Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

How to get rid of "/?trackid=sp-006" from google.


  • This topic is locked This topic is locked

#1
colossus1958

colossus1958

    New Member

  • Member
  • Pip
  • 1 posts

I have noticed recntly that vmy home page (Google) on my browder (Firefox) is coming up as: https://www.google.com/?trackid=sp-006. I don't know whcat is causing thnids but I assumed malware of somr sort. So I downloaded a free anti-malware program (MalwareBytes) and ran it. It detected over 260 items including a Trojan all of which I removed. After the automatic restart, i went into my browser and the "/?trackid=sp-006" was still there. I hope you can help. I have enclosed the text files generated by OTL as requested.

 

OTL logfile created on: 12/29/2014 2:53:47 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Owner\Desktop
 Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17498)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1.95 Gb Total Physical Memory | 0.96 Gb Available Physical Memory | 49.41% Memory free
2.63 Gb Paging File | 1.42 Gb Available in Paging File | 54.11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 1863.01 Gb Total Space | 1737.64 Gb Free Space | 93.27% Space Free | Partition Type: NTFS
 
Computer Name: TLIMS-ISNW-HLMB | User Name: Duane Stockwell | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/12/29 13:52:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
PRC - [2014/12/08 22:45:28 | 039,207,112 | ---- | M] (Dropbox, Inc.) -- C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014/12/03 08:55:02 | 000,337,520 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014/11/25 07:53:05 | 000,138,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x86__8wekyb3d8bbwe\livecomm.exe
PRC - [2014/11/19 10:27:25 | 005,225,064 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/11/19 10:27:25 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/11/19 10:27:15 | 003,192,344 | ---- | M] (Avast Software) -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
PRC - [2014/08/23 02:13:24 | 002,084,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2014/08/15 19:05:59 | 000,877,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SkyDrive.exe
PRC - [2014/04/17 21:27:58 | 000,276,992 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2014/02/22 09:51:02 | 000,066,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhostex.exe
PRC - [2014/02/22 04:17:17 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dasHost.exe
PRC - [2014/02/22 03:47:55 | 000,517,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SettingSyncHost.exe
PRC - [2013/08/22 00:21:42 | 000,029,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RuntimeBroker.exe
PRC - [2013/01/25 14:37:00 | 000,723,744 | ---- | M] (Autodesk, Inc.) -- C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe
PRC - [2012/11/29 23:31:04 | 000,038,608 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012/01/31 09:46:56 | 000,019,232 | ---- | M] (Autodesk, Inc.) -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/12/29 14:34:52 | 000,043,008 | ---- | M] () -- c:\users\owner\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpf1t4cz.dll
MOD - [2014/12/03 08:54:59 | 003,758,192 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014/11/19 10:27:27 | 038,562,088 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/10/21 19:22:50 | 000,750,080 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Dropbox\bin\libGLESv2.dll
MOD - [2014/10/21 19:22:50 | 000,047,616 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Dropbox\bin\libEGL.dll
MOD - [2014/10/21 19:22:48 | 000,863,744 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
MOD - [2014/10/21 19:22:46 | 000,200,704 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2014/12/09 13:08:06 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/12/03 08:55:00 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/11/19 10:27:25 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014/11/19 10:27:15 | 003,192,344 | ---- | M] (Avast Software) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV - [2014/10/30 22:12:14 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014/10/24 17:29:04 | 000,089,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe -- (Te.Service)
SRV - [2014/10/24 17:18:24 | 000,137,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Kits\8.1\App Certification Kit\fussvc.exe -- (fussvc)
SRV - [2014/10/06 20:36:38 | 000,189,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV - [2014/09/21 21:40:38 | 000,288,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV - [2014/09/21 21:40:38 | 000,022,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2014/08/15 21:55:32 | 002,407,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\spool\drivers\w32x86\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/08/15 19:39:36 | 000,204,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV - [2014/08/15 19:30:48 | 000,204,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\bisrv.dll -- (BrokerInfrastructure)
SRV - [2014/07/24 02:23:07 | 001,222,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\workfolderssvc.dll -- (workfolderssvc)
SRV - [2014/07/23 02:27:02 | 000,073,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe -- (VsEtwService120)
SRV - [2014/04/17 21:27:58 | 000,276,992 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2014/04/06 13:37:49 | 001,064,312 | ---- | M] (Flexera Software LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FlexNet Licensing Service)
SRV - [2014/03/14 01:10:16 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/03/08 00:42:12 | 001,131,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AppXDeploymentServer.dll -- (AppXSvc)
SRV - [2014/02/22 09:25:11 | 002,871,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WSService.dll -- (WSService)
SRV - [2014/02/22 04:10:07 | 000,300,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wcmsvc.dll -- (Wcmsvc)
SRV - [2014/02/22 04:08:41 | 000,306,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\das.dll -- (DeviceAssociationService)
SRV - [2014/02/22 04:07:51 | 001,203,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wlidsvc.dll -- (wlidsvc)
SRV - [2014/02/22 04:07:09 | 000,613,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsm.dll -- (LSM)
SRV - [2013/12/10 01:10:27 | 000,406,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AppReadiness.dll -- (AppReadiness)
SRV - [2013/09/29 22:47:52 | 000,075,104 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\KeyboardFilterSvc.dll -- (MsKeyboardFilter)
SRV - [2013/09/29 22:47:51 | 001,778,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2013/09/29 22:47:49 | 000,174,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2013/08/21 23:03:29 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wephostsvc.dll -- (WEPHOSTSVC)
SRV - [2013/08/21 23:03:12 | 000,028,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\efssvc.dll -- (EFS)
SRV - [2013/08/21 22:56:08 | 000,052,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wiarpc.dll -- (WiaRpc)
SRV - [2013/08/21 22:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 22:54:45 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\svsvc.dll -- (svsvc)
SRV - [2013/08/21 22:50:48 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\fhsvc.dll -- (fhsvc)
SRV - [2013/08/21 22:10:39 | 000,141,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NcaSvc.dll -- (NcaSvc)
SRV - [2013/08/21 22:05:56 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicvss)
SRV - [2013/08/21 22:05:56 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmictimesync)
SRV - [2013/08/21 22:05:56 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicshutdown)
SRV - [2013/08/21 22:05:56 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicrdv)
SRV - [2013/08/21 22:05:56 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmickvpexchange)
SRV - [2013/08/21 22:05:56 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicheartbeat)
SRV - [2013/08/21 22:05:56 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicguestinterface)
SRV - [2013/08/21 21:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\smphost.dll -- (smphost)
SRV - [2013/08/21 21:49:34 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV - [2013/08/21 21:48:12 | 000,044,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\keyiso.dll -- (KeyIso)
SRV - [2013/08/21 21:45:36 | 000,173,056 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\TimeBrokerServer.dll -- (TimeBroker)
SRV - [2013/08/21 21:44:38 | 000,415,744 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofmsvc.dll -- (netprofm)
SRV - [2013/08/21 21:41:55 | 000,124,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ncbservice.dll -- (NcbService)
SRV - [2013/08/21 21:39:05 | 000,196,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\vaultsvc.dll -- (VaultSvc)
SRV - [2013/08/21 21:31:45 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\DeviceSetupManager.dll -- (DsmSvc)
SRV - [2013/08/21 21:21:32 | 000,064,000 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2013/01/25 14:37:00 | 000,723,744 | ---- | M] (Autodesk, Inc.) [Auto | Running] -- C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe -- (mitsijm2014)
SRV - [2012/11/29 23:31:04 | 000,038,608 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/01/31 09:46:56 | 000,019,232 | ---- | M] (Autodesk, Inc.) [Auto | Running] -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2014/11/19 10:27:29 | 000,422,760 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\Drivers\aswSP.sys -- (aswSP)
DRV - [2014/11/19 10:27:29 | 000,206,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/11/19 10:27:29 | 000,091,496 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\Drivers\aswStm.sys -- (aswStm)
DRV - [2014/11/19 10:27:28 | 000,081,768 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\Drivers\aswRdr2.sys -- (aswRdr)
DRV - [2014/11/19 10:27:28 | 000,070,384 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\Drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/11/19 10:27:28 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014/11/19 10:27:28 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\Drivers\aswHwid.sys -- (aswHwid)
DRV - [2014/11/19 10:27:21 | 000,787,800 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\Drivers\aswSnx.sys -- (aswSnx)
DRV - [2014/11/19 10:27:15 | 000,218,192 | ---- | M] (Avast Software) [Kernel | Auto | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV - [2014/10/12 21:47:56 | 000,076,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\pdc.sys -- (pdc)
DRV - [2014/10/12 21:47:55 | 000,036,160 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\intelpep.sys -- (intelpep)
DRV - [2014/10/09 21:28:01 | 000,022,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2014/09/21 21:40:16 | 000,219,968 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\Drivers\WdFilter.sys -- (WdFilter)
DRV - [2014/09/21 21:40:16 | 000,084,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\WdNisDrv.sys -- (WdNisDrv)
DRV - [2014/09/21 21:39:37 | 000,029,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\WdBoot.sys -- (WdBoot)
DRV - [2014/08/14 18:35:51 | 000,122,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV - [2014/07/24 08:48:42 | 000,376,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV - [2014/07/24 08:48:41 | 000,362,304 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\spaceport.sys -- (spaceport)
DRV - [2014/07/24 05:43:19 | 000,110,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV - [2014/05/01 06:00:25 | 000,046,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\wpcfltr.sys -- (wpcfltr)
DRV - [2014/03/23 09:39:49 | 000,013,464 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2014/03/19 20:09:47 | 000,283,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\clfs.sys -- (CLFS)
DRV - [2014/03/13 05:12:46 | 000,138,584 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\wof.sys -- (Wof)
DRV - [2014/03/08 06:45:14 | 000,069,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV - [2014/02/22 09:40:21 | 000,261,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV - [2014/02/22 09:40:19 | 000,163,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\UCX01000.SYS -- (UCX01000)
DRV - [2014/02/22 09:40:17 | 000,064,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\sdstor.sys -- (sdstor)
DRV - [2014/02/22 06:22:09 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\BasicRender.sys -- (BasicRender)
DRV - [2014/02/11 11:33:30 | 000,050,400 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys -- (AODDriver4.3)
DRV - [2014/02/11 11:33:30 | 000,050,400 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys -- (AODDriver4.2.0)
DRV - [2013/11/14 14:43:25 | 000,047,960 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\stornvme.sys -- (stornvme)
DRV - [2013/10/26 15:28:41 | 000,120,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SerCx2.sys -- (SerCx2)
DRV - [2013/09/29 22:54:39 | 000,142,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VerifierExt.sys -- (VerifierExt)
DRV - [2013/09/29 22:47:54 | 000,019,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\kbldfltr.sys -- (kbldfltr)
DRV - [2013/09/29 22:47:45 | 000,030,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\terminpt.sys -- (terminpt)
DRV - [2013/08/22 01:13:53 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\condrv.sys -- (condrv)
DRV - [2013/08/22 00:35:21 | 000,053,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\Drivers\dam.sys -- (dam)
DRV - [2013/08/22 00:35:20 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\acpiex.sys -- (acpiex)
DRV - [2013/08/22 00:34:52 | 000,133,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\tpm.sys -- (TPM)
DRV - [2013/08/22 00:33:32 | 000,058,208 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\mvumis.sys -- (mvumis)
DRV - [2013/08/22 00:33:31 | 000,033,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV - [2013/08/22 00:33:30 | 000,068,960 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV - [2013/08/22 00:33:29 | 000,069,472 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV - [2013/08/22 00:33:26 | 000,086,368 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\3ware.sys -- (3ware)
DRV - [2013/08/22 00:33:25 | 000,773,472 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\adp80xx.sys -- (ADP80XX)
DRV - [2013/08/22 00:33:25 | 000,100,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV - [2013/08/22 00:33:24 | 000,073,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\EhStorClass.sys -- (EhStorClass)
DRV - [2013/08/22 00:33:01 | 000,276,832 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV - [2013/08/22 00:32:57 | 000,090,976 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\storahci.sys -- (storahci)
DRV - [2013/08/22 00:32:57 | 000,059,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SpbCx.sys -- (SpbCx)
DRV - [2013/08/22 00:32:57 | 000,058,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SerCx.sys -- (SerCx)
DRV - [2013/08/22 00:32:57 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\uaspstor.sys -- (UASPStor)
DRV - [2013/08/22 00:32:38 | 000,031,584 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\cnghwassist.sys -- (cnghwassist)
DRV - [2013/08/22 00:24:56 | 000,023,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\uefi.sys -- (UEFI)
DRV - [2013/08/22 00:24:36 | 000,023,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV - [2013/08/22 00:20:22 | 000,093,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\vmbus.sys -- (vmbus)
DRV - [2013/08/22 00:20:22 | 000,045,376 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\vmstorfl.sys -- (storflt)
DRV - [2013/08/22 00:20:22 | 000,042,304 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\storvsc.sys -- (storvsc)
DRV - [2013/08/21 23:11:29 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\ahcache.sys -- (ahcache)
DRV - [2013/08/21 23:11:04 | 000,043,520 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV - [2013/08/21 23:10:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\HyperVideo.sys -- (HyperVideo)
DRV - [2013/08/21 23:10:37 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\mshidumdf.sys -- (mshidumdf)
DRV - [2013/08/21 23:10:28 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\acpitime.sys -- (acpitime)
DRV - [2013/08/21 23:10:21 | 000,009,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\acpipagr.sys -- (acpipagr)
DRV - [2013/08/21 23:10:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\npsvctrig.sys -- (npsvctrig)
DRV - [2013/08/21 23:10:01 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV - [2013/08/21 23:09:59 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\kdnic.sys -- (kdnic)
DRV - [2013/08/21 23:09:57 | 000,006,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\vms3cap.sys -- (s3cap)
DRV - [2013/08/21 23:09:50 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\vmgencounter.sys -- (gencounter)
DRV - [2013/08/21 23:09:37 | 000,023,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BthhfHid.sys -- (bthhfhid)
DRV - [2013/08/21 23:09:23 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\winusb.sys -- (WinUsb)
DRV - [2013/08/21 23:09:15 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV - [2013/08/21 23:09:10 | 000,026,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2013/08/21 23:09:09 | 000,012,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\hyperkbd.sys -- (hyperkbd)
DRV - [2013/08/21 23:09:03 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2013/08/21 23:09:01 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\hidi2c.sys -- (hidi2c)
DRV - [2013/08/21 23:09:01 | 000,018,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2013/08/21 23:08:37 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\dmvsc.sys -- (dmvsc)
DRV - [2013/08/21 23:08:18 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\netvsc63.sys -- (netvsc)
DRV - [2013/08/21 23:08:06 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV - [2013/08/21 23:07:55 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\mslldp.sys -- (MsLldp)
DRV - [2013/08/21 23:07:19 | 000,091,136 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\Drivers\Ndu.sys -- (Ndu)
DRV - [2013/08/21 20:58:35 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\fxppm.sys -- (FxPPM)
DRV - [2013/08/12 18:25:32 | 000,016,088 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\bcmfn2.sys -- (bcmfn2)
DRV - [2013/08/09 19:39:44 | 000,524,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\iaStorAV.sys -- (iaStorAV)
DRV - [2013/07/23 16:18:30 | 000,061,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\iaioi2c.sys -- (iaioi2c)
DRV - [2013/07/23 16:18:30 | 000,022,016 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\iaiogpio.sys -- (GPIO)
DRV - [2013/06/18 07:23:13 | 000,490,496 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\Rt630x86.sys -- (RTL8168)
DRV - [2013/06/18 07:21:39 | 000,214,016 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\e1e6032.sys -- (e1express)
DRV - [2012/07/13 15:13:16 | 000,055,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\VSPerfDrv110.sys -- (VSPerfDrv110)
DRV - [2009/03/30 06:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\Drivers\RsFx0103.sys -- (RsFx0103)
DRV - [2007/04/18 11:59:40 | 000,098,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\COMMONFX.DLL -- (COMMONFX.DLL)
DRV - [2007/04/12 11:10:26 | 000,164,608 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CT20XUT.DLL -- (CT20XUT.DLL)
DRV - [2007/04/12 11:10:26 | 000,066,816 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTHWIUT.DLL -- (CTHWIUT.DLL)
DRV - [2007/04/12 11:10:24 | 001,317,632 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTEXFIFX.DLL -- (CTEXFIFX.DLL)
DRV - [2007/04/12 11:10:22 | 000,323,328 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTEDSPSY.DLL -- (CTEDSPSY.DLL)
DRV - [2007/04/12 11:10:22 | 000,128,768 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTEDSPIO.DLL -- (CTEDSPIO.DLL)
DRV - [2007/04/12 11:10:20 | 000,280,320 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTEDSPFX.DLL -- (CTEDSPFX.DLL)
DRV - [2007/04/12 11:10:20 | 000,094,976 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTERFXFX.DLL -- (CTERFXFX.DLL)
DRV - [2007/04/12 11:10:18 | 000,168,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTEAPSFX.DLL -- (CTEAPSFX.DLL)
DRV - [2007/04/12 11:10:16 | 000,560,384 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\CTSBLFX.DLL -- (CTSBLFX.DLL)
DRV - [2007/04/12 11:10:16 | 000,546,048 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\CTAUDFX.DLL -- (CTAUDFX.DLL)
DRV - [2007/04/10 09:00:24 | 000,157,480 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2007/04/10 08:59:04 | 000,126,760 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\ctoss2k.sys -- (ossrv)
DRV - [2007/04/10 07:32:06 | 000,189,736 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\haP17v2k.sys -- (hap17v2k)
DRV - [2007/04/10 07:31:18 | 000,163,112 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\haP16v2k.sys -- (hap16v2k)
DRV - [2007/04/10 07:29:10 | 000,797,992 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2007/04/10 07:28:36 | 000,092,968 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\emupia2k.sys -- (emupia)
DRV - [2007/04/10 07:25:46 | 000,014,632 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2007/04/10 07:21:06 | 000,347,128 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2007/04/10 07:20:38 | 000,520,488 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\ctaud2k.sys -- (ctaud2k)
DRV - [2007/04/10 07:19:30 | 000,511,272 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\ctac32k.sys -- (ctac32k)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
IE - HKLM\..\SearchScopes,DefaultScope = {E9410C70-B6AE-41FF-AB71-32F4B279EA5F}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = https://search.yahoo...p={searchTerms}
IE - HKLM\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" = https://www.google.c...q={searchTerms}
IE - HKLM\..\SearchScopes\{EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D}: "URL" = https://www.google.c...q={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.googlw.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5
IE - HKCU\..\SearchScopes,DefaultScope = {E9410C70-B6AE-41FF-AB71-32F4B279EA5F}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IESR02
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7RNLD_enUS516
IE - HKCU\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = https://search.yahoo...p={searchTerms}
IE - HKCU\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" = https://www.google.c...q={searchTerms}
IE - HKCU\..\SearchScopes\{EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D}: "URL" = https://www.google.c...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Google (avast)"
FF - prefs.js..browser.search.defaultenginename: "Google (avast)"
FF - prefs.js..browser.search.defaultthis.engineName: "Google (avast)"
FF - prefs.js..browser.search.defaulturl: "https://www.google.c...trackid=sp-006"
FF - prefs.js..browser.search.highlightCount: 3
FF - prefs.js..browser.search.order.1: "Google (avast)"
FF - prefs.js..browser.search.selectedEngine: "Google (avast)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.google.c...trackid=sp-006"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:10.0.2502.149
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:34.0
FF - prefs.js..keyword.URL: "https://www.google.c...trackid=sp-006"
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2012/12/18 15:44:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2012/12/18 15:44:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/11/19 10:27:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 34.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 34.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2013/06/04 10:19:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Extensions
[2013/05/01 16:04:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\extensions
[2014/01/01 09:23:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\extensions\extensions
[2014/12/04 09:32:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\ziw2tsxd.default-1394307380856\extensions
[2012/11/29 09:47:10 | 000,197,580 | ---- | M] () (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\extensions\[email protected]
[2014/12/29 12:35:25 | 000,002,428 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\ziw2tsxd.default-1394307380856\searchplugins\google-avast.xml
[2014/12/04 10:05:19 | 000,009,405 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\ziw2tsxd.default-1394307380856\searchplugins\yahoo-avast.xml
[2014/12/03 08:54:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/12/03 08:55:03 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/11/19 10:27:32 | 000,000,000 | ---D | M] ("Avast Online Security") -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
 
O1 HOSTS File: ([2013/08/22 01:13:55 | 000,000,824 | ---- | M]) - C:\Windows\System32\Drivers\etc\hosts
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Microsoft Web Test Recorder 10.0 Helper) - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (no name) - {dc7019fd-7042-4e78-ad2e-d5961346405e} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CtHelper.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] C:\WINDOWS\System32\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [AppSafe] C:\Program Files\AppSafe\AppSafe.exe File not found
O4 - HKCU..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4 - HKCU..\Run: [EPSON WorkForce 610 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFJA.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [Speech Recognition] C:\WINDOWS\Speech\Common\sapisvr.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VoiceZoneConnect.lnk = C:\Program Files\VoiceZoneConnect\VoiceZoneConnect.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer:  =
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE~1\Office15\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\OFFICE~1\Office15\ONBttnIE.dll/105 File not found
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{17B866BD-DA3B-40B1-9513-E8903617AE06}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\SearchProtect\SearchProtect\bin\VC32Loader.dll) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/04/09 16:17:05 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2012/06/03 08:34:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/12/29 14:12:57 | 000,114,904 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/12/29 14:12:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/12/29 14:12:40 | 000,075,480 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2014/12/29 14:12:40 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mwac.sys
[2014/12/29 14:12:40 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2014/12/29 14:12:40 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2014/12/29 14:12:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/12/29 13:52:24 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2014/12/29 12:31:13 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/12/21 13:42:57 | 000,000,000 | ---D | C] -- C:\Users\Owner\.idlerc
[2014/12/21 13:38:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
[2014/12/21 13:37:55 | 000,000,000 | ---D | C] -- C:\Python27
[2014/12/15 23:33:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\OLDIES
[2014/12/11 00:42:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appraiser
[2014/12/10 12:25:00 | 002,459,136 | ---- | C] (Python Software Foundation) -- C:\WINDOWS\System32\python27.dll
[2014/12/09 21:10:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\vlc
[2014/12/09 21:09:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2014/12/08 17:05:44 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\VB Documents
[2014/12/07 23:28:24 | 000,000,000 | ---D | C] -- C:\New folder
[2014/12/07 00:23:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows App Certification Kit
[2014/12/07 00:22:19 | 000,000,000 | ---D | C] -- C:\Program Files\Application Verifier
[2014/12/03 08:54:43 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/12/01 23:43:12 | 000,000,000 | -HSD | C] -- C:\Users\Owner\AppData\Local\EmieBrowserModeList
[2014/12/01 22:36:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\assembly
[2014/12/01 22:13:46 | 000,000,000 | ---D | C] -- C:\ProgramData\okbpfmhphkdmjlejhodpkmgnaeohllje
[2014/12/01 22:03:34 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\18034
[2014/12/01 21:22:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH
[2014/12/01 21:18:48 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Microsoft Help
[2014/12/01 21:18:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2014/12/01 16:33:58 | 000,000,000 | ---D | C] -- C:\ProgramData\NuGet
 
========== Files - Modified Within 30 Days ==========
 
[2014/12/29 14:38:52 | 000,795,720 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014/12/29 14:38:52 | 000,159,922 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014/12/29 14:34:57 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/12/29 14:32:55 | 000,613,880 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014/12/29 14:32:43 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/12/29 14:32:39 | 1671,143,424 | -HS- | M] () -- C:\hiberfil.sys
[2014/12/29 14:13:03 | 000,114,904 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/12/29 14:12:44 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/12/29 14:08:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/12/29 13:52:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2014/12/29 12:00:00 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\AppSafe.job
[2014/12/28 23:49:43 | 000,030,600 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000003-00000000-00000005-00001102-00000008-10211102}.rfx
[2014/12/28 23:49:43 | 000,030,600 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000003-00000000-00000005-00001102-00000008-10211102}.rfx
[2014/12/28 23:49:43 | 000,029,604 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000003-00000000-00000005-00001102-00000008-10211102}.rfx
[2014/12/28 23:49:43 | 000,029,604 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000003-00000000-00000005-00001102-00000008-10211102}.rfx
[2014/12/28 23:49:43 | 000,011,564 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000003-00000000-00000005-00001102-00000008-10211102}.rfx
[2014/12/27 00:03:26 | 001,631,990 | ---- | M] () -- C:\Users\Owner\Desktop\PROSCAN.PDF
[2014/12/23 13:01:18 | 000,000,000 | ---- | M] () -- C:\scores.csv
[2014/12/19 21:39:16 | 000,632,508 | ---- | M] () -- C:\Users\Owner\Desktop\Bengals.jpg
[2014/12/18 09:07:41 | 000,001,192 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/12/18 09:07:13 | 000,001,074 | ---- | M] () -- C:\Users\Owner\Desktop\Dropbox.lnk
[2014/12/15 19:15:08 | 002,200,828 | ---- | M] () -- C:\Users\Owner\Desktop\Wildlife_512kb.mp4
[2014/12/10 12:25:00 | 002,459,136 | ---- | M] (Python Software Foundation) -- C:\WINDOWS\System32\python27.dll
[2014/12/09 21:09:16 | 000,001,044 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/12/08 21:27:16 | 000,000,209 | ---- | M] () -- C:\Users\Owner\Desktop\btnPause.png
[2014/12/08 21:25:20 | 000,000,201 | ---- | M] () -- C:\Users\Owner\Desktop\btnStop.png
[2014/12/08 21:22:35 | 000,000,264 | ---- | M] () -- C:\Users\Owner\Desktop\btnPlay.png
[2014/12/08 21:17:21 | 000,000,268 | ---- | M] () -- C:\Users\Owner\Desktop\btnNext.png
[2014/12/08 21:16:32 | 000,000,315 | ---- | M] () -- C:\Users\Owner\Desktop\btnPrevious.png
[2014/12/08 17:01:58 | 000,001,123 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2014/12/08 16:57:50 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2014/12/08 15:54:21 | 000,002,756 | ---- | M] () -- C:\Users\Owner\.recently-used.xbel
[2014/12/08 00:26:48 | 000,000,000 | ---- | M] () -- C:\Users\Owner\AppData\Local\debuggee.mdmp
[2014/12/04 09:48:44 | 000,335,872 | ---- | M] () -- C:\Users\Owner\Documents\AddressBookDB.mdb
[2014/12/02 19:59:07 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\AppCloudUpdater.job
 
========== Files Created - No Company Name ==========
 
[2014/12/29 14:12:44 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/12/27 00:03:21 | 001,631,990 | ---- | C] () -- C:\Users\Owner\Desktop\PROSCAN.PDF
[2014/12/23 13:01:18 | 000,000,000 | ---- | C] () -- C:\scores.csv
[2014/12/19 21:39:15 | 000,632,508 | ---- | C] () -- C:\Users\Owner\Desktop\Bengals.jpg
[2014/12/15 19:15:07 | 002,200,828 | ---- | C] () -- C:\Users\Owner\Desktop\Wildlife_512kb.mp4
[2014/12/09 21:09:16 | 000,001,044 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/12/08 21:27:16 | 000,000,209 | ---- | C] () -- C:\Users\Owner\Desktop\btnPause.png
[2014/12/08 21:25:20 | 000,000,201 | ---- | C] () -- C:\Users\Owner\Desktop\btnStop.png
[2014/12/08 21:22:35 | 000,000,264 | ---- | C] () -- C:\Users\Owner\Desktop\btnPlay.png
[2014/12/08 21:17:20 | 000,000,268 | ---- | C] () -- C:\Users\Owner\Desktop\btnNext.png
[2014/12/08 21:16:32 | 000,000,315 | ---- | C] () -- C:\Users\Owner\Desktop\btnPrevious.png
[2014/12/08 17:01:58 | 000,001,123 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2014/12/08 15:54:21 | 000,002,756 | ---- | C] () -- C:\Users\Owner\.recently-used.xbel
[2014/12/08 00:26:48 | 000,000,000 | ---- | C] () -- C:\Users\Owner\AppData\Local\debuggee.mdmp
[2014/11/19 10:27:34 | 000,206,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014/11/19 10:27:34 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014/11/19 10:27:34 | 000,024,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswHwid.sys
[2014/09/21 10:30:45 | 000,000,145 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\userdata2.adl
[2014/09/20 23:34:56 | 000,000,458 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\spell.cfg
[2014/08/15 17:38:59 | 000,050,745 | ---- | C] () -- C:\WINDOWS\System32\srms.dat
[2014/05/01 14:50:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\eDrawingOfficeAutomator.INI
[2014/04/13 21:22:34 | 000,262,335 | ---- | C] () -- C:\WINDOWS\System32\dfpinc.dat
[2014/04/13 21:21:06 | 000,002,255 | ---- | C] () -- C:\WINDOWS\System32\WimBootCompress.ini
[2014/03/22 21:22:12 | 000,013,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\SWDUMon.sys
[2014/03/12 11:27:16 | 000,103,936 | ---- | C] () -- C:\WINDOWS\System32\OEMLicense.dll
[2013/11/14 12:26:27 | 000,000,884 | RHS- | C] () -- C:\Users\Owner\ntuser.pol
[2013/11/14 12:20:49 | 000,021,316 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013/08/22 03:19:09 | 000,795,720 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2013/08/22 03:19:09 | 000,296,742 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2013/08/22 03:19:09 | 000,159,922 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2013/08/22 03:19:09 | 000,033,362 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2013/08/22 03:17:31 | 000,000,389 | ---- | C] () -- C:\WINDOWS\System32\AutoWorkplace.exe.config
[2013/08/22 03:17:30 | 000,215,943 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2013/08/22 03:17:29 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[2013/08/22 02:24:03 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 02:22:45 | 000,613,880 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/08/21 22:33:54 | 000,073,216 | ---- | C] () -- C:\WINDOWS\System32\BthpanContextHandler.dll
[2013/08/21 22:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\BWContextHandler.dll
[2013/08/21 18:57:03 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 18:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2013/08/21 18:52:35 | 001,520,828 | ---- | C] () -- C:\WINDOWS\System32\WpcNBModel.bin
[2013/08/21 18:52:35 | 000,526,068 | ---- | C] () -- C:\WINDOWS\System32\staticurllist.bin
[2013/08/21 18:50:57 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\settings.dat
[2013/07/19 15:12:15 | 000,073,220 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2013/07/19 15:12:15 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2013/07/19 15:12:15 | 000,029,114 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2013/07/19 15:12:15 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2013/07/19 15:12:15 | 000,021,021 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2013/07/19 15:12:15 | 000,015,670 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2013/07/19 15:12:15 | 000,013,280 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2013/07/19 15:12:15 | 000,010,673 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2013/07/19 15:12:15 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2013/07/19 15:12:15 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2013/07/19 15:12:15 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2013/07/19 15:12:15 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2013/07/19 15:12:15 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2013/07/19 15:12:15 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2013/07/19 15:12:15 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2013/07/19 15:12:15 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2013/07/19 15:11:20 | 000,000,090 | ---- | C] () -- C:\WINDOWS\EPWF610.ini
[2012/11/06 14:42:59 | 000,000,013 | ---- | C] () -- C:\Users\Owner\.ssid
 
========== ZeroAccess Check ==========
 
[2013/12/31 19:17:58 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/08/30 17:59:13 | 018,723,112 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 21:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2013/08/21 21:42:12 | 000,390,144 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013/07/14 18:54:41 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Artinsoft
[2014/05/31 16:25:52 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Autodesk
[2014/11/19 10:28:26 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\AVAST Software
[2014/04/05 21:38:09 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\BitSpirit
[2014/11/15 14:55:47 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Canneverbe Limited
[2014/09/25 23:10:02 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Caphyon
[2013/12/11 18:21:27 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\com.twc.voicezoneconnect
[2014/11/15 23:26:18 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\dlg
[2013/01/21 11:39:20 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Downloaded Installations
[2014/12/29 14:34:58 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Dropbox
[2014/05/01 15:33:11 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\EDrawings
[2013/07/20 04:19:21 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Epson
[2014/06/25 07:09:28 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Eusing
[2014/11/26 07:44:36 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\EZDownloader
[2013/01/21 11:41:00 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FileOpen
[2013/03/06 20:12:15 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FileZilla
[2014/11/26 07:57:17 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Foxit Software
[2014/12/08 15:54:21 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\gtk-2.0
[2014/10/27 12:30:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\hm8platform
[2014/11/06 15:10:17 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ICSharpCode
[2013/03/06 15:31:30 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\KompoZer
[2014/04/05 20:52:35 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\library_dir
[2014/03/08 17:10:39 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mp3tag
[2013/09/11 12:49:04 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Nitro
[2014/05/24 14:39:51 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Nitro PDF
[2012/12/22 19:22:01 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\NuGet
[2014/04/06 11:22:01 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Open Download Manager
[2014/01/01 09:24:58 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Pelles C
[2014/08/25 18:22:20 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Stockwell_Software
[2014/07/07 13:13:07 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Tangible Software Solutions Inc
[2014/05/24 12:46:57 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Unigraphics Solutions
[2014/04/06 11:14:39 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\uTorrent
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 216 bytes -> C:\Users\Owner\SkyDrive:ms-properties
@Alternate Data Stream - 183 bytes -> C:\Users\Owner\SkyDrive.old:ms-properties
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:E0EB178F

< End of report >

 

OTL Extras logfile created on: 12/29/2014 2:53:47 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Owner\Desktop
 Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17498)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1.95 Gb Total Physical Memory | 0.96 Gb Available Physical Memory | 49.41% Memory free
2.63 Gb Paging File | 1.42 Gb Available in Paging File | 54.11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 1863.01 Gb Total Space | 1737.64 Gb Free Space | 93.27% Space Free | Partition Type: NTFS
 
Computer Name: TLIMS-ISNW-HLMB | User Name: Duane Stockwell | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\WINDOWS\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0BC7AA2C-0D80-46DE-BDBA-2207587762A0}" = lport=6919 | protocol=6 | dir=in | app=c:\program files\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{0F2D1AFD-04D0-439D-A1A1-D47770957064}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1BE92016-B416-4E5E-B262-8726B5AE095D}" = lport=6917 | protocol=6 | dir=in | app=c:\program files\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{2677477C-BEE5-4824-8AD0-D4F14D6A9EA6}" = lport=6917 | protocol=6 | dir=in | app=c:\program files\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{2CF23AA5-428E-4B33-BD88-E22F1851B458}" = lport=6920 | protocol=6 | dir=in | app=c:\program files\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{2DAA4B85-C7EF-4F6F-BB1F-EB0323C06212}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3754F296-75A6-4783-AAE7-A16B891D6053}" = lport=6916 | protocol=6 | dir=in | app=c:\program files\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{391E350E-A2EF-4DD7-A93F-F3BF97B7FDC2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3AB967BB-5358-4375-886C-3FB2517DCA5F}" = lport=3702 | protocol=17 | dir=in | app=c:\program files\microsoft visual studio 11.0\common7\ide\vswinexpress.exe |
"{42823A02-20F4-43B2-91D6-05EDBDE1811D}" = lport=6915 | protocol=6 | dir=in | app=c:\program files\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{4324403B-41D6-4F62-B849-701DBB5A98BE}" = lport=6919 | protocol=6 | dir=in | app=c:\program files\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{4D5A0D95-FA11-46B5-9BDC-97FCB7C2483A}" = lport=3702 | protocol=17 | dir=in | app=c:\program files\microsoft visual studio 12.0\common7\ide\wdexpress.exe |
"{55ABB4C4-22D3-42F2-AAAC-A524304C2481}" = rport=10243 | protocol=6 | dir=out | app=system |
"{565C6473-DD8F-4507-9626-7DD7F5DD7385}" = lport=3389 | protocol=6 | dir=in | svc=termservice | app=%systemroot%\system32\svchost.exe |
"{6995E372-FE5B-4148-9C5A-A38F2890E956}" = lport=3702 | protocol=17 | dir=in | app=c:\program files\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{69AA8615-7C99-445A-A8CA-8720D122F675}" = lport=6920 | protocol=6 | dir=in | app=c:\program files\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{7EFDFEE6-1EAE-4C8C-9693-B66757DAEA19}" = lport=6915 | protocol=6 | dir=in | app=c:\program files\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{89B5799E-7770-43A0-9315-AACECB8185A8}" = lport=6916 | protocol=6 | dir=in | app=c:\program files\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{8CAE90C8-E1BB-4DD0-AE1B-60880FC711ED}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8ED78CD3-B17D-4A62-B6D6-BAA63B6545BC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{960A5938-E919-4FFE-A344-39432AF8E915}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A10D66C1-13CB-478E-AC5E-07CADE55DD30}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B2D3144E-11ED-4040-86B7-B3D657DD017C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C768CAE9-D753-47B9-8CB9-D36A157A0C0B}" = lport=3389 | protocol=17 | dir=in | svc=termservice | app=%systemroot%\system32\svchost.exe |
"{E0C0EA82-AAAB-409C-8A21-EA68BB19E140}" = lport=3702 | protocol=17 | dir=in | app=c:\program files\microsoft visual studio 11.0\common7\ide\wdexpress.exe |
"{E8E780C0-427D-4173-844B-B94C38CA59F8}" = lport=6918 | protocol=6 | dir=in | app=c:\program files\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{F547E081-09AA-4093-811A-83A6E2D0DE76}" = lport=6918 | protocol=6 | dir=in | app=c:\program files\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{F8AB7208-4B80-4381-97CE-52B8E50FA769}" = lport=50248 | protocol=6 | dir=in | name=autodesk content service |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00B38175-3604-4151-9864-B4ABCFFF3225}" = dir=in | name=sonicwall mobile connect |
"{01FECF1A-A317-4B79-8D3A-C97A01D41C0F}" = dir=out | [email protected]{microsoft.zunemusic_2.2.299.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{03F4B495-54DF-463B-BF7D-200F45A3F005}" = dir=out | [email protected]{microsoft.reader_6.2.8516.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{059431F4-4514-412E-BF15-271A643FABE9}" = dir=out | [email protected]{microsoft.bingnews_3.0.4.213_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{0A08CF7B-2163-4C00-A50A-049A351BF822}" = dir=in | [email protected]{microsoft.windowscommunicationsapps_17.5.9600.20315_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{0B715C4F-1FDF-4F8A-8335-B90F111A86EB}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0D797FAB-9952-4A32-A1D2-B404D1714303}" = dir=out | [email protected]{microsoft.bingweather_3.0.1.203_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{0E341339-EF13-4FA8-BE76-5EF7FDAC52B1}" = protocol=6 | dir=in | app=c:\program files\bitspirit\bitspirit.exe |
"{1164B711-63BD-4873-9BEE-94407B6F41D5}" = dir=out | name=sonicwall mobile connect |
"{129923F8-ABF3-4F6C-AB51-B9BD1E380200}" = dir=out | name=windows_ie_ac_001 |
"{140C6A10-7BAB-4327-9C53-1BCBBE111278}" = dir=out | [email protected]{microsoft.bingtravel_3.0.4.212_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{1687F519-DB00-4828-A21A-8393EA6D650A}" = dir=out | [email protected]{microsoft.bingnews_3.0.1.321_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/apptitle} |
"{1AB8291A-5942-45CE-A46B-C78178C06599}" = dir=out | [email protected]{microsoft.xboxlivegames_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{1B662E02-0334-46D0-9C3E-243624DBEF46}" = dir=out | [email protected]{microsoft.binghealthandfitness_3.0.4.254_x86__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{1B9120DF-F101-42DA-84A4-C2D56A3D8068}" = dir=out | [email protected]{microsoft.bingweather_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{1C5240E2-C1B6-455E-97AD-EDA75FA0BB3D}" = dir=out | name=sonicwall mobile connect |
"{1C9710A0-E041-49DF-BC36-20B699868F7D}" = dir=out | [email protected]{microsoft.xboxlivegames_2.0.139.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{1F802A10-34DA-4935-8D54-6D1A95088334}" = dir=out | [email protected]{microsoft.zunevideo_2.6.408.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{1F91091E-9B1D-4E0A-9ED8-23C72D75F017}" = dir=out | [email protected]{microsoft.bingweather_3.0.4.249_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{2277C0F0-9191-40CA-AF37-4ED009F0A84F}" = dir=out | [email protected]{microsoft.xboxlivegames_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{22E8355A-0A8A-4CF9-A07B-52396727AD98}" = dir=out | [email protected]{microsoft.zunevideo_2.2.299.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{239837F6-DE08-46F2-A372-E7D485806AF9}" = dir=out | [email protected]{microsoft.bingmaps_2.1.3230.2048_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{26F6A312-0C94-4B91-A152-48F9AFC1DEAD}" = dir=out | [email protected]{microsoft.zunemusic_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{2B26EA9C-6D65-4144-B94E-65E613FC68AE}" = dir=in | name=juniper networks junos pulse |
"{2BF3C708-79AC-46E5-AE16-D14C7AA43F70}" = dir=out | [email protected]{microsoft.bingsports_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{2D3D1AEA-E4E0-4D74-8BE9-F2FE787D89D0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2D76E8E0-44BF-4315-84E3-4A8004154856}" = dir=out | [email protected]{microsoft.bingfinance_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{2D80A003-CC09-4008-A73F-D223BE83865E}" = dir=in | [email protected]{microsoft.windowsreadinglist_6.3.9654.20349_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{2D91940A-6632-47BB-98EE-C97201EED8D2}" = dir=in | name=sonicwall mobile connect |
"{2DF2E2B0-A588-4810-90EB-4C394CAB983F}" = dir=in | name=junipernetworks.junospulsevpn |
"{2F452A34-FD50-4B9A-B075-6B2B627EB62F}" = dir=out | [email protected]{microsoft.bingweather_3.0.4.249_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{2FDC759B-707F-4CB3-BAD4-C940CB19B015}" = dir=out | [email protected]{microsoft.zunevideo_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{31876154-6B64-4E65-89E5-5FAD552DCB02}" = dir=out | [email protected]{microsoft.bingnews_3.0.4.213_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{331D3F10-92E3-4211-9259-CAF9D02FCE86}" = dir=out | name=junipernetworks.junospulsevpn |
"{39D88360-2979-4A80-93BC-CB9383FD5196}" = protocol=6 | dir=in | app=c:\users\owner\appdata\roaming\dropbox\bin\dropbox.exe |
"{3BF1AC76-98E2-42CD-8F70-9B5C42F9ACB5}" = protocol=17 | dir=in | app=c:\program files\avast software\avast\ng\vbox\aswfe.exe |
"{3C7D2D3C-27DF-4C7A-A7AB-C2AD83A08777}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3CFD10D4-7041-4A2D-B9E6-A4E0141C5521}" = dir=out | [email protected]{microsoft.zunemusic_2.6.649.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{477AE42F-F052-428C-A3AC-47A733D18D50}" = dir=out | name=f5 vpn |
"{489693FD-B4EB-4311-A508-C9C72F92CF85}" = dir=out | [email protected]{microsoft.bingnews_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{4CD2C12B-4199-4AF6-ACE5-3C5B7E2C08C7}" = dir=out | [email protected]{microsoft.windowscommunicationsapps_17.5.9600.20689_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{4EA8A740-6CC9-4E9A-B66A-EB5B4FDA028D}" = dir=out | [email protected]{microsoft.bingfoodanddrink_3.0.4.212_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{5604DB77-3B32-4905-84FB-06953F549E11}" = protocol=17 | dir=in | app=c:\program files\bitspirit\bitspirit.exe |
"{56232281-444A-42C2-95A0-7ACC2C42544E}" = dir=in | name=skype |
"{5D027FC6-65D3-4D62-90AC-8DC0E42FF822}" = dir=out | [email protected]{microsoft.bingtravel_3.0.1.202_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{602F2D11-4B96-4CCE-85E2-4024FCFF2BF1}" = dir=out | name=check point vpn |
"{633A35B7-B972-4D94-84B9-8F34C9E7B7D7}" = dir=out | [email protected]{microsoft.bingsports_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{6463DE24-96E8-4A4F-B0B1-5C020BD6CD1B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{688BF113-FC99-4E87-889D-14DF16FE301D}" = protocol=17 | dir=in | app=c:\program files\raptr\raptr.exe |
"{68953155-F191-42E0-8F44-3AE456DBC4BB}" = dir=out | [email protected]{microsoft.bingfinance_3.0.4.253_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{6AE2ADDC-F99D-4C85-9F7E-5020B4AB68B6}" = protocol=6 | dir=in | app=c:\program files\search results toolbar\datamngr\srtool~1\dtuser.exe |
"{6B39B8B0-6E17-4494-8E7B-8C522C6DB23C}" = dir=in | name=skype |
"{6CC4E96F-90C1-43D4-BCE6-257C04B48D64}" = protocol=6 | dir=in | app=%systemroot%\system32\rdpsa.exe |
"{6D32B801-A940-4A1C-AF82-B7DBBEF3242E}" = dir=in | name=check point vpn |
"{6EFD9FB4-A83A-4C30-8295-EAF0B68609CD}" = dir=out | [email protected]{microsoft.bingfoodanddrink_3.0.4.253_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{73B03348-3671-43BB-A2FF-6904C23F8CA6}" = dir=out | [email protected]{microsoft.bingfinance_3.0.1.299_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{77C2D87D-0E8C-482E-A214-64BC5D93F597}" = dir=out | [email protected]{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{78F57ABA-CD36-489B-B351-432D5F073003}" = dir=out | [email protected]{microsoft.binghealthandfitness_3.0.4.240_x86__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{7B8CC8D2-633A-4A5F-BA0C-22DC8001A6BC}" = dir=in | [email protected]{microsoft.windowscommunicationsapps_17.5.9600.20689_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{7F269177-F8BC-4E06-8DBC-A300A6555A4A}" = dir=out | [email protected]{microsoft.bingsports_3.0.4.244_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{8055743E-37EC-4667-B553-C697ECFC654C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{810A9AE3-F275-4B4F-8B98-71A896E69722}" = dir=out | [email protected]{microsoft.xboxlivegames_2.0.139.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{81444925-230D-45ED-B7A8-A5F48339C783}" = dir=in | [email protected]{microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{835E0E77-65D1-4FAA-AA5E-AC67565A94FB}" = dir=out | name=sonicwall.mobileconnect |
"{83C83ACA-6787-4A9C-8C49-BABB8C4DA359}" = dir=out | [email protected]{microsoft.bingmaps_2.0.2530.2317_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{854AAB04-67A5-4185-8CCC-1DC4F426410C}" = dir=out | name=check point vpn |
"{86819F73-BFCC-47EC-BC07-06A49ED88A60}" = dir=out | [email protected]{microsoft.bingmaps_1.2.0.136_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{86FC420E-5AC4-4941-AD2D-DAE0966DDF1D}" = dir=out | [email protected]{microsoft.zunemusic_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{87C547E8-9609-4296-9B3D-7245E510BF09}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{881979C3-C1FF-42B0-878C-76812DA769A3}" = dir=in | name=check point vpn |
"{8861A41A-4959-45C6-A2E6-40875B589144}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8A524DB3-BBBB-44F8-9EC3-275E7D468437}" = protocol=6 | dir=in | app=c:\program files\avast software\avast\ng\vbox\aswfe.exe |
"{8B48469C-EE59-4F31-9DBF-81041DED18AE}" = dir=in | name=juniper networks junos pulse |
"{8D26E095-0D65-4757-825F-CC276D985942}" = dir=out | [email protected]{microsoft.zunevideo_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{8D642FC3-EF5E-4843-83CB-A088AE849B5E}" = dir=out | name=f5 vpn |
"{8E6C72AF-6E86-4BDB-BE9D-30FC75502FD3}" = dir=out | [email protected]{microsoft.bingfinance_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{9335AB85-69FC-49B4-8C47-792D5F8F7685}" = dir=out | [email protected]{microsoft.bingsports_3.0.4.244_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{93BDBD02-76BB-4CB2-94C3-6DCFBB589AB2}" = dir=out | name=juniper networks junos pulse |
"{95541C35-C634-469D-AF93-FFCB6799E5DA}" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"{97946985-3C0B-4FD0-9723-1B2386FB411E}" = protocol=6 | dir=in | app=c:\program files\raptr\raptr.exe |
"{98025B19-36D5-48A5-B3BD-342ACBA951CD}" = dir=out | name=sonicwall mobile connect |
"{9A6143F6-C9B9-4A2D-889D-87DD59722FAA}" = dir=out | name=juniper networks junos pulse |
"{9AF7B88C-75CE-49F7-A3D2-51FD86925AF9}" = dir=out | [email protected]{microsoft.windowsreadinglist_6.3.9654.20349_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{9B92C752-5BE1-4952-8D5E-E123FE9F8EDD}" = dir=out | [email protected]{microsoft.binghealthandfitness_3.0.1.335_x86__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{9BA8509A-30B6-49DC-B7AB-34B89B35840C}" = dir=out | [email protected]{microsoft.windowscommunicationsapps_17.5.9600.20315_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{9F444C45-7F7C-42B1-BBF3-628B4DDA4E59}" = dir=out | [email protected]{microsoft.bingtravel_1.2.0.145_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{A322677A-667E-4075-AD45-90BA5F512124}" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"{A49D02DF-1C08-4201-8836-1054D83E2E53}" = dir=in | name=juniper networks junos pulse |
"{A6F08554-DEC4-4585-B70E-57B48E1FFABB}" = dir=out | [email protected]{microsoft.windowsreadinglist_6.3.9654.20321_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{A8900E61-7CB9-425F-A671-DCEB63FA57AA}" = dir=out | [email protected]{microsoft.bingmaps_2.0.2210.2401_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{A9080F4C-BE69-49F6-87CD-FAE444526D27}" = dir=out | [email protected]{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A933A80F-06F5-4D16-89F4-10A6A1E25151}" = dir=out | name=microsoft solitaire collection |
"{A9FA0DDA-CD08-4E46-9C61-1F973AB95388}" = protocol=6 | dir=in | app=c:\program files\raptr\raptr_im.exe |
"{AF4CD98F-A6B6-4B1C-8D65-661A94CE0BDE}" = dir=in | [email protected]{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{AF6954E7-A9DF-46FF-9910-DFC0B0420E70}" = dir=in | name=f5 vpn |
"{B0C7ADF2-D690-48C4-812B-E07CA1728DDF}" = dir=in | name=check point vpn |
"{B10F9053-CC47-4D50-BE42-BDF18C7A4DDF}" = dir=out | [email protected]{microsoft.bingnews_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{B12F3E1B-13D4-4850-B168-7AE0FB751B84}" = dir=out | [email protected]{microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{B1634512-AAB9-4601-9222-A610971E426A}" = dir=out | name=skype |
"{B34BA15C-5A3D-4CEF-944A-21CEAAA5C775}" = dir=in | [email protected]{microsoft.reader_6.2.8516.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{B432DF8E-F773-4C93-8ABE-621A9DCADE27}" = dir=out | name=check point vpn |
"{B7FDA9E9-75E4-4218-8952-3B6D708FF69B}" = dir=out | name=skype |
"{BB841E22-D017-42CE-8524-74B8272198C9}" = protocol=17 | dir=in | app=c:\users\owner\appdata\roaming\dropbox\bin\dropbox.exe |
"{BD3F657A-52D0-4DBE-91AF-8E6DE25D3325}" = protocol=17 | dir=in | app=c:\program files\search results toolbar\datamngr\srtool~1\dtuser.exe |
"{BDBE201F-51CB-44FF-9332-F955B46F9B1D}" = dir=out | [email protected]{microsoft.bingtravel_1.2.0.145_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{BE74172B-DC72-4B4E-AB39-A2BD8A853D20}" = dir=out | [email protected]{microsoft.bingweather_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{C05CAB71-94CA-45B3-8294-1693A4797F34}" = dir=out | [email protected]{microsoft.reader_6.2.8516.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{C070A4BD-42F9-4B06-A2F1-E5497D344967}" = dir=in | name=skype |
"{C6182E4B-10FC-4083-A766-458080D68E73}" = dir=in | name=f5.vpn.client |
"{CAA46749-85C4-4B65-9CCC-9DB03E306888}" = dir=out | [email protected]{microsoft.bingfinance_3.0.4.212_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{CE32A702-CE8A-4456-BD4D-1A814ED09D3D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CEC9708A-D2D3-4CEB-96A7-66218A0032E6}" = dir=out | [email protected]{microsoft.zunevideo_2.6.432.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{CFC2ADE2-7FEF-41D2-B50D-BC1FDA229DC2}" = dir=out | [email protected]{microsoft.xboxlivegames_2.0.139.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{D0A8EE5D-D3D2-451E-92F8-AA816B52F01F}" = protocol=6 | dir=out | app=system |
"{D1612ADB-038B-4E5D-8FC0-D4F6A6595FFB}" = dir=out | [email protected]{microsoft.windowscommunicationsapps_17.5.9600.20689_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{D4B9F866-6E45-4B84-B3AA-576F23068822}" = dir=out | [email protected]{microsoft.windowsreadinglist_6.3.9654.20540_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{D4BE465F-2848-4851-AA32-DB2623319CE1}" = dir=out | [email protected]{microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{D9AE4293-1668-4BFE-BF57-0FBC6E4DFF4D}" = dir=out | [email protected]{microsoft.bingfoodanddrink_3.0.1.201_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{DC6321CF-DA1F-47C1-8DBE-59EE98486F7E}" = dir=in | [email protected]{microsoft.windowscommunicationsapps_17.5.9600.20689_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{DCC714A1-632D-4911-83A5-6652BDD268C2}" = dir=out | [email protected]{microsoft.zunemusic_2.6.476.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{DDDBA0CF-A802-4450-A1D6-400F8B928F86}" = dir=out | name=f5 vpn |
"{E20BB53A-3BDC-460D-BAEE-FFDC117AB485}" = dir=in | name=sonicwall.mobileconnect |
"{E36B079A-361D-42A4-82AE-73FE6F413D78}" = protocol=17 | dir=in | app=c:\program files\raptr\raptr_im.exe |
"{E4D1C7E5-C7FE-46DC-96AB-D01A8BC6AE11}" = dir=in | name=sonicwall mobile connect |
"{E6A4BE21-4183-455E-8C07-84C78011B261}" = dir=out | name=checkpoint.vpn |
"{E74EDE30-D631-46C9-A09C-FBEC8FA7D3C7}" = dir=out | name=juniper networks junos pulse |
"{E87C4EB6-6F4C-4E7F-8385-633B5F0CA2DD}" = dir=in | [email protected]{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{ED2E7248-1D90-4583-A524-07D6917A0780}" = dir=out | [email protected]{microsoft.bingmaps_1.2.0.136_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{EDE59C43-2DB0-4A1B-B000-21340D662C05}" = dir=in | [email protected]{microsoft.windowsreadinglist_6.3.9654.20540_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{F2ACB2CC-5889-4D22-90FF-7FF5530141AC}" = dir=in | [email protected]{microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{F466B8D8-FC5E-4641-A63F-80A2045E11B6}" = dir=in | name=microsoft solitaire collection |
"{F7252F45-70F9-40C4-8033-E1C966E8133F}" = dir=in | name=f5 vpn |
"{F8F00BEE-5EE9-483C-B4E5-38B83875B2C1}" = dir=in | name=f5 vpn |
"{FA35BA80-EA4B-48FD-9FEF-74E9E0B3FEC7}" = dir=in | name=checkpoint.vpn |
"{FBA79830-950C-467F-9358-71A29A508955}" = dir=in | [email protected]{microsoft.reader_6.2.8516.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{FCFCEC00-708A-4BDE-BA9C-B4A0FBC7DC24}" = dir=out | name=skype |
"{FD08950E-B724-491B-BD90-9DDF9A52E511}" = dir=out | name=windows_ie_ac_001 |
"{FE06F4C3-F4A1-4046-BE6A-127EF2CF5EA0}" = dir=out | [email protected]{microsoft.bingsports_3.0.1.203_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{FE5EA256-AD54-4FD8-B211-1263089653FF}" = dir=out | name=f5.vpn.client |
"{FF287BC0-02D0-41E7-BC89-E70C370836C3}" = dir=out | [email protected]{microsoft.bingtravel_3.0.4.212_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{FFBB6938-D99D-4C2E-9BE2-82BD5BC1D8CB}" = dir=in | [email protected]{microsoft.windowsreadinglist_6.3.9654.20321_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"TCP Query User{4D4140DB-FAD6-4E22-8892-533798DDF465}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"TCP Query User{5CC03D8D-64CB-4411-81C0-58895E7E13F2}C:\users\owner\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\owner\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{CC54DC54-F0E8-48DF-AD16-3FED005358BB}C:\program files\relevantknowledge\rlvknlg.exe" = protocol=6 | dir=in | app=c:\program files\relevantknowledge\rlvknlg.exe |
"TCP Query User{CF338260-712F-4499-8C2C-E6D18ED7795C}C:\program files\microsoft office\office11\frontpg.exe" = protocol=6 | dir=in | app=c:\program files\microsoft office\office11\frontpg.exe |
"TCP Query User{EF29DD33-7FAE-4D95-A3EE-098335E78BC5}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"UDP Query User{12931F61-ACFA-4068-A222-E0D86430FBD0}C:\program files\microsoft office\office11\frontpg.exe" = protocol=17 | dir=in | app=c:\program files\microsoft office\office11\frontpg.exe |
"UDP Query User{1ACF65BF-2471-42FD-85FE-C6435F95A34D}C:\program files\relevantknowledge\rlvknlg.exe" = protocol=17 | dir=in | app=c:\program files\relevantknowledge\rlvknlg.exe |
"UDP Query User{24E9BE4C-4341-4685-8815-F459B169BB4F}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"UDP Query User{38B546DB-64EE-4D82-83E6-DFA163D4EB25}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"UDP Query User{98F10A60-24C6-4079-AA66-1864C1D4BCF5}C:\users\owner\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\owner\appdata\roaming\utorrent\utorrent.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{001296EA-6321-1D93-6D07-C56469336B6F}" = CCC Help Chinese Traditional
"{00EC8ABC-3C5A-40F8-A8CB-E7DCD5ABFA05}" = Microsoft NuGet - Visual Studio 2012
"{0398BFBC-991B-3275-9463-D2BF91B3C80B}" = Microsoft Help Viewer 2.1
"{046806D1-0A38-3FCA-AF84-F71C50A0C363}" = Microsoft Visual Studio Premium 2012
"{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}" = Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729
"{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}" = Microsoft SQL Server 2012 T-SQL Language Service
"{05E1731A-5DD6-314E-889F-265C006C8EF9}" = Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries
"{070C38AC-05CE-43DF-9A20-141332F6AB2B}" = Microsoft System CLR Types for SQL Server 2012
"{07B3B42B-18C1-4CA7-AFFB-2B0313BBFB7C}_is1" = Vizacc HelpMaker 7.4.4 (remove only)
"{0897CD98-5441-474F-A5B2-0BD6357299FB}" = 用于 Visual Studio 2013 的 Microsoft 报告查看器加载项
"{08BF5606-B92B-91D9-550E-45C40EF82146}" = CCC Help Swedish
"{09412B73-6159-40D6-B0B9-C11B30A7531E}" = Microsoft Visual Studio 2012 Preparation
"{0B698858-DAB0-4F9E-A10A-125B274EDA06}" = Microsoft Visual C++  x64 Libraries
"{0BB716E0-1400-0200-0000-097DC2F354DF}" = Autodesk Revit Interoperability for Inventor 2014
"{0BCC836F-0B28-4090-B58A-64883BAA3B2F}" = WCF Data Services 5.0 (for OData v3) Primary Components
"{0C03A66F-1FF0-45F9-8D67-0D806EBFFBA1}" = Blend for Visual Studio SDK for Silverlight 5
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{0E4A9B1A-12D2-4827-BE61-44DBD72797FB}" = TypeScript Tools for Microsoft Visual Studio 2013
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{1172AC15-080E-30E3-85B0-FF59AD2E6315}" = Microsoft Visual Studio Ultimate 2012 - ENU
"{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}" = Autodesk Material Library 2013
"{11960C5F-F2A2-1A1C-F884-2579A22E70BA}" = CCC Help Finnish
"{1228E4A3-8371-4F9B-BA6F-3D34113811B9}" = Visual Studio Extensions for Windows Library for JavaScript
"{13A3E02D-36D4-BBD6-0BBD-D0BFDBEA0079}" = Application Verifier x86 External Package
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{144F7E93-C1D7-ABAB-68BB-1ED2BB96B866}" = ccc-utility
"{14866AAD-1F23-39AC-A62B-7091ED1ADE64}" = Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729
"{148878BD-A2A5-4CF1-A103-2BA632F41953}" = WCF Data Services Tools for Microsoft Visual Studio 2012
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{14E2CE00-465F-4AD2-8365-A4F543E40F90}" = Complemento do Microsoft Report Viewer para Visual Studio 2013
"{153DB567-6FF3-49AD-AC4F-86F8A3CCFDFB}" = Autodesk Design Review 2013
"{1690CE56-2231-4E59-9006-A0876D949EA8}" =  Tools for .Net 3.5
"{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}" = Microsoft Silverlight 4 SDK
"{18D606E9-9650-48DF-8D6E-5AC61C5AD1A9}" = Microsoft Visual Studio 2012 IntelliTrace Front End x86
"{18F675EA-CB03-462D-A04B-3832DBAB5318}" = Microsoft Visual C++ 2012 Compilers - ENU Resources
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{19A5926D-66E1-46FC-854D-163AA10A52D3}" = Microsoft .NET Framework 4.5.1 SDK
"{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}" = Microsoft SQL Server 2012 Data-Tier App Framework
"{1B9BBB23-65CB-3AEE-BFC6-633E7CA299FD}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU
"{1BE2AFE6-209E-3862-AE45-DA9D3D21BD65}" = Microsoft Visual Studio Express 2012 for Windows Desktop
"{1C163D33-33B3-33EB-A617-0D4D852BE8E1}" = Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727
"{1C997E1C-5CE9-4AF3-AAA9-DC65E6090827}" = Microsoft Expression Blend SDK for Silverlight 4
"{1D968C74-5200-4331-F74D-83E30797B736}" = CCC Help Italian
"{1DB43E5A-2F24-4F51-92B0-A2C0EBF5C742}" = Microsoft Report Viewer Add-On for Visual Studio 2012
"{1F1AA110-D758-30C1-A1B4-5484C72BCACE}" = Microsoft Visual Studio Express 2013 for Windows Desktop - ENU
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2B6EDD-9374-B327-8F8E-E31AF6A805B0}" = CCC Help German
"{1F4DF099-EA5C-482D-9901-C0A8B539B417}" = Microsoft Web Platform Installer 4.0
"{1F5C7BAE-1E1A-7C93-1B90-84CE308AFC1C}" = Windows Software Development Kit EULA
"{205A8E25-7ABE-30AB-929E-80A63A7AFBE3}" = Microsoft Portable Library Multi-Targeting Pack
"{21373064-AD95-48DB-A32E-0D9E08EF7355}" = Prerequisites for SSDT
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{222C5507-AC43-388F-808E-2266EC57E043}" = Microsoft Visual Studio Express 2012 for Windows Desktop - ENU
"{23176E97-26CB-C72A-19EB-BFB21AC1D15A}" = Windows Software Development Kit DirectX x86 Remote
"{246B0F46-F84E-4857-8C47-F2A86B598BC5}" = Microsoft Visual Studio 2012 Preparation
"{266597A9-1832-0000-0100-DCBF2B69166B}" = Autodesk Vault Basic 2014 (Client) English Language Pack
"{2774595F-BC2A-4B12-A25B-0C37A37049B0}" = Microsoft SQL Server 2014 Management Objects
"{27fe8162-bf82-4d29-ad6d-906f55acd521}" = Microsoft Visual Studio 2012 SDK - ENU
"{285722F0-59D5-9468-BA6F-72985A2CE931}" = CCC Help Czech
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{28C7344F-E894-4CF5-8D05-EDC7ED71796C}" = Behaviors SDK (Windows) for Visual Studio 2013
"{2B68CAC1-5B99-3465-8982-E4FAB2AE036A}" = CCC Help Russian
"{2C0CC01A-DDBC-3AED-AF18-E741242FD727}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources
"{2C76E3DA-BA76-4FAD-B1B1-72B46D639028}" = PreEmptive Analytics Visual Studio Components
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{2F7DBBE6-8EBC-495C-9041-46A772F4E311}" = Microsoft SQL Server 2012 Management Objects
"{2F8F489A-0476-3129-857B-A553F38B192D}" = Microsoft Visual C++ 2012 Core Libraries
"{31ABA3F2-0000-1033-0002-111D43815377}" = Autodesk ReCap
"{31ABA3F2-0010-1033-0002-111D43815377}" = Autodesk ReCap Language Pack-English
"{31AC9515-5F70-41D1-F740-B1978B8D48EA}" = CCC Help Greek
"{330E5D98-20D2-4CA4-AE51-FCB8AA80F634}" = Microsoft Visual Studio 2012 Devenv
"{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver
"{34B86C7D-4103-201B-3A13-03934DB11543}" = Windows Software Development Kit Redistributables
"{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}" = Prerequisites for SSDT
"{36155860-97D8-43CF-828A-7ADEA94F7CAA}" = Microsoft LightSwitch for Visual Studio 2012 v3.0 Core
"{372D17F6-A54E-4A01-B264-1314890FFE61}" = Dotfuscator and Analytics Community Edition
"{37464E70-B0B9-9DFF-649A-CBE169BAD657}" = Windows Software Development Kit for Windows Store Apps
"{37E53780-3944-4A6A-842F-727128E8616E}" = Blend for Visual Studio SDK for .NET 4.5
"{38FC6E9A-F719-431A-A83D-4C86D5FD6555}" = Microsoft Visual Studio 2012 Shell (Minimum) Resources
"{3A523AF9-D32F-4C85-8388-0335731F3405}" = WCF RIA Services V1.0 SP2
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3AE82D96-752D-1505-8F07-FF9504D6D0E5}" = Catalyst Control Center Localization All
"{3D2E0EFF-7E27-ED90-809A-7E59FB05AE63}" = CCC Help Portuguese
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{3DDE0604-4D47-377D-AAA3-9D60F189C985}" = Microsoft Team Foundation Server 2013 Update 4 Object Model (x86)
"{3DFE302B-20AE-324B-8E92-BC7F0F036191}" = Microsoft Visual Studio Team Foundation Server 2012 Storyboarding
"{3F1B78AC-9A93-4707-AE7A-08E8FF351B61}" = Module Microsoft Report Viewer pour Visual Studio 2013
"{3F48DE5D-B12B-8090-A679-C2A22450C2E0}" = VoiceZoneConnect
"{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime
"{41785C66-90F2-40CE-8CB5-1C94BFC97280}" = Microsoft Chart Controls for Microsoft .NET Framework 3.5
"{4222A6C9-6127-4445-A820-B02ECFD9F407}" = Microsoft NuGet - Visual Studio 2012 Express for Windows 8
"{42F61556-29ED-8122-F39E-6F04EA5FF279}" = Windows Software Development Kit for Windows Store Apps DirectX x86 Remote
"{451526FA-52D1-41F2-B7E2-96343EC95853}" = Windows Azure Tools for LightSwitch HTML Client for Visual Studio 2012
"{460A0109-A6D4-4E8F-B154-846DFDF6E3DA}" = Visual Studio 2013용 Microsoft Report Viewer 추가 기능
"{4781443E-204D-4D98-8899-18A123C13B1E}" = Microsoft C++ REST SDK for Visual Studio 2013
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{47D08E7A-92A1-489B-B0BF-415516497BCE}" = Microsoft SQL Server 2014 T-SQL Language Service
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{481C8C2A-D764-E7B9-8155-316540E71082}" = Catalyst Control Center InstallProxy
"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = Epson Event Manager
"{492FCC0B-45E1-383A-A2CF-9E7F305AC200}" = Microsoft Visual Studio 2013 Team Explorer Language Pack - ENU
"{49402ED1-A795-4435-A745-1B781BE621A6}" = Microsoft NuGet - Visual Studio Express 2012 for Windows Desktop
"{4A1DEB7A-341B-453E-A3AF-7EA9902F9711}" = Microsoft SQL Server 2014 Express LocalDB
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4AE57014-05C4-4864-A13D-86517A7E1BA4}" = Microsoft .NET Framework 4.5 SDK
"{4AEB505C-95E1-4964-9B64-8D27F3186D30}" = Microsoft System CLR Types for SQL Server 2014
"{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}" = Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729
"{4DC59BF3-0D72-3CE8-BFEF-1E8FAF689EB0}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{4DDED18B-9C9C-434B-95FE-CFA9C9EE626F}" = Solid Edge 2D Drafting ST6
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{4F2B8233-35EE-4197-8C3B-EACCBF712029}" = Microsoft SQL Server Data Tools - enu (11.1.20828.01)
"{4F44B5AE-82A6-4A8A-A3E3-E24D489728E3}" = Microsoft SQL Server 2008 Native Client
"{51BF3210-B825-4092-8E0D-66D689916E02}" = Autodesk Material Library Base Resolution Image Library 2014
"{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}" = Autodesk 360
"{532DBCC8-9468-435C-AEF6-30B7F50735A2}" = Blend for Visual Studio 2012 ENU resources
"{540AA6E2-6F5A-4147-9B3E-D99E3AD2BFFF}" = Microsoft Visual Studio 2012 Preparation
"{5411060C-8F8C-393D-8D3B-26AF2C92FABB}" = Microsoft Visual Studio 2013 Shell (Minimum)
"{544ACD54-9FAA-4A60-A1E7-B2EC3AA75D24}" = Microsoft SQL Server 2012 Native Client
"{550760A2-DC4A-CD2B-3C1B-01E0F9F1279E}" = Windows App Certification Kit Native Components
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{55BD05F4-6AF3-378F-9BC4-73F16FA5F823}" = Microsoft Visual Studio Team Foundation Server 2012 Storyboarding Language Pack - ENU
"{565B9F3F-3617-6859-B821-6F103537489D}" = CCC Help Danish
"{56AD3004-0B49-967F-F682-B05650B61A78}" = Windows Software Development Kit for Windows Store Apps DirectX x86 Remote
"{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}" = Microsoft .NET Framework 4.5 Multi-Targeting Pack
"{5783F2D7-D028-0409-0000-0060B0CE6BBA}" = DWG TrueView 2014
"{57AC2726-F265-4FAF-B07A-BB6FD9E021D1}" = Microsoft Visual Studio 2012 Preparation
"{57F20F04-014D-453F-B6A3-AE9485C4DFAB}" = Blend for Visual Studio 2012
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{594DB57D-58D1-4AA3-AE6C-BF99484F52F8}" = Behaviors SDK (Windows Phone) for Visual Studio 2013
"{59F0E916-7B87-4F09-888B-850F3F0700B5}" = Catalyst Control Center - Branding
"{5A2D2C68-0F79-49FE-908E-396BA77A59FB}" = Надстройка Microsoft Report Viewer для Visual Studio 2013
"{5C29CC1F-218F-4C30-948A-11066CAC59FB}" = Autodesk Material Library Low Resolution Image Library 2014
"{5EF1EBC5-4A40-4D1C-B02E-0C54BC93FD06}" = Microsoft SQL Server 2012 Command Line Utilities
"{5FF5933C-61A3-4E7C-8029-DC9661DF5DEE}" = Microsoft Visual Studio 2012 IntelliTrace Core x86
"{605FFCBB-EC5A-485C-B27E-189F1C8A96E5}" = Microsoft Visual C++ 2012 x86-x64 Compilers
"{606E12B9-641F-4644-A22A-FF38AE980AFD}" = Autodesk Material Library Base Resolution Image Library 2013
"{6098D454-CB7B-44C2-8615-D869FD9655C7}" = TypeScript Power Tool
"{60D5EF2A-4E0C-2C30-38F6-59C26E134F4A}" = Windows Software Development Kit
"{62910715-63E3-0AB0-0B29-99140DE1C15E}" = LocalESPC
"{629FD0BB-C056-4C31-BF76-FC5D43399BE1}" = eDrawings 2014
"{62F029AB-85F2-0000-866A-9FC0DD99DDBC}" = Autodesk Content Service
"{62F029AB-85F2-0001-866A-9FC0DD99DDBC}" = Autodesk Content Service Language Pack
"{62FE9025-BA8A-4EB3-BDA8-6D1E08B79A61}" = TX Text Control 19.0.NET for Windows Forms
"{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}" = Microsoft ASP.NET Web Pages
"{64484316-E4BA-38B3-8954-0358522A8D40}" = Microsoft Visual Studio Express 2013 for Windows Desktop
"{644F9B19-A462-499C-BF4D-300ABC2A28B1}" = Autodesk Material Library 2014
"{64F3FB9A-9250-B2D6-00B4-50BE0358AEE8}" = WPT Redistributables
"{66FFC445-6EB0-3D02-95D7-925E3050FFB8}" = Microsoft Visual Studio 2013 XAML UI Designer - ENU
"{6781FF9B-E87D-4A03-9373-A55A288B83FA}" = Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1)
"{678800C0-D94E-4513-89CB-478F2B781A0B}" = Microsoft Visual C++ 2013 x86-x64 Compilers
"{689425C0-2E3B-47C3-84BA-FA06732F2EB3}" = Microsoft Visual Studio 2012 Performance Collection Tools
"{6A0C6700-EA93-372C-8871-DCCF13D160A4}" = Microsoft .NET Framework 4.5.1 Multi-Targeting Pack
"{6C06FEE9-C64E-453F-B8A5-D9E9B79ED040}" = Microsoft Visual C++ 2013 32bit Compilers - ENU Resources
"{6DAB46E3-D017-3E2B-85D8-F57A230384C0}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer
"{6DD8507F-EA47-36B6-AE34-655964DFCA89}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model
"{6E3ED8F1-7A17-32B7-1490-3D2FFCDA3FBC}" = AMD Fuel
"{6EB5B377-BD22-2E2E-772F-4A993EAC38FD}" = Catalyst Control Center Graphics Previews Common
"{6F066545-40A2-4C38-A8F7-78581CC5C442}" = Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools
"{6FC3B79F-47C6-38AF-B9A9-67DE3C639598}" = Microsoft Visual Studio Premium 2012 - ENU
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73629F80-9DFE-421A-908B-C71FBD243E5A}" = Microsoft Report Viewer Add-On for Visual Studio 2013
"{7437A4B9-314F-3B8F-827B-22909146E471}" = Microsoft LightSwitch for Visual Studio 2012 Core
"{76BAD284-3559-25EE-AB8C-FBAA8042B24B}" = CCC Help English
"{76FF502F-6811-F75B-2FEB-0B69BB584031}" = Windows App Certification Kit x86
"{773AC1E4-5F27-4DF6-A932-7FDDE35C069D}" = Microsoft SQL Server Compact 4.0 SP1 ENU
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{777C7020-402D-4F73-D4C8-B375AFB5CFF7}" = CCC Help Polish
"{77E2D875-FD9E-3DEE-9A84-C34FDECB4ECA}" = Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.60610
"{79B49428-E9B0-4479-A0FA-3EFF8AFA9F07}" = Microsoft SQL Server 2012 Transact-SQL Compiler Service
"{79F081BF-7454-43DB-BD8F-9EE596813232}" = Python 2.7.9
"{7A05796B-4FB2-4BAE-8CDC-28F7ABBC6EF3}" = Microsoft Azure Shared Components for Visual Studio 2013 - v1.3
"{7AE61976-6FE2-4B65-9E1C-4DE44288772B}" = Visual Studio Extensions for Windows Library for JavaScript
"{7D5CE450-30A2-35F6-A5B4-53847D2E3175}" = Microsoft Visual Studio 2010 Office Developer Tools (x86)
"{7E090AA3-1AA3-749F-4C2F-16CDB816651F}" = CCC Help Turkish
"{7F4DD591-1832-0001-0000-7107D70F3DB4}" = Autodesk Inventor Professional 2014
"{7F4DD591-1832-0001-1033-7107D70F3DB4}" = Autodesk Inventor Professional 2014 English Language Pack
"{7FEFA920-0095-A7D7-C394-096E1A5470C5}" = AMD Catalyst Install Manager
"{800F484E-9D69-492D-B656-7BAA32586142}" = Microsoft Visual Studio 2012 Shell (Minimum)
"{814E4191-A98A-4CDF-99AE-E6D6BACEA22F}" = SharpDevelop 4.4
"{8162B13E-896E-40DF-EB30-5252BF25CC03}" = CCC Help Norwegian
"{820C677A-41B2-48C3-8136-FEE35A052E73}" = Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies
"{82C1E6E4-6718-4EFD-9DCC-E276D690EF46}" = Autodesk Inventor Fusion plug-in for AutoCAD 2013
"{834B6E00-F509-40F2-A677-E86261184576}" = Blend for Visual Studio Add-in for Adobe FXG Import
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84D88F57-4130-30FE-A0B6-1E04428FE1F6}" = Microsoft Visual C++ 2013 Core Libraries
"{85253F13-EE42-4850-A3A5-79B90E92D7AC}" = Entity Framework 6.1.1 Tools  for Visual Studio 2013
"{8762B098-374D-4900-B68E-34BF2840E694}" = Microsoft Web Developer Tools 2012.2 - Visual Studio 2012
"{89CE7F9B-B4DF-8585-638B-6BD807ADE9C7}" = HydraVision
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A17260E-6572-1DE2-6E73-C297A31093C1}" = CCC Help Chinese Standard
"{8BD11F34-C26A-4E92-B2A2-4FFF5FC3FE67}" = Microsoft Visual Studio 2013 Diagnostic Tools - x86
"{8C3E5A03-18B7-4C00-951F-C1736DF93BFC}" = Microsoft Report Viewer Add-On for Visual Studio 2013
"{8E0AFE95-5099-1CB1-A3D1-1BFB2546F1F1}" = CCC Help Thai
"{8F196892-666A-4A40-8587-6AE38F78A5C2}" = FARO LS 1.1.501.0
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0070-0000-0000-4000000FF1CE}" = Microsoft Visual Basic for Applications 7.1 (x86)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90170409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{9274C832-3D8A-A294-FDE8-8B9272357098}" = SDK Debuggers
"{93489CA8-6656-33A0-A5AC-E0EDEDB17C3E}" = Microsoft Visual Studio Professional 2012
"{93A92E3A-46D2-443A-9451-3201F936F246}" = Microsoft Visual Studio 2012 Performance Collection Tools - ENU
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{95B10B5A-88EE-CE3B-43C8-42E7DD5646E6}" = WPTx86
"{96a8b90c-0a91-4e76-ab34-730c23923d11}" = Microsoft Visual Studio Community 2013 with Update 4
"{96F50F87-0F15-4F93-9FE6-387DD9CFB077}" = Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools - ENU
"{984022F2-9BCA-A41D-6A38-1AE658F01415}" = Windows Software Development Kit
"{985EF141-95DD-3934-8F23-7C2C4C61E5F7}" = Microsoft Visual Studio 2013 Shell (Minimum) Resources
"{99FCCA2B-F1FD-E66E-E3B9-AA57FBBF2E66}" = Windows Software Development Kit for Windows Store Apps
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B3A1C97-A361-463E-8817-444F9F88CDFE}" = Microsoft Expression Blend SDK for .NET 4
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E7DE17D-A9E2-4762-8C10-1E80F5976F4A}" = Microsoft Visual Studio 2013 Preparation
"{9F7DE660-6BFE-3BA2-A93D-4F13BD13E10B}" = VS Update core components
"{A1CB8286-CFB3-A985-D799-721A0F2A27F3}" = Windows Software Development Kit DirectX x86 Remote
"{A28E4F84-78C6-400B-B376-2C39CC6B05A8}" = Microsoft Report Viewer Add-On für Visual Studio 2013
"{A3A6D5EA-B6B5-3C05-BDA8-EAB99C09CDDC}" = Microsoft Visual Studio 2012 SharePoint Developer Tools
"{A3B8D9FB-CA7D-4487-8CA2-A6A2C8AD1077}" = Microsoft Visual C++  x86 Libraries
"{A4366F69-CE22-4DB7-9C8C-46A5845AF997}" = Microsoft Visual C++ 2012 Compilers - ENU Resources
"{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}" = Microsoft SQL Server System CLR Types
"{a7602e27-6fa8-4ea3-bf95-f71953fc5b64}" = Windows Software Development Kit for Windows 8.1
"{A7E87388-3512-4D9C-9BBA-284C3577CBE9}" = Microsoft Visual C++ 2012 Compilers
"{A83F6EE0-A42E-66D8-88B6-90A475602565}" = CCC Help Hungarian
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}" = Microsoft SQL Server Data Tools - enu (12.0.41012.0)
"{AD0BAC12-16F4-4544-B1E0-EAC988E16FB4}" = Compon. agg. Microsoft Report Viewer per Visual Studio 2013
"{ae17ae9b-af38-40d2-a194-6102c56ed502}" = Microsoft Visual Studio Ultimate 2012
"{AE937DBA-FEFD-3BFE-9860-0591C0F91D61}" = Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies
"{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}" = RealDownloader
"{AFA4B0BF-3289-495A-B949-BA91F39B1A44}" = Entity Framework Designer for Visual Studio 2012 - enu
"{B1465D1D-6427-4CA1-AE29-8B699209E663}" = Microsoft Visual Studio 2012 Devenv Resources
"{B255880F-8C5E-4FAF-8F9C-7DBA635B2615}" = Build Tools - x86
"{B28FF388-32EE-37B0-96CF-56DB0713637E}" = Microsoft Team Foundation Server 2013 Update 4 Object Model Language Pack (x86) - ENU
"{B3B073C2-ABCE-4170-89E6-D61923688544}" = Visual Studio 2013 的 Microsoft Report Viewer 附加元件
"{B40E950B-300A-41B5-A6C1-2FEBEEA1BEEA}" = Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools - ENU
"{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}" = Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729
"{B46DECD1-1832-4EF1-0000-22D71E81877C}" = Autodesk Inventor Content Center Libraries 2014 (Desktop Content)
"{B503082D-B4CD-32E5-A97C-AB10D2E9111A}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - enu
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B51F97E6-83F3-3B02-8CBB-15F86DFCE1DB}" = Microsoft Visual Studio Express 2012 for Windows 8
"{B5DA9D49-9BD8-0F2F-52FC-C7E66BC8D944}" = LocalESPCui for en-us
"{b6391d7a-479c-494c-a76f-cad96a8a73ac}" = Microsoft Visual Studio Express 2012 for Windows 8 - ENU
"{B74E65FD-CC47-41C5-4B89-791A3F61942D}" = Kits Configuration Installer
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}" = Microsoft SQL Server VSS Writer
"{b8a9dbc1-1fd4-4103-a83b-a2896f193ea0}" = Microsoft Visual Studio Express 2013 for Windows Desktop - ENU with Update 4
"{B8FFB7D6-6ABD-47C3-8BAD-86FF5D8F3EDC}" = IIS 8.0 Express
"{B90F9678-82C0-32A3-996B-98AA7EA5D8F4}" = Microsoft Visual Studio 2013 XAML UI Designer
"{B92C2C6C-F70E-497B-88A7-1FEF9888272B}" = Adobe AIR
"{B9F35D86-242E-3FA4-B9F8-A982E0DF918D}" = Microsoft Visual Studio 2012 SharePoint Developer Tools ENU Language Pack
"{BAB89D31-4C55-472B-8909-6CBE2CC276B1}" = Microsoft Visual Basic for Applications 7.1 (x86) English
"{BD9DC17D-C48D-3B1B-944A-D0DE74FC74BC}" = Microsoft Visual C++ 2012 Extended Libraries
"{BE4F3A79-8954-499C-AEF9-E8A3BC235677}" = JavaScript Tooling
"{C086E8FA-7445-4E07-1310-4616EC120EE7}" = CCC Help Dutch
"{C1BE4600-7D15-3D1E-8AA2-B3241DB1D063}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core
"{C1E52442-C3E6-3801-95EC-011A0561A796}" = Microsoft Visual Studio 2012 SDK - ENU
"{C2F88EE6-D343-F986-E8F1-F012B294CEA7}" = CCC Help Korean
"{C340BAB2-9A21-41B9-A465-7AC7B1DF773E}" = Microsoft SQL Server 2014 Transact-SQL ScriptDom
"{C5C9E20C-CBD6-4FCE-B9FD-46E94BEC9169}" = Microsoft LightSwitch for Visual Studio 2012 v3.0 CoreRes - ENU
"{C6028E83-4C47-459F-9EDC-7D1412CBCD97}" = Python Tools Redirection Template
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C81452EB-CBCF-B8EB-3124-48C5B3D506B0}" = Windows Runtime Intellisense Content - en-us
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{C9E7751E-88ED-36CF-B610-71A1D262E906}" = Team Explorer for Microsoft Visual Studio 2013
"{ce404cfb-7e03-4ad5-a518-45dbb0a48a34}" = Visual Studio Extensions for Windows Library for JavaScript 1.0.9200.20602
"{CF3A1CA6-5E5E-B4BD-6CF1-363056816CA2}" = MSI Development Tools
"{CF526A26-1832-0000-0000-02E95019B628}" = Autodesk Vault Basic 2014 (Client)
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{CFFDC0EC-6924-3347-B047-13339EDBEC28}" = Microsoft Visual Studio Professional 2012 - ENU
"{D32EF103-4016-4C15-BCB0-700C0A7A2309}" = Microsoft ASP.NET MVC 3
"{D3517C62-68A5-37CF-92F7-93C029A89681}" = Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU)
"{D37C1AFD-4B44-12B5-B833-1AA7725C32A4}" = AMD Catalyst Control Center
"{D37FDF2F-8766-4BDF-A0E3-A60BDBB630ED}" = Build Tools Language Resources - x86
"{D3A828A9-FD4A-4463-9CB0-9673C682A0C7}" = Microsoft Visual C++ 2012 32bit Compilers - ENU Resources
"{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files
"{D8735515-0DB5-DCBD-C303-37D32DE4363F}" = CCC Help Japanese
"{D8DEAAC1-A503-4C97-90F7-EF1E58A3E509}" = Microsoft C++ Azure Mobile SDK for Visual Studio 2013
"{D9706C72-EB6E-37CC-8E21-FCDC0F9F93EE}" = Microsoft NuGet - Visual Studio Express 2013 for Windows Desktop
"{DB5600F1-DE83-46DE-B162-5FC4400EAF5B}" = Microsoft Visual C++ 2013 Compilers
"{DBC795E2-5A6D-451F-87FE-A5E1BC7B218F}" = Complemento Microsoft Report Viewer para Visual Studio 2013
"{E0A2A99A-D618-4F24-9730-464893DC27AC}" = Eco Materials Adviser for Autodesk Inventor 2014 (32-bit)
"{e0efdce9-a486-4676-8aa5-65bb08cbf34c}" = Microsoft Visual Studio Express 2012 for Windows Desktop - ENU
"{E1FBB3D4-ADB0-4949-B101-855DA061C735}" = Microsoft Silverlight 5 SDK
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E43AC95E-66B0-4CEC-AADD-C9BFEF5A4C0A}" = Microsoft Web Deploy 3.0
"{E4ADE757-7FE9-322D-9CAE-C77D77A2D2BF}" = Microsoft LightSwitch for Visual Studio 2012 CoreRes - ENU
"{E4C33F5B-1B2F-466E-957E-B274F08151A0}" = Microsoft Web Deploy dbSqlPackage Provider - enu
"{E4F406B9-319B-2C33-54CE-84A46DA47BFB}" = CCC Help French
"{E5CAE8D2-9F9F-3BEA-AA0F-B5B40611C704}" = Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005
"{E6F3851E-CEEB-4ECB-A6FA-337C8F662E3D}" = Microsoft Visual C++ 2013 Compilers - ENU Resources
"{E7654811-38F9-4225-9688-827FDA716582}" = Microsoft SQL Server 2012 Transact-SQL ScriptDom
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{E7EDC392-45CF-3EFF-8806-49E6911112DD}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU
"{E818AE7C-244B-4A50-9C86-C0E4A8B69159}" = Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU
"{E8FA2571-7BC9-44ED-8026-8DE9CE0B9CCD}" = Visual Studio Extensions for Windows Library for JavaScript
"{E9A2B5C5-5885-3B1A-A30C-0E5ACB76B5F1}" = Microsoft Visual Studio Express 2012 for Windows 8 - ENU
"{EA63C5C1-EBBC-477C-9CC7-41454DDFAFF2}" = Microsoft ASP.NET Web Pages 2 Runtime
"{EC58A9C9-22D8-FA14-785E-37B8C290AA8D}" = CCC Help Spanish
"{ED784556-66AA-3F17-9B58-7246ACB5C7E4}" = Microsoft Visual Basic 2010 Express - ENU
"{ED8DFB38-C87B-42B3-A33E-B20DF935C055}" = PowreShellIntegration.Notifications
"{EFA87714-E75A-3BFC-A698-A3AABA5A8A0C}" = Microsoft Visual Studio Ultimate 2012
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F361FE04-789E-42F3-BBAB-E7B380AA5E06}" = Windows XP Targeting with C++
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FAE0523E-08A4-4717-8E8E-6EC6F32CBE88}" = Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01)
"{FC0C36DE-02B4-351B-93FB-293A40042EF1}" = Microsoft Visual Studio 2012 SDK Language Pack - ENU
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb" = IIS Express Application Compatibility Database for x86
"{FE2F4875-095C-427C-9A97-4F8DE05ACF22}" = Autodesk Inventor Fusion plug-in language pack for AutoCAD 2013
"{FE939060-416C-4ECD-890E-13776E2707C4}" = Microsoft SQL Server 2012 Express LocalDB
"{FEB375AB-6EEC-3929-8FAF-188ED81DD8B5}" = Microsoft Help Viewer 2.0
"{FFC6E93A-B9AD-3F20-9B06-EE20E24AAEAF}" = Microsoft Visual C++ 2012 Core Libraries
"{FFF5619F-2013-0032-A85E-9994F70A9E5D}" = Autodesk Inventor Fusion 2013
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"ALPlayer_is1" = ALPlayer
"ALSong_is1" = ALSong
"ALUpdate_is1" = ALTools Update
"Autodesk Content Service" = Autodesk Content Service
"Autodesk Design Review 2013" = Autodesk Design Review 2013
"Autodesk Inventor Fusion 2013" = Autodesk Inventor Fusion 2013
"Autodesk Inventor Fusion plug-in for AutoCAD 2013" = Autodesk Inventor Fusion plug-in for AutoCAD 2013
"Autodesk Inventor Professional 2014" = Autodesk Inventor Professional 2014 - English
"Autodesk ReCap" = Autodesk ReCap
"Autodesk Revit Interoperability for Inventor 2014" = Autodesk Revit Interoperability for Inventor 2014
"Autodesk Vault Basic 2014 (Client)" = Autodesk Vault Basic 2014 (Client)
"Avast" = Avast Free Antivirus
"Belarc Advisor" = Belarc Advisor 8.4
"com.twc.voicezoneconnect" = VoiceZoneConnect
"DWG TrueView 2014" = Autodesk DWG TrueView 2014
"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver
"EPSON Scanner" = EPSON Scan
"EPSON WorkForce 610 Series" = EPSON WorkForce 610 Series Printer Uninstall
"Foxit Reader_is1" = Foxit Reader
"HTML Help Workshop" = HTML Help Workshop
"Image2Icon Converter_is1" = Image2Icon Converter
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.4.1028
"MediaHuman Lyrics Finder_is1" = MediaHuman Lyrics Finder version 1.0
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 2.0" = Microsoft Help Viewer 2.0
"Microsoft Help Viewer 2.1" = Microsoft Help Viewer 2.1
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Visual Basic 2010 Express - ENU" = Microsoft Visual Basic 2010 Express - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Mozilla Firefox 34.0 (x86 en-US)" = Mozilla Firefox 34.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.58
"RealPlayer 16.0" = RealPlayer
"Speccy" = Speccy
"VLC media player" = VLC media player
"WinGimp-2.0_is1" = GIMP 2.6.11
"wpclipart_is1" = WPClipart-8.0
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"8a929f15dcded0a7" = TimeConverter
"d1b07e3203b98c2c" = AddressBook
"Dropbox" = Dropbox
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 12/28/2014 10:33:06 AM | Computer Name = TLIMS-ISNW-HLMBTSW-FHNS | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\ati technologies\hydravision\Grid64.exe".
Dependent
 Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
 could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 12/28/2014 10:33:07 AM | Computer Name = TLIMS-ISNW-HLMBTSW-FHNS | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Windows
 Kits\8.0\bin\x64\oleview.exe".  Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
 could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 12/28/2014 10:33:07 AM | Computer Name = TLIMS-ISNW-HLMBTSW-FHNS | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Windows
 Kits\8.0\bin\x64\filetypeverifier.exe".  Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
 could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 12/28/2014 10:36:41 AM | Computer Name = TLIMS-ISNW-HLMBTSW-FHNS | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe".
Dependent
 Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"
could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 12/28/2014 10:37:23 AM | Computer Name = TLIMS-ISNW-HLMBTSW-FHNS | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\ati technologies\ATI.ACE\core-static\SLSTaskbar64.exe".
Dependent
 Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
 could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 12/28/2014 10:37:25 AM | Computer Name = TLIMS-ISNW-HLMBTSW-FHNS | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\ati technologies\hydravision\Grid64.exe".
Dependent
 Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
 could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 12/28/2014 10:37:26 AM | Computer Name = TLIMS-ISNW-HLMBTSW-FHNS | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Windows
 Kits\8.0\bin\x64\oleview.exe".  Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
 could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 12/28/2014 10:37:26 AM | Computer Name = TLIMS-ISNW-HLMBTSW-FHNS | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Windows
 Kits\8.0\bin\x64\filetypeverifier.exe".  Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
 could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 12/29/2014 1:15:29 PM | Computer Name = TLIMS-ISNW-HLMBTSW-FHNS | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Cryptographic Services failed while processing the OnIdentity() call
 in the System Writer Object.  Details: AddLegacyDriverFiles: Unable to back up image
 of binary Microsoft Link-Layer Discovery Protocol.  System Error: Access is denied.
.
 
Error - 12/29/2014 1:35:43 PM | Computer Name = TLIMS-ISNW-HLMBTSW-FHNS | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.3.9600.17284,
time stamp: 0x53f8130d  Faulting module name: ntdll.dll, version: 6.3.9600.17278,
time stamp: 0x53eeb49a  Exception code: 0xc0000005  Fault offset: 0x0003beab  Faulting
 process id: 0x104  Faulting application start time: 0x01d0238c8faca468  Faulting application
 path: C:\WINDOWS\Explorer.EXE  Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report
 Id: 1caf85a2-8f81-11e4-b008-448a5b5cfdff  Faulting package full name:   Faulting package-relative
 application ID:
 
Error - 12/29/2014 1:48:42 PM | Computer Name = TLIMS-ISNW-HLMBTSW-FHNS | Source = Application Hang | ID = 1002
Description = The program LiveComm.exe version 17.5.9600.20689 stopped interacting
 with Windows and was closed. To see if more information about the problem is available,
 check the problem history in the Action Center control panel.    Process ID: 1454    Start
 Time: 01d0238e9e27ece4    Termination Time: 4294967295    Application Path: C:\Program
Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x86__8wekyb3d8bbwe\LiveComm.exe

Report
 Id: ec0d83a4-8f82-11e4-b008-448a5b5cfdff    Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20689_x86__8wekyb3d8bbwe

Faulting
 package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1  
 
Error - 12/29/2014 2:28:58 PM | Computer Name = TLIMS-ISNW-HLMBTSW-FHNS | Source = Application Error | ID = 1000
Description = Faulting application name: explorer.exe, version: 6.3.9600.17284,
time stamp: 0x53f8130d  Faulting module name: QtCore_Ad_SyncNs_4.dll_unloaded, version:
 4.8.2.0, time stamp: 0x50d3ea15  Exception code: 0xc0000005  Fault offset: 0x0014cad0
Faulting
 process id: 0x870  Faulting application start time: 0x01d0238e1c83c007  Faulting application
 path: C:\WINDOWS\explorer.exe  Faulting module path: QtCore_Ad_SyncNs_4.dll  Report
 Id: 8d0a6334-8f88-11e4-b008-448a5b5cfdff  Faulting package full name:   Faulting package-relative
 application ID:
 
Error - 12/29/2014 3:09:41 PM | Computer Name = TLIMS-ISNW-HLMBTSW-FHNS | Source = Application Error | ID = 1000
Description = Faulting application name: explorer.exe, version: 6.3.9600.17284,
time stamp: 0x53f8130d  Faulting module name: QtCore_Ad_SyncNs_4.dll_unloaded, version:
 4.8.2.0, time stamp: 0x50d3ea15  Exception code: 0xc0000005  Fault offset: 0x0014cad0
Faulting
 process id: 0xc68  Faulting application start time: 0x01d0239569aabd5b  Faulting application
 path: C:\WINDOWS\explorer.exe  Faulting module path: QtCore_Ad_SyncNs_4.dll  Report
 Id: 3d13fdd7-8f8e-11e4-b008-448a5b5cfdff  Faulting package full name:   Faulting package-relative
 application ID:
 
Error - 12/29/2014 3:10:19 PM | Computer Name = TLIMS-ISNW-HLMBTSW-FHNS | Source = Application Hang | ID = 1002
Description = The program Taskmgr.exe version 6.3.9600.17031 stopped interacting
 with Windows and was closed. To see if more information about the problem is available,
 check the problem history in the Action Center control panel.    Process ID: e98    Start
 Time: 01d0239af8177958    Termination Time: 6    Application Path: C:\WINDOWS\System32\Taskmgr.exe

Report
 Id: 4f4b6ac6-8f8e-11e4-b008-448a5b5cfdff    Faulting package full name:     Faulting package-relative
 application ID:   
 
[ Key Management Service Events ]
Error - 12/2/2014 12:17:45 AM | Computer Name = TLIMS-ISNW-HLMBTSW-FHNS | Source = KmsRequests | ID = 902
Description = The Software Protection service has started.  Invalid KMS Port!  is
not a valid argument.
 
Error - 12/2/2014 12:17:45 AM | Computer Name = TLIMS-ISNW-HLMBTSW-FHNS | Source = KmsRequests | ID = 902
Description = The Software Protection service has started.  Invalid KMS PID!  is not
 a valid argument.
 
Error - 12/2/2014 12:17:45 AM | Computer Name = TLIMS-ISNW-HLMBTSW-FHNS | Source = KmsRequests | ID = 902
Description = The Software Protection service has started.  Invalid KMS Activation
 Interval Range! 0 is not a valid argument.
 
Error - 12/2/2014 12:17:45 AM | Computer Name = TLIMS-ISNW-HLMBTSW-FHNS | Source = KmsRequests | ID = 902
Description = The Software Protection service has started.  Invalid KMS Renewal Interval
 Range! 0 is not a valid argument.
 
 
Error encountered while reading event logs.
 
< End of report >


  • 0

Advertisements


#2
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,797 posts
Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)


Next

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
  • NOTE: If you get an error message, it means that nothing was found. Exit from AdwCleaner.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished and the PC has rebooted.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner
  • Next

    thisisujrt.gif Please download Junkware Removal Tool to your Desktop.

    Please close your security software to avoid potential conflicts. See Here how to disable you security protection (Anti Virus)
    Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete, depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
    Please post the contents of JRT.txt into your reply.


    In your next reply post;
    • The AdwCleaner [SO].txt Log
    • The JRT.txt Log
    Thanks
    Joe :)



  • 0

#3
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,797 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP