This topic is locked
Pretty slow lately. Chrome takes forever to load, and then quite some time to open and load new tabs. I assume FF and IE are the same, but I never really use them...
Here are the OTL logs I just ran, if anyone has some insight into what they say, I'd be much obliged to get a translation!
OTL logfile created on: 9/16/2014 7:51:35 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = F:\downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.25 Gb Total Physical Memory | 1.70 Gb Available Physical Memory | 52.38% Memory free
6.50 Gb Paging File | 4.14 Gb Available in Paging File | 63.72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.00 Gb Total Space | 12.70 Gb Free Space | 9.34% Space Free | Partition Type: NTFS
Drive D: | 100.00 Mb Total Space | 70.34 Mb Free Space | 70.34% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive F: | 931.51 Gb Total Space | 467.23 Gb Free Space | 50.16% Space Free | Partition Type: NTFS
Computer Name: TARDIS2 | User Name: Steve | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Processes (SafeList) ==========
PRC - [2014/08/28 06:48:04 | 001,521,344 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\bin\steamwebhelper.exe
PRC - [2014/08/28 06:48:02 | 000,833,728 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
PRC - [2014/08/28 06:48:00 | 001,939,136 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2014/08/05 17:44:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\downloads\OTL.exe
PRC - [2014/06/25 19:58:55 | 000,040,240 | ---- | M] (White Sky, Inc.) -- C:\Program Files\Constant Guard Protection Suite\IDVaultSvc.exe
PRC - [2014/06/25 19:58:54 | 002,545,968 | ---- | M] (White Sky, Inc.) -- C:\Program Files\Constant Guard Protection Suite\IDVault.exe
PRC - [2014/05/12 07:24:34 | 006,970,168 | ---- | M] (Malwarebytes Corporation) -- F:\Program Files\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014/03/04 07:34:44 | 001,821,128 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2014/03/04 07:34:44 | 000,943,048 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2014/03/04 06:32:56 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014/02/05 04:32:47 | 002,234,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/02/05 04:32:34 | 001,593,632 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014/02/05 04:32:31 | 015,904,544 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
PRC - [2013/10/18 16:16:11 | 000,264,360 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\21.1.0.18\N360.exe
PRC - [2013/10/01 19:09:06 | 000,928,136 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\wfcrun32.exe
PRC - [2013/10/01 19:08:24 | 000,153,992 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\redirector.exe
PRC - [2013/10/01 19:08:04 | 000,395,656 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\concentr.exe
PRC - [2013/10/01 15:29:04 | 001,505,608 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\Receiver\Receiver.exe
PRC - [2013/09/26 16:11:04 | 003,070,344 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\AuthManager\AuthManSvr.exe
PRC - [2013/08/09 13:53:42 | 000,054,152 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\SelfServicePlugin\SelfServicePlugin.exe
PRC - [2013/08/01 19:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012/11/22 21:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011/10/22 11:16:38 | 000,273,688 | ---- | M] (http://tortoisesvn.net) -- F:\Program Files\TortoiseSVN\bin\TSVNCache.exe
PRC - [2010/11/20 07:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/07/24 02:51:16 | 004,334,272 | ---- | M] (Almico Software (www.almico.com)) -- C:\Program Files\SpeedFan\speedfan.exe
========== Modules (No Company Name) ==========
MOD - [2014/09/06 00:22:37 | 000,192,512 | ---- | M] () -- C:\Users\Steve\AppData\Local\Temp\sfamcc00001.dll
MOD - [2014/09/06 00:22:37 | 000,172,032 | ---- | M] () -- C:\Users\Steve\AppData\Local\Temp\sfareca00001.dll
MOD - [2014/08/28 06:48:14 | 002,224,320 | ---- | M] () -- C:\Program Files\Steam\video.dll
MOD - [2014/08/28 06:48:02 | 000,678,080 | ---- | M] () -- C:\Program Files\Steam\bin\chromehtml.dll
MOD - [2014/08/21 13:15:22 | 001,171,456 | ---- | M] () -- C:\Program Files\Steam\libavcodec-56.dll
MOD - [2014/08/21 13:15:22 | 000,485,888 | ---- | M] () -- C:\Program Files\Steam\libswscale-3.dll
MOD - [2014/08/21 13:15:22 | 000,442,368 | ---- | M] () -- C:\Program Files\Steam\libavutil-54.dll
MOD - [2014/08/21 13:15:22 | 000,403,968 | ---- | M] () -- C:\Program Files\Steam\libavformat-56.dll
MOD - [2014/08/21 13:15:22 | 000,332,800 | ---- | M] () -- C:\Program Files\Steam\libavresample-2.dll
MOD - [2014/08/20 17:38:18 | 034,589,376 | ---- | M] () -- C:\Program Files\Steam\bin\libcef.dll
MOD - [2014/08/20 17:38:18 | 000,837,824 | ---- | M] () -- C:\Program Files\Steam\bin\ffmpegsumo.dll
MOD - [2014/08/20 17:38:12 | 000,774,656 | ---- | M] () -- C:\Program Files\Steam\SDL2.dll
MOD - [2014/06/25 19:59:06 | 000,548,488 | ---- | M] () -- C:\Program Files\Constant Guard Protection Suite\sqlite3.dll
MOD - [2014/06/09 23:40:00 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014/06/09 23:39:51 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014/06/09 23:39:24 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014/06/09 23:39:06 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2014/06/09 22:53:00 | 001,227,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\c5467c14a272823a357b6ea7aec19572\System.WorkflowServices.ni.dll
MOD - [2014/06/09 22:52:36 | 000,369,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\ebbdeb2224cf7f8b4aa7d039516d17bd\System.ServiceModel.Routing.ni.dll
MOD - [2014/06/09 22:52:35 | 001,142,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\5a8617e2c334fde080fbdc73c05fd8b6\System.ServiceModel.Discovery.ni.dll
MOD - [2014/06/09 22:52:34 | 000,082,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\7401d47e8eef61dd2770777964c4e481\System.ServiceModel.Channels.ni.dll
MOD - [2014/06/09 22:52:24 | 001,089,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\f67a10b051726dcc0d15c9a0c8668a60\System.ServiceModel.Web.ni.dll
MOD - [2014/06/09 22:51:13 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\360603d8efa82557e7fce70287cb242e\WindowsFormsIntegration.ni.dll
MOD - [2014/06/09 22:51:11 | 000,121,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inte#\119bf9852b1e3d584c924b2071c61891\System.Windows.Interactivity.ni.dll
MOD - [2014/06/09 22:51:03 | 001,394,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\927a0770a75cedf18eeb9a6dbbe54afd\System.ServiceModel.Activities.ni.dll
MOD - [2014/06/09 22:51:00 | 001,079,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\6769297ceb522c4fe6de2c5e3575812d\System.IdentityModel.ni.dll
MOD - [2014/06/09 22:50:59 | 018,109,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\a95ac0b02617b9dadbc5f625586b2aac\System.ServiceModel.ni.dll
MOD - [2014/06/09 22:50:46 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Practices#\373e63f1856d05d5e083f4da67e5f251\Microsoft.Practices.ServiceLocation.ni.dll
MOD - [2014/06/09 22:50:44 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\7612d2ecdf9c6beedc264e9390e97b0f\System.Management.ni.dll
MOD - [2014/06/09 22:50:32 | 000,096,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\5bce8f20c40a761f9d863216fef8f3ce\UIAutomationProvider.ni.dll
MOD - [2014/06/09 22:50:31 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\2e3fdae8546832614633495638bef8d0\System.ServiceProcess.ni.dll
MOD - [2014/06/09 22:50:26 | 001,926,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\3f0c8a7233cdd1741c75978c900ed398\System.Web.Services.ni.dll
MOD - [2014/06/09 22:50:24 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d116eda30a35c490e59221b0ebac6fcd\System.Xaml.ni.dll
MOD - [2014/06/09 22:50:15 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\cd626ecab8e1657628451408aba720cd\System.Runtime.DurableInstancing.ni.dll
MOD - [2014/06/09 22:50:15 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\88aec4231adca9f5a4226c83911c4dad\SMDiagnostics.ni.dll
MOD - [2014/06/09 22:50:14 | 002,659,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\be0a1bb51a0d8fb41140c8111ed56d19\System.Runtime.Serialization.ni.dll
MOD - [2014/06/09 22:50:13 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\c74e45d841d46ea6a7c203f6f864f555\System.Xml.Linq.ni.dll
MOD - [2014/06/09 22:48:24 | 018,003,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\880358291baf3043e07b2a7c2f401c85\PresentationFramework.ni.dll
MOD - [2014/06/09 22:48:13 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\db591e35967527b7b864124303dea13a\PresentationCore.ni.dll
MOD - [2014/06/09 22:48:10 | 006,817,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\2c4f9ef6baacb578ab136a5b30ada098\System.Data.ni.dll
MOD - [2014/06/09 22:48:08 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\2781e84862746a34f026d0ee179eed2b\System.Windows.Forms.ni.dll
MOD - [2014/06/09 22:48:06 | 007,070,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\354a5906fd46f4374f86916debf3ebcb\System.Core.ni.dll
MOD - [2014/06/09 22:48:06 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\dc74ab189aa9b156581a7228866d3330\WindowsBase.ni.dll
MOD - [2014/06/09 22:48:05 | 005,628,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\850fa7110c7423c324762c1ad3130219\System.Xml.ni.dll
MOD - [2014/06/09 22:48:03 | 001,014,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\991c4e11f571a4074b9c4a5841222338\System.Configuration.ni.dll
MOD - [2014/06/09 22:48:02 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\243ff1822abc8282cb8fee37538170b4\System.Drawing.ni.dll
MOD - [2014/06/09 22:48:02 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\4bfb0decf7cfe076020f64ee6dd007cc\PresentationFramework.Aero.ni.dll
MOD - [2014/06/09 22:48:01 | 009,099,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\4c906eb82e6f56aea01b2a7291fab7ea\System.ni.dll
MOD - [2014/06/09 22:39:48 | 000,145,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\8fa7f2d6cc4122c7102a02586074a183\System.Numerics.ni.dll
MOD - [2014/06/09 22:39:47 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\4e62d1d9b7dd2c2d14915abb73c22d50\mscorlib.ni.dll
MOD - [2012/06/18 10:24:30 | 000,260,096 | ---- | M] () -- F:\Program Files\Notepad++\NppShell_05.dll
MOD - [2011/10/22 11:16:18 | 000,070,424 | ---- | M] () -- F:\Program Files\TortoiseSVN\bin\libsasl32.dll
MOD - [2010/12/11 00:01:27 | 000,139,264 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
========== Services (SafeList) ==========
SRV - [2014/09/10 13:30:14 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/08/28 06:48:02 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/08/04 23:18:09 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/06/25 19:58:55 | 000,040,240 | ---- | M] (White Sky, Inc.) [Auto | Running] -- C:\Program Files\Constant Guard Protection Suite\IDVaultSvc.exe -- (IDVaultSvc)
SRV - [2014/06/09 22:17:39 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014/03/04 06:32:56 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014/02/05 04:32:34 | 001,593,632 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014/02/05 04:32:31 | 015,904,544 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV - [2014/01/22 12:44:22 | 007,393,280 | ---- | M] (LeapFrog Enterprises, Inc.) [Disabled | Stopped] -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/10/18 16:16:11 | 000,264,360 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Security Suite\Engine\21.1.0.18\N360.exe -- (N360)
SRV - [2013/05/26 23:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/11/08 14:50:00 | 004,321,976 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2010/10/01 12:41:34 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\CDriver.sys -- (MSICDSetup)
DRV - [2014/09/06 01:15:03 | 000,110,296 | ---- | M] (Malwarebytes Corporation) [Unknown (-1) | Unknown (-1) | Unknown] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - [2014/07/25 08:11:13 | 000,080,104 | ---- | M] (Zemana Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\AntiLog32.sys -- (AntiLog32)
DRV - [2014/03/20 23:03:40 | 010,523,480 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2014/01/20 19:08:01 | 000,394,456 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20140227.001\IDSvix86.sys -- (IDSVix86)
DRV - [2013/12/27 13:42:24 | 000,034,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvvad32v.sys -- (nvvad_WaveExtensible)
DRV - [2013/12/17 19:32:11 | 001,098,968 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2013/12/01 23:23:31 | 000,142,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2013/12/01 11:37:25 | 001,612,376 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140228.008\NAVEX15.SYS -- (NAVEX15)
DRV - [2013/12/01 11:37:25 | 000,376,920 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2013/12/01 11:37:25 | 000,108,120 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/12/01 11:37:25 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140228.008\NAVENG.SYS -- (NAVENG)
DRV - [2013/10/01 19:42:31 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2013/09/26 22:18:30 | 000,935,512 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\N360\1501000.012\SymEFA.sys -- (SymEFA)
DRV - [2013/09/26 21:45:56 | 000,206,936 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1501000.012\Ironx86.sys -- (SymIRON)
DRV - [2013/09/26 21:26:03 | 000,651,352 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\N360\1501000.012\srtsp.sys -- (SRTSP)
DRV - [2013/09/25 22:28:00 | 000,446,552 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1501000.012\symnets.sys -- (SymNetS)
DRV - [2013/09/25 21:50:25 | 000,127,064 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1501000.012\ccSetx86.sys -- (ccSet_N360)
DRV - [2013/09/24 07:10:34 | 000,070,440 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\ctxusbm.sys -- (ctxusbm)
DRV - [2013/09/09 21:47:26 | 000,367,704 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\N360\1501000.012\SymDS.sys -- (SymDS)
DRV - [2013/09/09 20:49:48 | 000,032,344 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1501000.012\srtspx.sys -- (SRTSPX)
DRV - [2013/06/21 17:38:26 | 000,042,592 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\libusb0.sys -- (libusb0)
DRV - [2012/08/23 09:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 07:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 07:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 07:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 04:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 04:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 04:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/07/29 05:22:12 | 000,023,920 | ---- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\povrtdev.sys -- (msvad_simple)
DRV - [2010/01/22 12:21:48 | 000,139,648 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV - [2010/01/22 12:21:46 | 000,059,904 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub)
DRV - [2010/01/20 15:18:26 | 000,033,792 | ---- | M] (Belcarra Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btblan.sys -- (Leapfrog-USBLAN)
DRV - [2009/12/22 02:26:36 | 000,030,392 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2009/07/13 18:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009/05/04 20:00:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2006/10/01 07:37:02 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tap0801.sys -- (tap0801)
DRV - [2006/09/24 08:28:46 | 000,005,248 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\System32\speedfan.sys -- (speedfan)
DRV - [2005/01/04 04:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\npptNT2.sys -- (NPPTNT2)
DRV - [1996/04/03 14:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\giveio.sys -- (giveio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = F:\pictures\KKC\2012\summer 2012
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B8 A5 E6 BC B8 84 CB 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {DFA28EC9-F135-4F31-8BA0-F3706994FDF2}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{3391463D-4DEC-471F-8C20-296C0C37428A}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://search.xfinit...q={searchTerms}
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...}&o=15527&l=dis
IE - HKCU\..\SearchScopes\{DFA28EC9-F135-4F31-8BA0-F3706994FDF2}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{E09B6C57-6D71-4A45-A3CA-6E6B7467FB4E}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Yahoo!"
FF - prefs.js..browser.search.order.1: "Xfinity.com Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=994519"
FF - prefs.js..browser.search.selectedEngine: "Yahoo!"
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledAddons: csharpformatters%40seleniumhq.org:2.4.0
FF - prefs.js..extensions.enabledAddons: javaformatters%40seleniumhq.org:2.4.0
FF - prefs.js..extensions.enabledAddons: pythonformatters%40seleniumhq.org:2.4.0
FF - prefs.js..extensions.enabledAddons: rubyformatters%40seleniumhq.org:2.4.0
FF - prefs.js..extensions.enabledAddons: %7Ba6fd85ed-e919-4a43-a5af-8da18bda539f%7D:2.4.0
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.15
FF - prefs.js..extensions.enabledAddons: %7B81BF1D23-5F17-408D-AC6B-BD6DF7CAF670%7D:8.8.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - prefs.js..keyword.URL: "http://search.yahoo....type=994519&p="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Citrix.com/npican: C:\Program Files\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Steve\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Steve\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Steve\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Steve\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Steve\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/03/26 13:24:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/03/26 13:24:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013/12/01 23:26:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [2014/09/06 00:24:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014/08/04 23:18:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/08/04 23:18:04 | 000,000,000 | ---D | M]
[2012/03/03 18:11:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Extensions
[2014/09/16 16:00:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\p7xysq06.default\extensions
[2014/08/22 22:52:16 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\p7xysq06.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2014/09/16 16:00:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\p7xysq06.default\extensions\staged
[2013/09/25 21:16:23 | 000,007,893 | ---- | M] () (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\p7xysq06.default\extensions\[email protected]
[2014/05/18 23:00:34 | 002,298,147 | ---- | M] () (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\p7xysq06.default\extensions\[email protected]
[2013/09/25 21:16:23 | 000,014,127 | ---- | M] () (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\p7xysq06.default\extensions\[email protected]
[2013/09/25 21:16:23 | 000,007,756 | ---- | M] () (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\p7xysq06.default\extensions\[email protected]
[2013/09/25 21:16:23 | 000,014,202 | ---- | M] () (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\p7xysq06.default\extensions\[email protected]
[2013/09/25 21:16:23 | 000,720,667 | ---- | M] () (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\p7xysq06.default\extensions\{a6fd85ed-e919-4a43-a5af-8da18bda539f}.xpi
[2014/08/04 21:50:47 | 000,287,566 | ---- | M] () (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\p7xysq06.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2014/09/16 16:00:38 | 000,300,373 | ---- | M] () (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\p7xysq06.default\extensions\staged\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013/12/01 23:04:31 | 000,000,905 | ---- | M] () -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\p7xysq06.default\searchplugins\yahoo_ff.xml
[2014/08/04 23:18:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/08/04 23:18:11 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.facebook.com/
CHR - plugin: Error reading preferences file
CHR - Extension: Angry Birds = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Google Docs = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: Web Developer = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm\0.4.6_0\
CHR - Extension: YouTube = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: DivX HiQ = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_1\
CHR - Extension: AdBlock = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.13_0\
CHR - Extension: Fiddler = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkknfnifmbannmgkdliadghepbneplka\1.0.2_0\
CHR - Extension: Norton Security Toolbar = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.7.6.17_0\
CHR - Extension: Google Wallet = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo> = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_1\
CHR - Extension: Hover Zoom = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl\5.4_0\
CHR - Extension: Gmail = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2009/06/10 16:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\21.1.0.18\IPS\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Constant Guard Protection Suite) - {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.14.625.1\NativeBHO.dll (WhiteSky)
O2 - BHO: (Updater For XFIN_PORTAL) - {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files\xfin_portal\auxi\comcastAu.dll File not found
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [NWEReboot] File not found
O4 - HKLM..\Run: [Redirector] C:\Program Files\Citrix\ICA Client\redirector.exe (Citrix Systems, Inc.)
O4 - Startup: C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2014/05/22 12:30:00 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\speedfan.exe - Shortcut.lnk = C:\Program Files\SpeedFan\speedfan.exe (Almico Software (www.almico.com))
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LocalAccountTokenFilterPolicy = 1
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: capella.edu ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: capella.edu ([remote] https in Trusted sites)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {B6648EB8-2460-484F-9255-9654454C4C70} https://ouvpn.us.ora...lhost/arr_x.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_51)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_51)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.76.76 75.75.75.75
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C05DA27B-8FBB-4A35-B19C-16A101CC7850}: DhcpNameServer = 75.75.76.76 75.75.75.75
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C05DA27B-8FBB-4A35-B19C-16A101CC7850}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\AutorunsDisabled - No CLSID value found
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (msoidssp) - C:\Windows\System32\msoidssp.dll (Microsoft Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/06/12 16:36:57 | 000,000,067 | ---- | M] () - F:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 60 Days ==========
[2014/09/16 15:59:06 | 000,000,000 | ---D | C] -- C:\Users\Steve\Desktop\to sell
[2014/09/07 12:19:06 | 000,000,000 | ---D | C] -- C:\Users\Steve\Desktop\xavier's project
[2014/08/22 23:30:54 | 000,110,296 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/08/22 23:30:38 | 000,074,456 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/08/22 23:30:38 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2014/08/22 23:30:38 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/08/20 22:04:13 | 002,425,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2014/08/20 22:04:13 | 000,045,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2014/08/20 22:04:01 | 000,581,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2014/08/20 22:04:01 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2014/08/20 22:04:01 | 000,036,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2014/08/20 22:03:33 | 000,179,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2014/08/20 22:03:33 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2014/08/04 23:18:02 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/07/19 22:17:56 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/02/24 23:28:02 | 000,910,112 | ---- | C] (Sun Microsystems, Inc.) -- C:\Users\Steve\chromeinstall-6u31.exe
[2011/12/20 00:48:19 | 003,147,344 | ---- | C] (Macroplant, LLC ) -- C:\Users\Steve\iExplorer_Setup.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 60 Days ==========
[2014/09/16 19:30:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/09/16 19:14:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-941433700-1991241529-1048206134-1000UA.job
[2014/09/16 19:11:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/09/16 17:09:15 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/09/16 17:09:15 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/09/16 13:14:01 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-941433700-1991241529-1048206134-1000Core.job
[2014/09/15 22:11:02 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/09/10 13:30:13 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/09/10 13:30:13 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/09/06 00:21:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/09/06 00:21:24 | 2616,598,528 | -HS- | M] () -- C:\hiberfil.sys
[2014/08/24 15:16:23 | 000,660,068 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/08/24 15:16:23 | 000,120,996 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/08/20 22:17:02 | 003,518,946 | ---- | M] () -- C:\Users\Steve\Desktop\project_0056_micro_crossbow.pdf
[2014/08/06 19:46:24 | 000,095,781 | ---- | M] () -- C:\Users\Steve\Desktop\539578_10151098896225775_1377274395_n.jpg
[2014/08/04 15:55:07 | 000,061,946 | ---- | M] () -- C:\Users\Steve\Desktop\4207860063183020.pdf
[2014/08/04 15:54:45 | 000,061,949 | ---- | M] () -- C:\Users\Steve\Desktop\4207858495257697.pdf
[2014/08/03 08:09:15 | 000,218,785 | ---- | M] () -- C:\Users\Steve\Desktop\Minnesota United FC vs. FC Edmonton_1.pdf
[2014/07/25 08:11:13 | 000,080,104 | ---- | M] (Zemana Ltd.) -- C:\Windows\System32\drivers\AntiLog32.sys
[2014/07/25 08:11:09 | 000,002,153 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Constant Guard.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/08/20 22:16:29 | 003,518,946 | ---- | C] () -- C:\Users\Steve\Desktop\project_0056_micro_crossbow.pdf
[2014/08/14 19:09:18 | 000,001,222 | ---- | C] () -- C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer 8.lnk
[2014/08/06 19:46:17 | 000,095,781 | ---- | C] () -- C:\Users\Steve\Desktop\539578_10151098896225775_1377274395_n.jpg
[2014/08/04 15:55:07 | 000,061,946 | ---- | C] () -- C:\Users\Steve\Desktop\4207860063183020.pdf
[2014/08/04 15:54:39 | 000,061,949 | ---- | C] () -- C:\Users\Steve\Desktop\4207858495257697.pdf
[2014/08/03 08:08:55 | 000,218,785 | ---- | C] () -- C:\Users\Steve\Desktop\Minnesota United FC vs. FC Edmonton_1.pdf
[2012/09/23 13:57:35 | 000,016,766 | ---- | C] () -- C:\Users\Steve\AppData\Local\recently-used.xbel
[2011/10/28 22:57:27 | 015,254,016 | ---- | C] () -- C:\Users\Steve\mumble-1.2.3.msi
[2011/07/18 20:19:07 | 000,038,651 | ---- | C] () -- C:\Users\Steve\AppData\Roaming\UserTile.png
[2011/05/18 20:49:52 | 000,001,940 | ---- | C] () -- C:\Users\Steve\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/03/21 05:54:57 | 000,003,584 | ---- | C] () -- C:\Users\Steve\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/10 22:31:43 | 000,000,502 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/10/04 01:24:38 | 000,000,017 | ---- | C] () -- C:\Users\Steve\AppData\Local\resmon.resmoncfg
========== ZeroAccess Check ==========
[2009/07/13 23:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 21:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 20:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Alternate Data Streams ==========
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1
< End of report >
Here is the extras.txt if that helps too:
OTL Extras logfile created on: 9/16/2014 7:51:35 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = F:\downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.25 Gb Total Physical Memory | 1.70 Gb Available Physical Memory | 52.38% Memory free
6.50 Gb Paging File | 4.14 Gb Available in Paging File | 63.72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.00 Gb Total Space | 12.70 Gb Free Space | 9.34% Space Free | Partition Type: NTFS
Drive D: | 100.00 Mb Total Space | 70.34 Mb Free Space | 70.34% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive F: | 931.51 Gb Total Space | 467.23 Gb Free Space | 50.16% Space Free | Partition Type: NTFS
Computer Name: TARDIS2 | User Name: Steve | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{046EC94D-11BE-41B7-80F8-BB1E0654E1CF}" = lport=10244 | protocol=6 | dir=in | app=system |
"{05CFACB9-0E08-451D-BB70-E8CB9656603D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0AFE2082-5B2B-408A-9F54-0EEF9D3F4C3D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0B9DDEFA-9648-44C3-B4D1-57EB51DDCE5A}" = rport=138 | protocol=17 | dir=out | app=system |
"{137E3AEE-FEAB-4E87-BE29-79C96B1F8CF5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{18544DE0-764C-4008-AF91-93B669B22C1B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{1F2981CE-FE42-4D60-A7A0-15D42DF729E6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{230B94E3-45DB-4CB6-988A-C02A1D2F73C2}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{237BB78B-4811-4F9D-88BF-266B85613012}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{282625FB-BAAA-4A8B-850A-E5A09795EC34}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2B62DF31-5F5E-4A62-92CB-0689FF3BC30D}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=c:\windows\system32\svchost.exe |
"{2CCE3003-A997-471D-860F-C29D0D4DC3C3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{39B17F7C-6B6C-49C2-BF76-07EA3C48CDC5}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{3C525108-4EE2-47B0-941A-B8373060D230}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{3E1FF052-0DF7-4488-8754-6028834A3820}" = lport=137 | protocol=17 | dir=in | app=system |
"{3F3B0B65-C71C-481E-A22B-076CDDEB1D2B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{417C2FF6-7B9B-47E8-91C6-C1D5EC5D9CD4}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{46C678A0-3732-406D-BF3D-974CC2F8529E}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{48E8D8C2-29ED-4CA3-99C4-A3997D5C1597}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{48F7A2A9-8890-43C2-A1B8-623D0386A10A}" = lport=7777 | protocol=17 | dir=in | app=c:\windows\ehome\ehshell.exe |
"{4B8A3A36-FFC3-4DF4-8E8E-EA98F65A878A}" = rport=139 | protocol=6 | dir=out | app=system |
"{4DEDC74A-56D6-4783-AA90-2055FEE8A327}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{5416417C-999C-41A8-B118-775AD5D2AF42}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{58966776-C369-4601-AC75-2C0402D83B8C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5A795AA8-0F6A-438B-9D1D-845263FFEDBB}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{5FDB26C0-432B-459D-8338-A9F8189A488A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{61372515-2066-4B0C-9097-E9AC51AEA435}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{62D6F30F-6E29-41EC-AF4B-571866680E2F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6A2E4204-4456-4EDE-B23F-B5A98DF15430}" = rport=10243 | protocol=6 | dir=out | app=system |
"{6DDF7312-161C-4DB2-98EE-1F3F83D95164}" = lport=139 | protocol=6 | dir=in | app=system |
"{7148E6F9-AC8F-4081-9D60-88CFA6074644}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{763E3B17-437F-43FE-8F72-A55A207886E3}" = lport=554 | protocol=6 | dir=in | app=c:\windows\ehome\ehshell.exe |
"{7C0542D1-F0CF-4714-8A19-46933102FBA9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{81A28964-57D7-4078-BD51-9AD5977DA8F3}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{85FC83BF-1C5E-4B6B-BA10-32520DFDE056}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{8B6454CD-F489-4DF0-9641-380C34A77DC9}" = lport=3390 | protocol=6 | dir=in | app=system |
"{907CFE93-0433-4A18-9717-55016185A67F}" = lport=3390 | protocol=6 | dir=in | app=system |
"{94DAC403-02C6-4C9D-B113-3741EC9DCE65}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{95D45FEA-65A4-4F58-895E-B79113A8C8BC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9678E6F9-21F4-45ED-B33B-486FCBCB2E23}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=c:\windows\system32\svchost.exe |
"{9FE1AECD-49A2-4763-BE32-5DECCC111A7B}" = lport=7777 | protocol=17 | dir=in | app=c:\windows\ehome\ehshell.exe |
"{A0B66936-638E-473D-BCEF-99C289257806}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=c:\windows\system32\svchost.exe |
"{A46A7309-9046-468F-A0E9-C0D1B87F021A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A7210B9C-108E-435B-B8D3-C2805E13DBD3}" = lport=445 | protocol=6 | dir=in | app=system |
"{AD777F63-95D7-4071-9A14-4F0ABD4A664C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AE443B8B-489C-41E0-AD74-13F555F5B105}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=c:\windows\system32\svchost.exe |
"{B084607E-ADC5-4409-A2A9-5F9750959C05}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{B12EB871-3F3B-4181-AEA6-85FF65278E4D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BB7D84D3-A260-460F-AC4D-80CA036894DA}" = lport=443 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{C5FD356C-AC3E-4E49-8463-58542B242E0A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{C9C4FEF5-2DAA-4C5E-83E1-E6FD21AE0C16}" = rport=445 | protocol=6 | dir=out | app=system |
"{CE956E59-D367-4A3B-BD9F-6A65CDD48FFE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{D0ACE0F6-5EAB-4299-93F6-01E0F0D22003}" = lport=554 | protocol=6 | dir=in | app=c:\windows\ehome\ehshell.exe |
"{D1F1F495-27C5-4699-ACF2-0171A76FB18D}" = rport=137 | protocol=17 | dir=out | app=system |
"{D4BABD30-403F-4881-A41B-636922BAEE43}" = lport=138 | protocol=17 | dir=in | app=system |
"{D62B64FC-9F25-44D4-BD14-B68678833389}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=c:\windows\system32\svchost.exe |
"{E242B2CB-9203-4543-99C4-B59D48824626}" = lport=80 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{E2C4051F-8B50-450D-AAA5-96E0D556FB9E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{E4B697E0-D8C1-49AE-A32A-1B4222ECAEB9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E92F305F-5904-4D57-A014-723BD9A4B0A6}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{EC1F8FD1-1AFD-4EBC-853C-742DBC350F91}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{F94FA409-F278-4F46-896D-8CD489BF61EE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FA3FE7FF-D329-4DCE-8272-2BBBA2A72F8F}" = lport=10244 | protocol=6 | dir=in | app=system |
"{FB50F708-0F04-490E-8081-1BEF94C65126}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=c:\windows\system32\svchost.exe |
"{FCCB7B64-4069-4F27-A751-054CFC83B384}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{012A0922-24DD-4BCD-85CF-A2422C2E512F}" = protocol=6 | dir=in | app=f:\steamlibrary\steamapps\common\war in the north\witn.exe |
"{0199BDA7-52FC-448C-B976-07709BE0C44F}" = protocol=17 | dir=out | app=c:\windows\ehome\ehshell.exe |
"{047E4678-C4E8-4B44-B257-7398AE4BC6F0}" = protocol=17 | dir=in | app=f:\program files\diablo iii\diablo iii.exe |
"{09562FAD-CC8C-494B-9A81-CCB1E3AD8292}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{0EBC7605-1039-4E72-AF11-DAEC9CC97970}" = protocol=6 | dir=in | app=f:\steamlibrary\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{168F046F-9816-4E26-81CC-F77547F96251}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{178E25A6-FCA0-4B36-A97C-EF6DC4499C88}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{19D1C8EB-A2A4-4A38-B9AF-BD76763CB9D2}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{1D3EEB59-9D10-43D3-A605-C6AF0D199C2D}" = protocol=6 | dir=out | app=c:\windows\ehome\mcrmgr.exe |
"{1E098B99-E04E-4676-B8DD-3B71C70200C5}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{1F948BB2-7C6A-4C27-A7BE-ABA4F5872857}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{20598973-1931-4925-AE5F-4928B72DCBCC}" = protocol=6 | dir=in | app=f:\steamlibrary\steamapps\common\bastion\bastion.exe |
"{20931505-4AD3-4568-BA51-B5C114715910}" = protocol=6 | dir=out | app=system |
"{21684E75-1A07-4574-9728-D77D2DD97D1C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3286\agent.exe |
"{2401D613-50A6-475E-B962-291A09959A8E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2659ED37-E4E2-40DF-BC79-3F33BA7884EF}" = protocol=6 | dir=in | app=c:\program files\steam\bin\steamwebhelper.exe |
"{2D78C348-6786-4F91-9BF2-C5DD4ED171E4}" = protocol=6 | dir=out | app=c:\windows\ehome\mcx2prov.exe |
"{2E0C69FE-79DF-4F26-B3F4-028F7FF29F26}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{30DA83A7-FDEA-4033-9904-144FDD098D7D}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\oblivion\oblivionlauncher.exe |
"{32EA940E-0F64-4B08-BCE0-14895833F792}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{357B9207-931A-4A39-B4CA-295D5BFB5F77}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{37D991EB-D6C3-404D-92C7-D4089864263C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{37ED4A84-2062-4890-854E-A5B49B9A68C4}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\portal 2\portal2.exe |
"{391B427A-F6FC-43A2-84BA-76BDDAB8C047}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\team fortress 2\hl2.exe |
"{39767710-4019-474B-940E-4F2A54FA31D2}" = protocol=6 | dir=in | app=f:\steamlibrary\steamapps\common\terraria\terraria.exe |
"{39859365-133D-46A5-9DAE-C25974B8B762}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3C5AEC65-1250-4ABD-A62B-EE0B953DA09C}" = protocol=17 | dir=in | app=f:\program files\diablo iii beta\diablo iii.exe |
"{3C854D23-D543-4A72-B179-F456257CDC84}" = protocol=17 | dir=in | app=f:\steamlibrary\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe |
"{3FF384D6-9E57-4A94-958E-10E01929EB37}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\batman arkham asylum goty\binaries\bmlauncher.exe |
"{43806942-9B30-4C89-B268-56FFDF6FFBD5}" = protocol=6 | dir=in | app=f:\program files\crashplan\crashplanservice.exe |
"{43E1761E-79D4-4A8C-A5DF-7AEA491DC308}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3182\agent.exe |
"{44D55C77-1DDD-4E4D-BE5B-062BAF6C9FAF}" = protocol=1 | dir=out | [email protected],-28544 |
"{44F176D3-8A90-44CC-BF89-F8DF014BF5BC}" = protocol=17 | dir=in | app=f:\steamlibrary\steamapps\common\thomaswasalone\thomaswasalone.exe |
"{4659F2DD-E308-4C86-B0A2-D7F28EE3EEF3}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3023\agent.exe |
"{4A3FD7AF-7D72-4FB5-8E3D-880E456F2E85}" = protocol=17 | dir=in | app=f:\steamlibrary\steamapps\common\knights of pen and paper\knightspp.exe |
"{4BE8C4A0-897C-43C1-8716-694B1D634FF5}" = protocol=6 | dir=in | app=f:\steamlibrary\steamapps\common\thomaswasalone\thomaswasalone.exe |
"{4CCCCB27-AB43-4FA7-BA3F-A15AF6F13E72}" = protocol=6 | dir=in | app=f:\steamlibrary\steamapps\common\batman arkham asylum goty\binaries\bmlauncher.exe |
"{4CE068C9-2E94-40F7-B076-E97CC9F237C3}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.patch.exe |
"{4D63CDC3-CB4E-489C-8610-789D2AFB2399}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{54C36956-4021-40C8-80CB-31E00C064667}" = protocol=6 | dir=out | app=c:\windows\ehome\mcx2prov.exe |
"{54E88AC2-D6E0-4975-A58E-0EDF6F032DCA}" = protocol=6 | dir=in | app=f:\program files\battle.net\battle.net.exe |
"{570EF770-C14E-4B11-84AA-26EFFB08525E}" = protocol=17 | dir=out | app=c:\windows\ehome\ehshell.exe |
"{571879E7-6495-4EC8-ADB5-F2D70DC0F741}" = protocol=6 | dir=out | app=c:\windows\ehome\mcrmgr.exe |
"{57E59C96-777C-4FA2-B4A5-981350302F78}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\portal 2\portal2.exe |
"{5B2371EF-FCC5-4878-BA6F-467D9AE7C3D5}" = protocol=6 | dir=out | svc=mcx2svc | app=c:\windows\system32\svchost.exe |
"{5DAF370D-88F2-4DD6-9090-E63A872B4350}" = protocol=17 | dir=in | app=f:\steamlibrary\steamapps\common\war in the north\witn.exe |
"{6071E19A-A21F-4042-8663-8BACE9BBA9DB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{634543AF-154A-450E-A8C8-F5B3C89DDE71}" = protocol=6 | dir=out | app=c:\windows\ehome\ehshell.exe |
"{651FFCDB-364D-4DB4-B2DA-923E7FA44EBF}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{672D0941-8BD3-4952-89D7-2410A081FA2A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe |
"{68B91F17-FE95-4078-A69D-3D2811E6B001}" = protocol=17 | dir=in | app=c:\program files\steam\bin\steamwebhelper.exe |
"{68E4659B-1F06-4D49-9FF8-2EE95824BFF5}" = protocol=17 | dir=in | app=f:\steamlibrary\steamapps\common\bastion\bastion.exe |
"{6C1D24DF-F210-493E-A3EF-DFD5E4F0C679}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\team fortress 2\hl2.exe |
"{6C723BDE-EEE8-40F3-9D8D-8B35B9E5A150}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe |
"{6C864AF4-296E-4BD0-8F52-E9A854072ACF}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{6FAF366E-49D1-42FF-83F8-AC0D7ADB695B}" = protocol=6 | dir=out | svc=fdphost | app=c:\windows\system32\svchost.exe |
"{6FD62BD8-6CFB-4800-BCDF-97A43FB346CF}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3182\agent.exe |
"{6FEB0CD4-E25A-4259-A583-24B4CAE6C554}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3286\agent.exe |
"{730CDBED-2350-4E63-94C9-41B757BA94BC}" = protocol=6 | dir=out | svc=mcx2svc | app=c:\windows\system32\svchost.exe |
"{764D41A7-02F0-4D1A-83AD-5C82C9D813D9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{79062850-11AE-45BD-ADCA-808EAC80F1DE}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\the binding of isaac\isaac.exe |
"{79B258BE-0344-44F5-86FB-A7AB79F69FD0}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.patch.exe |
"{7AE10AEE-8DAA-4095-AFCA-FC8CF1D28C55}" = protocol=58 | dir=out | [email protected],-28546 |
"{7B3347A6-F205-48BC-BB0E-5DFE72A3F9F5}" = protocol=17 | dir=in | app=f:\program files\hearthstone\hearthstone.exe |
"{7BFD9BF9-133D-490D-819C-5C94A8C99D65}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3286\agent.exe |
"{7CD7DE48-5BCE-455F-926C-E465F5EFFBF3}" = dir=in | app=c:\program files\leapfrog\leapfrog connect\leapfrogconnect.exe |
"{7F6E4EE4-D21A-4DF7-92F6-CC622A89F924}" = protocol=6 | dir=in | app=f:\steamlibrary\steamapps\common\scribblenauts\scribble.exe |
"{84054FA2-4B34-44BD-8828-8D866D538ED2}" = protocol=6 | dir=in | app=f:\steamlibrary\steamapps\common\knights of pen and paper\knightspp.exe |
"{855A9BD3-A900-4818-9EE2-3CC8897189C2}" = protocol=17 | dir=in | app=f:\program files\crashplan\crashplanservice.exe |
"{8685A8E7-CAE3-4A2C-BF6F-70A6253F08CC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{86A58360-732E-4E78-A57E-09CD64218714}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{875203CF-C505-4F54-A0EB-C0337A24AE96}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\the binding of isaac\isaac.exe |
"{8BF5FD67-92C7-4EBC-84F3-B5BF6E77347E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8CD3F422-6559-4A12-8D20-5DD69B86F6D3}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3334\agent.exe |
"{8F4976E6-B53C-4622-9DBD-1C042B6C4855}" = protocol=6 | dir=out | app=c:\windows\ehome\ehshell.exe |
"{92E30C6E-8865-41B8-84EE-2DFB450A8B10}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{94B9CE4B-D442-456D-9371-7040B03E6983}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3286\agent.exe |
"{9602D634-A2E0-48CE-9586-C7D779EF9D08}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{999B4F4A-841B-4D30-B50D-A313E25A6EEE}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{9B15F73C-639C-4787-8948-CF3050C326D2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9E935F1B-4726-4BF7-A0F7-A7AA5AF7CC68}" = protocol=17 | dir=in | app=f:\steamlibrary\steamapps\common\batman arkham asylum goty\binaries\bmlauncher.exe |
"{9F6D5545-3E1C-4176-A932-B4B4CD5105A5}" = protocol=6 | dir=in | app=c:\users\steve\appdata\local\tversity\media server\mediaserver.exe |
"{A5D01E87-2FD9-43ED-B201-7257E1F19F3F}" = protocol=17 | dir=in | app=f:\steamlibrary\steamapps\common\proteus\proteus.exe |
"{A81F21F6-2B6A-4194-8B06-FF43DC9B9AC1}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\batman arkham asylum goty\binaries\bmlauncher.exe |
"{AB97FCCE-42A7-46FD-983D-7923B22242CE}" = protocol=17 | dir=in | app=f:\program files\battle.net\battle.net.exe |
"{ABDC9645-FD7A-4279-A7F1-E217B806D5F2}" = protocol=17 | dir=in | app=f:\steamlibrary\steamapps\common\terraria\terraria.exe |
"{ACC34EF3-147C-40DB-BC15-2BBB710FE87B}" = protocol=6 | dir=in | app=f:\steamlibrary\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe |
"{B2E9C9F8-AE61-41B1-8547-42AC96A7E66C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B3AF116B-20EE-4D5B-8EC4-9F043A3A6F83}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{B3BCB167-B752-4052-98C4-A4DF39E78638}" = protocol=17 | dir=in | app=f:\steamlibrary\steamapps\common\awesomenauts\awesomenautslauncher.exe |
"{B440CDAE-1CC7-4083-BEA6-1F86E6C2ED66}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B68BA384-A6A5-42FC-9655-BD4A08912DB2}" = protocol=6 | dir=in | app=f:\steamlibrary\steamapps\common\proteus\proteus.exe |
"{B754FD4B-7A91-48B5-AE14-4B813A7EF935}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"{BAD2C35D-C6E9-444D-B2D3-6B9E045A9515}" = protocol=17 | dir=in | app=f:\steamlibrary\steamapps\common\proteus\proteus.exe |
"{BB4E208F-BBA5-4D52-B56C-BB8B5FDE98D5}" = protocol=17 | dir=in | app=c:\users\steve\appdata\local\tversity\media server\mediaserver.exe |
"{BDB4A3FA-DA49-4FF3-A841-EC2515EA9EB9}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3023\agent.exe |
"{BE0CEAA5-39A3-4FDC-8722-1725D041F8A6}" = protocol=1 | dir=in | [email protected],-28543 |
"{C60D034E-8775-48D6-B6EB-1D72B82E8116}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{C7ABC1E6-DECF-4A06-9BF6-2747A4A30E6D}" = protocol=17 | dir=in | app=f:\steamlibrary\steamapps\common\path of exile\pathofexilesteam.exe |
"{C7E6D8BE-BFD2-4522-88CD-42AF5A4B21DE}" = protocol=17 | dir=in | app=f:\steamlibrary\steamapps\common\magicka\magicka.exe |
"{C98A6A9E-B3B3-4CB9-835B-B951EEC6098F}" = protocol=17 | dir=in | app=f:\steamlibrary\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{CB1611EF-C82C-418B-9292-003C5274D751}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\oblivion\oblivionlauncher.exe |
"{CB253EF7-A9E7-4B22-9A7F-965377E04F8C}" = protocol=58 | dir=out | [email protected],-503 |
"{CB8FFBF8-38BC-4F39-987F-2522FC46A782}" = dir=in | app=c:\program files\constant guard protection suite\idvault.exe |
"{CDD2EBD5-8686-4024-B216-D168DD323B79}" = protocol=17 | dir=in | app=f:\steamlibrary\steamapps\common\scribblenauts\scribble.exe |
"{CF0FE07F-176A-4884-AF4C-E9B8B85F4351}" = protocol=6 | dir=out | svc=fdphost | app=c:\windows\system32\svchost.exe |
"{CFD15AB5-53EF-4A08-9AE1-DE5508B061FD}" = protocol=58 | dir=in | [email protected],-28545 |
"{D17D63AD-9ED0-4860-B307-1DCA3C25BA2E}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{D63E9B13-998B-4067-81A5-35ADA20C1AE1}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\team fortress 2\hl2.exe |
"{D65D26B7-7885-4F4C-8FD1-09A9A36BE1AC}" = protocol=6 | dir=in | app=f:\steamlibrary\steamapps\common\proteus\proteus.exe |
"{D7AC88AA-3430-49E1-AB8A-8020E8DB3709}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\team fortress 2\hl2.exe |
"{D8AA03FC-97FF-4832-8A9F-702C753AC592}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{DB19CB65-FDAA-4AF8-8623-DD5654D81FD6}" = protocol=6 | dir=in | app=f:\steamlibrary\steamapps\common\magicka\magicka.exe |
"{DCC9B728-51CE-460F-BA01-EAF7076420F4}" = protocol=6 | dir=in | app=f:\steamlibrary\steamapps\common\awesomenauts\awesomenautslauncher.exe |
"{DF988DD0-9961-4FAA-880F-FFEEAC9D88CC}" = dir=in | app=c:\program files\constant guard protection suite\idvault.exe |
"{E218DBEC-AAD1-47A6-9265-046D619D02E8}" = protocol=6 | dir=in | app=f:\program files\hearthstone\hearthstone.exe |
"{E331ED8D-6C21-428B-8785-C041A2A663CD}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{E86E7C00-4847-4145-BE33-A4667A267DDF}" = protocol=6 | dir=in | app=f:\program files\diablo iii beta\diablo iii.exe |
"{E99E08E9-D792-4916-97A5-0FDE47B9E54E}" = dir=in | app=c:\program files\constant guard protection suite\idvault.exe |
"{EBCC0AB9-A754-4ACE-BCDF-EB0D44E4FB9C}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"{EBE5A7DD-C46C-4775-87CE-1F6C508893FF}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3334\agent.exe |
"{F19BEE7E-5BBA-4838-A752-1089111DD586}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{F23B45F6-2158-449B-8D12-40F6D07B5063}" = protocol=6 | dir=in | app=f:\program files\diablo iii\diablo iii.exe |
"{F505422C-90D1-4874-9A07-30775D21D50F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{F53B93DA-2173-4CBF-BFA0-EBA2BE30D00B}" = protocol=6 | dir=in | app=f:\steamlibrary\steamapps\common\path of exile\pathofexilesteam.exe |
"{FB117890-0881-4632-B59D-D413C33AE946}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{FB3FBB80-492D-4DB2-9AE7-59BDDAB1987D}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{FBE23590-03BA-4698-AA90-DA7D9A3E0A80}" = protocol=58 | dir=in | app=system |
"TCP Query User{0872F077-1142-446F-B77B-696FBC1760F4}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{AB19B6BF-52B3-448D-A380-2D5551CF0379}C:\programdata\battle.net\agent\agent.3023\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3023\agent.exe |
"TCP Query User{B1C34CF0-AE0F-4F8A-BEE5-52BF53D1C416}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{F756C9E3-2C88-45E0-A228-E3F5D583567A}F:\program files\hearthstone\hearthstone.exe" = protocol=6 | dir=in | app=f:\program files\hearthstone\hearthstone.exe |
"UDP Query User{8FBDAF8B-9A33-455D-B36D-78508F8FD059}F:\program files\hearthstone\hearthstone.exe" = protocol=17 | dir=in | app=f:\program files\hearthstone\hearthstone.exe |
"UDP Query User{9B372941-389D-42CD-B196-275534CE2E12}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{A1068D37-8EE1-4AC9-8D51-633E9FC790DA}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{F8EA9E45-EB37-4E6D-B0A2-C7021D13525E}C:\programdata\battle.net\agent\agent.3023\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3023\agent.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{012C59CF-074A-43DA-8085-B6E636733B59}" = Citrix Receiver(Aero)
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E1C5B43-1837-4F98-A96B-79A8A0A5955F}" = Citrix Receiver(USB)
"{17544ACA-6428-424B-926B-8751610836AE}" = TortoiseSVN 1.7.1.22161 (32 bit)
"{199C20D6-10D3-4210-B361-4760209F56AE}" = Citrix online plug-in (Web)
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 51
"{2711FDC5-B900-4BEB-BD60-D75BEC01AB6B}_is1" = Flyff version V18
"{27132A1F-9174-4C9E-B0F7-2C5584E4CF9F}" = LeapFrog Leapster Explorer Plugin
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}" = iTunes
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{43CC9C53-A217-4850-B5B2-8C347920E500}" = Microsoft Online Services Module for Windows PowerShell
"{47117FCA-0D00-4B6D-9D68-00B763629463}" = Self-service Plug-in
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D46DE30-49FE-4043-99F7-D7E8C06175E0}_is1" = AntiLogger SDK version 1.7.6.367
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5A13987D-55F4-4271-A40E-76AC9B1B38FD}" = OpenOffice.org 3.2
"{5E8AC853-65BB-4C99-A09E-19B81851E14C}" = Citrix Receiver Updater
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{732E3F74-FF24-42BC-B1A2-3244BBEBEB5D}" = LeapFrog LeapPad Explorer Plugin
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9520DDEB-237A-41DB-AA20-F2EF2360DCEB}" = Microsoft Online Services Sign-in Assistant
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B4D16A7-393F-470C-8B9F-74AE1EA6C105}" = LeapFrog Connect
"{9BB69D0F-1369-4DBD-99A9-1BC228ED1033}" = Nero 7 Essentials
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.6
"{ADE8A83D-BB70-4FB5-BA19-26C47EA31894}" = Citrix Receiver(DV)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.2.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 335.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 11.10.13
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 11.10.13
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.20
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}" = Google Talk Plugin
"{C4E28723-0663-4012-9BDC-E21A14C1316C}" = Citrix Receiver (HDX Flash Redirection)
"{CA55005D-94AC-4596-9646-679D6CC0D620}" = Citrix Authentication Manager
"{CA97CC85-FAF9-4316-9284-0F6CFA67B867}" = calibre
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{D9EE360A-7C19-47EC-93C7-97DEFF64804B}" = Citrix Receiver Inside
"{DCFD26A8-60A5-4C69-A52D-264D0386FDB3}" = Microsoft Xbox 360 Accessories 1.2
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F390D923-76F1-458E-8218-8C0C156CDCFD}" = Online Plug-in
"{FD1F68EC-75DA-55F4-E2D2-94BE450C0368}" = ATI Catalyst Install Manager
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"8461-7759-5462-8226" = Vuze
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Afterburner" = MSI Afterburner 2.1.0
"Battle.net" = Battle.net
"CANONIJINBOXADDON100" = Canon Inkjet Printer Driver Add-On Module
"CitrixOnlinePluginPackWeb" = Citrix Receiver
"Diablo III" = Diablo III
"DivX Setup.divx.com" = DivX Setup
"EADM" = EA Download Manager
"ffdshow_is1" = ffdshow [rev 3154] [2009-12-09]
"GIMP-2_is1" = GIMP 2.8.0
"GOGPACKFALLOUT_is1" = Fallout
"Google Chrome" = Google Chrome
"Hearthstone" = Hearthstone
"ID Vault" = Constant Guard Protection Suite
"Inkscape" = Inkscape 0.48.1
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"KeePass Password Safe_is1" = KeePass Password Safe 1.26
"LeapPadExplorerPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin)
"LeapsterExplorerPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster Explorer Plugin)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"mIRC" = mIRC
"Mozilla Firefox 29.0.1 (x86 en-US)" = Mozilla Firefox 29.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"N360" = Norton Security Suite
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"PlayCatan Client" = PlayCatan Access Software
"Recoil Games Rochard" = Rochard
"Rockstar Games Social Club" = Rockstar Games Social Club
"Runic Games Torchlight" = Torchlight
"SixaxisPairTool_is1" = SixaxisPairTool 0.2.3
"SpeedFan" = SpeedFan (remove only)
"Steam App 105600" = Terraria
"Steam App 107100" = Bastion
"Steam App 113200" = The Binding of Isaac
"Steam App 200260" = Batman: Arkham City GOTY
"Steam App 200710" = Torchlight II
"Steam App 200900" = Cave Story+
"Steam App 203810" = Dear Esther
"Steam App 204220" = Snapshot
"Steam App 204300" = Awesomenauts
"Steam App 214790" = The Basement Collection
"Steam App 218680" = Scribblenauts Unlimited
"Steam App 219680" = Proteus
"Steam App 220780" = Thomas Was Alone
"Steam App 22330" = The Elder Scrolls IV: Oblivion
"Steam App 231740" = Knights of Pen and Paper +1
"Steam App 234710" = Poker Night 2
"Steam App 238960" = Path of Exile
"Steam App 28050" = Deus Ex: Human Revolution
"Steam App 31280" = Poker Night at the Inventory
"Steam App 32800" = The Lord of the Rings: War in the North
"Steam App 35140" = Batman: Arkham Asylum GOTY Edition
"Steam App 400" = Portal
"Steam App 42910" = Magicka
"Steam App 440" = Team Fortress 2
"Steam App 620" = Portal 2
"Steam App 65800" = Dungeon Defenders
"Steam App 72000" = Closure
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 8870" = BioShock Infinite
"Steam App 95300" = Capsized
"Steam App 97000" = Solar 2
"SystemRequirementsLab" = System Requirements Lab
"Unofficial Oblivion Patch_is1" = Unofficial Oblivion Patch v3.2.0
"Unofficial Shivering Isles Patch_is1" = Unofficial Shivering Isles Patch v1.5.0
"UPCShell" = LeapFrog Connect
"WavePad" = WavePad Sound Editor
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.00 beta 2 (32-bit)
"World of Warcraft" = World of Warcraft
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CopyTrans Suite" = CopyTrans Suite Remove Only
"UnityWebPlayer" = Unity Web Player
"WinDirStat" = WinDirStat 1.1.2
"xenweb2-787ce451@@Controller3.Capella Desktop" = Capella Desktop
"xenweb2-787ce451@@Controller3.Internet Explorer 8" = Internet Explorer 8
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 8/5/2014 10:12:07 PM | Computer Name = TARDIS2 | Source = IDVault | ID = 0
Description = Application not started Process with an Id of 2353736 is not running.
Error - 8/5/2014 10:12:10 PM | Computer Name = TARDIS2 | Source = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe | ID = 131073
Description =
Error - 8/8/2014 11:18:15 PM | Computer Name = TARDIS2 | Source = Application Error | ID = 1000
Description = Faulting application name: GoogleUpdate.exe, version: 1.3.21.103,
time stamp: 0x4f3c6d6c Faulting module name: ntdll.dll, version: 6.1.7601.18247,
time stamp: 0x521ea91c Exception code: 0xc0000005 Fault offset: 0x00034d60 Faulting
process id: 0x92ed8 Faulting application start time: 0x01cfb37f8ba27d73 Faulting
application path: C:\Program Files\Google\Update\GoogleUpdate.exe Faulting module
path: C:\Windows\SYSTEM32\ntdll.dll Report Id: cce64f8b-1f73-11e4-b49c-6c626d059327
Error - 8/9/2014 8:46:53 PM | Computer Name = TARDIS2 | Source = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe | ID = 131073
Description =
Error - 8/13/2014 11:21:37 PM | Computer Name = TARDIS2 | Source = Application Error | ID = 1000
Description = Faulting application name: GoogleUpdate.exe, version: 1.3.21.103,
time stamp: 0x4f3c6d6c Faulting module name: ntdll.dll, version: 6.1.7601.18247,
time stamp: 0x521ea91c Exception code: 0xc0000005 Fault offset: 0x00034d60 Faulting
process id: 0xd5880 Faulting application start time: 0x01cfb76d5fa94631 Faulting
application path: C:\Program Files\Google\Update\GoogleUpdate.exe Faulting module
path: C:\Windows\SYSTEM32\ntdll.dll Report Id: 1976b9ae-2362-11e4-9806-6c626d059327
Error - 8/23/2014 12:09:36 AM | Computer Name = TARDIS2 | Source = IDVault | ID = 0
Description = Application not started Cannot process request because the process
(2664840) has exited.
Error - 8/23/2014 12:09:43 AM | Computer Name = TARDIS2 | Source = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe | ID = 131073
Description =
Error - 8/24/2014 11:11:02 PM | Computer Name = TARDIS2 | Source = Application Hang | ID = 1002
Description = The program Explorer.EXE version 6.1.7601.17514 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: f98 Start
Time: 01cfbe8d78339f73 Termination Time: 22 Application Path: C:\Windows\Explorer.EXE
Report
Id: 68f8c518-2c05-11e4-81c3-6c626d059327
Error - 8/26/2014 4:06:50 PM | Computer Name = TARDIS2 | Source = Application Hang | ID = 1002
Description = The program chrome.exe version 36.0.1985.143 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 8d98 Start
Time: 01cfbe8e57e3a53d Termination Time: 604 Application Path: C:\Program Files\Google\Chrome\Application\chrome.exe
Report
Id:
Error - 9/6/2014 1:19:53 AM | Computer Name = TARDIS2 | Source = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe | ID = 131073
Description =
Error - 9/16/2014 8:59:55 PM | Computer Name = TARDIS2 | Source = Application Error | ID = 1000
Description = Faulting application name: MsiExec.exe, version: 5.0.7601.17514, time
stamp: 0x4ce792c4 Faulting module name: NeVideoRenderer.ax_unloaded, version: 0.0.0.0,
time stamp: 0x44a3bdd2 Exception code: 0xc0000005 Fault offset: 0x005db5ed Faulting
process id: 0x2503f4 Faulting application start time: 0x01cfd21292e1f5b6 Faulting
application path: C:\Windows\system32\MsiExec.exe Faulting module path: NeVideoRenderer.ax
Report
Id: ef683393-3e05-11e4-97b8-6c626d059327
[ Media Center Events ]
Error - 5/19/2012 10:21:35 PM | Computer Name = TARDIS2 | Source = MCUpdate | ID = 0
Description = 9:21:35 PM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )
Error - 5/20/2012 10:35:08 AM | Computer Name = TARDIS2 | Source = MCUpdate | ID = 0
Description = 9:35:03 AM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )
Error - 5/20/2012 10:32:50 PM | Computer Name = TARDIS2 | Source = MCUpdate | ID = 0
Description = 9:32:50 PM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )
Error - 5/21/2012 4:55:55 AM | Computer Name = TARDIS2 | Source = MCUpdate | ID = 0
Description = 3:55:55 AM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )
Error - 5/21/2012 10:18:34 AM | Computer Name = TARDIS2 | Source = MCUpdate | ID = 0
Description = 9:18:29 AM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )
Error - 5/21/2012 10:29:33 PM | Computer Name = TARDIS2 | Source = MCUpdate | ID = 0
Description = 9:29:33 PM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )
Error - 5/22/2012 10:04:01 AM | Computer Name = TARDIS2 | Source = MCUpdate | ID = 0
Description = 9:03:55 AM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )
Error - 5/22/2012 10:07:08 PM | Computer Name = TARDIS2 | Source = MCUpdate | ID = 0
Description = 9:07:08 PM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )
Error - 5/23/2012 10:48:41 AM | Computer Name = TARDIS2 | Source = MCUpdate | ID = 0
Description = 9:48:35 AM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )
Error - 6/7/2012 10:31:30 AM | Computer Name = TARDIS2 | Source = MCUpdate | ID = 0
Description = 9:31:25 AM - Failed to retrieve SportsSchedule.enc (Error: HTTP status
400: The server cannot process the request because the syntax is not valid. )
[ System Events ]
Error - 9/9/2014 10:56:36 PM | Computer Name = TARDIS2 | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
Error - 9/12/2014 12:42:21 AM | Computer Name = TARDIS2 | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
Error - 9/12/2014 2:28:42 AM | Computer Name = TARDIS2 | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
Error - 9/12/2014 2:28:43 AM | Computer Name = TARDIS2 | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
Error - 9/12/2014 11:12:25 PM | Computer Name = TARDIS2 | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Steam
Client Service service to connect.
Error - 9/12/2014 11:12:25 PM | Computer Name = TARDIS2 | Source = Service Control Manager | ID = 7000
Description = The Steam Client Service service failed to start due to the following
error: %%1053
Error - 9/13/2014 11:53:28 AM | Computer Name = TARDIS2 | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
Error - 9/13/2014 3:14:03 PM | Computer Name = TARDIS2 | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
Error - 9/14/2014 10:31:47 PM | Computer Name = TARDIS2 | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
Error - 9/16/2014 4:50:08 PM | Computer Name = TARDIS2 | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
< End of report >
Thanks for looking!
Sign In
Create Account
