OTL.txt Logs: http://privatepaste.com/e5ec1499de
Extras.txt: http://privatepaste.com/399e6130bb
Hope to get this sorted soon thanks!
OTL logfile created on: 06/12/2014 17:33:22 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Betrayed\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17416)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
5.82 Gb Total Physical Memory | 3.71 Gb Available Physical Memory | 63.77% Memory free
6.76 Gb Paging File | 4.45 Gb Available in Paging File | 65.89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.34 Gb Total Space | 262.66 Gb Free Space | 56.45% Space Free | Partition Type: NTFS
Computer Name: BETRAYED | User Name: Betrayed | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/12/06 16:49:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Betrayed\Desktop\OTL.exe
PRC - [2014/12/06 16:47:51 | 069,999,448 | ---- | M] (Microsoft Corporation) -- C:\Users\Betrayed\Downloads\NDP452-KB2901907-x86-x64-AllOS-ENU.exe
PRC - [2014/11/27 13:43:10 | 002,370,240 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
PRC - [2014/11/25 06:39:27 | 000,856,904 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/11/13 06:58:58 | 035,419,192 | ---- | M] (Dropbox, Inc.) -- C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014/09/12 09:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/07/04 10:18:17 | 001,176,632 | ---- | M] (Spotify Ltd) -- C:\Users\Betrayed\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2014/06/16 10:11:58 | 005,037,888 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2014/05/22 14:43:40 | 000,210,944 | ---- | M] (Popcorn Time) -- C:\Program Files (x86)\Popcorn Time\PopcornTimeUpdater.exe
PRC - [2014/04/12 06:08:08 | 000,087,696 | ---- | M] (Microsoft Corporation) -- C:\742b1cc9c820255a6762987d98\Setup.exe
PRC - [2014/03/13 16:44:22 | 000,819,984 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe
PRC - [2013/11/05 22:05:42 | 000,437,464 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2013/11/05 22:05:16 | 000,358,104 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2013/11/05 21:23:36 | 000,087,768 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
PRC - [2013/11/05 19:34:10 | 002,237,328 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
PRC - [2013/10/17 21:29:44 | 000,395,120 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
PRC - [2013/10/16 18:01:36 | 004,624,240 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
PRC - [2013/08/02 11:36:20 | 003,293,288 | ---- | M] (Nota Inc.) -- C:\Program Files (x86)\Gyazo\GyStation.exe
PRC - [2013/06/05 13:18:06 | 001,039,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
PRC - [2013/05/21 04:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe
PRC - [2012/10/16 09:39:00 | 000,646,744 | ---- | M] () -- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
PRC - [2012/10/08 14:15:50 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Pen\WacomHost.exe
PRC - [2012/07/30 23:04:06 | 000,533,056 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
PRC - [2012/07/27 16:16:32 | 002,415,760 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
PRC - [2012/07/18 00:10:33 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/07/18 00:10:30 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/07/18 00:10:16 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/07/04 17:57:44 | 000,990,320 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
PRC - [2012/04/24 13:37:56 | 000,169,752 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
========== Modules (No Company Name) ==========
MOD - [2014/12/06 16:24:10 | 000,043,008 | ---- | M] () -- c:\users\betrayed~1\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpx0fngs.dll
MOD - [2014/12/05 23:26:20 | 000,155,136 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\JSON\8fe74181f8f6e6b1724a5a7aed0b64b6\JSON.ni.dll
MOD - [2014/12/05 23:21:17 | 011,926,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\6074b87793a7906a01317ea8832e7330\System.Web.ni.dll
MOD - [2014/12/05 23:20:25 | 000,978,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\0f06c6152e5384e75e9517c79ed500d4\System.Configuration.ni.dll
MOD - [2014/12/05 23:20:23 | 001,394,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\HD-Agent\dd38e482b075c7dead7fb96d8afa2caa\HD-Agent.ni.exe
MOD - [2014/12/04 18:08:57 | 005,467,136 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\49201f5658aca21352debffb85ff41df\System.Xml.ni.dll
MOD - [2014/12/04 18:08:54 | 012,436,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6b1a3043fa76fc0f83502099411d2a10\System.Windows.Forms.ni.dll
MOD - [2014/12/04 18:08:50 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\828956d62d94914af63efc7fb36d1120\System.Drawing.ni.dll
MOD - [2014/12/04 18:08:19 | 007,995,904 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\4976746d2f27ea6b60301a84d6c3e4be\System.ni.dll
MOD - [2014/12/03 20:16:43 | 011,500,032 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\5bd3374f05d46ba0563f44d032209f08\mscorlib.ni.dll
MOD - [2014/11/25 06:39:24 | 009,009,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll
MOD - [2014/11/25 06:39:20 | 001,077,064 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
MOD - [2014/11/25 06:39:18 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libegl.dll
MOD - [2014/11/25 06:39:17 | 001,677,128 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
MOD - [2014/11/13 06:49:58 | 003,610,624 | ---- | M] () -- C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2014/06/01 09:08:56 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2014/05/24 16:41:24 | 000,892,416 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
MOD - [2014/05/24 16:41:24 | 000,091,648 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
MOD - [2014/01/03 11:03:39 | 000,096,256 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\swresample-0.dll
MOD - [2014/01/03 11:03:38 | 001,425,920 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-54.dll
MOD - [2014/01/03 11:03:38 | 000,188,416 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-52.dll
MOD - [2014/01/03 11:03:17 | 000,336,896 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-2.dll
MOD - [2014/01/03 11:03:16 | 007,816,192 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-54.dll
MOD - [2013/10/17 16:45:58 | 032,726,528 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
MOD - [2013/10/16 18:01:36 | 004,624,240 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
MOD - [2013/08/23 19:01:44 | 025,100,288 | ---- | M] () -- C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013/06/05 13:21:18 | 000,071,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll
MOD - [2012/11/28 14:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/11/28 14:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/11/22 17:57:06 | 000,056,424 | ---- | M] () -- C:\Windows\SysWOW64\PrxerNsp.dll
MOD - [2012/10/16 09:39:00 | 000,646,744 | ---- | M] () -- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
MOD - [2012/07/30 23:04:34 | 000,465,384 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
MOD - [2012/05/30 14:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\wincfi39.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014/10/31 04:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/10/07 01:54:27 | 000,226,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/09/22 03:05:56 | 000,368,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/09/22 03:05:56 | 000,023,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/08/16 03:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2014/08/16 00:58:35 | 000,287,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014/08/16 00:45:51 | 000,267,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/07/24 07:28:58 | 001,600,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/07/02 14:37:00 | 000,005,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe -- (c2wts)
SRV:64bit: - [2014/06/05 12:15:06 | 000,037,176 | ---- | M] (The OpenVPN Project) [On_Demand | Stopped] -- C:\Program Files\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV:64bit: - [2014/04/30 19:57:14 | 000,087,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe -- (VsEtwService120)
SRV:64bit: - [2014/03/14 06:26:25 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/03/08 05:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/03/06 07:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/02/22 15:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/02/22 09:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/02/22 09:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/02/22 09:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/02/22 09:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/01/17 19:01:08 | 000,187,592 | ---- | M] (Sandboxie Holdings, LLC) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV:64bit: - [2013/12/10 07:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/08/22 11:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 11:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 11:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 11:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 11:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 11:03:41 | 000,052,736 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\SysNative\rundll32.exe -- (699fd52f)
SRV:64bit: - [2013/08/22 10:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 10:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 09:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 09:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 09:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 09:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 09:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 09:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 09:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 09:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/11/14 12:45:32 | 000,619,904 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\WTabletServiceCon.exe -- (WTabletServiceCon)
SRV:64bit: - [2012/07/31 20:20:26 | 000,659,600 | ---- | M] (Acer Incorporated) [On_Demand | Running] -- C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2012/07/31 01:16:42 | 000,466,064 | ---- | M] (Acer Incorporated) [On_Demand | Stopped] -- C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe -- (DeviceFastLaneService)
SRV:64bit: - [2012/04/20 13:16:12 | 000,635,104 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV - [2014/12/03 19:57:45 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/11/27 13:43:10 | 002,370,240 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater)
SRV - [2014/09/12 09:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/08/16 03:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/07/12 00:53:24 | 000,542,912 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/06/26 18:37:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/06/16 10:11:58 | 005,037,888 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2014/05/22 14:43:40 | 000,210,944 | ---- | M] (Popcorn Time) [Auto | Running] -- C:\Program Files (x86)\Popcorn Time\PopcornTimeUpdater.exe -- (Popcorn Time Updater)
SRV - [2014/04/03 19:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/03/14 06:10:16 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/03/13 16:45:08 | 000,770,832 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe -- (BstHdUpdaterSvc)
SRV - [2014/03/13 16:43:14 | 000,385,808 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2014/03/13 16:42:40 | 000,402,192 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2014/02/19 23:18:06 | 000,142,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe -- (fussvc)
SRV - [2014/01/29 19:04:52 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2014/01/12 13:07:40 | 000,438,272 | ---- | M] (PowerUp Software, LLC) [Auto | Stopped] -- C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe -- (PinnacleUpdateSvc)
SRV - [2013/12/16 20:31:34 | 000,443,080 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\GSService.exe -- (GSService)
SRV - [2013/11/05 22:05:42 | 000,437,464 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2013/11/05 22:05:16 | 000,358,104 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2013/11/05 21:23:36 | 000,087,768 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService)
SRV - [2013/10/29 11:19:06 | 000,919,768 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
SRV - [2013/08/22 03:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/22 03:21:36 | 000,119,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe -- (Te.Service)
SRV - [2013/08/22 02:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/05/21 04:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe -- (NIS)
SRV - [2013/04/29 01:56:32 | 000,101,888 | ---- | M] (Freemake) [Auto | Stopped] -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver)
SRV - [2013/03/01 01:48:58 | 000,118,520 | ---- | M] (Riverbed Technology, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2013/01/28 14:47:24 | 000,227,456 | ---- | M] (Qualcomm Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2012/08/27 04:53:32 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/08/27 04:36:57 | 000,093,296 | ---- | M] (Dritek System INC.) [Auto | Running] -- C:\Windows\RfBtnSvc64.exe -- (RfButtonDriverService)
SRV - [2012/07/30 23:04:16 | 000,259,136 | ---- | M] (NTI Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2012/07/27 16:16:32 | 002,415,760 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe -- (CCDMonitorService)
SRV - [2012/07/18 00:10:33 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/18 00:10:30 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/18 00:10:16 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/04/24 13:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/12/01 15:51:16 | 000,045,112 | -H-- | M] (LogMeIn Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Hamdrv.sys -- (Hamachi)
DRV:64bit: - [2014/10/10 01:58:57 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014/09/22 03:06:16 | 000,258,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/09/22 03:06:16 | 000,114,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/09/22 02:49:43 | 000,035,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/08/15 00:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/07/24 15:28:38 | 000,468,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/07/24 15:28:38 | 000,412,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/07/24 11:42:22 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014/05/17 00:42:36 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2014/05/01 13:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/04/28 05:33:30 | 000,599,240 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2014/03/20 03:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/18 08:18:42 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb22.sys -- (xusb22)
DRV:64bit: - [2014/03/13 12:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/03/08 20:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/03/06 17:36:44 | 000,090,624 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm)
DRV:64bit: - [2014/02/22 16:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/02/22 15:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/02/22 15:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/02/22 15:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/02/22 15:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/02/22 12:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/01/22 14:57:34 | 000,450,520 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2014/01/22 14:51:26 | 004,221,440 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2014/01/22 08:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2014/01/22 08:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2014/01/17 19:01:06 | 000,202,600 | ---- | M] (Sandboxie Holdings, LLC) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV:64bit: - [2013/12/31 17:30:54 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/12/31 17:30:54 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/12/31 17:30:54 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/12/26 23:30:20 | 000,038,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013/12/26 23:30:20 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013/12/04 18:41:54 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013/11/29 09:31:28 | 000,017,008 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\ampa.sys -- (ampa)
DRV:64bit: - [2013/11/14 12:49:33 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/11/14 12:43:25 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/11/14 12:29:09 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/11/05 22:06:02 | 000,031,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2013/11/05 22:05:40 | 000,068,312 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2013/11/05 22:04:52 | 000,045,720 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2013/11/05 22:04:52 | 000,020,120 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2013/11/05 22:04:50 | 000,034,008 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2013/10/29 11:18:50 | 000,053,976 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2013/09/06 13:25:40 | 000,131,856 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2013/08/22 13:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 13:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 12:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 12:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 12:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 12:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 12:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 12:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 12:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 12:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 12:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 12:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 12:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 12:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 12:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 12:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 12:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 12:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 12:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 12:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 12:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 12:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 12:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 12:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 12:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 12:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 12:40:24 | 000,040,664 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2013/08/22 12:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 12:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 12:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 11:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 11:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 11:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 11:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 11:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 11:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 11:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 11:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 11:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 11:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 11:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 11:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 11:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 11:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 11:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 11:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 11:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 11:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 11:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 11:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 11:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 08:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 23:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 00:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 18:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 19:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/06/23 12:17:50 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013/06/18 14:45:14 | 000,425,984 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2013/06/18 14:45:02 | 003,680,256 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athw8x.sys -- (athr)
DRV:64bit: - [2013/05/23 05:25:28 | 001,139,800 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1405000.01C\symefa64.sys -- (SymEFA)
DRV:64bit: - [2013/05/21 05:02:00 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1405000.01C\symds64.sys -- (SymDS)
DRV:64bit: - [2013/05/16 05:02:14 | 000,796,760 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1405000.01C\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013/04/25 00:43:56 | 000,433,752 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1405000.01C\symnets.sys -- (SymNetS)
DRV:64bit: - [2013/04/16 02:41:14 | 000,169,048 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1405000.01C\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2013/03/05 02:14:07 | 000,023,448 | R--- | M] (Symantec Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1405000.01C\symelam.sys -- (SymELAM)
DRV:64bit: - [2013/03/05 01:40:08 | 000,224,416 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1405000.01C\ironx64.sys -- (SymIRON)
DRV:64bit: - [2013/03/05 01:21:35 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1405000.01C\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013/03/01 01:49:12 | 000,036,600 | ---- | M] (Riverbed Technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2013/01/28 14:23:24 | 000,136,424 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2013/01/28 14:23:24 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2013/01/28 14:23:22 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2013/01/28 14:23:20 | 000,089,168 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2013/01/28 14:23:18 | 000,346,192 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2013/01/28 14:23:18 | 000,115,280 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2013/01/03 16:02:55 | 000,328,592 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2012/10/24 14:17:14 | 000,070,296 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsock.sys -- (vsock)
DRV:64bit: - [2012/10/24 14:17:10 | 000,085,104 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2012/10/12 07:54:54 | 000,015,776 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:64bit: - [2012/10/12 07:20:38 | 000,081,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:64bit: - [2012/10/12 07:20:38 | 000,013,728 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2012/08/30 14:22:06 | 000,050,288 | ---- | M] (UB658) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ElgatoGC658.sys -- (ElgatoGC658Y)
DRV:64bit: - [2012/08/27 04:36:57 | 000,026,736 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aPs2Kb2Hid.sys -- (Ps2Kb2Hid)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/15 10:48:16 | 000,030,720 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tapoas.sys -- (tapoas)
DRV:64bit: - [2012/07/09 12:43:12 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/07/02 22:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/19 10:49:42 | 000,070,744 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiSDa.sys -- (bScsiSDa)
DRV:64bit: - [2012/06/18 15:20:52 | 000,055,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiMSa.sys -- (bScsiMSa)
DRV:64bit: - [2012/06/15 14:47:12 | 000,072,280 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdbd.sys -- (b57xdbd)
DRV:64bit: - [2012/06/15 14:47:10 | 000,021,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdmp.sys -- (b57xdmp)
DRV:64bit: - [2010/07/09 03:51:38 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2010/07/01 15:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2010/04/20 02:35:14 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2008/12/26 12:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer)
DRV:64bit: - [2005/06/14 13:01:16 | 000,296,448 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\hardlock.sys -- (Hardlock)
DRV - [2014/03/13 16:43:02 | 000,121,616 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)
DRV - [2014/01/02 11:55:31 | 000,004,096 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Program Files (x86)\Common Files\Avnex\vcs64.sys -- (vcs)
DRV - [2013/11/29 09:31:28 | 000,017,008 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\ampa.sys -- (ampa)
DRV - [2013/07/02 09:26:31 | 002,098,776 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130711.001\ex64.sys -- (NAVEX15)
DRV - [2013/07/02 09:26:31 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/07/02 09:26:31 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130711.001\eng64.sys -- (NAVENG)
DRV - [2013/06/21 14:07:04 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20130710.001\IDSviA64.sys -- (IDSVia64)
DRV - [2013/05/21 04:41:34 | 001,393,240 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20130702.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013/01/03 18:14:22 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {EC025471-03A9-43A1-895E-72F76BF1511B}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{EC025471-03A9-43A1-895E-72F76BF1511B}: "URL" = http://www.bing.com/...E10TR&pc=MAARJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{EC025471-03A9-43A1-895E-72F76BF1511B}: "URL" = http://www.bing.com/...E10TR&pc=MAARJS
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultNetworkProfile =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.aol.com/?...gusaolp00000013 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: "URL" = http://uk.search.yah...}&fr=chr-comodo
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..extensions.enabledAddons: %7B81BF1D23-5F17-408D-AC6B-BD6DF7CAF670%7D:8.8.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\WINDOWS\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2: C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2: C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@acestream.net/acestreamplugin,version=3.0.3: C:\Users\Betrayed\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Betrayed\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Betrayed\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Betrayed\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tightropeinteractive.com/Plugin: C:\Users\Betrayed\AppData\Local\TNT2\2.0.0.1534\npTNT2.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Betrayed\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Betrayed\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Betrayed\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\IPSFFPlgn\ [2013/06/23 19:27:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\coFFPlgn\ [2014/12/06 16:26:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/12/06 16:42:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/12/04 16:48:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/12/06 16:42:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/12/04 16:48:32 | 000,000,000 | ---D | M]
[2013/09/12 19:24:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Betrayed\AppData\Roaming\mozilla\Extensions
[2013/01/03 18:40:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Betrayed\AppData\Roaming\mozilla\Firefox\extensions
[2013/01/03 18:40:51 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\Betrayed\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
[2014/11/16 22:38:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Betrayed\AppData\Roaming\mozilla\Firefox\Profiles\2cq6g9ts.default\extensions
[2014/06/10 14:16:52 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\Betrayed\AppData\Roaming\mozilla\Firefox\Profiles\2cq6g9ts.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2013/10/05 09:38:23 | 000,000,000 | ---D | M] (AOL Messaging Toolbar) -- C:\Users\Betrayed\AppData\Roaming\mozilla\Firefox\Profiles\2cq6g9ts.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
[2014/11/16 22:38:16 | 000,000,000 | ---D | M] (AS Magic Player) -- C:\Users\Betrayed\AppData\Roaming\mozilla\Firefox\Profiles\2cq6g9ts.default\extensions\[email protected]
[2014/01/12 15:11:05 | 000,095,372 | ---- | M] () (No name found) -- C:\Users\Betrayed\AppData\Roaming\mozilla\firefox\profiles\2cq6g9ts.default\extensions\[email protected]
[2014/06/09 14:04:44 | 000,967,387 | ---- | M] () (No name found) -- C:\Users\Betrayed\AppData\Roaming\mozilla\firefox\profiles\2cq6g9ts.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/10/05 09:38:45 | 000,002,599 | ---- | M] () -- C:\Users\Betrayed\AppData\Roaming\mozilla\firefox\profiles\2cq6g9ts.default\searchplugins\AOL Search.xml
[2014/12/06 16:43:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/06/26 18:37:34 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: AdobeAAMDetect (Enabled) = C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
CHR - plugin: AdobeExManDetect (Enabled) = C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll
CHR - plugin: IntelÃÂî Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: IntelÃÂî Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Java Deployment Toolkit 7.0.450.18 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java Platform SE 7 U45 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: WildTangent Games App V2 Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Betrayed\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Betrayed\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Betrayed\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
CHR - plugin: npAPI Plugin (Enabled) = C:\Users\Betrayed\AppData\Local\TNT2\2.0.0.1534\npTNT2.dll
CHR - plugin: npAPI Ghost Plugin (Enabled) = C:\Users\Betrayed\AppData\Local\TNT2\2.0.0.1534\npTNT2ghost.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Betrayed\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Betrayed\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\Betrayed\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc\2013.4.13.7_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbmbfafhdccfgdgnbkgogehiklmemkoh\4.7.7_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbmbfafhdccfgdgnbkgogehiklmemkoh\4.7.8_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.6_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.8_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk\2.20_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk\2.23_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\3.8.52_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\gehbfoiecdniogejojbjnchahielljjl\1.0.0_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.10.3_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.14.4_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio\1.5.610_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\3.9.11_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\3.9.480_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfmkllfplegemejikoabfpjdaoncphip\1.2_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp\6.0.12_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.3_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
O1 HOSTS File: ([2014/06/16 18:38:24 | 000,000,768 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2:64bit: - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
O2 - BHO: (Microsoft Web Test Recorder 12.0 Helper) - {432dd630-7e03-4c97-9d62-b99f52df4fc2} - C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [ProxyCap] C:\PROGRA~1\PROXYL~1\ProxyCap\pcapui.exe File not found
O4 - HKLM..\Run: [Adobe Creative Cloud] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BakupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe ()
O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKCU..\Run: [AceStream] C:\Users\Betrayed\AppData\Roaming\ACEStream\engine\ace_engine.exe ()
O4 - HKCU..\Run: [BitTorrent] C:\Users\Betrayed\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc.)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Betrayed\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe (Nota Inc.)
O4 - HKCU..\Run: [LightShot] C:\Users\Betrayed\AppData\Local\Skillbrains\lightshot\Lightshot.exe ()
O4 - HKCU..\Run: [MoodEditor.exe] C:\Program Files (x86)\Pamela RichMood Editor\MoodEditor.exe (Scendix Software-Vertriebsges. mbH)
O4 - HKCU..\Run: [Nonoh] "C:\Program Files (x86)\Nonoh.net\Nonoh\Nonoh.exe" -nosplash -minimized File not found
O4 - HKCU..\Run: [puush] C:\Program Files (x86)\puush\puush.exe File not found
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (Sandboxie Holdings, LLC)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Betrayed\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKCU..\Run: [uTorrent] C:\Users\Betrayed\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - Startup: C:\Users\Betrayed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Betrayed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" (Qualcomm Atheros Commnucations)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableFirstLogonAnimation = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisplayLastLogonInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPreviewPane = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogOff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWinkeys = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCANetwork = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAVolume = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\PrxerNsp.dll ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\PrxerNsp.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.6.2.cab (DLM Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8EBAA0E9-1424-4547-A686-721AD76AEF29}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A10F49CF-5495-47E9-9E07-DCA82E339E8D}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B07883F5-6B3E-43FB-BDEA-9F127BC712F2}: DhcpNameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C3D6A323-A012-454B-AFC2-7EB4A3A29421}: DhcpNameServer = 10.211.254.254 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DC8370D2-539D-4B98-B83B-F7C868E08073}: DhcpNameServer = 8.8.8.8
O18:64bit: - Protocol\Handler\dssrequest - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\sacore - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest - No CLSID value found
O18 - Protocol\Handler\sacore - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (ampa)
O34 - HKLM BootExecute: (NT_)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/12/06 16:52:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/12/06 16:52:09 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2014/12/06 16:51:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/12/06 16:49:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Betrayed\Desktop\OTL.exe
[2014/12/06 16:48:44 | 000,000,000 | ---D | C] -- C:\742b1cc9c820255a6762987d98
[2014/12/04 17:47:00 | 000,106,976 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/12/04 17:46:59 | 000,714,208 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/12/04 00:08:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo
[2014/12/03 20:30:03 | 016,874,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2014/12/03 20:30:02 | 012,730,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2014/12/03 20:29:58 | 002,389,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10warp.dll
[2014/12/03 20:29:54 | 002,145,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2014/12/03 20:29:54 | 002,141,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2014/12/03 20:29:52 | 001,600,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\workfolderssvc.dll
[2014/12/03 20:29:51 | 001,231,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2014/12/03 20:29:50 | 000,889,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2014/12/03 20:29:49 | 002,574,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVDECOD.DLL
[2014/12/03 20:29:49 | 000,707,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2014/12/03 20:29:48 | 002,050,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRH.dll
[2014/12/03 20:29:48 | 001,182,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\printui.dll
[2014/12/03 20:29:48 | 000,882,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2014/12/03 20:29:47 | 002,410,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVDECOD.DLL
[2014/12/03 20:29:47 | 001,992,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsPrint.dll
[2014/12/03 20:29:47 | 001,287,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll
[2014/12/03 20:29:47 | 000,486,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netcfgx.dll
[2014/12/03 20:29:46 | 001,057,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\printui.dll
[2014/12/03 20:29:46 | 001,029,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll
[2014/12/03 20:29:46 | 000,770,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkfoldersControl.dll
[2014/12/03 20:29:46 | 000,544,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxPackaging.dll
[2014/12/03 20:29:46 | 000,391,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netcfgx.dll
[2014/12/03 20:29:45 | 001,741,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SRH.dll
[2014/12/03 20:29:45 | 001,018,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aclui.dll
[2014/12/03 20:29:45 | 000,412,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2014/12/03 20:29:45 | 000,371,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanmsm.dll
[2014/12/03 20:29:45 | 000,360,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfreadwrite.dll
[2014/12/03 20:29:44 | 000,889,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aclui.dll
[2014/12/03 20:29:44 | 000,645,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SHCore.dll
[2014/12/03 20:29:44 | 000,474,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxPackaging.dll
[2014/12/03 20:29:44 | 000,355,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfreadwrite.dll
[2014/12/03 20:29:43 | 000,439,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Bluetooth.dll
[2014/12/03 20:29:43 | 000,302,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanmsm.dll
[2014/12/03 20:29:42 | 002,397,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storagewmi.dll
[2014/12/03 20:29:42 | 000,180,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mftranscode.dll
[2014/12/03 20:29:41 | 001,660,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2014/12/03 20:29:41 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comdlg32.dll
[2014/12/03 20:29:41 | 000,477,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SHCore.dll
[2014/12/03 20:29:41 | 000,427,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clusapi.dll
[2014/12/03 20:29:41 | 000,287,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usbmon.dll
[2014/12/03 20:29:41 | 000,205,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mftranscode.dll
[2014/12/03 20:29:40 | 001,519,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2014/12/03 20:29:40 | 000,487,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winspool.drv
[2014/12/03 20:29:40 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wisp.dll
[2014/12/03 20:29:39 | 001,488,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2014/12/03 20:29:39 | 001,463,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsecedit.dll
[2014/12/03 20:29:39 | 001,356,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2014/12/03 20:29:38 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clusapi.dll
[2014/12/03 20:29:38 | 000,160,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmmbase.dll
[2014/12/03 20:29:38 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiFiDisplay.dll
[2014/12/03 20:29:37 | 001,817,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Display.dll
[2014/12/03 20:29:37 | 001,404,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\storagewmi.dll
[2014/12/03 20:29:37 | 000,576,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSync.dll
[2014/12/03 20:29:37 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VAN.dll
[2014/12/03 20:29:37 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\conhost.exe
[2014/12/03 20:29:36 | 001,844,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Display.dll
[2014/12/03 20:29:36 | 000,834,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\osk.exe
[2014/12/03 20:29:36 | 000,211,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SndVol.exe
[2014/12/03 20:29:36 | 000,127,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmmbase.dll
[2014/12/03 20:29:36 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxSip.dll
[2014/12/03 20:29:36 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFoldersGPExt.dll
[2014/12/03 20:29:35 | 000,387,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcryptprimitives.dll
[2014/12/03 20:29:35 | 000,233,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2014/12/03 20:29:35 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanapi.dll
[2014/12/03 20:29:35 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wisp.dll
[2014/12/03 20:29:34 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.dll
[2014/12/03 20:29:34 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.dll
[2014/12/03 20:29:34 | 000,335,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcryptprimitives.dll
[2014/12/03 20:29:34 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\NdisImPlatform.sys
[2014/12/03 20:29:34 | 000,125,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmapi.dll
[2014/12/03 20:29:34 | 000,123,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmm.dll
[2014/12/03 20:29:34 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxSip.dll
[2014/12/03 20:29:33 | 001,656,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2014/12/03 20:29:33 | 001,319,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsecedit.dll
[2014/12/03 20:29:33 | 001,089,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpedit.dll
[2014/12/03 20:29:33 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFoldersShell.dll
[2014/12/03 20:29:32 | 001,290,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsPrint.dll
[2014/12/03 20:29:31 | 000,448,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VAN.dll
[2014/12/03 20:29:31 | 000,180,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SndVol.exe
[2014/12/03 20:29:30 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\stobject.dll
[2014/12/03 20:29:30 | 000,263,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe
[2014/12/03 20:29:30 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmcsp.dll
[2014/12/03 20:29:30 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxSysprep.dll
[2014/12/03 20:29:29 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gpedit.dll
[2014/12/03 20:29:29 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActionCenter.dll
[2014/12/03 20:29:29 | 000,432,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanconn.dll
[2014/12/03 20:29:29 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dab.dll
[2014/12/03 20:29:28 | 000,779,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\osk.exe
[2014/12/03 20:29:28 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanapi.dll
[2014/12/03 20:29:28 | 000,216,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rsaenh.dll
[2014/12/03 20:29:27 | 000,659,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Bluetooth.dll
[2014/12/03 20:29:27 | 000,557,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PrintDialogs.dll
[2014/12/03 20:29:27 | 000,459,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSync.dll
[2014/12/03 20:29:27 | 000,432,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.dll
[2014/12/03 20:29:27 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansvcpal.dll
[2014/12/03 20:29:26 | 000,832,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActionCenter.dll
[2014/12/03 20:29:26 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\powercfg.cpl
[2014/12/03 20:29:26 | 000,183,808 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\SysNative\Defrag.exe
[2014/12/03 20:29:26 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDRUM.DLL
[2014/12/03 20:29:26 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDRUM.DLL
[2014/12/03 20:29:25 | 001,351,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2014/12/03 20:29:25 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\powercfg.cpl
[2014/12/03 20:29:25 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDRU1.DLL
[2014/12/03 20:29:25 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDBASH.DLL
[2014/12/03 20:29:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDRU.DLL
[2014/12/03 20:29:24 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BluetoothApis.dll
[2014/12/03 20:29:24 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDYAK.DLL
[2014/12/03 20:29:24 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDYAK.DLL
[2014/12/03 20:29:24 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDRU1.DLL
[2014/12/03 20:29:24 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDBASH.DLL
[2014/12/03 20:29:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDRU.DLL
[2014/12/03 20:29:22 | 001,144,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanmm.dll
[2014/12/03 20:29:22 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PrintDialogs.dll
[2014/12/03 20:29:22 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SndVolSSO.dll
[2014/12/03 20:29:22 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDTAT.DLL
[2014/12/03 20:29:22 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDTAT.DLL
[2014/12/03 20:29:21 | 002,100,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlowUI.dll
[2014/12/03 20:29:21 | 000,443,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansec.dll
[2014/12/03 20:29:21 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BluetoothApis.dll
[2014/12/03 20:29:20 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDTT102.DLL
[2014/12/03 20:29:20 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDTT102.DLL
[2014/12/03 20:20:59 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll
[2014/12/03 20:20:59 | 000,514,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll
[2014/12/03 20:20:50 | 008,757,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Search.dll
[2014/12/03 20:20:49 | 006,649,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2014/12/03 20:20:49 | 005,777,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2014/12/03 20:20:49 | 004,758,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2014/12/03 20:20:48 | 005,902,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2014/12/03 20:20:48 | 001,112,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2014/12/03 20:20:47 | 001,710,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2014/12/03 20:20:47 | 001,507,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll
[2014/12/03 20:20:46 | 001,106,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFolder.dll
[2014/12/03 20:20:45 | 000,359,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wldap32.dll
[2014/12/03 20:20:42 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll
[2014/12/03 20:20:41 | 000,756,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2014/12/03 20:20:40 | 000,920,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2014/12/03 20:20:40 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2014/12/03 20:20:38 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2014/12/03 20:20:38 | 000,468,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2014/12/03 20:20:38 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2014/12/03 20:20:37 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcsvDevice.dll
[2014/12/03 20:20:36 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdvidcrl.dll
[2014/12/03 20:20:36 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdvidcrl.dll
[2014/12/03 20:20:36 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ProximityService.dll
[2014/12/03 20:20:36 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveShell.dll
[2014/12/03 20:20:36 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SkyDriveShell.dll
[2014/12/03 20:20:36 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\httpprxm.dll
[2014/12/03 20:20:36 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adhsvc.dll
[2014/12/03 20:20:35 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/12/03 20:20:35 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/12/03 19:57:26 | 004,443,312 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerInstaller.exe
[2014/12/01 15:51:16 | 000,045,112 | -H-- | C] (LogMeIn Inc.) -- C:\WINDOWS\SysNative\drivers\Hamdrv.sys
[2014/11/16 22:38:38 | 000,000,000 | -H-D | C] -- C:\_acestream_cache_
[2014/11/16 22:38:34 | 000,000,000 | ---D | C] -- C:\Users\Betrayed\AppData\Roaming\.ACEStream
[2014/11/16 22:38:20 | 000,000,000 | ---D | C] -- C:\Users\Betrayed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream Media
[2014/11/16 22:37:30 | 000,000,000 | ---D | C] -- C:\Users\Betrayed\AppData\Roaming\ACEStream
[2014/11/15 23:54:10 | 007,484,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2014/11/15 23:54:04 | 002,714,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2014/11/15 23:54:03 | 013,424,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2014/11/15 23:54:01 | 001,053,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2014/11/15 23:54:00 | 000,941,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2014/11/15 23:54:00 | 000,836,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2014/11/15 23:53:59 | 000,921,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2014/11/15 23:53:58 | 011,820,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2014/11/15 23:53:57 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2014/11/15 23:53:57 | 000,670,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2014/11/15 23:53:56 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2014/11/15 23:53:56 | 000,474,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys
[2014/11/15 23:53:54 | 000,822,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2014/11/15 23:53:54 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\puiobj.dll
[2014/11/15 23:53:52 | 000,334,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\puiobj.dll
[2014/11/15 23:53:52 | 000,263,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DafPrintProvider.dll
[2014/11/15 23:53:51 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DafPrintProvider.dll
[2014/11/15 23:53:50 | 000,428,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2014/11/15 23:53:48 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\prnntfy.dll
[2014/11/15 23:53:47 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\prnntfy.dll
[2014/11/15 23:53:47 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\puiapi.dll
[2014/11/15 23:53:47 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\puiapi.dll
[2014/11/15 23:53:46 | 000,545,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\untfs.dll
[2014/11/15 23:53:46 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\untfs.dll
[2014/11/15 23:53:45 | 000,615,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOMEX.dll
[2014/11/15 23:53:44 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\compstui.dll
[2014/11/15 23:53:44 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSAPI.dll
[2014/11/15 23:53:44 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FXSAPI.dll
[2014/11/15 23:53:43 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll
[2014/11/15 23:50:29 | 001,519,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2014/11/15 23:50:29 | 000,258,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys
[2014/11/15 23:50:29 | 000,114,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdNisDrv.sys
[2014/11/15 23:50:29 | 000,035,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys
[2014/11/15 23:50:29 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winshfhc.dll
[2014/11/15 23:50:29 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winshfhc.dll
[2014/11/15 23:45:29 | 003,320,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2014/11/15 23:45:29 | 002,773,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2014/11/15 23:45:29 | 002,459,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014/11/15 23:45:21 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msihnd.dll
[2014/11/15 23:45:21 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msihnd.dll
[2014/11/15 23:45:21 | 000,116,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\consent.exe
[2014/11/15 23:44:54 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapisrv.dll
[2014/11/15 23:44:54 | 000,104,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptsslp.dll
[2014/11/15 23:44:54 | 000,088,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptsslp.dll
[2014/11/15 23:40:21 | 003,547,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2014/11/15 23:40:20 | 001,441,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2014/11/15 23:40:20 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\adtschema.dll
[2014/11/15 23:40:20 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adtschema.dll
[2014/11/15 23:40:20 | 000,445,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certcli.dll
[2014/11/15 23:40:20 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certcli.dll
[2014/11/15 23:40:19 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msaudite.dll
[2014/11/15 23:40:19 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msaudite.dll
[2014/11/15 23:40:19 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2014/11/15 23:40:19 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rfxvmt.dll
[2014/11/15 23:40:19 | 000,027,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys
[2014/11/15 23:38:28 | 000,789,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2014/11/15 23:38:26 | 000,894,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2014/11/15 23:38:26 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2014/11/15 23:38:26 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2014/11/15 23:38:25 | 001,714,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2014/11/15 23:38:25 | 000,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2014/11/15 23:38:25 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2014/11/15 23:38:25 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2014/11/15 23:38:25 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2014/11/15 23:38:25 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2014/11/15 23:38:25 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2014/11/15 23:38:25 | 000,055,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2014/11/15 23:38:25 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2014/11/15 23:38:25 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2014/11/15 23:38:25 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2014/11/15 23:38:25 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuaext.dll
[2014/11/15 23:37:04 | 006,040,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014/11/15 23:36:57 | 002,865,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2014/11/15 23:36:57 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2014/11/15 23:36:57 | 000,812,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2014/11/15 23:36:57 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014/11/15 23:36:57 | 000,661,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2014/11/15 23:36:57 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieui.dll
[2014/11/15 23:36:56 | 002,124,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014/11/15 23:36:56 | 002,051,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014/11/15 23:36:56 | 000,799,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014/11/15 23:36:56 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014/11/15 23:36:56 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2014/11/15 23:36:56 | 000,580,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2014/11/15 23:36:56 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2014/11/15 23:36:56 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieui.dll
[2014/11/15 23:36:56 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2014/11/15 23:36:55 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014/11/15 23:36:55 | 000,417,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\html.iec
[2014/11/15 23:36:55 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\html.iec
[2014/11/15 23:36:55 | 000,237,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\url.dll
[2014/11/15 23:36:55 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\url.dll
[2014/11/15 23:36:55 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014/11/15 23:36:55 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014/11/15 23:36:55 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iexpress.exe
[2014/11/15 23:36:55 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\occache.dll
[2014/11/15 23:36:55 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iexpress.exe
[2014/11/15 23:36:55 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iepeers.dll
[2014/11/15 23:36:55 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe
[2014/11/15 23:36:55 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wextract.exe
[2014/11/15 23:36:55 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wextract.exe
[2014/11/15 23:36:55 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IEAdvpack.dll
[2014/11/15 23:36:55 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\occache.dll
[2014/11/15 23:36:55 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iepeers.dll
[2014/11/15 23:36:55 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe
[2014/11/15 23:36:55 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2014/11/15 23:36:55 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IEAdvpack.dll
[2014/11/15 23:36:55 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesysprep.dll
[2014/11/15 23:36:55 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hlink.dll
[2014/11/15 23:36:55 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inseng.dll
[2014/11/15 23:36:55 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2014/11/15 23:36:55 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inseng.dll
[2014/11/15 23:36:55 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesysprep.dll
[2014/11/15 23:36:55 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll
[2014/11/15 23:36:55 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdc.ocx
[2014/11/15 23:36:55 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JavaScriptCollectionAgent.dll
[2014/11/15 23:36:55 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014/11/15 23:36:55 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdc.ocx
[2014/11/15 23:36:55 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2014/11/15 23:36:55 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pngfilt.dll
[2014/11/15 23:36:55 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MshtmlDac.dll
[2014/11/15 23:36:55 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2014/11/15 23:36:55 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JavaScriptCollectionAgent.dll
[2014/11/15 23:36:55 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pngfilt.dll
[2014/11/15 23:36:55 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imgutil.dll
[2014/11/15 23:36:55 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll
[2014/11/15 23:36:55 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll
[2014/11/15 23:36:55 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2014/11/15 23:36:55 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\licmgr10.dll
[2014/11/15 23:36:55 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2014/11/15 23:36:55 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\licmgr10.dll
[2014/11/15 23:36:55 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshta.exe
[2014/11/15 23:36:55 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeedssync.exe
[2014/11/15 23:36:55 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msfeedssync.exe
[2014/11/15 23:33:31 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\packager.dll
[2014/11/15 23:33:31 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\packager.dll
[2014/11/15 23:30:34 | 000,500,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2014/11/15 23:30:34 | 000,482,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2014/11/15 23:30:34 | 000,394,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2014/11/15 23:30:34 | 000,344,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll
[2014/11/15 23:30:34 | 000,272,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2014/11/15 23:30:34 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2014/11/15 23:30:34 | 000,108,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EncDump.dll
========== Files - Modified Within 30 Days ==========
[2014/12/06 17:29:00 | 000,000,924 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/12/06 17:24:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\update-sys.job
[2014/12/06 16:57:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/12/06 16:50:32 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2014/12/06 16:49:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Betrayed\Desktop\OTL.exe
[2014/12/06 16:44:37 | 000,000,020 | ---- | M] () -- C:\WINDOWS\7373F317-67C5-4211-8A4A-86AAC7E77C31.DSI
[2014/12/06 16:42:02 | 000,000,956 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3815044672-3107833778-2507571291-1001UA.job
[2014/12/06 16:30:51 | 000,960,752 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/12/06 16:30:51 | 000,803,092 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/12/06 16:30:51 | 000,166,646 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/12/06 16:24:07 | 000,000,920 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/12/06 16:23:35 | 000,119,296 | ---- | M] () -- C:\WINDOWS\SysWow64\zlib.dll
[2014/12/06 16:23:06 | 000,000,478 | -H-- | M] () -- C:\WINDOWS\tasks\SK.Enhancer-S-161304646.job
[2014/12/06 16:23:06 | 000,000,404 | -H-- | M] () -- C:\WINDOWS\tasks\MagniPicUpdaterTask{A41D3767-63DC-41A8-A0C1-2205A1A46D08}.job
[2014/12/06 16:22:01 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/12/06 16:21:53 | 704,032,767 | -HS- | M] () -- C:\hiberfil.sys
[2014/12/06 01:12:01 | 000,000,976 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3815044672-3107833778-2507571291-1001UA.job
[2014/12/05 23:58:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\update-S-1-5-21-3815044672-3107833778-2507571291-1001.job
[2014/12/05 22:44:10 | 005,331,728 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/12/04 19:12:00 | 000,000,954 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3815044672-3107833778-2507571291-1001Core.job
[2014/12/04 16:54:16 | 000,000,838 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/12/04 16:47:08 | 000,001,846 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini
[2014/12/04 00:08:14 | 000,057,096 | ---- | M] (COMODO CA Limited) -- C:\WINDOWS\SysNative\certsentry.dll
[2014/12/04 00:08:14 | 000,048,392 | ---- | M] (COMODO CA Limited) -- C:\WINDOWS\SysWow64\certsentry.dll
[2014/12/03 19:59:10 | 000,000,455 | ---- | M] () -- C:\Users\Betrayed\AppData\Local\UserProducts.xml
[2014/12/03 19:57:26 | 004,443,312 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerInstaller.exe
[2014/12/01 15:51:16 | 000,045,112 | -H-- | M] (LogMeIn Inc.) -- C:\WINDOWS\SysNative\drivers\Hamdrv.sys
[2014/11/20 20:51:37 | 000,714,208 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/11/20 20:51:37 | 000,106,976 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/11/15 22:18:16 | 000,001,074 | ---- | M] () -- C:\Users\Betrayed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/11/15 22:17:43 | 000,000,898 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3815044672-3107833778-2507571291-1001Core1d00121f6956c9c.job
[2014/11/15 22:17:37 | 000,000,898 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3815044672-3107833778-2507571291-1001Core1cf8fc34a17564.job
========== Files Created - No Company Name ==========
[2014/12/06 16:44:37 | 000,000,020 | ---- | C] () -- C:\WINDOWS\7373F317-67C5-4211-8A4A-86AAC7E77C31.DSI
[2014/12/04 16:54:15 | 000,000,838 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/11/15 23:54:14 | 000,389,176 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/11/15 22:18:15 | 000,001,074 | ---- | C] () -- C:\Users\Betrayed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/11/15 22:17:37 | 000,000,898 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3815044672-3107833778-2507571291-1001Core1d00121f6956c9c.job
[2014/06/11 11:14:28 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2014/05/22 18:03:16 | 000,119,296 | ---- | C] () -- C:\WINDOWS\SysWow64\zlib.dll
[2014/05/22 18:03:16 | 000,057,344 | ---- | C] () -- C:\WINDOWS\SysWow64\ADsSecurity.dll
[2014/05/13 21:09:51 | 000,000,000 | -HS- | C] () -- C:\Users\Betrayed\AppData\Local\LumaEmu
[2014/05/04 14:46:04 | 000,000,854 | ---- | C] () -- C:\WINDOWS\ampa.ini
[2014/05/04 14:35:12 | 001,806,960 | ---- | C] () -- C:\WINDOWS\ampa.exe
[2014/05/04 14:35:12 | 000,017,008 | ---- | C] () -- C:\WINDOWS\SysWow64\ampa.sys
[2014/04/25 11:53:53 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/04/13 21:03:56 | 000,299,520 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2014/04/13 21:03:53 | 000,182,272 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2014/04/13 21:03:53 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2014/04/10 19:03:35 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/04/08 20:13:38 | 000,000,600 | ---- | C] () -- C:\Users\Betrayed\AppData\Roaming\winscp.rnd
[2014/04/08 19:27:45 | 000,000,600 | ---- | C] () -- C:\Users\Betrayed\AppData\Local\PUTTY.RND
[2014/04/08 18:29:29 | 000,056,424 | ---- | C] () -- C:\WINDOWS\SysWow64\PrxerNsp.dll
[2014/03/28 19:43:05 | 000,443,080 | ---- | C] () -- C:\WINDOWS\SysWow64\GSService.exe
[2014/03/18 16:44:53 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/02/16 16:26:27 | 000,000,115 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2014/02/15 14:33:13 | 000,001,846 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2014/02/13 18:43:31 | 000,000,132 | ---- | C] () -- C:\Users\Betrayed\AppData\Roaming\Adobe GIF Format CC Prefs
[2014/01/12 16:15:23 | 000,000,046 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2014/01/11 11:24:50 | 000,000,017 | ---- | C] () -- C:\Users\Betrayed\AppData\Local\resmon.resmoncfg
[2013/12/31 18:21:26 | 000,000,258 | RHS- | C] () -- C:\Users\Betrayed\ntuser.pol
[2013/12/31 17:38:46 | 000,965,390 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013/09/19 22:04:46 | 000,331,776 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\sbcrreag.dll
[2013/08/22 15:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 15:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 14:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat2.dat
[2013/08/22 07:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/22 03:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 23:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 23:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/08/15 21:19:23 | 000,167,245 | ---- | C] () -- C:\Users\Betrayed\AppData\Roaming\7223.png
[2013/08/15 21:19:18 | 000,167,245 | ---- | C] () -- C:\Users\Betrayed\AppData\Roaming\34865.png
[2013/08/15 21:16:55 | 001,002,383 | ---- | C] () -- C:\Users\Betrayed\AppData\Roaming\25929.png
[2013/08/15 21:16:39 | 001,002,164 | ---- | C] () -- C:\Users\Betrayed\AppData\Roaming\31317.png
[2013/08/02 22:02:42 | 000,000,132 | ---- | C] () -- C:\Users\Betrayed\AppData\Roaming\Adobe IllExport Filter CC Prefs
[2013/08/01 19:53:25 | 000,000,132 | ---- | C] () -- C:\Users\Betrayed\AppData\Roaming\Adobe PNG Format CC Prefs
[2013/06/01 08:07:43 | 000,052,167 | ---- | C] () -- C:\WINDOWS\RFC4DPluginUninstall.exe
[2013/05/12 13:18:28 | 000,452,096 | ---- | C] () -- C:\WINDOWS\SysWow64\nmap.exe
[2013/05/12 13:18:28 | 000,290,816 | ---- | C] () -- C:\WINDOWS\SysWow64\nmapserv.exe
[2013/05/11 13:27:51 | 000,001,456 | ---- | C] () -- C:\Users\Betrayed\AppData\Local\Adobe Save for Web 13.0 Prefs
[2013/04/04 19:55:45 | 000,000,455 | ---- | C] () -- C:\Users\Betrayed\AppData\Local\UserProducts.xml
[2013/04/03 19:16:53 | 001,693,925 | ---- | C] () -- C:\Users\Betrayed\AppData\Roaming\14565.png
[2013/04/03 19:10:50 | 001,711,085 | ---- | C] () -- C:\Users\Betrayed\AppData\Roaming\32736.png
[2013/03/21 16:45:08 | 000,003,584 | ---- | C] () -- C:\Users\Betrayed\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/03/20 15:55:39 | 000,000,132 | ---- | C] () -- C:\Users\Betrayed\AppData\Roaming\Adobe IllExport Filter CS6 Prefs
[2013/03/03 19:34:27 | 000,000,132 | ---- | C] () -- C:\Users\Betrayed\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013/03/01 01:47:36 | 000,053,299 | ---- | C] () -- C:\WINDOWS\SysWow64\pthreadVC.dll
[2013/02/15 11:43:12 | 000,024,576 | ---- | C] () -- C:\WINDOWS\SysWow64\hdsuinst.exe
[2013/02/15 11:43:11 | 000,164,864 | ---- | C] () -- C:\WINDOWS\SysWow64\UNWISE.EXE
[2012/08/27 04:28:06 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
========== ZeroAccess Check ==========
[2013/12/31 21:26:04 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/08/31 00:15:33 | 021,197,152 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/08/30 22:59:13 | 018,723,112 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 09:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 02:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 09:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Alternate Data Streams ==========
@Alternate Data Stream - 199 bytes -> C:\Users\Betrayed\SkyDrive:ms-properties
@Alternate Data Stream - 128 bytes -> C:\WINDOWS\SysWow64\zlib.dll: SummaryInformation
@Alternate Data Stream - 128 bytes -> C:\WINDOWS\SysWow64\zlib.dll: DocumentSummaryInformation
@Alternate Data Stream - 12 bytes -> C:\Windows:{DA6227CB-326B-4B4D-9A81-04B61F1538DD}
< End of report >
OTL Extras logfile created on: 06/12/2014 17:33:22 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Betrayed\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17416)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
5.82 Gb Total Physical Memory | 3.71 Gb Available Physical Memory | 63.77% Memory free
6.76 Gb Paging File | 4.45 Gb Available in Paging File | 65.89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.34 Gb Total Space | 262.66 Gb Free Space | 56.45% Space Free | Partition Type: NTFS
Computer Name: BETRAYED | User Name: Betrayed | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0
"NoControlPanel" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
========== System Restore Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
"DisableConfig" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
"DisableConfig" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0205B1DA-0F8E-4100-BDB4-6EE58E2475AC}" = lport=6915 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{15FD816F-4770-40D0-9AA8-6AA536EB24A6}" = lport=6918 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 12.0\common7\ide\devenv.exe |
"{3C17B618-93B6-4126-9CA0-3275031B3657}" = lport=6916 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 12.0\common7\ide\devenv.exe |
"{45410156-7F66-43D2-8C46-1812E81B26A4}" = lport=6919 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{4EEE0CD9-2F17-4C28-B60C-468201BD75A4}" = lport=6918 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{50C54FEE-3226-494C-94A0-09AF72260F86}" = lport=6920 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 12.0\common7\ide\devenv.exe |
"{654F56F1-760D-44AD-8024-46001C916A57}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{6A3CAF69-79C4-419B-9186-F9A9FCECD995}" = lport=6919 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 12.0\common7\ide\devenv.exe |
"{7564C433-B8F7-4270-B873-BED23894D204}" = lport=6915 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 12.0\common7\ide\devenv.exe |
"{75CD1590-97EA-49A2-9D42-4520EF1A2059}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{7D9C4B07-8EBC-4223-A807-BB2E6C8C317F}" = lport=3702 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft visual studio 12.0\common7\ide\devenv.exe |
"{84F32052-65AF-495B-A3A2-ACA360B0BFF6}" = lport=6917 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 12.0\common7\ide\devenv.exe |
"{A46DA700-1363-4F6F-B289-854881975D93}" = lport=8317 | protocol=6 | dir=in | name=techsmith camtasia studio |
"{AB63F6B9-A846-4A73-9982-54E2465184E8}" = rport=51678 | protocol=6 | dir=out | name=mullvadmaster |
"{D04742C1-5B36-4B05-9C46-E1E092D73A95}" = lport=6920 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{E26C2B83-5D74-4D5E-9F63-CDC9D1E852C8}" = lport=3702 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\wdexpress.exe |
"{E7B01C15-447F-4680-BBD8-B00F3D29C5E1}" = lport=6916 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{EC635584-6ED4-43DA-966F-1BD0551C50B2}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F9F7E08D-3AC0-481B-AD79-65792F7F2CC8}" = lport=6917 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{009C1A55-7FEB-4DD6-AF5B-99CCDD239883}" = dir=out | name=the treasures of montezuma 3 |
"{0178514C-7581-4E43-A458-151585D4A641}" = dir=in | name=microsoft minesweeper |
"{059A11C3-7DD6-48E9-9D32-7AA4AE081E36}" = dir=out | name=acer explorer |
"{06FE2F4F-52C8-424E-8C4C-429530A0932F}" = dir=out | name=@{microsoft.bingweather_3.0.4.249_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{08292C48-DBE0-427D-8BB3-FCD247F21509}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe |
"{0C6C4AA4-8B5F-4646-9E4D-52EBE1E8DB5D}" = protocol=6 | dir=in | app=c:\users\Betrayed\appdata\roaming\bittorrent\bittorrent.exe |
"{0CF58353-C2CD-45C8-A694-7BE846BADB86}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{0DCC3736-C4EB-405F-B879-94D326D31F56}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{144D910D-CD6A-4E53-BA32-FAA6C62BA522}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{17DCCA78-2DC7-4855-9328-91E62F31B382}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead island epidemic\dead island epidemic - launcher.exe |
"{1E563D34-6AE4-4D19-933F-4FE7F56AFE54}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe |
"{1F56E802-A8E9-4D93-9AE6-4C2AFEAE68B4}" = protocol=6 | dir=out | app=c:\program files (x86)\bluetooth suite\bttray.exe |
"{2100D100-D6CB-4E00-8CA9-46358DE7116A}" = dir=in | app=c:\users\Betrayed\appdata\local\torch\plugins\torrent\torchtorrent.exe |
"{210FFEE5-B135-404B-A94A-DB0D075C8A29}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{221C7687-FFDE-4D37-A196-0CE030BCF166}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{251817CF-2095-48A8-8F06-94E7ADB7C161}" = protocol=1 | dir=in | name=mullvadicmp11 |
"{25327B1A-3B9F-45E3-AFA3-D06941754773}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe |
"{273CCCEA-5370-4B45-ADB7-C4EE589C6A5D}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{27D6E5A3-5268-4BC6-B9C3-F98E52D9B244}" = protocol=6 | dir=in | app=c:\users\Betrayed\appdata\roaming\utorrent\utorrent.exe |
"{27E9B3F7-14BB-4B06-85BF-E28ED67223A9}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{2AA2F322-06BA-4DBC-A243-5FEDD6F64470}" = dir=out | name=taptiles |
"{2BFB2279-D1AB-4AE7-97B5-536A5AA6400B}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe |
"{2DA674E7-9DFD-429D-9F20-90359824D202}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2DD24E5B-C690-4E27-8E0C-A2AFB6BAC586}" = protocol=17 | dir=out | name=mullvadopenvpn |
"{30320C68-E67A-480E-A48B-684519629437}" = dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe |
"{312D7FFF-1E7F-43DB-8D16-8B8B7E1EADD0}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe |
"{32F7EB09-6E35-4B0E-8084-1CEE6C810D89}" = dir=out | name=@{microsoft.zunemusic_1.1.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{343CF99B-EC48-47AE-A51B-359DAF041019}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{34BCACDB-F983-429B-BA4F-01C8D34ADEE2}" = dir=in | name=taptiles |
"{357EE8B2-E9E0-4DDA-BBDE-28BD5B84B00F}" = dir=out | name=@{microsoft.bingnews_3.0.4.213_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{364497C7-708B-4214-9B86-F8C6385B9684}" = protocol=17 | dir=in | app=c:\users\Betrayed\downloads\crossfire_downloader.exe |
"{370DE5DE-449B-4466-B226-BDF9A1615B0A}" = dir=out | name=@{microsoft.bingtravel_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{3801F185-FBEB-48E1-A0A6-06BCA76FE80A}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{3A7905FF-766B-40A2-85F9-C8C5D74F0298}" = dir=in | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{3C442D18-1F29-427B-9CB3-22E7BAB76E96}" = protocol=17 | dir=in | app=c:\users\Betrayed\appdata\local\ilivid\ilivid.exe |
"{3F44B990-9E55-4905-AC25-52B4BCEA2611}" = dir=out | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{41B2D3B0-70EB-4CCC-8C72-C30AFD1A3A83}" = dir=in | app=c:\users\Betrayed\appdata\local\microsoft\skydrive\skydrive.exe |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{4310DAE2-8DA6-4F40-B98F-8655984BB752}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe |
"{45B20D78-75AB-4890-9B80-10398DDBB0F5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead island epidemic\dead island epidemic - launcher.exe |
"{487703F8-7139-4C51-9805-DD663BF610F9}" = dir=out | name=@{microsoft.zunevideo_2.6.408.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{498DA65C-3688-48C9-93F0-E8ACAB16FB84}" = dir=in | name=check point vpn |
"{49C640AC-D4E1-496C-8A98-6FB7A5D755E8}" = dir=in | name=acer explorer |
"{4B400D4D-F923-4B8E-B9CF-822766E6AA53}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{4CBAF837-4D5C-421D-BD8D-1C4BC8F3963A}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{5037252E-DC27-4E96-BC2E-5254EB621CF3}" = dir=out | name=windows_ie_ac_001 |
"{539E1B79-29CD-4377-B1B4-A9C366F2B1A2}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer cloud\ccd.exe |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{5A1208A3-94FD-4967-B3EF-34FC001459DF}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{5C523787-5B0A-4BE3-B4FA-E7BC0658C424}" = dir=out | name=sonicwall mobile connect |
"{5CA051DD-978A-4F63-8765-F5F68C701827}" = dir=out | name=ebay |
"{5EB03FDD-8289-477E-86AE-5B00B4A07569}" = protocol=6 | dir=in | app=c:\users\Betrayed\appdata\local\ilivid\ilivid.exe |
"{5EF68C24-F2DB-4ECE-914A-C9CFF2F5AECA}" = dir=out | name=icookbook se |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{60BBBF5E-F09A-4D65-9677-43739365C2B9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe |
"{622F4DB4-5E05-43D2-ABE5-65ECD06C2ECB}" = protocol=6 | dir=in | app=c:\users\Betrayed\appdata\roaming\dropbox\bin\dropbox.exe |
"{69AAA68F-0059-40F2-A7BE-C2152D5CDE69}" = dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe |
"{6AB982BB-97AC-4814-BBBB-963FE9C82AD6}" = dir=out | name=shark dash |
"{6B0A6D33-10C1-4E41-A63F-377301DCD03B}" = protocol=17 | dir=in | app=c:\program files (x86)\popcorn time\popcorntimedesktop.exe |
"{6D252092-57AF-443C-A554-D7A6DA1EEC33}" = protocol=17 | dir=in | app=c:\users\Betrayed\appdata\roaming\utorrent\utorrent.exe |
"{6E54747F-8DE8-4A2D-B63E-6F3D17B3EE3D}" = protocol=17 | dir=in | app=c:\users\Betrayed\appdata\roaming\utorrent\utorrent.exe |
"{71464DE0-1535-4003-A38D-D623B1213E55}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{74B75B7F-E75F-48B7-AA3E-5D76438F54FE}" = protocol=17 | dir=in | app=c:\users\Betrayed\appdata\roaming\bittorrent\bittorrent.exe |
"{75A7F388-40CA-468A-BA7D-D5ECA21A7435}" = protocol=6 | dir=in | app=c:\program files (x86)\bluetooth suite\btvstack.exe |
"{7ADE2662-4A84-40FC-847D-B26863DB173D}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{7CF0A4CF-AB72-4C2F-AEC1-A5B44542CA60}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{7D0EF553-C251-4C8D-BFCA-8D9EFF33BFA7}" = dir=out | name=social jogger |
"{8014E31E-7A6C-4AFD-8464-72BE05C71689}" = dir=out | name=3d logo quiz |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{8189F225-40BF-4858-B621-51A2412C5A2D}" = protocol=6 | dir=in | app=c:\program files (x86)\bluetooth suite\bttray.exe |
"{82AC6978-070F-4D66-9E69-C049DC0D06D6}" = dir=in | name=juniper networks junos pulse |
"{848425CA-0CDD-424E-B651-70C4C2FF8F48}" = dir=in | name=f5 vpn |
"{863630FD-79AB-4CD0-8C99-53C687C0FAB4}" = dir=out | name=@{microsoft.bingsports_3.0.4.244_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{88372ABE-6677-4EFF-AF18-08B0C9AA84B8}" = protocol=17 | dir=in | app=c:\users\Betrayed\appdata\roaming\dropbox\bin\dropbox.exe |
"{8988CDE8-3353-41CE-84D3-A38498165BE2}" = dir=out | name=check point vpn |
"{8FF8C5BA-97E4-4677-B17D-076CDD5AC29C}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe |
"{8FFB2406-6913-49F4-8951-A5A24D42F53F}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe |
"{92D4EB48-EF5E-4121-81FD-8F4290040FF0}" = dir=in | app=c:\program files (x86)\nti\acer backup manager\ischedulesvc.exe |
"{994D5AD5-22B2-49AA-A2E2-FBFFAF74DD58}" = dir=out | name=@{microsoft.bingsports_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{9B54AAD7-5EC9-4428-A223-BFE6D153DCFC}" = dir=out | name=chacha |
"{9B76B6FD-D533-442B-9D9D-BC7495F20E80}" = dir=in | name=newsxpresso |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{9EC18037-37C1-4491-8785-7BF0316DC3D5}" = dir=out | name=@{microsoft.bingweather_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{9FED5255-1E6B-4CCF-810D-0362C5755C5B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe |
"{A05E3FB2-5FD6-4CEA-B53A-B312735D3582}" = dir=out | name=newsxpresso |
"{A30285B3-11EF-4805-B2FB-FC750B1E36D6}" = dir=out | name=@{microsoft.bingtravel_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{A5D2F082-8791-4D1B-9C45-77619C4F1BC9}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe |
"{A5F6F076-BA33-42DE-BD7E-2F255F5DCDD5}" = dir=out | name=cut the rope |
"{A6B5C25D-E02B-4A64-A4C3-2622F4ABBF51}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe |
"{A7431070-0C6B-4630-9685-EAABAA769DBF}" = dir=out | name=acer crystal eye |
"{AB28D6C8-AA94-46F4-8F24-384A601CAF6E}" = dir=out | name=f5 vpn |
"{ABBAB893-689A-4F4F-A443-718B9CC47019}" = dir=out | name=netflix |
"{AF3DF519-0CE8-488C-972A-00E14C261D3E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{B07C86A6-9805-4A17-AAE4-5F1EEFEBAF55}" = dir=in | app=c:\users\Betrayed\appdata\local\gcc\controller.exe |
"{B0E6D1C8-C903-4C23-AFCB-035E7641405F}" = protocol=6 | dir=in | app=c:\users\Betrayed\appdata\roaming\utorrent\utorrent.exe |
"{B1CF3669-1F72-466E-BCF2-11FC4883E371}" = dir=out | name=windows_ie_ac_001 |
"{B64A50E2-C6A9-4C91-BDFA-2D7A6144DA0B}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{C0CA5A1C-AC8A-48E9-841B-E468513D7A12}" = dir=in | app=c:\users\Betrayed\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{C22E7C7A-7041-44C9-A2D1-EEB3AE616480}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C493EAE8-ACF7-4D44-AF9D-38E92861C275}" = dir=in | app=c:\program files (x86)\nti\acer backup manager\backupmanager.exe |
"{C6CEDF69-363D-4338-ACDA-A21A35A68457}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{C9DDBE54-484C-4D59-B668-2C6042DD85B8}" = dir=out | name=@{microsoft.zunemusic_2.6.476.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{C9FBD01F-FBAA-4AE2-A7BD-711420B139A3}" = dir=out | name=kindle |
"{CC7E67FF-6355-4025-83B0-2804D7C01FD1}" = dir=out | name=@{microsoft.bingnews_1.7.0.27_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{D072D69F-BB06-41C6-8939-C75C07F915E7}" = dir=in | app=c:\program files (x86)\nti\acer backup manager\fileexplorer.exe |
"{D0B61C36-C605-4367-9F2C-5A6010874BE6}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{D10FEC10-176C-45E6-B4BB-115EE3F21DEE}" = dir=out | name=skype |
"{D1B6ABB2-2A18-4A59-9EDD-384F0EC71C0C}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{D3C613AB-81BE-444C-BAE9-367913295D4B}" = dir=out | name=microsoft minesweeper |
"{D3D4652D-3298-4729-A966-A1078FE9B945}" = dir=out | name=@{microsoft.xboxlivegames_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{D47D9165-2C87-47B6-A68E-406A5A4BBF9D}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{D4F25BE3-CBD1-4600-B8EA-E29B95957DD8}" = dir=out | name=windows_ie_ac_001 |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D6BE1B1B-C392-40FD-948F-704DE9E78EE6}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DD9C43D4-B771-47F8-8E50-409B1ED108AE}" = dir=out | name=@{microsoft.zunevideo_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{DDA37D8B-7C11-4555-B45D-9DDAD315AA9B}" = dir=in | name=skype |
"{DFB60CB5-E474-4906-AFC5-0DA262E1EEEB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe |
"{DFCA144E-40AC-44BA-9962-656E08CD5D6A}" = dir=out | name=@{microsoft.bingmaps_1.5.1.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{DFD17912-5BA8-4270-9F65-E36D48FE0191}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{E1494BE4-3BEE-4AC9-A6AE-7EFC698EAF84}" = dir=in | name=sonicwall mobile connect |
"{E162716D-AE47-4837-84D3-C4287E11F2EF}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer cloud\ccd.exe |
"{E3385CF2-751A-42EA-BA08-54492FC38AA7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{E3E7C534-BD0E-478D-AB20-F783EAED8157}" = dir=out | name=fresh paint |
"{E5DFF80C-868A-48BF-8FCB-116614C1FE56}" = protocol=6 | dir=in | app=c:\program files (x86)\popcorn time\popcorntimedesktop.exe |
"{E6DD7189-5A50-46AF-AEB2-3E13C33D6D16}" = dir=out | name=@{microsoft.bingfinance_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{E78AC134-733A-4CA6-8F21-354E21E28DC8}" = protocol=6 | dir=in | app=c:\program files (x86)\popcorn time\popcorntimeupdater.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EBE073F0-1383-480D-8EAB-DE176A44BF9D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EEDB1CE0-6612-4656-BBF1-C166B91CF36F}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe |
"{F290BE1E-9321-4E4A-8C54-D9ECC5702867}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F2969D37-96D3-4110-9553-655F617E325D}" = dir=out | name=@{microsoft.bingfinance_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{F2ABFFA1-2910-48FB-9ACB-6C0DC0B8AF09}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk21\video\videoplayer.exe |
"{F3379F12-C578-453B-B4D3-DFEF58836601}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{F45EF812-29C0-43A9-AAF6-A8FC8557DF53}" = protocol=6 | dir=in | app=c:\users\Betrayed\downloads\crossfire_downloader.exe |
"{F46E5185-F908-4BF7-B7BC-AFB9240B5F84}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{F540E0CF-A003-4963-878F-815A986FC7CF}" = protocol=6 | dir=out | app=c:\program files (x86)\bluetooth suite\win7ui.exe |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{FA894DC9-7889-47AC-B978-88723DA8AB22}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{FD014EA2-C9B5-4EFD-B5AB-CA891863CC08}" = dir=out | name=stumbleupon |
"{FDDF7201-2362-4A2F-86BF-294ABF40075F}" = dir=out | name=juniper networks junos pulse |
"{FF50CCCB-597C-4526-B2DD-5EADC245BCA1}" = protocol=17 | dir=in | app=c:\program files (x86)\popcorn time\popcorntimeupdater.exe |
"{FFB07587-B908-44FE-BE46-783A6B4F8F6C}" = dir=out | name=@{microsoft.bingmaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"TCP Query User{05097CFB-8D21-4046-B199-733294A51C96}C:\users\Betrayed\desktop\dc\dark-comet v5.3\dark-comet v5.3\darkcomet.exe" = protocol=6 | dir=in | app=c:\users\Betrayed\desktop\dc\dark-comet v5.3\dark-comet v5.3\darkcomet.exe |
"TCP Query User{21535104-675E-49E1-9AAF-143291F831E9}C:\users\Betrayed\desktop\utox.exe" = protocol=6 | dir=in | app=c:\users\Betrayed\desktop\utox.exe |
"TCP Query User{2549FCB5-4C4C-41FA-8AA7-5A127A59FE1A}C:\users\Betrayed\appdata\local\popcorn time\node-webkit\popcorn time.exe" = protocol=6 | dir=in | app=c:\users\Betrayed\appdata\local\popcorn time\node-webkit\popcorn time.exe |
"TCP Query User{332E461E-71C5-430C-97EF-AD942EAC34B8}C:\users\Betrayed\desktop\dark-comet v5.3\dark-comet v5.3\darkcomet.exe" = protocol=6 | dir=in | app=c:\users\Betrayed\desktop\dark-comet v5.3\dark-comet v5.3\darkcomet.exe |
"TCP Query User{3FC60272-266E-4FFE-8520-5CEAF0A2918C}C:\users\Betrayed\desktop\all folders\omni coin\omnicoin-qt.exe" = protocol=6 | dir=in | app=c:\users\Betrayed\desktop\all folders\omni coin\omnicoin-qt.exe |
"TCP Query User{41A923B1-2B19-4FC9-BEB0-F94BD45CB81D}C:\users\Betrayed\desktop\omni coin\omnicoin-qt.exe" = protocol=6 | dir=in | app=c:\users\Betrayed\desktop\omni coin\omnicoin-qt.exe |
"TCP Query User{43CBCEFC-1F42-4C57-A327-F15DC2493E1F}C:\users\Betrayed\appdata\local\temp\rar$exa0.187\utox.exe" = protocol=6 | dir=in | app=c:\users\Betrayed\appdata\local\temp\rar$exa0.187\utox.exe |
"TCP Query User{4CD11008-F756-4B84-B690-8B4C744466B4}C:\users\Betrayed\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\Betrayed\appdata\roaming\spotify\spotify.exe |
"TCP Query User{5F780BA3-2DA2-4C48-B67F-DF581BD96B11}C:\users\Betrayed\desktop\dayz for locos standalone, thanks to www.dayzmp.tk\dayz_v44.exe" = protocol=6 | dir=in | app=c:\users\Betrayed\desktop\dayz for locos standalone, thanks to www.dayzmp.tk\dayz_v44.exe |
"TCP Query User{5F836F9E-E2AF-40CC-BD4C-BF8E218E53E0}C:\program files\adobe\adobe after effects cs6\support files\afterfx.exe" = protocol=6 | dir=in | app=c:\program files\adobe\adobe after effects cs6\support files\afterfx.exe |
"TCP Query User{9F49B3B0-99AA-499A-BCB8-A834FC4C66D7}C:\users\Betrayed\appdata\local\temp\rar$exa0.783\windows\omnicoin-qt.exe" = protocol=6 | dir=in | app=c:\users\Betrayed\appdata\local\temp\rar$exa0.783\windows\omnicoin-qt.exe |
"TCP Query User{A282BC37-AD4C-4F68-98DB-2FB018B974E4}C:\program files (x86)\net tools\ircserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\net tools\ircserver.exe |
"TCP Query User{B0482716-1801-4E1E-8271-D4474C90D517}C:\users\Betrayed\desktop\windows\omnicoin-qt.exe" = protocol=6 | dir=in | app=c:\users\Betrayed\desktop\windows\omnicoin-qt.exe |
"TCP Query User{B4584578-BDF1-4B97-9537-8E2F05B5324E}C:\program files\strogino cs portal\garrys mod\hl2.exe" = protocol=6 | dir=in | app=c:\program files\strogino cs portal\garrys mod\hl2.exe |
"TCP Query User{BE563696-FA0D-42A0-BCBF-B7EABC5E4922}C:\users\Betrayed\desktop\rat\dc\dark-comet v5.3\dark-comet v5.3\darkcomet.exe" = protocol=6 | dir=in | app=c:\users\Betrayed\desktop\rat\dc\dark-comet v5.3\dark-comet v5.3\darkcomet.exe |
"TCP Query User{C2305E32-DA90-4BDE-AF4F-49CD56CC4A18}C:\users\Betrayed\appdata\roaming\phrozensoft\dclegacyviewer\dcviewer.exe" = protocol=6 | dir=in | app=c:\users\Betrayed\appdata\roaming\phrozensoft\dclegacyviewer\dcviewer.exe |
"TCP Query User{CCAC513A-370F-4BDE-9C8B-4D31E9BCBE26}C:\users\Betrayed\appdata\roaming\acestream\engine\ace_engine.exe" = protocol=6 | dir=in | app=c:\users\Betrayed\appdata\roaming\acestream\engine\ace_engine.exe |
"TCP Query User{D052A8D7-901F-496A-BFC8-D29B05DD3336}C:\users\Betrayed\desktop\imminent monitor\imminent monitor.exe" = protocol=6 | dir=in | app=c:\users\Betrayed\desktop\imminent monitor\imminent monitor.exe |
"TCP Query User{D34A285D-0E7E-4923-855B-6F102CFDEE09}C:\program files (x86)\nonoh.net\nonoh\nonoh.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nonoh.net\nonoh\nonoh.exe |
"TCP Query User{D673F005-74A0-4FAA-A75C-99F95EE63C0C}C:\program files (x86)\cain\cain.exe" = protocol=6 | dir=in | app=c:\program files (x86)\cain\cain.exe |
"TCP Query User{DC957AE1-4CA2-4014-AE09-DC1903270B4B}C:\program files (x86)\bitcoin\bitcoin-qt.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bitcoin\bitcoin-qt.exe |
"TCP Query User{FE8FE554-5ECF-40F1-8FE1-E30DCC87B171}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{088FBD31-6A18-4812-BB8A-F3AC31EA03A2}C:\users\Betrayed\desktop\windows\omnicoin-qt.exe" = protocol=17 | dir=in | app=c:\users\Betrayed\desktop\windows\omnicoin-qt.exe |
"UDP Query User{12756602-F7AE-4AE6-9C46-3E1928BD35C4}C:\users\Betrayed\desktop\utox.exe" = protocol=17 | dir=in | app=c:\users\Betrayed\desktop\utox.exe |
"UDP Query User{1560299A-D5E8-4986-8F09-329F3E915C1B}C:\program files (x86)\net tools\ircserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\net tools\ircserver.exe |
"UDP Query User{1F801798-EE85-426A-BF08-6FCB2049641D}C:\users\Betrayed\desktop\rat\dc\dark-comet v5.3\dark-comet v5.3\darkcomet.exe" = protocol=17 | dir=in | app=c:\users\Betrayed\desktop\rat\dc\dark-comet v5.3\dark-comet v5.3\darkcomet.exe |
"UDP Query User{2C9377FA-22BA-4EE1-9BC1-B3D0E5BD7CAF}C:\users\Betrayed\desktop\all folders\omni coin\omnicoin-qt.exe" = protocol=17 | dir=in | app=c:\users\Betrayed\desktop\all folders\omni coin\omnicoin-qt.exe |
"UDP Query User{3522489D-2C2F-4E09-95F6-3E3EEBFCFB58}C:\users\Betrayed\desktop\dark-comet v5.3\dark-comet v5.3\darkcomet.exe" = protocol=17 | dir=in | app=c:\users\Betrayed\desktop\dark-comet v5.3\dark-comet v5.3\darkcomet.exe |
"UDP Query User{493F720C-6AE0-43CD-828F-62F59FC3CB1A}C:\program files\strogino cs portal\garrys mod\hl2.exe" = protocol=17 | dir=in | app=c:\program files\strogino cs portal\garrys mod\hl2.exe |
"UDP Query User{54102D76-F74A-49DF-979F-C376CCF2369F}C:\users\Betrayed\desktop\omni coin\omnicoin-qt.exe" = protocol=17 | dir=in | app=c:\users\Betrayed\desktop\omni coin\omnicoin-qt.exe |
"UDP Query User{58A38F5B-8D92-4059-ADAA-499EC88FE234}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{5C0C975B-EE3A-4520-8A25-68454447E61E}C:\users\Betrayed\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\Betrayed\appdata\roaming\spotify\spotify.exe |
"UDP Query User{60D31BD8-967D-49F2-B0A4-DA50F1FA0A18}C:\users\Betrayed\appdata\roaming\phrozensoft\dclegacyviewer\dcviewer.exe" = protocol=17 | dir=in | app=c:\users\Betrayed\appdata\roaming\phrozensoft\dclegacyviewer\dcviewer.exe |
"UDP Query User{758FF590-7BE1-4508-A2D6-0D9AC3906D33}C:\program files (x86)\cain\cain.exe" = protocol=17 | dir=in | app=c:\program files (x86)\cain\cain.exe |
"UDP Query User{7E91D029-80D9-4EE3-8CE4-1E382491FD55}C:\users\Betrayed\appdata\local\temp\rar$exa0.783\windows\omnicoin-qt.exe" = protocol=17 | dir=in | app=c:\users\Betrayed\appdata\local\temp\rar$exa0.783\windows\omnicoin-qt.exe |
"UDP Query User{830FABBD-B0CB-42C2-A29A-73B90353C1F4}C:\users\Betrayed\desktop\dayz for locos standalone, thanks to www.dayzmp.tk\dayz_v44.exe" = protocol=17 | dir=in | app=c:\users\Betrayed\desktop\dayz for locos standalone, thanks to www.dayzmp.tk\dayz_v44.exe |
"UDP Query User{872FD011-4DB4-4F3B-8BD7-5F0883F5B964}C:\program files\adobe\adobe after effects cs6\support files\afterfx.exe" = protocol=17 | dir=in | app=c:\program files\adobe\adobe after effects cs6\support files\afterfx.exe |
"UDP Query User{8A4CD02D-5772-4EEC-BB1A-0AAD20F328CE}C:\users\Betrayed\appdata\local\popcorn time\node-webkit\popcorn time.exe" = protocol=17 | dir=in | app=c:\users\Betrayed\appdata\local\popcorn time\node-webkit\popcorn time.exe |
"UDP Query User{91280725-C40F-400A-8EEC-C8AA3FCD59D4}C:\users\Betrayed\appdata\roaming\acestream\engine\ace_engine.exe" = protocol=17 | dir=in | app=c:\users\Betrayed\appdata\roaming\acestream\engine\ace_engine.exe |
"UDP Query User{BA40C4FD-6A6B-4B6F-95E9-1FC773D7C461}C:\users\Betrayed\desktop\dc\dark-comet v5.3\dark-comet v5.3\darkcomet.exe" = protocol=17 | dir=in | app=c:\users\Betrayed\desktop\dc\dark-comet v5.3\dark-comet v5.3\darkcomet.exe |
"UDP Query User{BCE20CB8-67B8-4E47-991B-73DD625E7BA4}C:\users\Betrayed\desktop\imminent monitor\imminent monitor.exe" = protocol=17 | dir=in | app=c:\users\Betrayed\desktop\imminent monitor\imminent monitor.exe |
"UDP Query User{C5594D45-3188-42D9-920D-241C40D15753}C:\program files (x86)\nonoh.net\nonoh\nonoh.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nonoh.net\nonoh\nonoh.exe |
"UDP Query User{C9505846-AF47-4567-9319-3FDDA039B0F5}C:\program files (x86)\bitcoin\bitcoin-qt.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bitcoin\bitcoin-qt.exe |
"UDP Query User{F720FAEB-A870-464E-8639-2256A480A39A}C:\users\Betrayed\appdata\local\temp\rar$exa0.187\utox.exe" = protocol=17 | dir=in | app=c:\users\Betrayed\appdata\local\temp\rar$exa0.187\utox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05FF8209-C4F1-4C77-BC28-791653156D20}" = Microsoft System CLR Types for SQL Server 2012 (x64)
"{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}" = Acer Recovery Management
"{0B6BDD27-3097-4FE1-BDE6-1D5EC7399563}" = Visual Studio 2013 Prerequisites
"{16222DF7-8513-491E-91F0-F489AB2D3CB0}" = Visual Studio 2013 Prerequisites - ENU Language Pack
"{1D2CEC61-C3F0-C27E-7280-F9D6B10378BE}" = Windows App Certification Kit Native Components
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E4064EE-26B4-341E-9208-72859FCDE1DA}" = Microsoft Visual Studio Team Foundation Server 2013 Storyboarding (x64)
"{230C9C86-26A9-437F-8152-34D5F4C3F680}" = Oracle VM VirtualBox 4.2.18
"{249340F6-5A97-4AE9-B530-AC67F37BBFB9}" = Microsoft Visual Studio 2013 Diagnostic Tools - amd64
"{27EF252D-800C-ED42-9904-459FE0046225}" = Windows Software Development Kit for Windows Store Apps DirectX x64 Remote
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{30B7A7A6-D519-3332-BEB3-D105EFC7389A}" = Microsoft Visual Studio 2012 Express Prerequisites x64 - ENU
"{3674F088-9B90-473A-AAC3-20A00D8D810C}" = Microsoft Web Deploy 3.5
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{394DC793-F994-3A80-8703-20CBBDD8AD2A}" = Microsoft Team Foundation Server 2013 Update 2 Object Model Language Pack (x64) - ENU
"{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}" = Acer Device Fast-lane
"{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}" = Microsoft SQL Server 2012 Management Objects (x64)
"{43C879A8-3D28-31EF-80CE-191403D0FB04}" = Microsoft Team Foundation Server 2013 Update 2 Object Model (x64)
"{440D2EAD-2871-40FD-A04F-C5DE4AE17EFC}" = Microsoft Visual Studio 2013 IntelliTrace (x64)
"{4701DEDE-1888-49E0-BAE5-857875924CA2}" = Microsoft SQL Server System CLR Types (x64)
"{49055838-1EF5-40BB-89B6-8E3456B3E817}" = Microsoft Visual Studio 2013 Performance Collection Tools - ENU
"{4926C378-8A39-4273-AF6F-726F899F9F74}" = Build Tools - amd64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D2F05BB-228E-4081-B94C-50AD015EE462}" = Magic Bullet Suite 64-bit
"{5247E16E-BCF8-95AB-1653-B3F8FBF8B3F1}" = Windows Software Development Kit DirectX x64 Remote
"{54C5041B-0E91-4E92-8417-AAA12493C790}" = Microsoft SQL Server 2012 Transact-SQL ScriptDom
"{58FED865-4F13-408D-A5BF-996019C4B936}" = Microsoft SQL Server 2012 Command Line Utilities
"{5CBE79CC-5F78-4AC2-AEB0-62F939D869CC}" = Windows Phone 8.1 SDK - x64
"{5DF74EA2-A660-446F-93B3-B19823435C30}" = Build Tools Language Resources - amd64
"{5FB4C443-6BD6-1514-2717-3827D65AE6FB}" = Windows Software Development Kit DirectX x64 Remote
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6C026A91-640F-4A23-8B68-05D589CC6F18}" = Microsoft SQL Server 2012 Express LocalDB
"{6D7131D1-87E5-4677-BD6A-08DCF2529076}" = Microsoft Visual Studio 2013 Performance Collection Tools
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{73468C65-BC53-4D88-9246-75A5BB014DA2}" = JavaScript Tooling
"{78909610-D229-459C-A936-25D92283D3FD}" = Microsoft SQL Server Compact 4.0 SP1 x64 ENU
"{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}" = IIS 8.0 Express
"{7E708ADE-6575-11E2-8713-F04DA23A5C58}" = MSVCRT Redists
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8877CE8C-7F87-4962-8BCF-DFAA2980D2CE}" = Microsoft Visual Studio 2012 IntelliTrace Core amd64
"{89A14F99-C744-3C77-BD46-D6841CEE0D7F}" = Microsoft Office 2013 Developer Tools for Microsoft Visual Studio (x64)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{91F52DE4-B789-42B0-9311-A349F10E5479}" = Acer Power Management
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95150002-1163-0409-1000-0000000FF1CE}" = SharePoint Client Components
"{95160001-1163-0409-1000-0000000FF1CE}" = SharePoint Client Components
"{95176218-0F93-3376-912E-B82DACCEA01B}" = Microsoft Visual C++ 2013 x64 Designtime - 12.0.21005
"{96F4525A-470D-F15C-796E-58D9988C3E5F}" = Windows Software Development Kit for Windows Store Apps DirectX x64 Remote
"{993F6DDC-63F8-4BCD-9B28-D941971A9CAC}" = Windows XP Targeting with C++
"{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb" = IIS Express Application Compatibility Database for x64
"{A528BDDE-9C9F-11E2-9F0C-F04DA23A5C58}" = MSVCRT Redists
"{A5ABAF5F-B5B6-44B3-B69F-2E13DC60FC9F}" = Workflow Manager Client 1.0
"{A5FF48A6-9056-3C1B-99C4-804BACB34F9D}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU
"{A6BA243E-85A3-4635-A269-32949C98AC7F}" = Microsoft SQL Server 2012 Data-Tier App Framework (x64)
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{A79F6653-6AF1-4AF2-BC15-F5D6C05E1E6A}" = Workflow Manager Tools 1.0 for Visual Studio
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{AAFF73AD-3432-3575-ABD1-14E48EF2F4CB}" = Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.60610
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}" = Microsoft SQL Server 2012 Transact-SQL Compiler Service
"{C596D608-3E74-3232-8CA5-DF1DCB9F10DE}" = Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005
"{C8F834F5-46EA-4933-8AA9-F6CD7D29EED0}_is1" = Garrys Mod version 13.07.05
"{C95DA72B-814E-3A55-BA6C-DF0202CAB9F0}" = Microsoft Visual Studio Team Foundation Server 2013 Storyboarding Language Pack (x64) - ENU
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D32367AC-8FCA-4DE8-A2C6-037AE14B4001}" = Acer Instant Update Service
"{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}" = Microsoft SQL Server 2012 Native Client
"{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes
"{E2B8249D-895C-4685-8C83-00F3B1A13028}" = Microsoft Web Platform Installer 4.0
"{E452E727-86B8-4233-8CC3-41FD817AFAFF}" = VMware Player
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}" = iCloud
"{EE45F85E-ED91-11E2-9CD7-F04DA23A5C58}" = Vegas Pro 12.0 (64-bit)
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F0A7DF2F-0BE0-470F-B137-D7A19F977189}" = Broadcom Card Reader Driver Installer
"{F17662A3-4569-4A61-ABD4-E51B632D3C4D}" = Microsoft Visual Studio 2013 VsGraphics Helper Dependencies
"{F17E4000-ED91-11E2-B3BD-F04DA23A5C58}" = MSVCRT Redists
"{F39EDD91-931F-340B-8431-082959811D31}" = Microsoft Office 2013 Developer Tools for Microsoft Visual Studio (x64) - ENU Language Pack
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"{F778BE47-F12E-36E1-8D6F-BD2FEF779F22}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model
"{F99F24BF-0B90-463E-9658-3FD2EFC3C992}" = Microsoft Identity Extensions
"{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb" = IIS Express Application Compatibility Database for x86
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-X64 11.6.11.002_WHQL
"MAXONFB05E576" = CINEMA 4D 13.061
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"OpenVPN" = OpenVPN 2.3.4-I002
"Pen Tablet Driver" = Bamboo
"Sandboxie" = Sandboxie 4.08 (64-bit)
"TAP-Windows" = TAP-Windows 9.9.2
"Virtual Audio Cable 4.12" = Virtual Audio Cable 4.12
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 64 bit
"WinRAR archiver" = WinRAR 4.20 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{001DA4EE-2078-4B45-A80E-B4B2B019B909}" = Microsoft Report Viewer Add-On for Visual Studio 2013
"{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1" = AOMEI Partition Assistant Standard Edition 5.5
"{0398BFBC-991B-3275-9463-D2BF91B3C80B}" = Microsoft Help Viewer 2.1
"{0413566B-380F-3960-8F6A-8E8487DE31A3}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - ptb
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{047DE480-49E4-3AB9-903A-1238B36F114C}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - fra
"{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}" = Microsoft SQL Server 2012 T-SQL Language Service
"{05E1731A-5DD6-314E-889F-265C006C8EF9}" = Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries
"{0610DFB0-CCEA-6EC0-E3C3-A0160AD7FD98}" = Windows Runtime Intellisense Content - en-us
"{06EEE072-B561-38E5-85D9-485ABCBE8342}" = Visual F# 3.1 SDK
"{070C38AC-05CE-43DF-9A20-141332F6AB2B}" = Microsoft System CLR Types for SQL Server 2012
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09412B73-6159-40D6-B0B9-C11B30A7531E}" = Microsoft Visual Studio 2012 Preparation
"{0A5B39D2-7ED6-4779-BCC9-37F381139DB3}" = Adobe AIR
"{0B698858-DAB0-4F9E-A10A-125B274EDA06}" = Microsoft Visual C++ x64 Libraries
"{0B6F9FD2-E845-4938-B6EA-F643413F5BBF}" = Microsoft Visual C++ 2012 x86-x64 Compilers
"{0C03A66F-1FF0-45F9-8D67-0D806EBFFBA1}" = Blend for Visual Studio SDK for Silverlight 5
"{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}" = Google Talk Plugin
"{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}" = Microsoft SQL Server Data Tools - enu (12.0.30919.1)
"{0DCE54A9-7256-4132-9D4E-1A64AE35E9B1}_is1" = Xpadder version 5.7
"{11EF223E-CCCB-4BCC-918D-EA4E59FD05EF}" = UltraCompare
"{135183CE-73D6-499D-B7F7-42A05AB63C0C}" = Microsoft Report Viewer Add-On für Visual Studio 2013
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{1690CE56-2231-4E59-9006-A0876D949EA8}" = Tools for .Net 3.5
"{18164F64-DC06-4578-9160-A5A95F87D3FF}" = Windows Phone 8.1 Tools for Visual Studio 2013
"{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}" = Microsoft Silverlight 4 SDK
"{19A5926D-66E1-46FC-854D-163AA10A52D3}" = Microsoft .NET Framework 4.5.1 SDK
"{1B5ABBBD-3808-403D-A224-F1ACB0A00EB1}" = Complemento do Microsoft Report Viewer para Visual Studio 2013
"{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}" = Microsoft SQL Server 2012 Data-Tier App Framework
"{1B9BBB23-65CB-3AEE-BFC6-633E7CA299FD}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU
"{1BE2AFE6-209E-3862-AE45-DA9D3D21BD65}" = Microsoft Visual Studio Express 2012 for Windows Desktop
"{1C997E1C-5CE9-4AF3-AAA9-DC65E6090827}" = Microsoft Expression Blend SDK for Silverlight 4
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}" = PDF Settings CC
"{201B7C7E-6545-4D34-B8F7-FB2ECAE0597F}" = Microsoft ASP.NET and Web Tools 2013.2 - Visual Studio 2013
"{205A8E25-7ABE-30AB-929E-80A63A7AFBE3}" = Microsoft Portable Library Multi-Targeting Pack
"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
"{222C5507-AC43-388F-808E-2266EC57E043}" = Microsoft Visual Studio Express 2012 for Windows Desktop - ENU
"{23127FE2-983D-305A-904D-89ED86D36269}" = Microsoft Visual Studio Ultimate 2013
"{23176E97-26CB-C72A-19EB-BFB21AC1D15A}" = Windows Software Development Kit DirectX x86 Remote
"{2386192E-D6DB-4AD2-9564-65586A0AE53E}" = Dotfuscator and Analytics Community Edition
"{23B13DD8-A406-4FEB-8D1C-59C2BBF5661F}" = Microsoft LightSwitch for Visual Studio 2013 v4.5 Tools
"{23F9C27A-E520-4C87-AF99-E5A7D021F24A}" = Visual Studio Extensions for Windows Library for JavaScript
"{24CA683D-8174-4EBF-AD4D-3F2DD7814716}" = Microsoft Exchange Web Services Managed API 2.1
"{26A24AE4-039D-4CA4-87B4-2F83218025F0}" = Java 8 Update 25
"{26D248AB-2690-374C-A763-83CD26CA564D}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - ita
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros WLAN and Bluetooth Client Installation Program
"{28C7344F-E894-4CF5-8D05-EDC7ED71796C}" = Behaviors SDK (Windows) for Visual Studio 2013
"{2B22F6A1-5E8E-49D6-B754-84FF69354314}" = Windows Phone 8.1 SDK - x86
"{2C0CC01A-DDBC-3AED-AF18-E741242FD727}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources
"{2C68FCF6-0F04-4ADD-AA39-F8258DEE9FEB}" = Visual Studio Extensions for Windows Library for JavaScript
"{2D7CF073-6583-464A-84D4-F86DE59DCA42}" = MorphVOX Pro
"{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}" = Adobe Photoshop CC
"{2F7DBBE6-8EBC-495C-9041-46A772F4E311}" = Microsoft SQL Server 2012 Management Objects
"{2F8F489A-0476-3129-857B-A553F38B192D}" = Microsoft Visual C++ 2012 Core Libraries
"{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1" = Lightshot-5.1.4.41
"{30BCD3B4-F753-451F-B8F7-86E115A9AE72}" = Надстройка Microsoft Report Viewer для Visual Studio 2013
"{30F2491C-9410-4DB1-BE66-77B360B1F484}" = Microsoft Visual C++ x64-arm Cross Compilers
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{31B12C11-AE4E-479F-8D6D-242DC265368D}" = HitLeap Viewer 2.8
"{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}" = Prerequisites for SSDT
"{35DA427D-BB23-49B8-9AFD-CFFCFE3B708D}" = clear.fi SDK- Movie 2
"{36B650AB-8FCE-40FC-8763-49FA2EA42713}" = Microsoft Visual C++ 2012 Compilers
"{37464E70-B0B9-9DFF-649A-CBE169BAD657}" = Windows Software Development Kit for Windows Store Apps
"{37E53780-3944-4A6A-842F-727128E8616E}" = Blend for Visual Studio SDK for .NET 4.5
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{38FC6E9A-F719-431A-A83D-4C86D5FD6555}" = Microsoft Visual Studio 2012 Shell (Minimum) Resources
"{39D9555C-47A7-38F6-AEB9-9E7CAE1C6AF5}" = VS Update core components
"{3D9CB654-99AD-4301-89C6-0D12A790767C}" = Identity Card
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{3EA16E23-14D2-466A-8268-D7CD40DC46B6}" = Open XML SDK 2.5 for Microsoft Office
"{3F29268A-F53A-4387-9F2B-E9368A823178}" = Entity Framework Designer for Visual Studio 2012 - enu
"{3FBFCF2C-392A-4632-9442-14C305B44D5E}" = AzureTools.Notifications
"{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime
"{42E10F0D-7227-4710-94FB-7C3AED8CC118}" = Microsoft Visual Studio 2012 IntelliTrace Core x86
"{42F61556-29ED-8122-F39E-6F04EA5FF279}" = Windows Software Development Kit for Windows Store Apps DirectX x86 Remote
"{44AEF1F7-C770-471C-AA62-4145A4F2C517}" = Compon. agg. Microsoft Report Viewer per Visual Studio 2013
"{451526FA-52D1-41F2-B7E2-96343EC95853}" = Windows Azure Tools for LightSwitch HTML Client for Visual Studio 2012
"{46910786-E4AC-41E4-A4A0-C086EA85242D}" = WCF Data Services 5.6.0 Runtime
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4781443E-204D-4D98-8899-18A123C13B1E}" = Microsoft C++ REST SDK for Visual Studio 2013
"{4817D846-700B-474E-A31B-80892B3E92E3}" = Adobe After Effects CS6
"{4869414E-7AEA-4C8E-BE1C-8D40977FD517}" = Adobe Illustrator CS6
"{49039053-F640-497D-AE82-4D83352E1D52}" = Visual Studio 2013용 Microsoft Report Viewer 추가 기능
"{49110532-D289-4BFF-807C-45B782E66A7C}" = Photo Common
"{492498A3-F88C-FE2F-755C-9B1B91724CA5}" = LocalESPC Dev12
"{492FCC0B-45E1-383A-A2CF-9E7F305AC200}" = Microsoft Visual Studio 2013 Team Explorer Language Pack - ENU
"{49BF48CC-ABB6-4795-9B35-B5DE005D8612}" = Pinnacle Game Profiler
"{49D0DBA7-4D22-3EBF-93DD-3569917DD82E}" = Windows Phone 8.0 Tools for Visual Studio 2013 - ENU Language Pack
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A037836-B224-4890-9631-341F759AD703}" = Memory Profiler
"{4AE57014-05C4-4864-A13D-86517A7E1BA4}" = Microsoft .NET Framework 4.5 SDK
"{4B05FED4-DEDE-4948-BBB4-4AE0B2E1F1A5}" = Visual Studio 2013 的 Microsoft Report Viewer 附加元件
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4F2B8233-35EE-4197-8C3B-EACCBF712029}" = Microsoft SQL Server Data Tools - enu (11.1.20828.01)
"{4FEFF0EE-5C22-3D05-B4F3-FD6913C078D4}" = Microsoft SharePoint 2013 Developer Tools for Visual Studio 2012 Nuget Package
"{51499194-6BF8-4D0E-BD27-77D704FA6C5D}" = Microsoft Visual Studio 2013 IntelliTrace (x86)
"{5411060C-8F8C-393D-8D3B-26AF2C92FABB}" = Microsoft Visual Studio 2013 Shell (Minimum)
"{5481F163-B9E5-30A8-8441-4DBBB87D6AA2}" = Microsoft Visual C++ 2013 Microsoft Foundation Class Libraries
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{56A47015-095E-48CA-819F-15D0B52C274B}" = Complemento Microsoft Report Viewer para Visual Studio 2013
"{56AD3004-0B49-967F-F682-B05650B61A78}" = Windows Software Development Kit for Windows Store Apps DirectX x86 Remote
"{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}" = Microsoft .NET Framework 4.5 Multi-Targeting Pack
"{576C5AF1-5298-4770-8AE0-9148AA22E74E}" = Microsoft NuGet - Visual Studio 2012
"{5793BB91-4E91-3C3C-B93F-C2B1EEA35A5F}" = Microsoft Visual Studio Ultimate 2013 - ENU
"{58C8CFA6-BE34-4DFE-91F5-D807F402DFC1}" = Camtasia Studio 8
"{5D31EA24-FD84-3726-A1D7-45A044DB844E}" = Microsoft Visual Studio 2013 XAML UI Designer - ENU
"{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}" = WCF RIA Services V1.0 SP2
"{607562A3-7BD3-4EDE-BDEA-4F1A8D7E84AA}" = Module Microsoft Report Viewer pour Visual Studio 2013
"{60D5EF2A-4E0C-2C30-38F6-59C26E134F4A}" = Windows Software Development Kit
"{62910715-63E3-0AB0-0B29-99140DE1C15E}" = LocalESPC
"{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}" = Microsoft ASP.NET Web Pages
"{6321F2D4-366B-3AE4-877A-8E539EC3331A}" = Visual F# 3.1 VS
"{635A6AF2-63AF-4C1C-AF57-BDC8AF6D397D}" = UltraEdit
"{63824BC0-B747-43F3-9863-1066D64AD919}" = Photo Gallery
"{64297226-2B81-4588-89BD-76440BC0BCFC}" = Microsoft ASP.NET Web Pages 2 - Visual Studio 2013 - ENU
"{6459F338-FE52-4034-BCA7-74772DA0F24D}" = XSplit Broadcaster
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{652B32B3-4C55-3BC9-B493-8FB6DBA21FA9}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - plk
"{65E1FABB-C9B4-3EA9-A915-837C0B03D3DB}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - kor
"{6651A2C9-8389-45AA-A58D-7C38DA75AD97}" = Microsoft Visual Studio 2013 Profiling Tools
"{66F64812-1780-4CFE-9713-1093B8007710}" = Microsoft Visual C++ 2012 Compilers - ENU Resources
"{6781FF9B-E87D-4A03-9373-A55A288B83FA}" = Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1)
"{678800C0-D94E-4513-89CB-478F2B781A0B}" = Microsoft Visual C++ 2013 x86-x64 Compilers
"{68DA3B27-2C18-4366-93B0-6B97F5E9B309}" = Memory Profiler
"{6A0C6700-EA93-372C-8871-DCCF13D160A4}" = Microsoft .NET Framework 4.5.1 Multi-Targeting Pack
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6AB13C21-C3EC-46E1-8009-6FD5EBEE515B}" = Microsoft Advertising SDK for Windows 8.1 - ENU
"{6AC81125-8485-463D-9352-3F35A2508C11}" = Microsoft Advertising SDK for Windows Phone 8.1 XAML - ENU
"{6BDD4237-E546-4CBB-91AA-292552B11CCE}" = Elgato Game Capture HD
"{6C06FEE9-C64E-453F-B8A5-D9E9B79ED040}" = Microsoft Visual C++ 2013 32bit Compilers - ENU Resources
"{6CAD2F10-A64E-3DDF-B600-0CFC62F40A4E}" = Microsoft LightSwitch for Visual Studio 2013 CoreRes - ENU
"{6CEA775F-E70A-4D72-A3B4-1EB3A5AD4B5C}" = Windows Live Essentials
"{6D2BBE1D-E600-4695-BA37-0B0E605542CC}" = Office Addin
"{6DAB46E3-D017-3E2B-85D8-F57A230384C0}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer
"{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1" = Gyazo 1.2
"{6E21414A-F0F4-40D6-9DCD-3F11F6EE7854}_is1" = IQmango Burner 4.5.1
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72076159-B94A-42AE-A64C-CA3855E9CB28}" = Windows Azure Tools for LightSwitch for Visual Studio 2013 - v2.1
"{73FCC335-A258-328B-80C4-3C7B8EBD9556}" = Microsoft Office Developer Tools for Visual Studio ENU Language Pack
"{747A4BBA-B9D7-4DD5-BC62-5104E2A06066}" = Microsoft ASP.NET and Web Tools 2012.3 - Visual Studio 2012
"{76FA6821-C0E7-38C5-8FD4-93AEB8ADE694}" = Microsoft Office Developer Tools for Visual Studio
"{77E2D875-FD9E-3DEE-9A84-C34FDECB4ECA}" = Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.60610
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7993AF75-8149-3664-BAAC-66D18268EE92}" = Microsoft Visual Studio 2013 XAML UI Designer
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype 6.16
"{7F83A5E9-89C3-48EE-9740-BBC2096BB167}" = Windows Phone 8.1 Tools for Visual Studio 2013 - ENU
"{800F484E-9D69-492D-B656-7BAA32586142}" = Microsoft Visual Studio 2012 Shell (Minimum)
"{820C677A-41B2-48C3-8136-FEE35A052E73}" = Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies
"{83499F62-B5EC-4F40-A28C-1297241E4D1D}" = TypeScript Tools for Microsoft Visual Studio 2013
"{834B6E00-F509-40F2-A677-E86261184576}" = Blend for Visual Studio Add-in for Adobe FXG Import
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84323735-AA6A-4A4D-9E67-B12D9A903962}" = Pixel Bender Toolkit
"{84D88F57-4130-30FE-A0B6-1E04428FE1F6}" = Microsoft Visual C++ 2013 Core Libraries
"{84e72603-1a6a-4c51-81b3-de36aabcc4f8}" = Microsoft Visual Studio Ultimate 2013
"{87E9C967-6BE6-4B3B-B0F6-F102E51D8EAC}" = Windows Azure Shared Components for Microsoft Visual Studio 2013 - v1.1
"{88707808-9420-4D55-8C94-622CF25A8750}" = Microsoft Visual C++ 2012 32bit Compilers - ENU Resources
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8A8A0C13-A9B3-45AF-9A4C-4D351E0DFC8A}" = TypeScript Power Tool
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8C1F51D1-47B7-4EE6-8EDD-1646FD78291A}" = Microsoft Visual Studio 2013 Diagnostic Tools - x86
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E6E8CBB-8E58-493C-943F-4664F5F2FEDB}" = Movie Maker
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90DFD61B-8224-00C6-3D69-A983B60A394E}" = Bamboo Dock
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{940596e5-652a-4970-8a5a-492e73ed0fbb}" = Windows Phone 8.1 Emulators - ENU
"{943F3FB1-3F9C-4FB7-A4E2-6D53617068C3}" = PreEmptive Analytics Visual Studio Components
"{95185FF8-1102-4C53-AD59-F60229719C1E}" = Windows Azure Mobile Services SDK
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{96563105-F726-4865-8C32-416753ECA5F1}" = Microsoft Visual C++ x64-x86 Cross Compilers - ENU Resources
"{96F50F87-0F15-4F93-9FE6-387DD9CFB077}" = Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools - ENU
"{970C0D49-0A12-3BF3-A9AA-679A91638927}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - csy
"{976C3D92-0DEC-37A6-A870-FF4FC18CD029}" = Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps
"{979C7495-FB42-484E-92EA-7F2A59DD7718}" = Microsoft ASP.NET MVC 4 - Visual Studio 2013 - ENU
"{984022F2-9BCA-A41D-6A38-1AE658F01415}" = Windows Software Development Kit
"{985EF141-95DD-3934-8F23-7C2C4C61E5F7}" = Microsoft Visual Studio 2013 Shell (Minimum) Resources
"{987AF9AD-BBE5-37EC-A1E9-A0B8A491A7F2}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - trk
"{99FCCA2B-F1FD-E66E-E3B9-AA57FBBF2E66}" = Windows Software Development Kit for Windows Store Apps
"{99FE08AA-78DF-3A2D-8E90-D6F7938298A2}" = Microsoft NuGet - Visual Studio 2013
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B3A1C97-A361-463E-8817-444F9F88CDFE}" = Microsoft Expression Blend SDK for .NET 4
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C593464-7F2F-37B3-89F8-7E894E3B09EA}" = Microsoft Visual Studio Professional 2013
"{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}" = Backup Manager v4
"{9ED1634C-4E71-4992-A1BA-7C4BE6EE39E1}" = Blend for Visual Studio 2013 ENU resources
"{A1785BD4-3486-4E7E-8074-E3FC61B8F315}" = Microsoft Visual C++ 2012 x86-x64 Compilers
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A1CB8286-CFB3-A985-D799-721A0F2A27F3}" = Windows Software Development Kit DirectX x86 Remote
"{A1D06677-1103-32DE-AA74-6EE44DCF7F81}" = Microsoft Visual C++ 2013 Extended Libraries
"{A223B446-EC3D-3031-828D-5188800AB782}" = Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps (ENU)
"{A3B8D9FB-CA7D-4487-8CA2-A6A2C8AD1077}" = Microsoft Visual C++ x86 Libraries
"{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}" = Microsoft SQL Server System CLR Types
"{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}" = AcerCloud
"{A675CE2B-50AA-43B1-8E2B-F60CCDFEDF85}" = Microsoft LightSwitch v4.5 SDK
"{A8229A09-E570-412B-8D18-E78985673E34}" = Microsoft Visual C++ ARM Libraries
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB127859-6D32-4E23-AA93-537501EC0C9E}" = Microsoft LightSwitch for Visual Studio 2012 v3.0 Core
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.09)
"{AE937DBA-FEFD-3BFE-9860-0591C0F91D61}" = Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{AFEBDB0A-8A7F-4D50-9EDE-36DB0C52A6F3}" = Microsoft Visual Studio 2013 IntelliTrace Front End
"{B0A82E02-E959-3C46-AB11-D38527BC573E}" = Microsoft Visual Studio Premium 2013
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B1C38F27-D377-8C98-D98D-29B67C0B978D}" = LocalESPCui for en-us Dev12
"{B3C98C29-A2BE-455F-9285-13B745282271}" = Microsoft Visual C++ x64-arm Cross Compilers - ENU Resources
"{B40E950B-300A-41B5-A6C1-2FEBEEA1BEEA}" = Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools - ENU
"{B41F90DB-762F-33BF-A9F8-FA4F6111FBEC}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - esn
"{B503082D-B4CD-32E5-A97C-AB10D2E9111A}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - enu
"{B536762B-1047-4B51-8ECF-46D5686E5416}" = Microsoft ASP.NET Web Pages 2 Runtime
"{B5AD89F2-03D3-4206-8487-018298007DD0}" = clear.fi Photo
"{B6A0A174-33E0-3D42-92EA-547D318CB149}" = Microsoft Visual Studio 2013 Devenv
"{BAE0FA18-FD5F-4734-924C-E4F7EFFCDA0A}" = Microsoft ASP.NET Web Frameworks and Tools - Visual Studio 2013 - ENU
"{BB0D9EE5-F7B1-4986-AF62-DB3BED9A83BC}" = Microsoft Visual C++ x64 Native Compilers - ENU Resources
"{BB543516-F37F-46A4-BED1-C5146A6D9892}" = Build Tools - x86
"{BC102799-5EEB-3079-82C1-BFF7431A9C10}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - cht
"{BCE39B24-8944-4E71-A224-70631A4BBB10}" = Microsoft LightSwitch for Visual Studio 2013 Core
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BD9DC17D-C48D-3B1B-944A-D0DE74FC74BC}" = Microsoft Visual C++ 2012 Extended Libraries
"{BE4F3A79-8954-499C-AEF9-E8A3BC235677}" = JavaScript Tooling
"{BF3E2194-F89B-44FB-A801-464BF787599F}" = WCF Data Services Tools for Microsoft Visual Studio 2013
"{C1BE4600-7D15-3D1E-8AA2-B3241DB1D063}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core
"{C1D0E508-ECAF-45AA-A549-1E26B9ECE0FB}" = Microsoft Visual C++ x64-x86 Cross Compilers
"{C23073D8-0F3F-4876-91DE-168A6D0256E3}" = Microsoft Visual Studio 2012 IntelliTrace Front End x86
"{C26C1495-8EBE-3F71-BDA1-7DE2010840D8}" = Microsoft Visual Studio 2013 Devenv Resources
"{C39FA455-9B13-3C5A-98E2-62C0FF3BC3C0}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - deu
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C4BF6461-F4E4-4A41-BBE2-350766C9420D}" = Microsoft NuGet - Visual Studio Express 2012 for Windows Desktop
"{C611D804-7450-3C3D-943E-C2C96A12911B}" = Windows Phone SDK 8.0 Assemblies
"{C693A804-EF77-4FA5-A173-8043F3F87AF2}" = Microsoft LightSwitch for Visual Studio 2013 v4.5 ToolsRes - ENU
"{C8773FDB-D0DB-BE52-D536-F48F9886B57B}" = Adobe Download Assistant
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{C9E7751E-88ED-36CF-B610-71A1D262E906}" = Team Explorer for Microsoft Visual Studio 2013
"{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}" = AcerCloud Docs
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{CFF9B1A9-E764-3E0E-99F7-701604123669}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - chs
"{D1C81AC3-2A9A-4838-93DD-D1A92FB33C7E}" = Microsoft LightSwitch for Visual Studio 2012 v3.0 CoreRes - ENU
"{D32EF103-4016-4C15-BCB0-700C0A7A2309}" = Microsoft ASP.NET MVC 3
"{D3517C62-68A5-37CF-92F7-93C029A89681}" = Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU)
"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"{D42681AA-BC16-3C84-949E-45F05D2AA997}" = Microsoft Visual C++ 2013 Core Libraries
"{D4635FB4-434D-4663-A4C8-CFC00FA9D24E}" = Entity Framework 6.1.0 Tools for Visual Studio 2013
"{D4E77BFD-ECA9-40BB-89DC-1367B4139227}" = Microsoft Visual Studio 2013 Preparation
"{D5CC77BE-BC5B-424E-8E45-DF60AFF7BE9C}" = Adobe Pixel Bender Toolkit 2
"{D8DEAAC1-A503-4C97-90F7-EF1E58A3E509}" = Microsoft C++ Azure Mobile SDK for Visual Studio 2013
"{DB5600F1-DE83-46DE-B162-5FC4400EAF5B}" = Microsoft Visual C++ 2013 Compilers
"{DB9620B6-CBBE-433C-A769-5617C40862A8}" = Windows Phone 8.1 SDK - ARM
"{DBD06B28-7B0B-398D-B047-23169EC31239}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - jpn
"{DE0E8FAF-9758-4BFD-A16E-009DB4B8C912}" = Microsoft Visual C++ x64 Native Compilers
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{e0efdce9-a486-4676-8aa5-65bb08cbf34c}" = Microsoft Visual Studio Express 2012 for Windows Desktop - ENU
"{E1FBB3D4-ADB0-4949-B101-855DA061C735}" = Microsoft Silverlight 5 SDK
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso 6.5
"{E4C33F5B-1B2F-466E-957E-B274F08151A0}" = Microsoft Web Deploy dbSqlPackage Provider - enu
"{E5CAE8D2-9F9F-3BEA-AA0F-B5B40611C704}" = Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005
"{E66B6040-B567-4DA7-8DA7-AC5AC3CD2E4B}" = Windows Phone 8.1 Tools for Visual Studio Professional 2013
"{E6C7380F-15DD-445E-BA02-B7A180BA0A5A}" = MorphVOX Junior
"{E6F3851E-CEEB-4ECB-A6FA-337C8F662E3D}" = Microsoft Visual C++ 2013 Compilers - ENU Resources
"{E719AF7A-FBD9-45F8-AD4F-EBD1EFD985BB}" = Behaviors SDK (Windows Phone) for Visual Studio 2013
"{E818AE7C-244B-4A50-9C86-C0E4A8B69159}" = Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU
"{E9496860-C86F-4AAD-BAF2-AAE42A02B419}" = Windows Azure Tools for LightSwitch for Visual Studio 2013 - March 2014 Update - v2.2
"{E9674444-9491-3961-873C-017D8912185E}" = Microsoft Visual Studio Professional 2013 - ENU
"{E9AF1707-3F3A-49E2-8345-4F2D629D0876}" = clear.fi Media
"{EA754818-DB87-42B6-9753-E668B9186434}" = 用于 Visual Studio 2013 的 Microsoft 报告查看器加载项
"{EB03EF39-C655-D560-FA95-79182B837D64}" = MagniPic
"{EB6DD27B-191B-49F1-B974-32FE0208EB34}" = Adobe Setup
"{EBA33CAD-E071-48d5-A168-FBA4EEB42E93}" = clear.fi SDK - Video 2
"{EBC890A6-DE7C-44B4-AA03-119B6190D3E1}" = Blend for Visual Studio 2013
"{EBD9DB6D-180B-4C59-9622-B75CC4B32C94}" = Microsoft Advertising Service Extension for Visual Studio
"{ECF8D4B4-FADB-492E-A79A-5BCEA02DB95D}" = boujou 4
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{ED6C8E61-363B-355C-80C7-E676BC781478}" = Microsoft Visual Studio Premium 2013 - ENU
"{EDB07D8D-21FA-4BEB-963C-DAC06CA36423}" = Windows Azure Mobile Services Tools for Visual Studio - v1.1
"{EE26E302-876A-48D9-9058-3129E5B99999}" = Live Updater
"{EE541DCE-3018-4A12-B0A3-7C55D62B3D01}" = Python Tools Redirection Template
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0CC7067-C42D-41C3-8604-DB88A50306FA}" = Microsoft Report Viewer Add-On for Visual Studio 2013
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F21F0424-B2FF-40BF-A984-9E0D7FB4C97E}" = Windows Live UX Platform Language Pack
"{F361FE04-789E-42F3-BBAB-E7B380AA5E06}" = Windows XP Targeting with C++
"{F395FD4F-40E5-7B56-2BCB-B3CF52B3B52C}" = Windows App Certification Kit x64
"{F3B60BB1-E57D-30A6-9A72-1B8907FAE8BB}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - rus
"{F57F75C9-4DE8-3C3A-AED0-344C353EB945}" = Windows Phone 8.0 Tools for Visual Studio 2013
"{F58FA66E-86F8-4BEA-9E6D-FAE8E0FB86BA}" = Windows Phone 8.1 SDK - Desktop
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FAE0523E-08A4-4717-8E8E-6EC6F32CBE88}" = Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01)
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® SDK for OpenCL - CPU Only Runtime Package
"{FCB384E7-0E3F-431E-A510-2458E1FF21ED}" = Build Tools Language Resources - x86
"{FDEED0E7-C5A0-4293-B2B8-E83E40825F0D}" = Windows Phone 8.1 Tools for Visual Studio Professional 2013 - ENU
"{FE5ABB0E-EDEA-4023-B0FB-9DEA39A98D76}" = BlueStacks Notification Center
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FEB375AB-6EEC-3929-8FAF-188ED81DD8B5}" = Microsoft Help Viewer 2.0
"{FFC6E93A-B9AD-3F20-9B06-EE20E24AAEAF}" = Microsoft Visual C++ 2012 Core Libraries
"Adobe AIR" = Adobe AIR
"Adobe Creative Cloud" = Adobe Creative Cloud
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"Adobe_ca6764a9a650c02bbdf901e3c1d39d4" = Pixel Bender Toolkit
"Any Video Converter_is1" = Any Video Converter 5.0.5
"Audacity_is1" = Audacity 2.0.5
"Bamboo Dock" = Bamboo Dock
"BlueStacks App Player" = BlueStacks App Player
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Comodo Dragon" = Comodo Dragon
"d4cfeebc-b821-40b7-9f81-d366b1466f03_is1" = Horizon v2.7.6.0
"ESET Online Scanner" = ESET Online Scanner v3
"Freemake Video Converter_is1" = Freemake Video Converter version 4.0.1
"Google Chrome" = Google Chrome
"HASP HL Device Driver" = HASP HL Device Driver
"HMA! Pro VPN" = HMA! Pro VPN 2.6.9
"HxD Hex Editor_is1" = HxD Hex Editor version 1.7.7.0
"InstallShield_{11EF223E-CCCB-4BCC-918D-EA4E59FD05EF}" = UltraCompare
"InstallShield_{4D2F05BB-228E-4081-B94C-50AD015EE462}" = Magic Bullet Suite 64-bit
"InstallShield_{635A6AF2-63AF-4C1C-AF57-BDC8AF6D397D}" = UltraEdit
"InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}" = Acer Backup Manager
"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso 6.5
"Microsoft Help Viewer 2.0" = Microsoft Help Viewer 2.0
"Microsoft Help Viewer 2.1" = Microsoft Help Viewer 2.1
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Microsoft Visual Studio 2005 Tools for Office Runtime
"MoodEditor" = Pamela RME 2.0
"Mozilla Firefox 30.0 (x86 en-US)" = Mozilla Firefox 30.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MultiBit 0.5.17" = MultiBit 0.5.17
"MultiBit 0.5.18" = MultiBit 0.5.18
"NetTools_is1" = NetTools 5.0
"NIS" = Norton Internet Security
"Nmap" = Nmap 6.46
"NoIPDUC" = No-IP DUC
"Notepad++" = Notepad++
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"oPryzeLP MC360 Mod Tool" = oPryzeLP MC360 Mod Tool
"Pidgin" = Pidgin
"Popcorn Time_is1" = Popcorn Time
"Prism" = Prism Video File Converter
"Product" = Mullvad
"Proxifier_is1" = Proxifier version 3.21
"PSPad editor_is1" = PSPad editor
"Rainmeter" = Rainmeter
"RealFlowC4D" = RealFlow Plug-in for Cinema4D
"RocketDock_is1" = RocketDock 1.3.5
"Spotify" = Spotify
"Steam" = Steam
"Steam App 218620" = PAYDAY 2
"Steam App 221100" = DayZ
"Steam App 222900" = Dead Island: Epidemic
"Steam App 240" = Counter-Strike: Source
"Steam App 251570" = 7 Days to Die
"Steam App 4000" = Garry's Mod
"TeamViewer 9" = TeamViewer 9
"Twitch Suite" = Twitch Suite
"UltraUXThemePatcher" = UltraUXThemePatcher
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"VMware_Player" = VMware Player
"VST Bridge_is1" = VST Bridge 1.1
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 32 bit
"wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1" = Bamboo Dock
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.3
"winscp3_is1" = WinSCP 5.5.2
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"8a174bae3b17bd9d" = GTCheck
"AceStream" = Ace Stream Media 3.0.3
"Bitcoin" = Bitcoin
"BitTorrent" = BitTorrent
"Dropbox" = Dropbox
"FileZilla Client" = FileZilla Client 3.8.1
"JoinMe" = join.me
"Quickscope Simulator" = Quickscope Simulator
"SkyDriveSetup.exe" = Microsoft SkyDrive
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"uTorrent" = µTorrent
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 04/12/2014 12:47:46 | Computer Name = Betrayed | Source = MsiInstaller | ID = 1024
Description =
Error - 04/12/2014 13:11:37 | Computer Name = Betrayed | Source = Microsoft-Windows-RestartManager | ID = 10007
Description = Application or service 'OpenVPN Access Client' could not be restarted.
Error - 04/12/2014 13:34:19 | Computer Name = Betrayed | Source = Microsoft-Windows-LocationProvider | ID = 2006
Description = There was an error with the Windows Location Provider database
Error - 04/12/2014 13:58:49 | Computer Name = Betrayed | Source = Application Error | ID = 1000
Description = Faulting application name: BtvStack.exe, version: 8.0.0.220, time
stamp: 0x51061e13 Faulting module name: audio.dll, version: 8.0.0.220, time stamp:
0x51061de7 Exception code: 0xc0000005 Fault offset: 0x000000000001aed8 Faulting process
ID: 0x126c Faulting application start time: 0x01d00febdb743416 Faulting application
path: C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe Faulting
module path: C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Audio\audio.dll
Report
ID: 32514139-7bdf-11e4-81dd-083e8e29d2b2 Faulting package full name: Faulting package-relative
application ID:
Error - 05/12/2014 18:47:33 | Computer Name = Betrayed | Source = Application Error | ID = 1000
Description = Faulting application name: BtvStack.exe, version: 8.0.0.220, time
stamp: 0x51061e13 Faulting module name: audio.dll, version: 8.0.0.220, time stamp:
0x51061de7 Exception code: 0xc0000005 Fault offset: 0x000000000001aed8 Faulting process
ID: 0x8c0 Faulting application start time: 0x01d010dd293522c9 Faulting application
path: C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe Faulting
module path: C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Audio\audio.dll
Report
ID: b2dd27a2-7cd0-11e4-81de-083e8e29d2b2 Faulting package full name: Faulting package-relative
application ID:
Error - 05/12/2014 18:47:39 | Computer Name = Betrayed | Source = WTabletServiceCon | ID = 1
Description =
Error - 05/12/2014 18:48:37 | Computer Name = Betrayed | Source = Application Hang | ID = 1002
Description = The program Skype.exe version 6.16.66.105 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 824 Start
Time: 01d010dd3344ea30 Termination Time: 4294967295 Application Path: C:\Program
Files (x86)\Skype\Phone\Skype.exe Report Id: d83e1071-7cd0-11e4-81de-083e8e29d2b2
Faulting
package full name: Faulting package-relative application ID:
Error - 06/12/2014 12:24:08 | Computer Name = Betrayed | Source = Application Error | ID = 1000
Description = Faulting application name: BtvStack.exe, version: 8.0.0.220, time
stamp: 0x51061e13 Faulting module name: audio.dll, version: 8.0.0.220, time stamp:
0x51061de7 Exception code: 0xc0000005 Fault offset: 0x000000000001aed8 Faulting process
ID: 0xa88 Faulting application start time: 0x01d01170f6a663f8 Faulting application
path: C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe Faulting
module path: C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Audio\audio.dll
Report
ID: 4d309931-7d64-11e4-81df-083e8e29d2b2 Faulting package full name: Faulting package-relative
application ID:
Error - 06/12/2014 13:33:00 | Computer Name = Betrayed | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Application or service 'BlueStacks Agent' could not be shut down.
Error - 06/12/2014 13:33:50 | Computer Name = Betrayed | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Application or service 'BlueStacks Agent' could not be shut down.
[ System Events ]
Error - 06/12/2014 12:23:45 | Computer Name = Betrayed | Source = Service Control Manager | ID = 7034
Description = The PinnacleUpdate Service service terminated unexpectedly. It has
done this 1 time(s).
Error - 06/12/2014 12:23:54 | Computer Name = Betrayed | Source = DCOM | ID = 10016
Description =
Error - 06/12/2014 12:23:54 | Computer Name = Betrayed | Source = DCOM | ID = 10016
Description =
Error - 06/12/2014 12:23:54 | Computer Name = Betrayed | Source = DCOM | ID = 10016
Description =
Error - 06/12/2014 12:23:54 | Computer Name = Betrayed | Source = DCOM | ID = 10016
Description =
Error - 06/12/2014 12:23:54 | Computer Name = Betrayed | Source = DCOM | ID = 10016
Description =
Error - 06/12/2014 12:23:55 | Computer Name = Betrayed | Source = DCOM | ID = 10016
Description =
Error - 06/12/2014 12:23:55 | Computer Name = Betrayed | Source = DCOM | ID = 10016
Description =
Error - 06/12/2014 12:23:55 | Computer Name = Betrayed | Source = DCOM | ID = 10016
Description =
Error - 06/12/2014 12:23:55 | Computer Name = Betrayed | Source = DCOM | ID = 10016
Description =
< End of report >