562D9257}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | 
"{DDB2C2A2-64B5-4706-BB99-54F05266DDF7}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\vindictus\en-us\vslauncher.exe | 
"{DEBB35C9-AD56-4FEA-8A6A-242FEEF747E3}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe | 
"{E07BA82E-C6FB-4123-84E9-ADE554C36DEE}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{E090E0E3-F3A6-4B83-BB37-0666E8AAFC92}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{E320D59C-265D-46F6-B57A-B410501655E3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the walking dead\walkingdead101.exe | 
"{E4273F89-B01D-41B0-9083-E39E976C47A7}" = protocol=6 | dir=in | app=c:\program files (x86)\disney interactive studios\split second\splitsecond.exe | 
"{E5758AE2-5E9E-40BB-9BEA-7F63B0D2B237}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{E6669DF9-95D8-4802-B330-6568C8A09B2E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{E670DF43-3451-4560-99FC-3C639FFB3FEC}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe | 
"{E77C3614-3799-4091-AE1C-7BB0E4EEBA33}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe | 
"{E811C164-5DEB-456F-AF14-F73F3F0E0D77}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{E81E1A09-9234-4FB1-B973-BFB9E806E7E4}" = protocol=6 | dir=in | app=c:\users\miz\desktop\unreal tournament 2004\system\ut2004.exe | 
"{E93A634E-AA3E-4DC5-B56E-95AB7E6831A6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{E9872836-CE85-401C-A27C-868A8EF3CB9F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{EAE2D7F9-E857-44F8-9D6B-7F0063A4331F}" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\rusty hearts\clientlauncher.exe | 
"{EB75AA14-8E9F-4BC7-B615-A4E392862271}" = protocol=17 | dir=in | app=e:\program files\steam\steam.exe | 
"{EC1F03B4-E2D9-41C9-BCFC-B5E1204AE5A0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{EDA3497F-C13D-4925-BE35-2294063D2FF1}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2787\agent.exe | 
"{EFAF88AE-FC78-48D5-8B45-ECAC9BED15B0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{F2343FC6-8FB3-4D02-A207-86A04C8641A9}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2816\agent.exe | 
"{F3E8BA9D-CFD2-4419-AD54-68979243A1B6}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | 
"{F70F0D5D-AE1E-41E7-BC3C-6B69D92D2B06}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe | 
"{F745C737-9A23-45A3-8A2C-29B661CC6CBF}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe | 
"{F773FF2A-5643-491A-B2D9-FAFFDDA28143}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | 
"{F87CDEE3-7482-4C35-B4DE-0746D428632B}" = protocol=6 | dir=out | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe | 
"{FABE77DE-F67A-43EB-A7AB-D4090ABB7459}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{FB3D1828-6D87-44E5-9621-08CD11E8EFF6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | 
"{FBBB2AEE-F819-40F5-B3C3-0F2859E009CE}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe | 
"{FF6A3693-D71B-4000-8561-DB58EC621188}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"TCP Query User{04E7E2C6-DAE5-48BF-B75F-BC76813A31DB}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"TCP Query User{09B52BB2-98EE-4A47-B543-FBBF0C4A4D7E}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe | 
"TCP Query User{0D2DC01D-2728-4F2D-8D70-0AE3F957B959}C:\program files (x86)\battlefield 4\bf4.exe" = protocol=6 | dir=in | app=c:\program files (x86)\battlefield 4\bf4.exe | 
"TCP Query User{0F5EF933-2131-46AF-9A9A-10123BFCDB9B}C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\cdw\binaries\win64\cdw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\cdw\binaries\win64\cdw.exe | 
"TCP Query User{10BDFA3E-B57C-4B4B-899D-413CFFEC623E}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe | 
"TCP Query User{1447537C-EE84-487F-A273-DD249BB31C0A}C:\program files (x86)\croteam\serious sam\bin\serioussam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\croteam\serious sam\bin\serioussam.exe | 
"TCP Query User{147F0591-0986-4017-9630-B5FF2DB9397C}C:\program files (x86)\secret identity studios\marvel heroes beta\unrealengine3\binaries\win32\marvelgame.exe" = protocol=6 | dir=in | app=c:\program files (x86)\secret identity studios\marvel heroes beta\unrealengine3\binaries\win32\marvelgame.exe | 
"TCP Query User{1C526E51-E785-4DB9-B4BE-E5781339F0F1}C:\program files (x86)\altitude\altitude.exe" = protocol=6 | dir=in | app=c:\program files (x86)\altitude\altitude.exe | 
"TCP Query User{1D9BD7BF-78EA-4676-847B-32DA37834972}C:\program files (x86)\starcraft ii\versions\base23260\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base23260\sc2.exe | 
"TCP Query User{241B23A9-849C-42A8-828D-FD43DFE1271F}C:\gog games\fallout tactics\bos.exe" = protocol=6 | dir=in | app=c:\gog games\fallout tactics\bos.exe | 
"TCP Query User{2D63B04F-A05A-4D57-A78A-11C7D5A9CE24}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe | 
"TCP Query User{2DFFB351-9D67-4EB9-AE91-57232297DA0B}C:\program files (x86)\armagetron advanced\armagetronad.exe" = protocol=6 | dir=in | app=c:\program files (x86)\armagetron advanced\armagetronad.exe | 
"TCP Query User{3831E979-EA59-47CA-B950-D74606C3042C}C:\program files (x86)\bv2 proclient\bv2p.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bv2 proclient\bv2p.exe | 
"TCP Query User{3C67BA93-4234-4CAA-BAB2-44E9FEA9068A}C:\users\miz\desktop\neverwinter_nw.1.20130416a.6.exe" = protocol=6 | dir=in | app=c:\users\miz\desktop\neverwinter_nw.1.20130416a.6.exe | 
"TCP Query User{429F4417-B683-4274-9A2D-0EF79E77C477}C:\program files (x86)\remote control server\remote control server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\remote control server\remote control server.exe | 
"TCP Query User{47D7A89B-28EC-491E-AE78-589065251688}C:\program files (x86)\fox\aliens versus predator 2 - primal hunt\lithtech.exe" = protocol=6 | dir=in | app=c:\program files (x86)\fox\aliens versus predator 2 - primal hunt\lithtech.exe | 
"TCP Query User{4B4D00D8-9BA7-492C-B4D1-B682FB5CA9D0}C:\program files (x86)\avid\pro tools\protools.exe" = protocol=6 | dir=in | app=c:\program files (x86)\avid\pro tools\protools.exe | 
"TCP Query User{55205174-798F-457F-B25D-DACD6043EC72}E:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe | 
"TCP Query User{57372A21-203E-40AE-8664-E25D58FCE371}C:\users\miz\appdata\local\temp\iesearchprovider.exe" = protocol=6 | dir=in | app=c:\users\miz\appdata\local\temp\iesearchprovider.exe | 
"TCP Query User{6185B5F6-838A-4119-97A8-2CCC07241C5F}C:\soldat\soldat.exe" = protocol=6 | dir=in | app=c:\soldat\soldat.exe | 
"TCP Query User{64386C51-7D54-418C-A1A3-7D057D944C3B}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe | 
"TCP Query User{76D4D8EA-1E5F-4C53-B0A8-21CBFE025E6C}C:\program files (x86)\phoenix viewer\slvoice.exe" = protocol=6 | dir=in | app=c:\program files (x86)\phoenix viewer\slvoice.exe | 
"TCP Query User{775275A9-75C1-409F-86D0-C0290565001D}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe | 
"TCP Query User{7D3040DE-16C4-4E3D-8D9D-3B91A09BB8DB}C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base21029\sc2.exe | 
"TCP Query User{823632E5-4AA0-41E7-B50D-E07655FFFBE9}C:\program files (x86)\meteorentertainment\hawken\installedhawkenfiles\binaries\win32\hawkengame-win32-shipping.exe" = protocol=6 | dir=in | app=c:\program files (x86)\meteorentertainment\hawken\installedhawkenfiles\binaries\win32\hawkengame-win32-shipping.exe | 
"TCP Query User{888433E5-A44D-419B-96FD-64BFA9948FAA}C:\program files (x86)\dishonored\binaries\win32\dishonored.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dishonored\binaries\win32\dishonored.exe | 
"TCP Query User{89CF3C3E-CEC9-4D56-9F5F-86366D47AB55}C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base24944\sc2.exe | 
"TCP Query User{8A7A3AF8-7682-4BEF-8D7E-454A92D0C98E}E:\program files\steam\steamapps\common\dungeon defenders demo\binaries\win32\dundefgame.exe" = protocol=6 | dir=in | app=e:\program files\steam\steamapps\common\dungeon defenders demo\binaries\win32\dundefgame.exe | 
"TCP Query User{9A2FE03C-4C45-4F20-901C-410438CF9BA7}C:\users\miz\desktop\lan games\soldat\soldat.exe" = protocol=6 | dir=in | app=c:\users\miz\desktop\lan games\soldat\soldat.exe | 
"TCP Query User{A277530F-6063-492F-BF6B-9DFDB67FB478}C:\users\miz\desktop\lan games\haloce\haloceded.exe" = protocol=6 | dir=in | app=c:\users\miz\desktop\lan games\haloce\haloceded.exe | 
"TCP Query User{A6876491-BDC8-42C7-B915-D3504BB6CF7D}C:\users\miz\desktop\diablo-iii-8370-enus-installer-downloader.exe" = protocol=6 | dir=in | app=c:\users\miz\desktop\diablo-iii-8370-enus-installer-downloader.exe | 
"TCP Query User{A7F4189F-8F00-4942-A7D6-556EA408F37F}C:\program files (x86)\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe | 
"TCP Query User{AC43B407-30A6-4206-A102-9205B2E7BC3C}C:\users\miz\desktop\iaa_sriv\saintsrowiv.exe" = protocol=6 | dir=in | app=c:\users\miz\desktop\iaa_sriv\saintsrowiv.exe | 
"TCP Query User{B3B0E54E-0767-40D0-9787-FF72B2EBFF82}C:\program files (x86)\heroes of the storm\versions\base30509\heroesofthestorm.exe" = protocol=6 | dir=in | app=c:\program files (x86)\heroes of the storm\versions\base30509\heroesofthestorm.exe | 
"TCP Query User{B431CCE6-2162-45BC-8500-E2D18DDA045C}C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe" = protocol=6 | dir=in | app=c:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe | 
"TCP Query User{BBAB2E35-E498-4714-8993-BC0FD337F25A}C:\users\miz\desktop\lan games\chivalry medieval warfare - content update 1\binaries\win32\udk.exe" = protocol=6 | dir=in | app=c:\users\miz\desktop\lan games\chivalry medieval warfare - content update 1\binaries\win32\udk.exe | 
"TCP Query User{BD4E442A-B5FD-4B64-8A3F-8E12FA424C9E}C:\users\miz\desktop\enmstoffcppls1364bnewvl\kmsmicro-wo-en\kmsmicro-wo-en\qemu\qemu.exe" = protocol=6 | dir=in | app=c:\users\miz\desktop\enmstoffcppls1364bnewvl\kmsmicro-wo-en\kmsmicro-wo-en\qemu\qemu.exe | 
"TCP Query User{C2988DBC-B46B-4AB0-BEDA-CE959D625D7B}C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe | 
"TCP Query User{C7C8872D-049D-48A6-AA3F-A6148846CE2A}C:\users\miz\desktop\lan games\haloce\haloce.exe" = protocol=6 | dir=in | app=c:\users\miz\desktop\lan games\haloce\haloce.exe | 
"TCP Query User{CA2D2335-0586-4D0B-86FD-F99BE30B71FC}C:\program files (x86)\infinitecrisis\infinitecrisis.exe" = protocol=6 | dir=in | app=c:\program files (x86)\infinitecrisis\infinitecrisis.exe | 
"TCP Query User{CC5E3709-BAC3-4A72-B722-8A7C6A97908A}C:\users\miz\documents\lan games\soldat\soldat.exe" = protocol=6 | dir=in | app=c:\users\miz\documents\lan games\soldat\soldat.exe | 
"TCP Query User{CEDB4D54-D87E-4478-A255-435B15BE8D97}C:\program files\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\program files\starcraft\starcraft.exe | 
"TCP Query User{D8BF3FA5-5139-4640-B2DE-E4C6BBD6F0D3}C:\program files (x86)\meteorentertainment\hawkenadvancebattalion\installedhawkenfiles\binaries\win32\hawkengame-win32-shipping.exe" = protocol=6 | dir=in | app=c:\program files (x86)\meteorentertainment\hawkenadvancebattalion\installedhawkenfiles\binaries\win32\hawkengame-win32-shipping.exe | 
"TCP Query User{D9C0FE61-9F71-42D7-A018-171AE6A7313C}C:\program files (x86)\firestorm-release\slvoice.exe" = protocol=6 | dir=in | app=c:\program files (x86)\firestorm-release\slvoice.exe | 
"TCP Query User{DD4390F8-7C55-48E5-929F-6AD5E99EDD33}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe | 
"TCP Query User{DD4C9BFA-D311-4AEC-A181-72C7D53A2756}C:\program files (x86)\heroes of the storm\versions\base30414\heroesofthestorm.exe" = protocol=6 | dir=in | app=c:\program files (x86)\heroes of the storm\versions\base30414\heroesofthestorm.exe | 
"TCP Query User{E1E91321-347C-427D-8A01-72F2C6D1C0DC}C:\users\miz\desktop\saints row iv\saintsrowiv.exe" = protocol=6 | dir=in | app=c:\users\miz\desktop\saints row iv\saintsrowiv.exe | 
"TCP Query User{E4533606-1C45-4DD2-A805-8F82F5DD6DEE}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe | 
"TCP Query User{E63DE831-BD65-4B62-9783-DF0885F3207C}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe | 
"TCP Query User{EDE72AEC-9BB8-455A-BD6D-37BB5D852C7B}C:\program files (x86)\heroes of the storm tech alpha\versions\base30027\play.exe" = protocol=6 | dir=in | app=c:\program files (x86)\heroes of the storm tech alpha\versions\base30027\play.exe | 
"TCP Query User{EE9967A7-ED39-4007-92CA-1E7C38E4A2C9}C:\program files (x86)\battlefield 4\bf4_x86.exe" = protocol=6 | dir=in | app=c:\program files (x86)\battlefield 4\bf4_x86.exe | 
"TCP Query User{F0484A5C-5F89-4599-8883-29F40490265A}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"TCP Query User{F3CCA270-C7F3-4801-8462-31EB6CF75469}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe | 
"TCP Query User{F872AC90-55BA-422C-89AE-22220A71B64F}C:\users\miz\desktop\starcraft_2_na_en-us.exe" = protocol=6 | dir=in | app=c:\users\miz\desktop\starcraft_2_na_en-us.exe | 
"TCP Query User{FA869A02-513B-4716-B55D-92019423F41D}C:\users\miz\desktop\lan games\the ship\ship.exe" = protocol=6 | dir=in | app=c:\users\miz\desktop\lan games\the ship\ship.exe | 
"TCP Query User{FEDA5664-0197-4CA2-8DE0-328CE4BA004A}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe | 
"TCP Query User{FFC4C856-462C-4421-BB47-DE67D7E312DF}C:\program files (x86)\unified remote\remoteserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\unified remote\remoteserver.exe | 
"UDP Query User{0006B673-259A-45F3-A8F1-06B965576507}C:\gog games\fallout tactics\bos.exe" = protocol=17 | dir=in | app=c:\gog games\fallout tactics\bos.exe | 
"UDP Query User{066964D4-DA3D-4A40-A5CC-231FA4C8AAFD}C:\program files (x86)\meteorentertainment\hawkenadvancebattalion\installedhawkenfiles\binaries\win32\hawkengame-win32-shipping.exe" = protocol=17 | dir=in | app=c:\program files (x86)\meteorentertainment\hawkenadvancebattalion\installedhawkenfiles\binaries\win32\hawkengame-win32-shipping.exe | 
"UDP Query User{0949020B-894B-4785-968E-64739D0C3F23}C:\users\miz\documents\lan games\soldat\soldat.exe" = protocol=17 | dir=in | app=c:\users\miz\documents\lan games\soldat\soldat.exe | 
"UDP Query User{0DD27ADE-5168-4C73-81AC-082A48C3F33B}C:\program files (x86)\avid\pro tools\protools.exe" = protocol=17 | dir=in | app=c:\program files (x86)\avid\pro tools\protools.exe | 
"UDP Query User{0EC0A12C-856E-4054-90CC-E51B571CFC94}C:\users\miz\appdata\local\temp\iesearchprovider.exe" = protocol=17 | dir=in | app=c:\users\miz\appdata\local\temp\iesearchprovider.exe | 
"UDP Query User{1191AF98-0223-4978-B247-47CFA209DCE9}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe | 
"UDP Query User{1567A5B1-F6A2-4F99-84B2-9945048293D8}C:\program files (x86)\armagetron advanced\armagetronad.exe" = protocol=17 | dir=in | app=c:\program files (x86)\armagetron advanced\armagetronad.exe | 
"UDP Query User{159D1795-2AD0-43A3-B9FB-3E1C0BAE5504}C:\program files (x86)\altitude\altitude.exe" = protocol=17 | dir=in | app=c:\program files (x86)\altitude\altitude.exe | 
"UDP Query User{17E6801A-C3D3-4CBF-ACF4-98D3B36278AC}C:\program files (x86)\firestorm-release\slvoice.exe" = protocol=17 | dir=in | app=c:\program files (x86)\firestorm-release\slvoice.exe | 
"UDP Query User{18B86BA9-FDAA-42C5-B634-BA88DABCFBF8}C:\users\miz\desktop\diablo-iii-8370-enus-installer-downloader.exe" = protocol=17 | dir=in | app=c:\users\miz\desktop\diablo-iii-8370-enus-installer-downloader.exe | 
"UDP Query User{1CE36BB9-BCCB-4CA5-A724-85469228A2AB}C:\program files (x86)\croteam\serious sam\bin\serioussam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\croteam\serious sam\bin\serioussam.exe | 
"UDP Query User{229B2E55-C830-4874-9BF1-088C4BFFB493}E:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe | 
"UDP Query User{254A0BBA-00E7-4BB2-81BB-9324B861E660}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe | 
"UDP Query User{2FCDAB73-46E4-4A20-9B19-54BBF8E9A2D2}C:\users\miz\desktop\neverwinter_nw.1.20130416a.6.exe" = protocol=17 | dir=in | app=c:\users\miz\desktop\neverwinter_nw.1.20130416a.6.exe | 
"UDP Query User{313ABF18-10D3-4E91-ADB5-27ECB200C425}C:\users\miz\desktop\iaa_sriv\saintsrowiv.exe" = protocol=17 | dir=in | app=c:\users\miz\desktop\iaa_sriv\saintsrowiv.exe | 
"UDP Query User{3166C769-2192-47EF-A248-254902BD2840}C:\program files (x86)\unified remote\remoteserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\unified remote\remoteserver.exe | 
"UDP Query User{33436015-9F2E-4FA4-BF88-7050769D7835}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{33D8C2F8-D053-48BA-9500-27C8E6EFE590}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe | 
"UDP Query User{3799A028-BCCF-4713-90BD-6359A2382555}C:\users\miz\desktop\enmstoffcppls1364bnewvl\kmsmicro-wo-en\kmsmicro-wo-en\qemu\qemu.exe" = protocol=17 | dir=in | app=c:\users\miz\desktop\enmstoffcppls1364bnewvl\kmsmicro-wo-en\kmsmicro-wo-en\qemu\qemu.exe | 
"UDP Query User{38B6B8FD-C675-4944-95BC-3FB2EFDEE7E5}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe | 
"UDP Query User{439882EF-DAA7-4041-86A5-B9906FAFE5A8}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe | 
"UDP Query User{4FE8E6CB-8A51-496E-A02E-94B2D171DA85}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe | 
"UDP Query User{4FF921A3-54A8-4F47-8175-79A22DF3773C}C:\users\miz\desktop\lan games\soldat\soldat.exe" = protocol=17 | dir=in | app=c:\users\miz\desktop\lan games\soldat\soldat.exe | 
"UDP Query User{508BBB5D-A9E9-461D-B89F-3887EC4801C4}C:\users\miz\desktop\lan games\haloce\haloceded.exe" = protocol=17 | dir=in | app=c:\users\miz\desktop\lan games\haloce\haloceded.exe | 
"UDP Query User{53483A49-36B9-4C73-BA9B-9CA43081D04F}C:\users\miz\desktop\saints row iv\saintsrowiv.exe" = protocol=17 | dir=in | app=c:\users\miz\desktop\saints row iv\saintsrowiv.exe | 
"UDP Query User{5737F56B-AED5-4BD7-BED0-1A5B222471E7}C:\program files (x86)\starcraft ii\versions\base23260\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base23260\sc2.exe | 
"UDP Query User{5AB33D29-4DA8-4E7A-A258-CA724AC2493B}C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe | 
"UDP Query User{613C4878-CB93-410E-AAF4-F3BF4B10ADCB}C:\program files (x86)\remote control server\remote control server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\remote control server\remote control server.exe | 
"UDP Query User{62482C80-9ABE-44D1-91B2-6C931E031506}C:\users\miz\desktop\lan games\haloce\haloce.exe" = protocol=17 | dir=in | app=c:\users\miz\desktop\lan games\haloce\haloce.exe | 
"UDP Query User{634B1773-47FB-43AA-B88C-7F3DE59B864B}C:\program files (x86)\heroes of the storm\versions\base30509\heroesofthestorm.exe" = protocol=17 | dir=in | app=c:\program files (x86)\heroes of the storm\versions\base30509\heroesofthestorm.exe | 
"UDP Query User{64422455-3D72-41ED-94D3-8E27F1AB699E}C:\users\miz\desktop\lan games\chivalry medieval warfare - content update 1\binaries\win32\udk.exe" = protocol=17 | dir=in | app=c:\users\miz\desktop\lan games\chivalry medieval warfare - content update 1\binaries\win32\udk.exe | 
"UDP Query User{6914ACB7-3B5F-4098-80FF-ABB96FD6E776}C:\program files (x86)\dishonored\binaries\win32\dishonored.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dishonored\binaries\win32\dishonored.exe | 
"UDP Query User{7119D515-A15C-4F71-8363-FF0A46A6D12F}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2736-enus-tools-downloader.exe | 
"UDP Query User{7287CB67-0105-420C-8906-1568EB41AFF1}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe | 
"UDP Query User{75C03A52-8DC2-4C4A-82A9-D146FC711FD6}C:\program files (x86)\infinitecrisis\infinitecrisis.exe" = protocol=17 | dir=in | app=c:\program files (x86)\infinitecrisis\infinitecrisis.exe | 
"UDP Query User{7F2F0AE9-F086-4134-91A2-B9CD082A391D}C:\program files (x86)\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe | 
"UDP Query User{80DB6F14-441B-43A8-BD26-4418C484DF9D}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"UDP Query User{98F65D5E-7092-446D-B1BD-E4FD2DC0466A}E:\program files\steam\steamapps\common\dungeon defenders demo\binaries\win32\dundefgame.exe" = protocol=17 | dir=in | app=e:\program files\steam\steamapps\common\dungeon defenders demo\binaries\win32\dundefgame.exe | 
"UDP Query User{9C14E9E0-8F35-4DB0-B993-F478689B53BD}C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base21029\sc2.exe | 
"UDP Query User{A61365A1-7978-4129-A5FB-7BF8DF3496A3}C:\soldat\soldat.exe" = protocol=17 | dir=in | app=c:\soldat\soldat.exe | 
"UDP Query User{A7563251-943C-4413-9FB3-4A5304988E96}C:\program files\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\program files\starcraft\starcraft.exe | 
"UDP Query User{A7FC6A86-E13D-40F1-98D5-24379D64B9D0}C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base24944\sc2.exe | 
"UDP Query User{AE3FC0CE-AB43-4F21-BDBB-7E234F5EF002}C:\users\miz\desktop\lan games\the ship\ship.exe" = protocol=17 | dir=in | app=c:\users\miz\desktop\lan games\the ship\ship.exe | 
"UDP Query User{B057A036-EE7F-4AE0-9370-CB83B7B09270}C:\games\blur nosteam\blur.exe" = protocol=17 | dir=in | app=c:\games\blur nosteam\blur.exe | 
"UDP Query User{C4868ECF-48D9-43BF-9D00-5FC1FB0FDDCE}C:\program files (x86)\phoenix viewer\slvoice.exe" = protocol=17 | dir=in | app=c:\program files (x86)\phoenix viewer\slvoice.exe | 
"UDP Query User{C5B56949-45B6-4592-98FC-1A0AF046EC5F}C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\cdw\binaries\win64\cdw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\cdw\binaries\win64\cdw.exe | 
"UDP Query User{C81812FD-E190-494B-9427-1AECE849AA8C}C:\program files (x86)\bv2 proclient\bv2p.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bv2 proclient\bv2p.exe | 
"UDP Query User{CA1EB75B-DDC0-4415-A21F-7DD71F2CFB98}C:\program files (x86)\heroes of the storm tech alpha\versions\base30027\play.exe" = protocol=17 | dir=in | app=c:\program files (x86)\heroes of the storm tech alpha\versions\base30027\play.exe | 
"UDP Query User{D581A9BA-D95A-40C4-8CB1-9550A5F77D31}C:\users\miz\desktop\starcraft_2_na_en-us.exe" = protocol=17 | dir=in | app=c:\users\miz\desktop\starcraft_2_na_en-us.exe | 
"UDP Query User{D867DB39-495E-4916-BF3B-DC0C2702F362}C:\program files (x86)\heroes of the storm\versions\base30414\heroesofthestorm.exe" = protocol=17 | dir=in | app=c:\program files (x86)\heroes of the storm\versions\base30414\heroesofthestorm.exe | 
"UDP Query User{DBE17E14-E778-4546-B1F3-CF46FAF2FD67}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe | 
"UDP Query User{DC83465D-7D0C-4FB6-BD2D-0F9CDC30671D}C:\program files (x86)\meteorentertainment\hawken\installedhawkenfiles\binaries\win32\hawkengame-win32-shipping.exe" = protocol=17 | dir=in | app=c:\program files (x86)\meteorentertainment\hawken\installedhawkenfiles\binaries\win32\hawkengame-win32-shipping.exe | 
"UDP Query User{E0E0BFED-5618-4404-A024-2D11D4A7EF4A}C:\program files (x86)\secret identity studios\marvel heroes beta\unrealengine3\binaries\win32\marvelgame.exe" = protocol=17 | dir=in | app=c:\program files (x86)\secret identity studios\marvel heroes beta\unrealengine3\binaries\win32\marvelgame.exe | 
"UDP Query User{E1627F92-8E2B-44FA-8938-4F5AD086DFE2}C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe" = protocol=17 | dir=in | app=c:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe | 
"UDP Query User{E343BA60-5B97-45B5-9094-AE583A50AD31}C:\program files (x86)\battlefield 4\bf4_x86.exe" = protocol=17 | dir=in | app=c:\program files (x86)\battlefield 4\bf4_x86.exe | 
"UDP Query User{F0C14FAB-4C3E-4F89-8215-C004233FD0E9}C:\program files (x86)\fox\aliens versus predator 2 - primal hunt\lithtech.exe" = protocol=17 | dir=in | app=c:\program files (x86)\fox\aliens versus predator 2 - primal hunt\lithtech.exe | 
"UDP Query User{FB934328-6907-4B0C-AFA5-0AA07E36561C}C:\program files (x86)\battlefield 4\bf4.exe" = protocol=17 | dir=in | app=c:\program files (x86)\battlefield 4\bf4.exe | 
"UDP Query User{FE12DC4D-B2B1-45A1-879F-3BAF5EF64FCA}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{3165EA9B-36CC-499B-96FF-36FC30E10EF4}" = License Support
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5A68A656-979F-4168-8795-E2E368AA4DC2}" = iTunes
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{787136D2-F0F8-4625-AA3F-72D7795AC842}" = Apple Mobile Device Support
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{90150000-0015-0409-1000-0000000FF1CE}" = Microsoft Access MUI (English) 2013
"{90150000-0016-0409-1000-0000000FF1CE}" = Microsoft Excel MUI (English) 2013
"{90150000-0018-0409-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (English) 2013
"{90150000-0019-0409-1000-0000000FF1CE}" = Microsoft Publisher MUI (English) 2013
"{90150000-001A-0409-1000-0000000FF1CE}" = Microsoft Outlook MUI (English) 2013
"{90150000-001B-0409-1000-0000000FF1CE}" = Microsoft Word MUI (English) 2013
"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-1000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office - Français
"{90150000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Español
"{90150000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2013
"{90150000-0044-0409-1000-0000000FF1CE}" = Microsoft InfoPath MUI (English) 2013
"{90150000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2013
"{90150000-0090-0409-1000-0000000FF1CE}" = Microsoft DCF MUI (English) 2013
"{90150000-00A1-0409-1000-0000000FF1CE}" = Microsoft OneNote MUI (English) 2013
"{90150000-00BA-0409-1000-0000000FF1CE}" = Microsoft Groove MUI (English) 2013
"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
"{90150000-00C1-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2013
"{90150000-00E1-0409-1000-0000000FF1CE}" = Microsoft Office OSM MUI (English) 2013
"{90150000-00E2-0409-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (English) 2013
"{90150000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2013
"{90150000-0117-0409-1000-0000000FF1CE}" = Microsoft Access Setup Metadata MUI (English) 2013
"{90150000-012B-0409-1000-0000000FF1CE}" = Microsoft Lync MUI (English) 2013
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5.1 (Deutsch)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 10.4.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.16.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{BCCC97EE-E162-448C-8847-59718FF29B04}" = Intel® Network Connections 15.6.25.0
"{C513739C-5F16-37B5-9ACF-99925FF1C1F3}" = Microsoft .NET Framework 4.5.1 (DEU)
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{FB03650C-B373-4B20-ACA5-B7BA1A8EEE33}" = Visual C++ 64-bit Redistributables
"C-Media CM106 Like Sound Driver" = ARCTIC SOUND P531
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.60
"Logitech Gaming Software" = Logitech Gaming Software 8.20
"Office15.PROPLUS" = Microsoft Office Professional Plus 2013
"PROSetDX" = Intel® Network Connections 15.6.25.0
"sp6" = Logitech SetPoint 6.32
"Speccy" = Speccy
"Virtual Audio Cable 4.10" = Virtual Audio Cable 4.10
"WinRAR archiver" = WinRAR 4.11 (64-bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05A6B1CD-AA10-46A0-8D5C-6AD2A9EEFC8B}" = Nero Burning ROM 11
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{26DB09BC-6EB5-4CE0-A05D-D4DECE60E189}_is1" = Phoenix Viewer 1.6.0.1691
"{28526951-55EF-4901-A0CA-B9AC966D1DD1}" = Split/Second
"{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{34D3688E-A737-44C5-9E2A-FF73618728E1}" = AI Suite II
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}" = Smite
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3FD0C489-0F02-481a-A3E1-9754CD396761}" = Intel® Watchdog Timer Driver (Intel® WDT)
"{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}" = Microsoft Games for Windows - LIVE Redistributable
"{461A5021-EE14-4E57-9A06-8ABCE9C38FE4}" = Mumble 1.2.6
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BF62C05-3943-4ECB-B233-6E37E3FB5BCF}" = ZBrush 4
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{755C6515-9FEA-490C-B15E-22BB6519E57E}" = Remote Control Server
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" = League of Legends
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16
"{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}" = Rosetta Stone Version 3
"{815050E5-F545-11D4-9569-004095812ACC}" = Serious Sam: The First Encounter
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A7A70E54-4678-4E66-A2BA-F135AAAB70A8}" = Guncraft
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.06)
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}" = Google Talk Plugin
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}" = Microsoft XNA Framework Redistributable 4.0 Refresh
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D9DAD0FF-495A-472B-9F10-BAE430A26682}" = Apple Application Support
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}" = Adobe Creative Suite 6 Master Collection
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EFBE6DD5-B224-96E5-72B9-68D328CB12A6}" = Adobe Widget Browser
"{F03117FA-9270-46B0-9666-0B4BC2CDEBF5}" = Visual C++ Redistributables
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"4578-0181-0549-1546" = Altitude 1.1
"Actual Multiple Monitors_is1" = Actual Multiple Monitors 8.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Armagetron Advanced" = Armagetron Advanced 0.2.8.3.2
"ASIO4ALL" = ASIO4ALL
"Avast" = avast! Free Antivirus
"Battle.net" = Battle.net
"CDisplay_is1" = CDisplay 1.8
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.WidgetBrowser" = Adobe Widget Browser
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-11-11
"Convert Audio Free FLAC to MP3_is1" = Convert Audio Free FLAC to MP3 version 1.0
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dark Souls II_is1" = Dark Souls II
"Diablo III" = Diablo III
"e" = a
"Firestorm-Release" = Firestorm-Release (remove only)
"Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 2.1.6.128
"GOGPACKROGUELEGACY_is1" = Rogue Legacy
"GoldenEye: Source" = GoldenEye: Source
"Google Chrome" = Google Chrome
"Hearthstone" = Hearthstone
"Heroes of the Storm" = Heroes of the Storm
"ImgBurn" = ImgBurn
"InstallShield_{3165EA9B-36CC-499B-96FF-36FC30E10EF4}" = License Support
"InstallShield_{4BF62C05-3943-4ECB-B233-6E37E3FB5BCF}" = ZBrush 4
"InstallShield_{F03117FA-9270-46B0-9666-0B4BC2CDEBF5}" = Visual C++ Redistributables
"InstallShield_{FB03650C-B373-4B20-ACA5-B7BA1A8EEE33}" = Visual C++ 64-bit Redistributables
"IrfanView" = IrfanView (remove only)
"jass-pub-2.3.8" = jass-pub-2.3.8 (remove only)
"League of Legends 3.0.0" = League of Legends
"Magic Workstation_is1" = Magic Workstation 0.94f
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Firefox 29.0.1 (x86 en-US)" = Mozilla Firefox 29.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MTG GamePack for Magic Workstation_is1" = MTG GamePack for Magic Workstation
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"optimizer_chrome" = Widevine Media Optimizer Chrome 6.0.0
"PdaNet_is1" = PdaNet for Android 3.50
"PowerISO" = PowerISO
"Radegast" = Radegast
"RaidCall" = RaidCall
"Scorched3D" = Scorched3D 43.3d
"StarCraft II" = StarCraft II
"Steam App 205700" = Quantum Conundrum Demo
"Steam App 207610" = The Walking Dead
"Steam App 211420" = Dark Souls: Prepare to Die Edition
"Steam App 218" = Source SDK Base 2007
"Steam App 219640" = Chivalry: Medieval Warfare
"Steam App 271290" = HAWKEN
"Steam App 570" = Dota 2
"Steam App 65800" = Dungeon Defenders
"TeamViewer 8" = TeamViewer 8
"VLC media player" = VLC media player 2.1.3
"WinLiveSuite" = Windows Live Essentials
"World of Warcraft" = World of Warcraft
"Xfire" = Xfire (remove only)
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"ZBrush 4R4 4R4" = ZBrush 4R4
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Hawken" = Hawken
"optimizer_chrome" = Widevine Media Optimizer Chrome 6.0.0
"UnityWebPlayer" = Unity Web Player
"uTorrent" = µTorrent
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 6/5/2014 4:39:03 PM | Computer Name = Miz-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe_SysMain, version: 6.1.7600.16385,
 time stamp: 0x4a5bc3c1  Faulting module name: sysmain.dll, version: 6.1.7601.17514,
 time stamp: 0x4ce7c9db  Exception code: 0xc0000005  Fault offset: 0x000000000003eab0
Faulting
 process id: 0xb34  Faulting application start time: 0x01cf80fd60f3c0d0  Faulting application
 path: C:\Windows\system32\svchost.exe  Faulting module path: c:\windows\system32\sysmain.dll
Report
 Id: 6db0952b-ecf1-11e3-a897-0026833c0a21
 
Error - 6/6/2014 4:46:51 AM | Computer Name = Miz-PC | Source = Office 2013 Licensing Service | ID = 0
Description = 
 
Error - 6/7/2014 1:04:19 AM | Computer Name = Miz-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe_SysMain, version: 6.1.7600.16385,
 time stamp: 0x4a5bc3c1  Faulting module name: sysmain.dll, version: 6.1.7601.17514,
 time stamp: 0x4ce7c9db  Exception code: 0xc0000005  Fault offset: 0x000000000001a6ba
Faulting
 process id: 0x934  Faulting application start time: 0x01cf81b6ed8c92a5  Faulting application
 path: C:\Windows\system32\svchost.exe  Faulting module path: c:\windows\system32\sysmain.dll
Report
 Id: 2e2fc887-ee01-11e3-bbe3-0026833c0a21
 
Error - 6/7/2014 3:55:20 AM | Computer Name = Miz-PC | Source = Office 2013 Licensing Service | ID = 0
Description = 
 
Error - 6/7/2014 12:58:21 PM | Computer Name = Miz-PC | Source = Application Hang | ID = 1002
Description = The program chrome.exe version 35.0.1916.114 stopped interacting with
 Windows and was closed. To see if more information about the problem is available,
 check the problem history in the Action Center control panel.    Process ID: 145c    Start
 Time: 01cf81b7a5aef9ed    Termination Time: 60000    Application Path: C:\Program Files
 (x86)\Google\Chrome\Application\chrome.exe    Report Id: c307475a-ee64-11e3-bbe3-0026833c0a21
 
 
Error - 6/7/2014 5:25:50 PM | Computer Name = Miz-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe_SysMain, version: 6.1.7600.16385,
 time stamp: 0x4a5bc3c1  Faulting module name: sysmain.dll, version: 6.1.7601.17514,
 time stamp: 0x4ce7c9db  Exception code: 0xc0000005  Fault offset: 0x0000000000004d13
Faulting
 process id: 0xae4  Faulting application start time: 0x01cf827289219532  Faulting application
 path: C:\Windows\system32\svchost.exe  Faulting module path: c:\windows\system32\sysmain.dll
Report
 Id: 4bdfed13-ee8a-11e3-9cec-c86000307b32
 
Error - 6/7/2014 7:02:00 PM | Computer Name = Miz-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe_SysMain, version: 6.1.7600.16385,
 time stamp: 0x4a5bc3c1  Faulting module name: sysmain.dll, version: 6.1.7601.17514,
 time stamp: 0x4ce7c9db  Exception code: 0xc0000005  Fault offset: 0x0000000000057dcc
Faulting
 process id: 0x948  Faulting application start time: 0x01cf82a43df34561  Faulting application
 path: C:\Windows\system32\svchost.exe  Faulting module path: c:\windows\system32\sysmain.dll
Report
 Id: bb027b86-ee97-11e3-b63a-c86000307b32
 
Error - 6/7/2014 7:02:16 PM | Computer Name = Miz-PC | Source = Application Error | ID = 1000
Description = Faulting application name: EC Simulator.exe, version: 1.0.0.19, time
 stamp: 0x4cd8f8db  Faulting module name: KeyboardFun.dll, version: 1.0.0.2, time 
stamp: 0x4c901b7c  Exception code: 0xc000001d  Fault offset: 0x0000447a  Faulting process
 id: 0xf7c  Faulting application start time: 0x01cf82a44c1edffd  Faulting application
 path: C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\EC Simulator.exe
Faulting
 module path: C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\KeyboardFun.dll
Report
 Id: c4b19133-ee97-11e3-b63a-c86000307b32
 
Error - 6/7/2014 7:02:16 PM | Computer Name = Miz-PC | Source = Application Error | ID = 1005
Description = Windows cannot access the file  for one of the following reasons:  there
 is a problem with the network connection, the disk that the file is stored on, 
or the storage  drivers installed on this computer; or the disk is missing.  Windows
 closed the program EC Simulator because of this error.    Program: EC Simulator  File:
     The error value is listed in the Additional Data section.  User Action  1. Open the
 file again.  This situation might be a temporary problem that corrects itself when
 the program runs again.  2.  If the file still cannot be accessed and   - It is on the
 network,  your network administrator should verify that there is not a problem with
 the network and that the server can be contacted.   - It is on a removable disk, for
 example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the
 computer.  3. Check and repair the file system by running CHKDSK. To run CHKDSK, 
click Start, click Run, type CMD, and then click OK. At the command prompt, type
 CHKDSK /F, and then press ENTER.  4. If the problem persists, restore the file from
 a backup copy.  5. Determine whether other files on the same disk can be opened. 
If not, the disk might be damaged. If it is a hard disk, contact your administrator
 or computer hardware vendor for  further assistance.    Additional Data  Error value: 00000000
Disk
 type: 0
 
Error - 6/7/2014 7:03:18 PM | Computer Name = Miz-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Skype.exe, version: 6.16.0.105, time stamp:
 0x536b4342  Faulting module name: jscript9.dll, version: 11.0.9600.17041, time stamp:
 0x531827a1  Exception code: 0xc0000005  Fault offset: 0x0001e8a3  Faulting process id:
 0xfd0  Faulting application start time: 0x01cf82a44fa7e343  Faulting application path:
 C:\Program Files (x86)\Skype\Phone\Skype.exe  Faulting module path: C:\Windows\SysWOW64\jscript9.dll
Report
 Id: e9a83c71-ee97-11e3-b63a-c86000307b32
 
Error - 6/8/2014 4:48:13 AM | Computer Name = Miz-PC | Source = Office 2013 Licensing Service | ID = 0
Description = 
 
[ System Events ]
Error - 6/8/2014 12:14:30 PM | Computer Name = Miz-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
 Protocol service which failed to start because of the following error:   %%-2140993535
 
Error - 6/8/2014 12:14:30 PM | Computer Name = Miz-PC | Source = Service Control Manager | ID = 7023
Description = The Peer Name Resolution Protocol service terminated with the following
 error:   %%-2140993535
 
Error - 6/8/2014 12:14:41 PM | Computer Name = Miz-PC | Source = PNRPSvc | ID = 102
Description = 
 
Error - 6/8/2014 12:14:41 PM | Computer Name = Miz-PC | Source = PNRPSvc | ID = 102
Description = 
 
Error - 6/8/2014 12:14:41 PM | Computer Name = Miz-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
 Protocol service which failed to start because of the following error:   %%-2140993535
 
Error - 6/8/2014 12:14:41 PM | Computer Name = Miz-PC | Source = Service Control Manager | ID = 7023
Description = The Peer Name Resolution Protocol service terminated with the following
 error:   %%-2140993535
 
Error - 6/8/2014 12:14:41 PM | Computer Name = Miz-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
 Protocol service which failed to start because of the following error:   %%-2140993535
 
Error - 6/8/2014 12:14:41 PM | Computer Name = Miz-PC | Source = Service Control Manager | ID = 7023
Description = The Peer Name Resolution Protocol service terminated with the following
 error:   %%-2140993535
 
Error - 6/8/2014 12:15:05 PM | Computer Name = Miz-PC | Source = Service Control Manager | ID = 7038
Description = The nvUpdatusService service was unable to log on as .\UpdatusUser
 with the currently configured password due to the following error:   %%1330    To ensure
 that the service is configured properly, use the Services snap-in in Microsoft 
Management Console (MMC).
 
Error - 6/8/2014 12:15:05 PM | Computer Name = Miz-PC | Source = Service Control Manager | ID = 7000
Description = The NVIDIA Update Service Daemon service failed to start due to the
 following error:   %%1069
 
 
< End of report >

  • 0

#6
GhostLoad
Posted 10 June 2014 - 11:00 AM

GhostLoad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 419 posts

FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-06-2014
Ran by Miz (administrator) on MIZ-PC on 10-06-2014 12:57:59
Running from C:\Users\Miz\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Actual Tools) C:\Program Files (x86)\Actual Multiple Monitors\ActualMultipleMonitorsCenter.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\EC Simulator.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Actual Tools) C:\Program Files (x86)\Actual Multiple Monitors\ActualMultipleMonitorsCenter64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(Actual Tools) C:\Program Files (x86)\Actual Multiple Monitors\ActualMultipleMonitorsShellCenter64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(OldTimer Tools) C:\Users\Miz\Desktop\OTL.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.4656\Battle.net.exe
(Blizzard Entertainment, Inc.) C:\Program Files (x86)\Heroes of the Storm\Versions\Base30509\HeroesOfTheStorm.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-04-30] (AVAST Software)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1038818363-2529734610-2198295289-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1754816 2014-05-29] (Valve Corporation)
HKU\S-1-5-21-1038818363-2529734610-2198295289-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1038818363-2529734610-2198295289-1000\...\Run: [Actual Multiple Monitors] => C:\Program Files (x86)\Actual Multiple Monitors\ActualMultipleMonitorsCenter.exe [1782576 2013-10-19] (Actual Tools)
HKU\S-1-5-21-1038818363-2529734610-2198295289-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-1038818363-2529734610-2198295289-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-1038818363-2529734610-2198295289-1000\...\MountPoints2: M - M:\Setup.exe
HKU\S-1-5-21-1038818363-2529734610-2198295289-1000\...\MountPoints2: N - N:\Setup.exe
HKU\S-1-5-21-1038818363-2529734610-2198295289-1000\...\MountPoints2: {01cb3c68-c4d5-11e1-bfc5-0026833c0a21} - O:\MotoCastSetup.exe -a
HKU\S-1-5-21-1038818363-2529734610-2198295289-1000\...\MountPoints2: {aa83fab1-4704-11e3-a338-c86000307b32} - K:\Setup.exe
AppInit_DLLs-x32: c:\progra~2\browse~1\sprote~1.dll => "c:\progra~2\browse~1\sprote~1.dll" File Not Found
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB951E59BA731CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.dosear...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.dosear...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.dosear...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://search.dosear...q={searchTerms}
URLSearchHook: HKCU - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.dosear...q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.dosear...q={searchTerms}
SearchScopes: HKLM - {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL = http://searchfunmood...E&cr=1640996009
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT3072254
SearchScopes: HKCU - DefaultScope {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = http://search.condui...&ctid=CT3072254
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT3072254
SearchScopes: HKCU - {DCB2D4B1-2019-4C16-BB5A-10486A1A9FAF} URL = http://search.genieo...q={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -  No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
BHO-x32: No Name - {1C65AB57-7822-4BB8-598A-7027DCADCBF5} -  No File
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -  No File
BHO-x32: No Name - {6D0156E2-6FED-7A8A-FCAA-EE47F4D4C375} -  No File
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
DPF: HKLM {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 65.32.5.111 65.32.5.112
 
FireFox:
========
FF ProfilePath: C:\Users\Miz\AppData\Roaming\Mozilla\Firefox\Profiles\gkl27u1m.default
FF NewTab: hxxp://www.dosearches.com/newtab/?utm_source=b&utm_medium=smt&utm_campaign=ST1000DM003-1CH162_Z1D29937XXXXZ1D29937&utm_content=nt&from=smt&uid=ST1000DM003-1CH162_Z1D29937XXXXZ1D29937&ts=1383771476
FF DefaultSearchEngine: dosearches
FF SelectedSearchEngine: dosearches
FF Homepage: google.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @raidcall.en/RCplugin - C:\Users\Miz\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Miz\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Miz\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Miz\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Miz\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Miz\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Miz\AppData\Roaming\Mozilla\Firefox\Profiles\gkl27u1m.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Miz\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Miz\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Widevine Media Optimizer - C:\Users\Miz\AppData\Roaming\Mozilla\Firefox\Profiles\gkl27u1m.default\Extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d} [2014-05-28]
FF Extension: Yahoo! Toolbar - C:\Users\Miz\AppData\Roaming\Mozilla\Firefox\Profiles\gkl27u1m.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-06-09]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-03-26]
 
Chrome: 
=======
CHR HomePage: 
CHR StartupUrls: "hxxp://google.com/"
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-03]
CHR Extension: (AdBlock) - C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-20]
CHR Extension: (Google Mail Checker) - C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-05-20]
CHR Extension: (Tiësto) - C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnmeobddjkkgkglnogihcaejaleikhdh [2014-05-20]
CHR Extension: (Google Wallet) - C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Picasa) - C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2014-05-20]
CHR Extension: (Gmail) - C:\Users\Miz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-20]
CHR HKLM\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Miz\AppData\Local\funmoods.crx [2014-05-20]
CHR HKLM\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Miz\AppData\Local\funmoods-speeddial_sf.crx [2014-05-20]
CHR HKLM-x32\...\Chrome\Extension: [fooihgffjknjfdidhkpgeibbipkjlhpn] - C:\Users\Miz\AppData\Local\Temp\ccex.crx [2014-05-20]
CHR HKLM-x32\...\Chrome\Extension: [iahjogoadinlelpcdmipmkiffgbjpmnf] - C:\ProgramData\Download and Sa\iahjogoadinlelpcdmipmkiffgbjpmnf.crx [2014-05-20]
CHR HKLM-x32\...\Chrome\Extension: [jbpkiefagocgkmemidfngdkamloieekf] - C:\Program Files (x86)\TornTV.com\torn11.crx [2014-05-20]
 
==================== Services (Whitelisted) =================
 
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [922240 2011-06-13] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2010-12-01] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-30] (AVAST Software)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21007192 2014-04-30] (NVIDIA Corporation)
R2 PaceLicenseDServices; C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2938880 2012-05-18] (PACE Anti-Piracy, Inc.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
R0 AiChargerPlus; C:\Windows\System32\DRIVERS\AiChargerPlus.sys [14464 2010-11-08] (ASUSTek Computer Inc.)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [36256 2009-11-13] (Google Inc) [File not signed]
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
S3 ASPI; C:\Windows\SysWOW64\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec) [File not signed]
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-04-30] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-30] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-04-30] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-11-06] (Disc Soft Ltd)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18776 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1307648 2010-01-29] (C-Media Electronics Inc)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-06-10 12:57 - 2014-06-10 12:58 - 00026521 _____ () C:\Users\Miz\Desktop\FRST.txt
2014-06-10 12:57 - 2014-06-10 12:58 - 00000000 ____D () C:\FRST
2014-06-10 12:44 - 2014-06-10 12:44 - 00131196 _____ () C:\Users\Miz\Desktop\OTL.Txt
2014-06-10 12:24 - 2014-06-10 12:24 - 02080768 _____ (Farbar) C:\Users\Miz\Desktop\FRST64.exe
2014-06-10 01:52 - 2014-06-10 04:11 - 00000000 ____D () C:\Users\Miz\AppData\Local\NVIDIA Corporation
2014-06-10 01:51 - 2014-06-10 01:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-06-10 01:51 - 2014-06-10 01:51 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-10 01:51 - 2014-04-30 14:27 - 01081112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-06-10 01:51 - 2014-04-30 14:26 - 01225920 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-06-10 01:50 - 2014-05-19 19:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-06-10 01:48 - 2014-05-19 22:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-06-10 01:48 - 2014-05-19 22:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-06-10 01:48 - 2014-05-19 22:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-06-10 01:48 - 2014-05-19 22:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-06-10 01:48 - 2014-05-19 22:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-06-10 01:48 - 2014-05-19 22:44 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-06-10 01:48 - 2014-05-19 22:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-06-10 01:48 - 2014-05-19 22:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-06-10 01:48 - 2014-05-19 22:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-06-10 01:48 - 2014-05-19 22:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-06-10 01:48 - 2014-05-19 22:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-06-10 01:48 - 2014-05-19 22:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-06-10 01:48 - 2014-05-19 22:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-06-10 01:48 - 2014-05-19 22:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-06-10 01:48 - 2014-05-19 22:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-06-10 01:48 - 2014-05-19 22:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-06-10 01:48 - 2014-05-19 22:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-06-10 01:48 - 2014-05-19 22:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-06-10 01:48 - 2014-05-19 22:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-06-10 01:48 - 2014-05-19 22:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-06-10 01:48 - 2014-05-19 22:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-06-10 01:48 - 2014-05-19 22:44 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-06-10 01:48 - 2014-05-19 22:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-06-10 01:48 - 2014-05-19 22:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-06-10 01:48 - 2014-05-19 22:44 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-06-10 01:48 - 2014-05-19 22:44 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-06-10 01:48 - 2014-05-19 22:44 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-06-10 01:48 - 2014-05-19 22:44 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-06-10 01:45 - 2014-03-31 12:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-06-10 01:45 - 2014-03-31 12:42 - 00037320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-06-10 01:45 - 2014-03-31 12:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-06-10 01:37 - 2014-06-10 01:37 - 00293952 _____ () C:\Windows\Minidump\061014-22495-01.dmp
2014-06-08 19:48 - 2014-06-08 20:08 - 1554822306 _____ () C:\Users\Miz\Desktop\The Grand Budapest Hotel.mp4
2014-06-08 14:30 - 2014-06-08 14:30 - 00293984 _____ () C:\Windows\Minidump\060814-19999-01.dmp
2014-06-08 12:46 - 2014-06-08 12:46 - 00173976 _____ () C:\Users\Miz\Desktop\Extras.Txt
2014-06-08 12:27 - 2014-06-08 12:27 - 00602112 _____ (OldTimer Tools) C:\Users\Miz\Desktop\OTL.exe
2014-06-07 18:59 - 2014-06-07 18:59 - 00291832 _____ () C:\Windows\Minidump\060714-17643-01.dmp
2014-06-07 18:55 - 2014-06-07 18:55 - 00293664 _____ () C:\Windows\Minidump\060714-17565-01.dmp
2014-06-07 18:52 - 2014-06-07 18:53 - 00290840 _____ () C:\Windows\Minidump\060714-21309-01.dmp
2014-06-07 18:49 - 2014-06-07 18:50 - 00294016 _____ () C:\Windows\Minidump\060714-19656-01.dmp
2014-06-05 16:32 - 2014-06-05 16:32 - 00293984 _____ () C:\Windows\Minidump\060514-15428-01.dmp
2014-06-05 01:31 - 2014-06-05 01:31 - 00293976 _____ () C:\Windows\Minidump\060514-15412-01.dmp
2014-06-04 05:52 - 2014-06-04 05:52 - 00293224 _____ () C:\Windows\Minidump\060414-24991-01.dmp
2014-06-03 13:14 - 2014-06-03 13:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-03 13:13 - 2014-06-03 13:14 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-03 13:13 - 2014-06-03 13:14 - 00000000 ____D () C:\Program Files\iTunes
2014-06-03 13:13 - 2014-06-03 13:14 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-03 13:13 - 2014-06-03 13:13 - 00000000 ____D () C:\Program Files\iPod
2014-06-03 03:21 - 2014-06-03 03:21 - 00292056 _____ () C:\Windows\Minidump\060314-17643-01.dmp
2014-06-03 03:14 - 2014-06-03 03:14 - 00291424 _____ () C:\Windows\Minidump\060314-16957-01.dmp
2014-06-03 03:12 - 2014-06-03 03:12 - 00292568 _____ () C:\Windows\Minidump\060314-19281-01.dmp
2014-06-03 03:09 - 2014-06-03 03:09 - 00291976 _____ () C:\Windows\Minidump\060314-20748-01.dmp
2014-06-03 03:07 - 2014-06-03 03:07 - 00294024 _____ () C:\Windows\Minidump\060314-19593-01.dmp
2014-06-03 02:04 - 2014-06-03 02:04 - 00294008 _____ () C:\Windows\Minidump\060314-19921-01.dmp
2014-06-03 02:01 - 2014-06-03 02:01 - 00292720 _____ () C:\Windows\Minidump\060314-18174-01.dmp
2014-06-02 15:46 - 2014-06-06 18:46 - 00000000 ____D () C:\Users\Miz\Desktop\Comics
2014-06-01 14:29 - 2014-06-01 14:59 - 00000000 ____D () C:\Users\Miz\Desktop\Transistor OST
2014-06-01 14:16 - 2014-06-01 14:16 - 00000000 ____D () C:\Users\Miz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Black_Box
2014-05-29 01:37 - 2014-05-29 01:37 - 00002378 _____ () C:\Users\Miz\Documents\MumbleAutomaticCertificateBackup.p12
2014-05-29 01:34 - 2014-05-29 01:41 - 00000000 ____D () C:\Users\Miz\AppData\Roaming\Mumble
2014-05-29 01:34 - 2014-05-29 01:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble
2014-05-29 01:34 - 2014-05-29 01:34 - 00000000 ____D () C:\Program Files (x86)\Mumble
2014-05-28 20:34 - 2014-05-28 20:34 - 00000000 ____D () C:\Users\Miz\AppData\Roaming\IDM
2014-05-28 20:34 - 2014-05-28 20:34 - 00000000 ____D () C:\ProgramData\IDM
2014-05-28 12:29 - 2014-05-28 12:29 - 00000000 ____D () C:\Program Files\Bonjour
2014-05-28 12:29 - 2014-05-28 12:29 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-05-22 18:13 - 2014-05-22 18:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2014-05-22 18:07 - 2014-06-10 12:36 - 00000000 ____D () C:\Program Files (x86)\Heroes of the Storm
2014-05-21 18:21 - 2014-05-21 18:22 - 00000000 ____D () C:\Users\Miz\Documents\Heroes of the Storm
2014-05-20 14:57 - 2014-05-20 14:57 - 00001169 _____ () C:\Users\Public\Desktop\Firestorm.lnk
2014-05-20 13:37 - 2014-05-20 14:10 - 00000000 ____D () C:\Users\Miz\AppData\Roaming\Yahoo!
2014-05-20 13:37 - 2014-05-20 13:37 - 00000000 ____D () C:\ProgramData\Yahoo! Companion
2014-05-20 13:37 - 2014-05-20 13:37 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-05-20 13:37 - 2014-05-20 13:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
2014-05-16 05:34 - 2014-05-06 00:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-16 05:34 - 2014-05-06 00:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-16 05:34 - 2014-05-05 23:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-16 05:34 - 2014-05-05 23:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-16 05:34 - 2014-05-05 23:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-16 05:34 - 2014-05-05 22:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-15 00:45 - 2014-04-11 22:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 00:45 - 2014-04-11 22:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 00:45 - 2014-04-11 22:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 00:45 - 2014-04-11 22:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 00:45 - 2014-04-11 22:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 00:45 - 2014-04-11 22:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 00:45 - 2014-04-11 22:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 00:45 - 2014-04-11 22:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 00:45 - 2014-04-11 22:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 00:45 - 2014-03-24 22:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 00:45 - 2014-03-24 22:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 00:45 - 2014-03-04 05:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 00:45 - 2014-03-04 05:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 00:45 - 2014-03-04 05:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 00:45 - 2014-03-04 05:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 00:45 - 2014-03-04 05:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 00:45 - 2014-03-04 05:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 00:45 - 2014-03-04 05:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 00:45 - 2014-03-04 05:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 00:45 - 2014-03-04 05:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 00:45 - 2014-03-04 05:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 00:45 - 2014-03-04 05:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 00:45 - 2014-03-04 05:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 00:45 - 2014-03-04 05:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 00:45 - 2014-03-04 05:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 00:45 - 2014-03-04 05:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 00:45 - 2014-03-04 05:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 00:45 - 2014-03-04 05:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 00:45 - 2014-03-04 05:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 00:45 - 2014-03-04 05:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 00:45 - 2014-03-04 05:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-15 00:45 - 2014-03-04 05:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 00:45 - 2014-03-04 05:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 00:45 - 2014-03-04 05:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-15 00:45 - 2014-03-04 05:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 00:45 - 2014-03-04 05:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 00:45 - 2014-03-04 05:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-15 00:45 - 2014-03-04 05:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 00:45 - 2014-03-04 05:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 00:45 - 2014-03-04 05:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 00:45 - 2014-03-04 05:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 00:45 - 2014-03-04 05:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-15 00:45 - 2014-03-04 05:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-12 15:14 - 2014-05-12 15:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
 
==================== One Month Modified Files and Folders =======
 
2014-06-10 12:58 - 2014-06-10 12:57 - 00026521 _____ () C:\Users\Miz\Desktop\FRST.txt
2014-06-10 12:58 - 2014-06-10 12:57 - 00000000 ____D () C:\FRST
2014-06-10 12:58 - 2012-03-18 08:24 - 00000000 ____D () C:\Users\Miz\AppData\Local\Temp
2014-06-10 12:56 - 2013-11-02 18:36 - 00000000 ____D () C:\Users\Miz\AppData\Local\Battle.net
2014-06-10 12:44 - 2014-06-10 12:44 - 00131196 _____ () C:\Users\Miz\Desktop\OTL.Txt
2014-06-10 12:36 - 2014-05-22 18:07 - 00000000 ____D () C:\Program Files (x86)\Heroes of the Storm
2014-06-10 12:26 - 2012-03-16 11:49 - 00000000 ____D () C:\Users\Miz\AppData\Roaming\Skype
2014-06-10 12:24 - 2014-06-10 12:24 - 02080768 _____ (Farbar) C:\Users\Miz\Desktop\FRST64.exe
2014-06-10 12:16 - 2013-04-11 09:08 - 00004942 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Miz-PC-Miz Miz-PC
2014-06-10 12:11 - 2009-07-14 00:45 - 00017040 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-10 12:11 - 2009-07-14 00:45 - 00017040 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-10 12:09 - 2012-03-18 08:26 - 01626652 _____ () C:\Windows\WindowsUpdate.log
2014-06-10 12:06 - 2012-08-14 14:08 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1038818363-2529734610-2198295289-1000UA.job
2014-06-10 12:03 - 2012-09-09 11:44 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-10 12:03 - 2012-03-16 08:45 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-10 12:02 - 2013-08-26 04:18 - 00044655 _____ () C:\Windows\setupact.log
2014-06-10 12:02 - 2012-03-16 09:27 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-10 12:02 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-10 04:11 - 2014-06-10 01:52 - 00000000 ____D () C:\Users\Miz\AppData\Local\NVIDIA Corporation
2014-06-10 04:11 - 2012-03-16 09:27 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-06-10 04:02 - 2012-12-14 11:32 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-10 03:59 - 2012-03-16 08:45 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-10 03:54 - 2012-03-16 11:46 - 00000000 ____D () C:\Users\Miz\AppData\Roaming\uTorrent
2014-06-10 03:08 - 2012-03-16 14:25 - 00000000 ____D () C:\Users\Miz\AppData\Local\CrashDumps
2014-06-10 02:00 - 2012-03-20 12:35 - 00000000 ____D () C:\Users\Miz\AppData\Local\Adobe
2014-06-10 01:51 - 2014-06-10 01:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-06-10 01:51 - 2014-06-10 01:51 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-10 01:51 - 2012-03-16 09:27 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-10 01:51 - 2012-03-16 09:26 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-10 01:37 - 2014-06-10 01:37 - 00293952 _____ () C:\Windows\Minidump\061014-22495-01.dmp
2014-06-10 01:37 - 2014-02-18 02:20 - 1151842695 _____ () C:\Windows\MEMORY.DMP
2014-06-10 01:37 - 2012-05-21 05:44 - 00000000 ____D () C:\Windows\Minidump
2014-06-09 18:57 - 2012-03-25 10:16 - 00000000 ____D () C:\Users\Miz\AppData\Local\Firestorm
2014-06-08 20:08 - 2014-06-08 19:48 - 1554822306 _____ () C:\Users\Miz\Desktop\The Grand Budapest Hotel.mp4
2014-06-08 14:30 - 2014-06-08 14:30 - 00293984 _____ () C:\Windows\Minidump\060814-19999-01.dmp
2014-06-08 12:46 - 2014-06-08 12:46 - 00173976 _____ () C:\Users\Miz\Desktop\Extras.Txt
2014-06-08 12:27 - 2014-06-08 12:27 - 00602112 _____ (OldTimer Tools) C:\Users\Miz\Desktop\OTL.exe
2014-06-08 05:07 - 2012-03-16 11:46 - 00000000 ____D () C:\Users\Miz\AppData\Roaming\Mozilla
2014-06-08 05:06 - 2012-08-14 14:08 - 00000848 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1038818363-2529734610-2198295289-1000Core.job
2014-06-08 04:39 - 2014-04-30 18:49 - 00697256 _____ () C:\Windows\system32\perfh007.dat
2014-06-08 04:39 - 2014-04-30 18:49 - 00149224 _____ () C:\Windows\system32\perfc007.dat
2014-06-08 04:39 - 2009-07-14 01:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-07 18:59 - 2014-06-07 18:59 - 00291832 _____ () C:\Windows\Minidump\060714-17643-01.dmp
2014-06-07 18:55 - 2014-06-07 18:55 - 00293664 _____ () C:\Windows\Minidump\060714-17565-01.dmp
2014-06-07 18:53 - 2014-06-07 18:52 - 00290840 _____ () C:\Windows\Minidump\060714-21309-01.dmp
2014-06-07 18:51 - 2014-04-30 12:26 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-07 18:50 - 2014-06-07 18:49 - 00294016 _____ () C:\Windows\Minidump\060714-19656-01.dmp
2014-06-07 15:17 - 2013-01-26 17:34 - 00000186 _____ () C:\Users\Miz\Desktop\expenses.txt
2014-06-06 18:46 - 2014-06-02 15:46 - 00000000 ____D () C:\Users\Miz\Desktop\Comics
2014-06-05 18:02 - 2012-03-17 03:05 - 00000000 ____D () C:\Program Files (x86)\StarCraft II
2014-06-05 16:32 - 2014-06-05 16:32 - 00293984 _____ () C:\Windows\Minidump\060514-15428-01.dmp
2014-06-05 16:11 - 2012-09-16 03:11 - 00011571 _____ () C:\Windows\system32\lvcoinst.log
2014-06-05 16:03 - 2012-03-17 04:16 - 00000000 ____D () C:\Users\Miz\AppData\Roaming\vlc
2014-06-05 01:31 - 2014-06-05 01:31 - 00293976 _____ () C:\Windows\Minidump\060514-15412-01.dmp
2014-06-04 05:52 - 2014-06-04 05:52 - 00293224 _____ () C:\Windows\Minidump\060414-24991-01.dmp
2014-06-03 13:14 - 2014-06-03 13:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-03 13:14 - 2014-06-03 13:13 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-03 13:14 - 2014-06-03 13:13 - 00000000 ____D () C:\Program Files\iTunes
2014-06-03 13:14 - 2014-06-03 13:13 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-03 13:13 - 2014-06-03 13:13 - 00000000 ____D () C:\Program Files\iPod
2014-06-03 03:21 - 2014-06-03 03:21 - 00292056 _____ () C:\Windows\Minidump\060314-17643-01.dmp
2014-06-03 03:16 - 2009-07-14 01:08 - 00032654 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-03 03:14 - 2014-06-03 03:14 - 00291424 _____ () C:\Windows\Minidump\060314-16957-01.dmp
2014-06-03 03:12 - 2014-06-03 03:12 - 00292568 _____ () C:\Windows\Minidump\060314-19281-01.dmp
2014-06-03 03:09 - 2014-06-03 03:09 - 00291976 _____ () C:\Windows\Minidump\060314-20748-01.dmp
2014-06-03 03:07 - 2014-06-03 03:07 - 00294024 _____ () C:\Windows\Minidump\060314-19593-01.dmp
2014-06-03 02:04 - 2014-06-03 02:04 - 00294008 _____ () C:\Windows\Minidump\060314-19921-01.dmp
2014-06-03 02:01 - 2014-06-03 02:01 - 00292720 _____ () C:\Windows\Minidump\060314-18174-01.dmp
2014-06-01 14:59 - 2014-06-01 14:29 - 00000000 ____D () C:\Users\Miz\Desktop\Transistor OST
2014-06-01 14:16 - 2014-06-01 14:16 - 00000000 ____D () C:\Users\Miz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Black_Box
2014-05-30 13:42 - 2013-11-02 18:36 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-05-29 01:41 - 2014-05-29 01:34 - 00000000 ____D () C:\Users\Miz\AppData\Roaming\Mumble
2014-05-29 01:37 - 2014-05-29 01:37 - 00002378 _____ () C:\Users\Miz\Documents\MumbleAutomaticCertificateBackup.p12
2014-05-29 01:34 - 2014-05-29 01:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble
2014-05-29 01:34 - 2014-05-29 01:34 - 00000000 ____D () C:\Program Files (x86)\Mumble
2014-05-28 20:34 - 2014-05-28 20:34 - 00000000 ____D () C:\Users\Miz\AppData\Roaming\IDM
2014-05-28 20:34 - 2014-05-28 20:34 - 00000000 ____D () C:\ProgramData\IDM
2014-05-28 18:59 - 2012-03-16 08:45 - 00002146 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-28 12:29 - 2014-05-28 12:29 - 00000000 ____D () C:\Program Files\Bonjour
2014-05-28 12:29 - 2014-05-28 12:29 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-05-24 13:40 - 2013-08-26 04:18 - 00187308 _____ () C:\Windows\PFRO.log
2014-05-23 14:17 - 2012-03-24 04:53 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-05-23 14:15 - 2012-03-18 08:35 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-23 14:14 - 2012-11-08 06:23 - 00000000 ____D () C:\Users\Miz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Meteor Entertainment
2014-05-23 14:14 - 2012-09-28 01:02 - 00000000 ____D () C:\Program Files (x86)\MeteorEntertainment
2014-05-23 14:13 - 2013-12-07 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2014-05-23 01:20 - 2012-03-18 08:24 - 00000000 ____D () C:\Users\Miz
2014-05-22 22:02 - 2012-09-08 15:15 - 00000000 ____D () C:\Windows\pss
2014-05-22 22:02 - 2012-03-18 08:25 - 00000000 ___RD () C:\Users\Miz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-22 18:13 - 2014-05-22 18:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2014-05-22 13:05 - 2014-03-04 12:41 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-22 13:05 - 2012-03-16 11:46 - 00000000 ____D () C:\ProgramData\Skype
2014-05-21 18:22 - 2014-05-21 18:21 - 00000000 ____D () C:\Users\Miz\Documents\Heroes of the Storm
2014-05-21 18:21 - 2012-03-16 11:34 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-05-21 18:13 - 2014-03-16 14:09 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-05-21 18:13 - 2013-11-02 18:36 - 00000000 ____D () C:\Users\Miz\AppData\Roaming\Battle.net
2014-05-21 17:31 - 2012-04-11 02:56 - 00000165 _____ () C:\Users\Miz\Documents\Scott's Steam.txt
2014-05-21 04:12 - 2009-07-14 00:45 - 05060016 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-20 15:47 - 2012-03-17 02:25 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-05-20 15:08 - 2013-06-28 12:53 - 00000000 ____D () C:\Program Files (x86)\Firestorm-Release
2014-05-20 14:57 - 2014-05-20 14:57 - 00001169 _____ () C:\Users\Public\Desktop\Firestorm.lnk
2014-05-20 14:10 - 2014-05-20 13:37 - 00000000 ____D () C:\Users\Miz\AppData\Roaming\Yahoo!
2014-05-20 13:38 - 2012-03-16 09:32 - 00113568 _____ () C:\Users\Miz\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-20 13:37 - 2014-05-20 13:37 - 00000000 ____D () C:\ProgramData\Yahoo! Companion
2014-05-20 13:37 - 2014-05-20 13:37 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-05-20 13:37 - 2014-05-20 13:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
2014-05-20 13:37 - 2012-03-16 11:45 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-05-20 13:33 - 2013-09-04 13:22 - 00000000 ____D () C:\Program Files (x86)\Zenimax Online
2014-05-20 13:29 - 2013-11-06 16:58 - 00000000 ____D () C:\Program Files (x86)\Battlefield 4
2014-05-20 13:24 - 2013-02-11 18:37 - 00000000 ____D () C:\Program Files (x86)\Avid
2014-05-20 13:05 - 2012-03-17 03:39 - 00000000 ____D () C:\Program Files (x86)\Futuremark
2014-05-19 22:44 - 2014-06-10 01:48 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-19 22:44 - 2014-06-10 01:48 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-19 22:44 - 2014-06-10 01:48 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-19 22:44 - 2014-06-10 01:48 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-19 22:44 - 2014-06-10 01:48 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-05-19 22:44 - 2014-06-10 01:48 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-05-19 22:44 - 2014-06-10 01:48 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-19 22:44 - 2014-06-10 01:48 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-19 22:44 - 2014-06-10 01:48 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-19 22:44 - 2014-06-10 01:48 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-19 22:44 - 2014-06-10 01:48 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-19 22:44 - 2014-06-10 01:48 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-19 22:44 - 2014-06-10 01:48 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-19 22:44 - 2014-06-10 01:48 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-19 22:44 - 2014-06-10 01:48 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-19 22:44 - 2014-06-10 01:48 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-05-19 22:44 - 2014-06-10 01:48 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-05-19 22:44 - 2014-06-10 01:48 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-19 22:44 - 2014-06-10 01:48 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-19 22:44 - 2014-06-10 01:48 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-19 22:44 - 2014-06-10 01:48 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-19 22:44 - 2014-06-10 01:48 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-05-19 22:44 - 2014-06-10 01:48 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-05-19 22:44 - 2014-06-10 01:48 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-05-19 22:44 - 2014-06-10 01:48 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-05-19 22:44 - 2014-06-10 01:48 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-05-19 22:44 - 2014-06-10 01:48 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-05-19 22:44 - 2014-06-10 01:48 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-05-19 22:44 - 2012-08-03 05:38 - 02730208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-05-19 22:44 - 2012-03-16 09:27 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-05-19 22:44 - 2012-03-16 09:27 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-05-19 22:44 - 2012-03-16 09:27 - 03109248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-05-19 22:44 - 2012-03-16 09:27 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-05-19 22:44 - 2012-03-16 09:27 - 00952952 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-05-19 22:44 - 2012-03-16 09:27 - 00026069 _____ () C:\Windows\system32\nvinfo.pb
2014-05-19 21:25 - 2012-03-16 09:27 - 06769096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-05-19 21:25 - 2012-03-16 09:27 - 03514144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-05-19 21:25 - 2012-03-16 09:27 - 00927520 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-05-19 21:25 - 2012-03-16 09:27 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-05-19 21:25 - 2012-03-16 09:27 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-05-19 19:10 - 2014-06-10 01:50 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-05-16 15:47 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-05-16 12:04 - 2012-03-18 08:25 - 00000000 ___RD () C:\Users\Miz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 12:00 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-16 05:34 - 2014-04-30 12:58 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-16 05:32 - 2014-04-30 12:58 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-15 17:16 - 2012-05-15 00:23 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-05-15 12:41 - 2014-04-30 12:26 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-15 12:41 - 2014-04-30 12:26 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-15 12:41 - 2014-04-30 12:25 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-14 19:49 - 2012-03-16 09:27 - 03774821 _____ () C:\Windows\system32\nvcoproc.bin
2014-05-13 16:02 - 2012-12-14 11:32 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-13 16:02 - 2012-08-14 14:46 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-13 16:02 - 2012-03-16 11:47 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-13 12:17 - 2013-08-24 02:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 15:14 - 2014-05-12 15:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
 
Files to move or delete:
====================
C:\Users\Miz\Network_Meter_Data.js
 
 
Some content of TEMP:
====================
C:\Users\Miz\AppData\Local\Temp\ammemb.dll
C:\Users\Miz\AppData\Local\Temp\ammemb64.dll
C:\Users\Miz\AppData\Local\Temp\BRSVC_1109401_hlp.exe
C:\Users\Miz\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Miz\AppData\Local\Temp\nvStInst.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-06-09 17:41
 

 

==================== End Of Log ============================

  • 0

#7
GhostLoad
Posted 10 June 2014 - 11:01 AM

GhostLoad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 419 posts

Addition.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-06-2014
Ran by Miz at 2014-06-10 12:58:31
Running from C:\Users\Miz\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31139 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
a (HKLM-x32\...\e) (Version: t - s)
Actual Multiple Monitors 8.0 (HKLM-x32\...\Actual Multiple Monitors_is1) (Version: 8.0 - Actual Tools)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.1 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 1.02.03 - ASUSTeK Computer Inc.)
Altitude 1.1 (HKLM-x32\...\4578-0181-0549-1546) (Version: 1.1 - Nimbly Games)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ARCTIC SOUND P531 (HKLM\...\C-Media CM106 Like Sound Driver) (Version:  - )
Armagetron Advanced 0.2.8.3.2 (HKLM-x32\...\Armagetron Advanced) (Version: 0.2.8.3.2 - Armagetron Advanced Team)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.1.0 - Asmedia Technology)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version:  - dvd8n)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Combined Community Codec Pack 2011-11-11 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2011.11.11.0 - CCCP Project)
Convert Audio Free FLAC to MP3 version 1.0 (HKLM-x32\...\Convert Audio Free FLAC to MP3_is1) (Version: 1.0 - )
CPUID CPU-Z 1.60 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Dark Souls II (HKLM-x32\...\Dark Souls II_is1) (Version:  - Namco Bandai)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version:  - FromSoftware)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - )
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version:  - )
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Firestorm-Release (remove only) (HKLM-x32\...\Firestorm-Release) (Version: 4.6.5.40833 - The Phoenix Firestorm Project, Inc.)
Free Video Flip and Rotate version 2.1.6.128 (HKLM-x32\...\Free Video Flip and Rotate_is1) (Version: 2.1.6.128 - DVDVideoSoft Ltd.)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.0.0.0 - Futuremark Corporation)
GoldenEye: Source (HKLM-x32\...\GoldenEye: Source) (Version: 4.2 - Team GoldenEye: Source)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Guncraft (HKLM-x32\...\{A7A70E54-4678-4E66-A2BA-F135AAAB70A8}) (Version: 1.07.0.0 - Exato Game Studios)
Hawken (HKCU\...\Hawken) (Version:  - Meteor Entertainment)
HAWKEN (HKLM-x32\...\Steam App 271290) (Version:  - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Network Connections 15.6.25.0 (HKLM\...\PROSetDX) (Version: 15.6.25.0 - Intel)
Intel® Network Connections 15.6.25.0 (Version: 15.6.25.0 - Intel) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
jass-pub-2.3.8 (remove only) (HKLM-x32\...\jass-pub-2.3.8) (Version:  - )
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.210 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.58.2 - JMicron Technology Corp.)
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
License Support (HKLM-x32\...\InstallShield_{3165EA9B-36CC-499B-96FF-36FC30E10EF4}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
License Support (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
Logitech Gaming Software (Version: 8.20.74 - Logitech Inc.) Hidden
Logitech Gaming Software 8.20 (HKLM\...\Logitech Gaming Software) (Version: 8.20.74 - Logitech Inc.)
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
Magic Workstation 0.94f (HKLM-x32\...\Magic Workstation_is1) (Version:  - Magic Technology)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Groove MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Word MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MTG GamePack for Magic Workstation (HKLM-x32\...\MTG GamePack for Magic Workstation_is1) (Version:  - Magic Technology)
Mumble 1.2.6 (HKLM-x32\...\{461A5021-EE14-4E57-9A06-8ABCE9C38FE4}) (Version: 1.2.6 - Thorvald Natvig)
Nero Burning ROM 11 (HKLM-x32\...\{05A6B1CD-AA10-46A0-8D5C-6AD2A9EEFC8B}) (Version: 11.2.00400 - Nero AG)
Nero Burning ROM 11 (x32 Version: 11.2.10300.0.0 - Nero AG) Hidden
Nero Burning ROM 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero ControlCenter 11 (x32 Version: 11.0.12700.0.27 - Nero AG) Hidden
Nero ControlCenter 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero Core Components 11 (x32 Version: 11.0.16300.1.23 - Nero AG) Hidden
Nero RescueAgent 11 (x32 Version: 4.0.10600.10.100 - Nero AG) Hidden
Nero RescueAgent 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11500.28.0 - Nero AG) Hidden
nero.prerequisites.msi (x32 Version: 11.0.20010 - Nero AG) Hidden
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
NVIDIA 3D Vision Controller Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Control Panel 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.154.1168 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PdaNet for Android 3.50 (HKLM-x32\...\PdaNet_is1) (Version:  - June Fabrics Technology Inc)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PeerBlock 1.1 (r518) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.1.0.518 - PeerBlock, LLC)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Phoenix Viewer 1.6.0.1691 (HKLM-x32\...\{26DB09BC-6EB5-4CE0-A05D-D4DECE60E189}_is1) (Version:  - PhoenixViewer.com)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.3 - Power Software Ltd)
Quantum Conundrum Demo (HKLM-x32\...\Steam App 205700) (Version:  - )
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Radegast (HKLM-x32\...\Radegast) (Version:  - )
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.2.0-1.0.5185.0 - raidcall.com)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
Remote Control Server (HKLM-x32\...\{755C6515-9FEA-490C-B15E-22BB6519E57E}) (Version: 1.8.0.0 - Steppschuh)
Rogue Legacy (HKLM-x32\...\GOGPACKROGUELEGACY_is1) (Version: 2.1.0.9 - GOG.com)
Rosetta Stone Version 3 (HKLM-x32\...\{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}) (Version: 3.4.7.0 - Rosetta Stone Ltd.)
Scorched3D 43.3d (HKLM-x32\...\Scorched3D) (Version: 43.3d - Scorched)
Serious Sam: The First Encounter (HKLM-x32\...\{815050E5-F545-11D4-9569-004095812ACC}) (Version:  - )
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2107.0 - Hi-Rez Studios)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
Split/Second (HKLM-x32\...\{28526951-55EF-4901-A0CA-B9AC966D1DD1}) (Version: 1.00.0000 - Disney Interactive Studios)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.19617 - TeamViewer)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
Visual C++ 64-bit Redistributables (HKLM-x32\...\InstallShield_{FB03650C-B373-4B20-ACA5-B7BA1A8EEE33}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Visual C++ 64-bit Redistributables (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
Visual C++ Redistributables (HKLM-x32\...\InstallShield_{F03117FA-9270-46B0-9666-0B4BC2CDEBF5}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Visual C++ Redistributables (x32 Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Widevine Media Optimizer Chrome 6.0.0 (HKCU\...\optimizer_chrome) (Version: 6.0.0.12442 - Widevine Technologies)
Widevine Media Optimizer Chrome 6.0.0 (HKLM-x32\...\optimizer_chrome) (Version: 6.0.0.12442 - Widevine Technologies)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Xfire (remove only) (HKLM-x32\...\Xfire) (Version:  - )
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)
ZBrush 4 (HKLM-x32\...\InstallShield_{4BF62C05-3943-4ECB-B233-6E37E3FB5BCF}) (Version: 4.0 - Pixologic)
ZBrush 4 (x32 Version: 4.0 - Pixologic) Hidden
ZBrush 4R4 (HKLM-x32\...\ZBrush 4R4 4R4) (Version: 4R4 - Pixologic)
 
==================== Restore Points  =========================
 
03-06-2014 17:05:38 Windows Update
06-06-2014 18:46:24 Windows Update
10-06-2014 05:52:11 Installed DirectX
10-06-2014 16:08:29 Windows Update
 
==================== Hosts content: ==========================
 
2009-07-13 22:34 - 2013-03-26 08:36 - 00001026 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1                   practivate.adobe.com
127.0.0.1                   lmlicenses.wip4.adobe.com
127.0.0.1                   lm.licenses.adobe.com
 
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {04D1B5D7-8199-4989-9560-3BDAF0EC8071} - System32\Tasks\ASUS\ASUS DigiVRM Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe [2011-04-13] (ASUSTeK Computer Inc.)
Task: {1BC1064B-9385-4C38-A0A7-4C6EC41A2EAF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {1D53B560-DD0F-418B-A63B-073908C92434} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {2BD4629B-4A83-4D0C-81FE-95D4214EA8DD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2C6A7286-68B3-4761-A0D6-66AE43E4F9B8} - System32\Tasks\Core Temp Autostart Miz => C:\Program Files\Core Temp\Core Temp.exe
Task: {36889BFE-9046-45E3-B2AC-B206EEA67060} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-16] (Google Inc.)
Task: {42AEAFF4-0A2D-45F8-ABE2-5FAD803BC366} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-30] (AVAST Software)
Task: {4CF52559-AB37-4F0A-835B-6C2AB69A5FF8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1038818363-2529734610-2198295289-1000UA => C:\Users\Miz\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.)
Task: {5BA2AC12-FE19-4C32-835A-38A69CC5D1CF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-16] (Google Inc.)
Task: {64161521-FEE8-4D0A-94C4-94623E00A2C8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1038818363-2529734610-2198295289-1000Core => C:\Users\Miz\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.)
Task: {652FD5B3-6127-4457-83A4-7A9890469B72} - System32\Tasks\{044C14E6-9F25-48BD-8071-97A618879E2E} => Chrome.exe http://ui.skype.com/...;LastError=1618
Task: {7319FE75-2C02-4F0B-A731-09BA2F0BFF99} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {760651FA-23EE-4C90-A4C8-98A114E9BB17} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] ()
Task: {7CFCE21C-EAB3-44DF-BACF-B58C83433F2A} - System32\Tasks\AdobeAAMUpdater-1.0-Miz-PC-Miz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {86FD0441-1EB4-46D5-B5DE-CD65DB50C458} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-26] (ASUSTeK Computer Inc.)
Task: {A67AD9F1-0CBA-4DF8-B93F-C9CF7DA9ADD8} - System32\Tasks\ASUS\ASUS Mobilink Execute => C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\ASUS Mobilink.exe [2010-11-25] (ASUSTeK Computer Inc.)
Task: {AB582BEF-7DD7-4E9C-9A9F-B3412B92EBC1} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Miz-PC-Miz Miz-PC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {C11B0A7C-5382-4716-B65F-1ADD8B23368E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {D1CC5770-3874-4D7E-992A-198B1F7AB712} - System32\Tasks\PC Meter\Startup => C:\Users\Miz\Desktop\PCMeter\PCMeter.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1038818363-2529734610-2198295289-1000Core.job => C:\Users\Miz\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1038818363-2529734610-2198295289-1000UA.job => C:\Users\Miz\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-03-16 09:27 - 2014-05-19 21:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-06-13 04:36 - 2011-06-13 04:36 - 00922240 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
2010-12-01 22:15 - 2010-12-01 22:15 - 00915584 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
2012-03-18 08:35 - 2010-10-21 05:52 - 00586880 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
2012-10-01 20:36 - 2012-10-01 20:36 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-04-26 12:21 - 2012-02-17 20:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2014-06-09 16:46 - 2014-06-09 16:46 - 02775040 _____ () C:\Program Files\AVAST Software\Avast\defs\14060901\algo.dll
2014-06-10 12:02 - 2014-06-10 12:02 - 02775040 _____ () C:\Program Files\AVAST Software\Avast\defs\14061001\algo.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-03-18 08:34 - 2014-06-10 12:02 - 00025600 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.14\PEbiosinterface32.dll
2012-03-18 08:34 - 2010-06-28 22:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.14\ATKEX.dll
2014-05-21 16:39 - 2014-04-29 20:08 - 01135104 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-04-23 04:39 - 2014-04-29 20:08 - 00471552 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2014-05-21 16:39 - 2014-04-29 20:08 - 00404992 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-01-08 05:47 - 2014-04-29 20:08 - 00340992 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2013-03-12 17:10 - 2014-05-16 21:36 - 00756224 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-21 16:39 - 2014-05-29 13:37 - 02139840 _____ () C:\Program Files (x86)\Steam\video.dll
2014-05-21 16:39 - 2014-04-28 20:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2012-09-09 12:09 - 2014-05-29 13:36 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2012-09-09 12:09 - 2014-05-01 19:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-09-09 12:09 - 2013-06-14 19:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-09-09 12:09 - 2013-06-14 19:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-09-09 12:09 - 2013-06-14 19:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2014-05-20 13:37 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
2014-05-20 13:36 - 2012-05-25 04:25 - 00078336 _____ () C:\Program Files (x86)\Yahoo!\Messenger\pcre.dll
2012-03-16 08:40 - 2011-03-04 04:33 - 00053248 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2012-03-18 08:36 - 2010-11-25 15:12 - 00086016 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\AsNetlib.dll
2012-03-18 08:36 - 2010-11-25 15:12 - 00661504 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\aaHMLib.dll
2012-03-18 08:36 - 2010-11-25 15:12 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pngio.dll
2012-03-18 08:36 - 2010-11-25 15:12 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\ImageHelper.dll
2012-10-01 20:37 - 2012-10-01 20:37 - 06522480 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-04-30 12:25 - 2014-04-30 12:25 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-03-18 08:36 - 2010-11-25 03:12 - 00061440 ____R () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsMultiLang.dll
2012-03-18 08:36 - 2010-11-25 03:12 - 00661504 ____R () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\aaHMLib.dll
2012-03-18 08:36 - 2010-11-25 03:12 - 00703488 ____R () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\CpuFreq.dll
2012-03-18 08:36 - 2010-11-25 03:12 - 00114688 ____R () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AssistFunc.dll
2012-03-16 08:40 - 2009-05-21 10:14 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2012-03-18 08:34 - 2010-08-22 22:17 - 00662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMLib.dll
2012-03-18 08:35 - 2011-02-24 10:19 - 00143360 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2012-03-18 08:35 - 2010-06-21 15:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2012-03-18 08:35 - 2009-08-12 20:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2012-03-18 08:36 - 2011-02-09 09:02 - 00873472 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
2012-03-18 08:37 - 2010-10-15 17:40 - 01031680 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll
2012-03-18 08:35 - 2011-05-16 17:35 - 00965632 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2012-03-18 08:37 - 2011-01-19 21:23 - 01655296 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Bluetooth Go!\BluetoothGo.dll
2012-03-16 08:39 - 2010-12-01 12:33 - 01244672 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2012-03-16 08:39 - 2011-01-06 10:38 - 01027072 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2012-03-18 08:35 - 2011-05-20 09:12 - 00881152 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2012-03-18 08:35 - 2011-04-07 17:33 - 01607168 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2012-03-18 08:35 - 2011-01-07 16:39 - 01246208 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2012-03-18 08:35 - 2010-08-06 18:11 - 00850944 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2012-03-18 08:35 - 2010-08-06 18:13 - 00886272 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2012-03-18 08:35 - 2010-06-21 15:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\ImageHelper.dll
2014-05-23 00:10 - 2014-05-13 19:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-23 00:10 - 2014-05-13 19:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-23 00:10 - 2014-05-13 19:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-23 00:10 - 2014-05-13 19:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-23 00:10 - 2014-05-13 19:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2014-05-12 15:14 - 2014-05-12 15:14 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-05-13 16:02 - 2014-05-13 16:02 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
2014-05-23 00:10 - 2014-05-13 19:40 - 13695816 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll
2014-05-29 14:12 - 2014-05-29 14:12 - 26065408 _____ () C:\Program Files (x86)\Battle.net\Battle.net.4656\libcef.dll
2014-05-29 14:12 - 2014-05-29 14:12 - 00739840 _____ () C:\Program Files (x86)\Battle.net\Battle.net.4656\libglesv2.dll
2014-05-29 14:12 - 2014-05-29 14:12 - 00130048 _____ () C:\Program Files (x86)\Battle.net\Battle.net.4656\libegl.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\Users\Miz\Local Settings:AqCx4rHG3qfwuxRL8VGb5QwQ02
AlternateDataStreams: C:\Users\Miz\AppData\Local:AqCx4rHG3qfwuxRL8VGb5QwQ02
AlternateDataStreams: C:\Users\Miz\AppData\Local\Application Data:AqCx4rHG3qfwuxRL8VGb5QwQ02
AlternateDataStreams: C:\Users\Miz\AppData\Local\Iprk3ZKHP77hUS:N2cXZMUIPpdwyY3g97Too2
AlternateDataStreams: C:\Users\Miz\AppData\Local\Temporary Internet Files:7u0WhrXaHzIqGRTnCVUHU3ME
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== EXE Association (whitelisted) =============
 
 
==================== Disabled items from MSCONFIG ==============
 
MSCONFIG\startupfolder: C:^Users^Miz^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Core Temp.lnk => C:\Windows\pss\Core Temp.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Miz^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PdaNet Desktop.lnk => C:\Windows\pss\PdaNet Desktop.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Advanced SystemCare 6 => "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ASUS AiChargerPlus Execute => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
MSCONFIG\startupreg: ASUS ShellProcess Execute => C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: AVG_UI => "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
MSCONFIG\startupreg: Cm106Sound => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm106.dll,CMICtrlWnd
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EvtMgr6 => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
MSCONFIG\startupreg: Google Update => "C:\Users\Miz\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GoogleChromeAutoLaunch_D30BA0C625A5A2A6D1452AE610495547 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: JMB36X IDE Setup => C:\Windows\RaidTool\xInsIDE.exe
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RaidCall => C:\Program Files (x86)\RaidCall\raidcall.exe
MSCONFIG\startupreg: Remote Control Server => C:\Program Files (x86)\Remote Control Server\Remote Control Server.exe
MSCONFIG\startupreg: ROC_ROC_APR2013_AV => C:\Users\Miz\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid 014049c4a18547d0a6a5d16fc5d8e3d2-a0d6eb6e8b357088b298aee1fbe985bc07685bbf --CMPID ROC_APR2013_AV --CMPIDEXTRA 2013
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: Unified Remote v2 => C:\Program Files (x86)\Unified Remote\RemoteServer.exe
MSCONFIG\startupreg: uTorrent => "C:\Users\Miz\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
 
==================== Faulty Device Manager Devices =============
 
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/10/2014 03:08:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vlc.exe, version: 2.1.3.0, time stamp: 0x00000004
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x1d58
Faulting application start time: 0xvlc.exe0
Faulting application path: vlc.exe1
Faulting module path: vlc.exe2
Report Id: vlc.exe3
 
Error: (06/10/2014 01:48:19 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
 
Error: (06/09/2014 02:55:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Skype.exe, version: 6.16.0.105, time stamp: 0x536b4342
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000200
Faulting process id: 0x10d8
Faulting application start time: 0xSkype.exe0
Faulting application path: Skype.exe1
Faulting module path: Skype.exe2
Report Id: Skype.exe3
 
Error: (06/09/2014 00:21:22 PM) (Source: NVIDIA OpenGL Driver) (EventID: 1) (User: )
Description: The NVIDIA OpenGL driver detected a problem with the display
driver and is unable to continue. The application must close.
 
 
Error code: 3
Visit http://www.nvidia.co...ge/support.html for more information.
 
Error: (06/09/2014 00:21:21 PM) (Source: NVIDIA OpenGL Driver) (EventID: 1) (User: )
Description: The NVIDIA OpenGL driver detected a problem with the display
driver and is unable to continue. The application must close.
 
 
Error code: 3
Visit http://www.nvidia.co...ge/support.html for more information.
 
Error: (06/09/2014 11:59:31 AM) (Source: NVIDIA OpenGL Driver) (EventID: 1) (User: )
Description: The NVIDIA OpenGL driver detected a problem with the display
driver and is unable to continue. The application must close.
 
 
Error code: 3
Visit http://www.nvidia.co...ge/support.html for more information.
 
Error: (06/09/2014 11:59:31 AM) (Source: NVIDIA OpenGL Driver) (EventID: 1) (User: )
Description: The NVIDIA OpenGL driver detected a problem with the display
driver and is unable to continue. The application must close.
 
 
Error code: 3
Visit http://www.nvidia.co...ge/support.html for more information.
 
Error: (06/09/2014 08:53:29 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
 
Error: (06/08/2014 03:51:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_SSDPSRV, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000005
Fault offset: 0x0000000000053290
Faulting process id: 0x5a0
Faulting application start time: 0xsvchost.exe_SSDPSRV0
Faulting application path: svchost.exe_SSDPSRV1
Faulting module path: svchost.exe_SSDPSRV2
Report Id: svchost.exe_SSDPSRV3
 
Error: (06/08/2014 02:36:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_SysMain, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: sysmain.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c9db
Exception code: 0xc0000005
Fault offset: 0x0000000000004d13
Faulting process id: 0xc78
Faulting application start time: 0xsvchost.exe_SysMain0
Faulting application path: svchost.exe_SysMain1
Faulting module path: svchost.exe_SysMain2
Report Id: svchost.exe_SysMain3
 
 
System errors:
=============
Error: (06/10/2014 00:04:43 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535
 
Error: (06/10/2014 00:04:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535
 
Error: (06/10/2014 00:04:43 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535
 
Error: (06/10/2014 00:04:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535
 
Error: (06/10/2014 00:04:43 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
 
Error: (06/10/2014 00:04:43 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
 
Error: (06/10/2014 00:04:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535
 
Error: (06/10/2014 00:04:33 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535
 
Error: (06/10/2014 00:04:33 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
 
Error: (06/10/2014 04:54:58 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535
 
 
Microsoft Office Sessions:
=========================
Error: (06/10/2014 03:08:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.3.000000004ntdll.dll6.1.7601.18247521ea8e7c0000374000ce7531d5801cf847784271e48C:\Program Files (x86)\VideoLAN\VLC\vlc.exeC:\Windows\SysWOW64\ntdll.dll018d994f-f06e-11e3-9d22-c86000307b32
 
Error: (06/10/2014 01:48:19 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
 
Error: (06/09/2014 02:55:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Skype.exe6.16.0.105536b4342unknown0.0.0.000000000c00000050000020010d801cf83e08526edfeC:\Program Files (x86)\Skype\Phone\Skype.exeunknowna4416afa-f007-11e3-8721-c86000307b32
 
Error: (06/09/2014 00:21:22 PM) (Source: NVIDIA OpenGL Driver) (EventID: 1) (User: )
Description: The NVIDIA OpenGL driver detected a problem with the display
driver and is unable to continue. The application must close.
 
 
Error code: 3
Visit http://www.nvidia.co...ge/support.html for more information.
 
Error: (06/09/2014 00:21:21 PM) (Source: NVIDIA OpenGL Driver) (EventID: 1) (User: )
Description: The NVIDIA OpenGL driver detected a problem with the display
driver and is unable to continue. The application must close.
 
 
Error code: 3
Visit http://www.nvidia.co...ge/support.html for more information.
 
Error: (06/09/2014 11:59:31 AM) (Source: NVIDIA OpenGL Driver) (EventID: 1) (User: )
Description: The NVIDIA OpenGL driver detected a problem with the display
driver and is unable to continue. The application must close.
 
 
Error code: 3
Visit http://www.nvidia.co...ge/support.html for more information.
 
Error: (06/09/2014 11:59:31 AM) (Source: NVIDIA OpenGL Driver) (EventID: 1) (User: )
Description: The NVIDIA OpenGL driver detected a problem with the display
driver and is unable to continue. The application must close.
 
 
Error code: 3
Visit http://www.nvidia.co...ge/support.html for more information.
 
Error: (06/09/2014 08:53:29 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
 
Error: (06/08/2014 03:51:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_SSDPSRV6.1.7600.163854a5bc3c1ntdll.dll6.1.7601.18247521eaf24c000000500000000000532905a001cf8347e50378b2C:\Windows\system32\svchost.exeC:\Windows\SYSTEM32\ntdll.dll567482e6-ef46-11e3-a760-0026833c0a21
 
Error: (06/08/2014 02:36:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_SysMain6.1.7600.163854a5bc3c1sysmain.dll6.1.7601.175144ce7c9dbc00000050000000000004d13c7801cf8347c6eaafdcC:\Windows\system32\svchost.exec:\windows\system32\sysmain.dlld3ec8b18-ef3b-11e3-a760-0026833c0a21
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 42%
Total physical RAM: 16351.14 MB
Available physical RAM: 9393.34 MB
Total Pagefile: 32700.46 MB
Available Pagefile: 25086.62 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.41 GB) (Free:398.43 GB) NTFS
Drive d: () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: () (Fixed) (Total:931.41 GB) (Free:875.73 GB) NTFS
Drive l: (DIABLO II) (Removable) (Total:3.73 GB) (Free:0.37 GB) FAT32
Drive m: (Miz's 1TB) (Fixed) (Total:931.51 GB) (Free:43.73 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 90777CAD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 570EA1E3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
 
========================================================
Disk: 6 (MBR Code: Windows XP) (Size: 4 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=4 GB) - (Type=0B)
 
========================================================
Disk: 7 (Size: 932 GB) (Disk ID: 734C0652)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
 

 

==================== End Of Log ============================

  • 0

#8
Naathim
Posted 11 June 2014 - 03:15 AM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Hi :)
 
I need to check something first.
 
Please download MGADiag by Microsoft.

  • Run the tool by double clicking on the file. Press Continue when prompted
  • When it has finished, press Copy then Paste (Ctrl+V) this into your next post.

= = = = = = = = = = = = = = = = = = = =

 
Download CKScanner by askey127.
Save it to your desktop.

  • Double-click ckscanner.jpg (Right click and Run as administrator in Vista, 7 or 8).
  • Give permission if necessary, and click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify the file saved. Please run the program once only.
  • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

= = = = = = = = = = = = = = = = = = = =

 

Now in your next reply please include these ones for my review:
icon_arrow.gif MGADiag report
icon_arrow.gif CKScanner report

I don't mind multiple posts if necessary.

Cheers,
Naat :)


  • 0

#9
GhostLoad
Posted 11 June 2014 - 03:23 AM

GhostLoad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 419 posts

MGADiag Report

 

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
 
Validation Code: 0
Cached Online Validation Code: 0x0
Windows Product Key: *****-*****-Q6MMK-KYK6X-VKM6G
Windows Product Key Hash: 289NoAWl2ZoVfuieux/315WkDIc=
Windows Product ID: 00426-OEM-8992662-00173
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7601.2.00010100.1.0.001
ID: {39E5CB77-8341-4E2D-ADE3-F592E68B68E3}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Ultimate
Architecture: 0x00000009
Build lab: 7601.win7sp1_gdr.140303-2144
TTS Error: 
Validation Diagnostic: 
Resolution Status: N/A
 
Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
 
Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002
 
OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002
 
OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3
 
Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed
 
File Scan Data-->
 
Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{39E5CB77-8341-4E2D-ADE3-F592E68B68E3}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.001</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-VKM6G</PKey><PID>00426-OEM-8992662-00173</PID><PIDType>2</PIDType><SID>S-1-5-21-1038818363-2529734610-2198295289</SID><SYSTEM><Manufacturer>System manufacturer</Manufacturer><Model>System Product Name</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>3101</Version><SMBIOSVersion major="2" minor="6"/><Date>20120206000000.000000+000</Date></BIOS><HWID>BBCC3207018400FE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>_ASUS_</OEMID><OEMTableID>Notebook</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>  
 
Spsys.log Content: 0x80070002
 
Licensing Data-->
Software licensing service version: 6.1.7601.17514
 
Name: Windows® 7, Ultimate edition
Description: Windows Operating System - Windows® 7, OEM_SLP channel
Activation ID: 7cfd4696-69a9-4af7-af36-ff3d12b6b6c8
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00426-00178-926-600173-02-1033-7600.0000-2602012
Installation ID: 017024651660180266962863446351799513812246878644546111
Processor Certificate URL: http://go.microsoft....k/?LinkID=88338
Product Key Certificate URL: http://go.microsoft....k/?LinkID=88340
Partial Product Key: VKM6G
License Status: Licensed
Remaining Windows rearm count: 4
Trusted time: 6/11/2014 5:19:11 AM
 
Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: 0x00000000
HealthStatus: 0x0000000000000000
Event Time Stamp: 3:15:2014 17:00
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:
 
 
HWID Data-->
HWID Hash Current: NgAAAAIAAgABAAEAAAAEAAAAAgABAAEAHKKQkoFPdxZ86Rpd4EY+VbziBumfDREuExl8mS5z
 
OEM Activation 1.0 Data-->
N/A
 
OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20001
OEMID and OEMTableID Consistent: yes
BIOS Information: 
  ACPI Table Name OEMID Value OEMTableID Value
  APIC ALASKA A M I
  FACP ALASKA A M I
  HPET ALASKA A M I
  MCFG ALASKA A M I
  SSDT SataRe SataTabl
  SSDT SataRe SataTabl
  SSDT SataRe SataTabl
  BGRT ALASKA A M I
  SLIC _ASUS_ Notebook

  • 0

#10
GhostLoad
Posted 11 June 2014 - 03:23 AM

GhostLoad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 419 posts

CKScanner Report

 

CKScanner 2.4 - Additional Security Risks - These are not necessarily bad
c:\program files\adobe\adobe premiere pro cs6\plug-ins\en_us\vstplugins\decrackler1.dll
c:\program files\adobe\adobe premiere pro cs6\plug-ins\en_us\vstplugins\decrackler2.dll
c:\program files\adobe\adobe premiere pro cs6\plug-ins\en_us\vstplugins\decrackler6.dll
c:\program files\adobe\adobe premiere pro cs6\plug-ins\zh_cn\vstplugins\decrackler1.dll
c:\program files\adobe\adobe premiere pro cs6\plug-ins\zh_cn\vstplugins\decrackler2.dll
c:\program files\adobe\adobe premiere pro cs6\plug-ins\zh_cn\vstplugins\decrackler6.dll
c:\program files (x86)\adobe\adobe dreamweaver cs6\configuration\taglibraries\html\keygen.vtm
c:\program files (x86)\croteam\serious sam\help\modeler\headman\firecracker.tex
c:\program files (x86)\croteam\serious sam\help\modeler\headman\firecracker.tga
c:\program files (x86)\croteam\serious sam\help\modeler\headman\firecrackerhead.ini
c:\program files (x86)\croteam\serious sam\help\modeler\headman\firecrackerhead.mdl
c:\program files (x86)\croteam\serious sam\help\modeler\headman\firecrackerhead.tex
c:\program files (x86)\croteam\serious sam\help\modeler\headman\firecrackerhead.tga
c:\program files (x86)\croteam\serious sam\help\modeler\headman\projectile\firecracker.h
c:\program files (x86)\croteam\serious sam\help\modeler\headman\projectile\firecracker.ini
c:\program files (x86)\croteam\serious sam\help\modeler\headman\projectile\firecracker.lwo
c:\program files (x86)\croteam\serious sam\help\modeler\headman\projectile\firecracker.map
c:\program files (x86)\croteam\serious sam\help\modeler\headman\projectile\firecracker.mdl
c:\program files (x86)\croteam\serious sam\help\modeler\headman\projectile\firecracker.scr
c:\program files (x86)\croteam\serious sam\help\modeler\headman\projectile\firecracker.tbn
c:\program files (x86)\scorched3d\data\globalmods\awe\data\landscapes\texcrack.xml
c:\program files (x86)\steam\steamapps\sourcemods\gesource\materials\goldeneye\archives\decal_cracks01.vmt
c:\program files (x86)\steam\steamapps\sourcemods\gesource\materials\goldeneye\archives\decal_cracks01.vtf
c:\program files (x86)\steam\steamapps\sourcemods\gesource\materials\goldeneye\archives\decal_cracks02.vmt
c:\program files (x86)\steam\steamapps\sourcemods\gesource\materials\goldeneye\archives\decal_cracks02.vtf
c:\program files (x86)\steam\steamapps\sourcemods\gesource\materials\goldeneye\temple\crackedrock.vmt
c:\program files (x86)\steam\steamapps\sourcemods\gesource\materials\goldeneye\temple\crackedrock.vtf
c:\program files (x86)\steam\steamapps\sourcemods\gesource\materials\goldeneye\temple\crackedrock_normal.vtf
c:\program files (x86)\steam\steamapps\sourcemods\gesource\materials\goldeneyedecals\wall_crack01.vmt
c:\program files (x86)\steam\steamapps\sourcemods\gesource\materials\goldeneyedecals\wall_crack01.vtf
c:\program files (x86)\steam\steamapps\sourcemods\nmrih\materials\nmrih\decals\bu_cracks001.vmt
c:\program files (x86)\steam\steamapps\sourcemods\nmrih\materials\nmrih\decals\bu_cracks001.vtf
c:\program files (x86)\steam\steamapps\sourcemods\nmrih\materials\nmrih\decals\bu_cracks002.vmt
c:\program files (x86)\steam\steamapps\sourcemods\nmrih\materials\nmrih\decals\bu_cracks002.vtf
c:\users\miz\appdata\local\google\chrome\user data\default\local storage\https_www.icracked.com_0.localstorage
c:\users\miz\appdata\local\google\chrome\user data\default\local storage\https_www.icracked.com_0.localstorage-journal
c:\users\miz\appdata\local\google\chrome\user data\default\local storage\http_shop.icracked.com_0.localstorage
c:\users\miz\appdata\local\google\chrome\user data\default\local storage\http_shop.icracked.com_0.localstorage-journal
c:\users\miz\appdata\local\google\chrome\user data\default\local storage\http_www.cracked.com_0.localstorage
c:\users\miz\appdata\local\google\chrome\user data\default\local storage\http_www.cracked.com_0.localstorage-journal
c:\users\miz\appdata\roaming\firestorm\jinn_merit\crackers core.txt
c:\users\miz\appdata\roaming\secondlife\jinn_merit\crackers core.txt
c:\users\miz\appdata\roaming\utorrent\actual multiple monitors v8.0 multilingual incl crack - [spam].torrent
c:\users\miz\documents\lan games\no more room in [bleep] installation stuff\nmrih_beta_1.06_full\nmrih\materials\nmrih\decals\bu_cracks001.vmt
c:\users\miz\documents\lan games\no more room in [bleep] installation stuff\nmrih_beta_1.06_full\nmrih\materials\nmrih\decals\bu_cracks001.vtf
c:\users\miz\documents\lan games\no more room in [bleep] installation stuff\nmrih_beta_1.06_full\nmrih\materials\nmrih\decals\bu_cracks002.vmt
c:\users\miz\documents\lan games\no more room in [bleep] installation stuff\nmrih_beta_1.06_full\nmrih\materials\nmrih\decals\bu_cracks002.vtf
c:\users\miz\documents\lan games\soldat\maps\crackedboot.pms
c:\users\miz\documents\lan games\the ship\ship\materials\env\misc\decal_wallcrack01.vmt
c:\users\miz\documents\lan games\the ship\ship\materials\env\misc\decal_wallcrack01.vtf
c:\users\miz\documents\lan games\the ship\ship\materials\env\misc\decal_wallcrack02.vmt
c:\users\miz\documents\lan games\the ship\ship\materials\env\misc\decal_wallcrack02.vtf
c:\users\miz\documents\lan games\the ship\ship\materials\env\misc\decal_wallcrack03.vmt
c:\users\miz\documents\lan games\the ship\ship\materials\env\misc\decal_wallcrack03.vtf
c:\users\miz\music\complete albums\mastodon\crack the skye\desktop.ini
c:\users\miz\music\complete albums\mastodon\crack the skye\thumbs.db
hosts 127.0.0.1                   practivate.adobe.com
hosts 127.0.0.1                   lmlicenses.wip4.adobe.com
hosts 127.0.0.1                   lm.licenses.adobe.com
scanner sequence 3.ZZ.11.SIAPOZ

 

 ----- EOF ----- 

  • 0

Advertisements

#11
Naathim
Posted 11 June 2014 - 06:01 AM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Hi :)

While going through your logs, I've spotted signs of pirated software:
- adobe dreamweaver cs6
- actual multiple monitors v8.0

I'm sorry, but I need to remind you the GeeksToGo Terms of Use that you have agreed to abide, when becoming a member of this forum.

The posting of links or references to warez or any other type of illegal software is strictly forbidden. By doing so you risk having your user account terminated without warning. We will NOT help anyone we suspect of having obtained their software or services illegally.


This leads me to a conclusion, that all other help will be suspended. We won't support any piracy.

Alternatively, if you wish to continue with my assistance, you'll have to remove all pirated software from your machine.

Regards,
Naat


  • 0

#12
GhostLoad
Posted 11 June 2014 - 01:59 PM

GhostLoad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 419 posts

Okay I don't mind getting rid of CS6 & Multiple Monitors, if that means you'll still help out.


  • 0

#13
Naathim
Posted 12 June 2014 - 12:31 AM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Hi :)

After removing pirated software, please do the following:


Performing general FRST scan

Please re-run Farbar Recovery Scan Tool

  • Right click on 12579.gif to run as administrator (XP users click run after receipt of Windows Security Warning - Open File).
  • When the tool opens click Yes to disclaimer.
  • You will be presented with a window like below:

    FRSTconsole-2.jpg

  • Make sure that the Addition box is checked.
  • Press Scan button.
  • It will produce two logs called FRST.txt and Addition.txt in the same directory the tool is run from.
  • Please copy and paste them back here.

= = = = = = = = = = = = = = = = = = = =




Download CKScanner by askey127.
Save it to your desktop.

  • Double-click ckscanner.jpg (Right click and Run as administrator in Vista, 7 or 8).
  • Give permission if necessary, and click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify the file saved. Please run the program once only.
  • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

= = = = = = = = = = = = = = = = = = = =



Now in your next reply please include these ones for my review:
icon_arrow.gif FRST.txt from FRST
icon_arrow.gif Addition.txt from FRST
icon_arrow.gif CKScanner report

I don't mind multiple posts if necessary.

Cheers,
Naat :)


  • 0

#14
GhostLoad
Posted 12 June 2014 - 01:37 AM

GhostLoad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 419 posts

Could you first please help me get rid of the now-appearing files/folders that didn't show up before & the extensions on the ends of some files?  Thanks.


  • 0

#15
Naathim
Posted 12 June 2014 - 01:49 AM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Could you first please help me get rid of the now-appearing files/folders that didn't show up before & the extensions on the ends of some files?

 
What files/folders are you talking about?
About the extensions: It's absolutely normal, that our scanning tools reveal hidden extensions.
 
The logs I'm asking about will be a confirmation of pirated apps removal. I can't help you with anything until this part will be done.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP