and my malwarebytes always blocks some IP's Website: 222.186.101.77 type:outgoing
Im sorry if i am going to waste your time on me so thank you very much if you helped me
OTL logfile created on: 4/16/2013 2:00:01 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Dela Cruz\My Documents\Downloads\Programs
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 0.82 Gb Available Physical Memory | 41.06% Memory free
3.85 Gb Paging File | 2.79 Gb Available in Paging File | 72.52% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 61.15 Gb Total Space | 3.29 Gb Free Space | 5.37% Space Free | Partition Type: NTFS
Drive D: | 87.89 Gb Total Space | 4.18 Gb Free Space | 4.76% Space Free | Partition Type: NTFS
Computer Name: DELACRUZ | User Name: Dela Cruz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/04/16 13:59:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dela Cruz\My Documents\Downloads\Programs\OTL.exe
PRC - [2013/04/16 13:47:33 | 000,528,398 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Application Data\Windows\Data\cgminer.exe
PRC - [2013/04/15 19:48:36 | 004,068,864 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Application Data\Windows\razorp.exe
PRC - [2013/04/10 17:22:41 | 009,802,032 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\GarenaMessenger.exe
PRC - [2013/04/09 16:57:09 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2013/04/05 22:59:25 | 000,087,344 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\bbtalk\GarenaTalkOverlay.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/04/03 21:40:49 | 000,246,112 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Smart Bro\OnlineUpdate\ouc.exe
PRC - [2013/03/28 17:32:38 | 001,106,288 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012/12/27 20:44:14 | 000,969,104 | ---- | M] (BitTorrent, Inc.) -- D:\Program Files\uTorrent\uTorrent.exe
PRC - [2012/12/12 21:44:48 | 000,268,248 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2012/11/14 08:50:14 | 003,540,416 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2012/09/21 14:46:21 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE
PRC - [2012/06/11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE
PRC - [2012/06/03 18:08:02 | 000,038,088 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.exe
PRC - [2011/10/19 12:13:44 | 000,323,912 | ---- | M] (H+H Software GmbH) -- C:\Program Files\Virtual CD v10\System\vc10tray.exe
PRC - [2011/10/19 12:13:38 | 000,411,976 | ---- | M] (H+H Software GmbH) -- C:\Program Files\Virtual CD v10\System\VC10Play.exe
PRC - [2011/10/19 12:13:38 | 000,144,712 | ---- | M] (H+H Software GmbH) -- C:\Program Files\Virtual CD v10\System\VC10SecS.exe
PRC - [2011/03/14 23:27:28 | 000,271,712 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe
PRC - [2011/02/21 13:22:27 | 000,253,483 | ---- | M] (SHADOWDEFENDER.COM) -- C:\Program Files\Shadow Defender\DefenderDaemon.exe
PRC - [2008/04/14 05:42:20 | 001,551,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2013/04/16 13:47:35 | 000,084,992 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Application Data\Windows\Data\zlib1.dll
MOD - [2013/04/16 13:47:34 | 000,192,512 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Application Data\Windows\Data\libidn-11.dll
MOD - [2013/04/16 13:47:33 | 000,528,398 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Application Data\Windows\Data\cgminer.exe
MOD - [2013/04/15 19:48:36 | 004,068,864 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Application Data\Windows\razorp.exe
MOD - [2013/04/11 10:50:20 | 000,027,952 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\VersionModule.dll
MOD - [2013/04/10 17:23:12 | 000,170,800 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\fs\YYFileSystem.dll
MOD - [2013/04/10 17:23:06 | 000,955,696 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\XLL.dll
MOD - [2013/04/10 17:23:02 | 000,236,336 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\Plugins\PluginNews.dll
MOD - [2013/04/10 17:23:01 | 000,816,944 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\Plugins\ggplugin.dll
MOD - [2013/04/10 17:23:00 | 000,436,528 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\Plugins\GarenaTalkPlugin.dll
MOD - [2013/04/10 17:23:00 | 000,286,000 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\Plugins\DailyTaskPlugin.dll
MOD - [2013/04/10 17:22:55 | 000,155,440 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\libmpg123.dll
MOD - [2013/04/10 17:22:48 | 000,794,928 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\gagmhook.dll
MOD - [2013/04/10 17:22:41 | 009,802,032 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\GarenaMessenger.exe
MOD - [2013/04/09 16:57:07 | 000,390,096 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll
MOD - [2013/04/09 16:57:06 | 013,130,704 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
MOD - [2013/04/09 16:57:05 | 004,050,896 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\Application\26.0.1410.64\pdf.dll
MOD - [2013/04/09 16:56:13 | 001,606,096 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
MOD - [2013/04/05 22:59:25 | 001,891,120 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\bbtalk\Overlay.dll
MOD - [2013/04/05 22:59:25 | 000,087,344 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\bbtalk\GarenaTalkOverlay.exe
MOD - [2013/04/03 21:40:51 | 001,148,416 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Smart Bro\OnlineUpdate\QtNetwork4.dll
MOD - [2013/04/03 21:40:51 | 000,398,336 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Smart Bro\OnlineUpdate\QtXml4.dll
MOD - [2013/04/03 21:40:51 | 000,384,512 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Smart Bro\OnlineUpdate\QueryStrategy.dll
MOD - [2013/04/03 21:40:50 | 002,415,104 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Smart Bro\OnlineUpdate\QtCore4.dll
MOD - [2013/04/03 21:40:49 | 000,246,112 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Smart Bro\OnlineUpdate\ouc.exe
MOD - [2013/04/03 21:40:49 | 000,043,008 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Smart Bro\OnlineUpdate\libgcc_s_dw2-1.dll
MOD - [2013/04/03 21:40:49 | 000,011,362 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Smart Bro\OnlineUpdate\mingwm10.dll
MOD - [2013/03/13 18:06:04 | 001,543,984 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\delay_load\FileSender.dll
MOD - [2013/03/13 18:05:59 | 000,374,064 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\Http.dll
MOD - [2013/03/07 10:10:42 | 000,106,288 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\UILayout.dll
MOD - [2013/03/07 10:10:39 | 000,224,560 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\Plugins\StatsPlugin.dll
MOD - [2013/03/07 10:10:22 | 000,487,216 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\CxImage.dll
MOD - [2013/02/28 17:17:36 | 000,188,208 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\ggspawn.dll
MOD - [2013/02/07 17:11:25 | 000,025,392 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\PluginModule.dll
MOD - [2013/02/07 17:11:24 | 000,087,344 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\PluginKernel.dll
MOD - [2013/02/07 17:11:22 | 000,192,816 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\ImageModule.dll
MOD - [2013/02/07 17:11:17 | 000,051,504 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\FileLoader.dll
MOD - [2013/02/07 17:11:15 | 000,033,584 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\DibModule.dll
MOD - [2013/02/01 13:42:29 | 000,153,088 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\libzmq.dll
MOD - [2013/01/30 16:26:41 | 002,941,232 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\ggdownloader.dll
MOD - [2013/01/30 16:26:38 | 000,104,752 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\CommonLib.dll
MOD - [2013/01/24 19:16:54 | 001,050,112 | ---- | M] () -- c:\Program Files\BrowseToSave\sprotector.dll
MOD - [2013/01/16 18:30:17 | 000,098,608 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\Plugins\PlatformPlugin.dll
MOD - [2013/01/14 19:57:52 | 001,092,912 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\delay_load\GaFileTransfer.dll
MOD - [2013/01/14 19:57:46 | 000,219,952 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\TaskManagerLib.dll
MOD - [2012/12/27 11:34:07 | 000,181,760 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\bbtalk\ggspawn.dll
MOD - [2012/12/01 22:19:08 | 013,006,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\17e020ae92d7fab33bcc1c98b25019d0\System.Windows.Forms.ni.dll
MOD - [2012/12/01 22:18:52 | 001,651,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\dd57bc19f5807c6dbe8f88d4a23277f6\System.Drawing.ni.dll
MOD - [2012/12/01 22:18:38 | 009,000,960 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\964da027ebca3b263a05cadb8eaa20a3\System.ni.dll
MOD - [2012/12/01 22:18:29 | 014,415,872 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\246f1a5abb686b9dcdf22d3505b08cea\mscorlib.ni.dll
MOD - [2012/09/13 14:19:19 | 000,048,640 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\XmlUIModule.dll
MOD - [2012/08/31 03:10:00 | 000,357,184 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nvShell.dll
MOD - [2012/07/27 14:59:42 | 000,010,240 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\delay_load\ClientTcp.dll
MOD - [2012/07/27 14:59:28 | 000,061,952 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\delay_load\UdtLib.dll
MOD - [2012/06/03 18:08:02 | 000,623,816 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.dll
MOD - [2012/06/03 18:08:02 | 000,038,088 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.exe
MOD - [2012/06/03 18:04:22 | 000,013,824 | ---- | M] () -- C:\Program Files\Rainmeter\Plugins\RecycleManager.dll
MOD - [2012/06/03 18:04:18 | 000,046,592 | ---- | M] () -- C:\Program Files\Rainmeter\Plugins\WebParser.dll
MOD - [2012/05/30 20:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/05/30 20:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/04/24 09:19:16 | 000,238,592 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\delay_load\MediaEngine.dll
MOD - [2012/04/13 11:12:18 | 000,059,392 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\delay_load\AudioMixerLib.dll
MOD - [2012/04/13 11:12:18 | 000,019,968 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\ServerMemAlloc.dll
MOD - [2012/03/08 16:56:40 | 000,510,464 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\delay_load\RSALib.dll
MOD - [2012/02/22 16:52:18 | 000,162,304 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lame_enc.dll
MOD - [2012/02/22 16:52:16 | 000,573,100 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\sqlite3.dll
MOD - [2012/02/22 16:52:16 | 000,178,176 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\lib\MP3Module.dll
MOD - [2012/02/22 16:52:16 | 000,122,136 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\ggcode.dll
MOD - [2011/10/18 09:54:24 | 000,097,792 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\bbtalk\CommonLib.dll
MOD - [2011/10/18 09:54:24 | 000,056,832 | ---- | M] () -- D:\Program Files\GarenaLoLPH_Launcher\GameData\bbtalk\PluginKernel.dll
MOD - [2011/03/14 23:27:28 | 000,271,712 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe
MOD - [2010/03/24 21:17:36 | 008,794,464 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2008/08/18 16:11:24 | 001,237,504 | ---- | M] () -- C:\Program Files\Virtual CD v10\System\vorbis.dll
MOD - [2008/08/18 16:08:10 | 000,050,688 | ---- | M] () -- C:\Program Files\Virtual CD v10\System\ogg.dll
MOD - [2008/04/14 05:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 05:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/01/31 11:33:24 | 000,032,768 | ---- | M] () -- C:\Program Files\Vtune\TBPanelExt.dll
========== Services (SafeList) ==========
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/04/04 12:38:58 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/04/03 21:40:49 | 000,246,112 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Smart Bro\UpdateDog\ouc.exe -- (Smart Bro. RunOuc)
SRV - [2013/03/14 15:57:17 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/11/26 18:35:10 | 000,745,368 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2012/09/21 14:46:21 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/08/31 03:10:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/06/11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)
SRV - [2012/05/03 08:31:10 | 000,158,856 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/04/11 08:06:10 | 000,077,520 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Hotspot Shield\bin\HSSTrayService.exe -- (HssTrayService)
SRV - [2012/04/11 07:59:14 | 000,542,552 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe -- (hshld)
SRV - [2012/04/03 02:46:58 | 000,329,544 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Hotspot Shield\bin\hsswd.exe -- (HssWd)
SRV - [2011/11/16 02:26:48 | 000,363,336 | ---- | M] (AnchorFree Inc.) [Disabled | Stopped] -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2011/10/19 12:13:38 | 000,144,712 | ---- | M] (H+H Software GmbH) [Auto | Running] -- C:\Program Files\Virtual CD v10\System\VC10SecS.exe -- (VC10SecS)
SRV - [2011/03/14 23:27:28 | 000,271,712 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)
SRV - [2010/03/25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013/04/10 03:14:50 | 000,013,816 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\WINDOWS\system32\unikey.sys -- (phunter)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/04/03 21:40:51 | 000,235,392 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2013/04/03 21:40:51 | 000,194,816 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2013/04/03 21:40:51 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2013/04/03 21:40:51 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2013/02/22 15:17:04 | 000,181,784 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2013/02/22 15:17:04 | 000,083,864 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2013/02/05 17:52:46 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2012/12/06 01:13:58 | 000,022,112 | -HS- | M] () [Kernel | On_Demand | Stopped] -- D:\Program Files\GarenaLoLPH_Launcher\GameData\Room\safedrv.sys -- (GGSAFERDriver)
DRV - [2012/11/22 08:43:14 | 000,112,480 | ---- | M] (Tonec Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\idmtdi.sys -- (IDMTDI)
DRV - [2012/08/24 15:57:00 | 000,113,104 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2012/04/11 23:40:28 | 000,037,376 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HssDrv.sys -- (HssDrv)
DRV - [2012/04/07 02:15:10 | 000,033,512 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss)
DRV - [2012/02/22 18:34:36 | 000,022,400 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mcaudrv.sys -- (mcaudrv_simple)
DRV - [2012/01/11 14:11:20 | 000,032,000 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mcvidrv.sys -- (ManyCam)
DRV - [2011/04/19 08:52:48 | 000,186,392 | ---- | M] (H+H Software GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\vdrv1000.sys -- (vdrv1000)
DRV - [2011/03/31 19:36:10 | 000,204,384 | ---- | M] (SHADOWDEFENDER.COM) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\diskpt.sys -- (diskpt)
DRV - [2010/03/10 17:34:34 | 000,013,952 | ---- | M] (H+H Software GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HH10Help.sys -- (HH10Help.sys)
DRV - [2009/09/16 07:02:40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tap0901t.sys -- (tap0901t)
DRV - [2008/04/17 16:33:26 | 004,707,328 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008/02/15 15:15:26 | 000,014,336 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008/01/29 12:37:48 | 000,022,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008/01/29 12:37:46 | 000,054,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2008/01/25 20:01:06 | 000,132,096 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)
DRV - [2007/03/16 10:11:38 | 000,012,256 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\TBPanel.sys -- (TBPanel)
DRV - [2007/03/16 10:11:38 | 000,012,256 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex)
DRV - [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006/07/01 22:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.hel...265&lg=EN&cc=PH
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.hel...265&lg=EN&cc=PH
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?...=OIE8HP&PC=UP62
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE8ENUS02/110
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.b1.org...xr&chid=c162341
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.hel...265&lg=EN&cc=PH
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before = http://www.msn.com/?...=OIE8HP&PC=UP62
IE - HKCU\..\SearchScopes,DefaultScope = {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.hel...265&lg=EN&cc=PH
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "WebSearch"
FF - prefs.js..browser.search.defaultenginename,S: S", "WebSearch"
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: "http://websearch.hel...N&cc=PH&l=1&q="
FF - prefs.js..browser.search.order.1: "WebSearch"
FF - prefs.js..browser.search.order.1,S: S", "WebSearch"
FF - prefs.js..browser.search.selectedEngine: "WebSearch"
FF - prefs.js..browser.search.selectedEngine,S: S", "WebSearch"
FF - prefs.js..browser.startup.homepage: "http://websearch.hel...65&lg=EN&cc=PH"
FF - prefs.js..extensions.enabledAddons: [email protected]:1.2.2
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
FF - prefs.js..keyword.URL: "http://websearch.hel...N&cc=PH&l=1&q="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@raidcall.com/RCplugin: C:\Documents and Settings\Dela Cruz\Application Data\raidcall\plugins\webplugin.dll (Raidcall)
FF - HKLM\Software\MozillaPlugins\@t.garena.com/garenatalk: D:\Program Files\GarenaLoLPH_Launcher\GameData\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/04/04 12:39:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\Dela Cruz\Application Data\IDM\idmmzcc5 [2013/01/17 22:23:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Documents and Settings\Dela Cruz\Application Data\IDM\idmmzcc5 [2013/01/17 22:23:43 | 000,000,000 | ---D | M]
[2012/06/05 14:03:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dela Cruz\Application Data\Mozilla\Extensions
[2013/04/16 12:57:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dela Cruz\Application Data\Mozilla\Firefox\Profiles\b7nkeiwq.default\extensions
[2013/04/04 14:16:48 | 000,000,000 | ---D | M] (BRowsE2soave) -- C:\Documents and Settings\Dela Cruz\Application Data\Mozilla\Firefox\Profiles\b7nkeiwq.default\extensions\[email protected]
[2013/04/16 12:58:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Dela Cruz\Application Data\Mozilla\Firefox\Profiles\b7nkeiwq.default\extensions\staged
[2012/09/25 20:35:42 | 000,621,521 | ---- | M] () (No name found) -- C:\Documents and Settings\Dela Cruz\Application Data\Mozilla\Firefox\Profiles\b7nkeiwq.default\extensions\[email protected]
[2013/04/16 12:58:13 | 000,000,633 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Application Data\Mozilla\Firefox\Profiles\b7nkeiwq.default\searchplugins\WebSearch.xml
[2012/06/11 23:20:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/09/21 14:08:29 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/06/11 23:20:54 | 000,000,000 | ---D | M] (Hotspot Shield Helper (Please allow this installation)) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2013/04/04 12:39:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2013/04/04 12:38:59 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013/04/04 12:38:55 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013/04/04 12:38:55 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - homepage: http://websearch.hel...265&lg=EN&cc=PH
CHR - Extension: No name found = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\
CHR - Extension: No name found = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.15.6_0\
CHR - Extension: No name found = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kkhkehkllpkocgnlbkmpkcicednmbfnp\2_0\
CHR - Extension: No name found = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
CHR - Extension: No name found = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2013/02/10 16:45:13 | 000,000,788 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Shadow Defender Daemon] C:\Program Files\Shadow Defender\DefenderDaemon.exe (SHADOWDEFENDER.COM)
O4 - HKLM..\Run: [VC10Player] C:\Program Files\Virtual CD v10\System\VC10Play.exe (H+H Software GmbH)
O4 - HKCU..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [GarenaPlus] D:\Program Files\GarenaLoLPH_Launcher\GameData\GarenaMessenger.exe ()
O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [razorp] C:\Documents and Settings\Dela Cruz\Application Data/Windows/razorp.exe ()
O4 - HKCU..\Run: [uTorrent] D:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Documents and Settings\Dela Cruz\Start Menu\Programs\Startup\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ECEEA181-E40C-4D41-B6BE-B7940798E869}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\progra~1\browse~1\sprote~1.dll) - c:\Program Files\BrowseToSave\sprotector.dll ()
O20 - AppInit_DLLs: (c:\progra~1\websea~1\sprote~1.dll) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Dela Cruz\My Documents\Downloads\9gag.png
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/06/05 13:00:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/04/15 18:57:52 | 000,000,025 | -HS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2012/11/07 19:49:08 | 000,001,331 | ---- | M] () - D:\AutoHotkey.ahk -- [ NTFS ]
O32 - AutoRun File - [2012/08/03 05:24:44 | 000,899,584 | ---- | M] () - D:\AutoHotkey.exe -- [ NTFS ]
O33 - MountPoints2\{07cfae90-9c64-11e2-842b-0024215b0d23}\Shell - "" = AutoRun
O33 - MountPoints2\{07cfae90-9c64-11e2-842b-0024215b0d23}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{07cfae90-9c64-11e2-842b-0024215b0d23}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{07cfae93-9c64-11e2-842b-0024215b0d23}\Shell - "" = AutoRun
O33 - MountPoints2\{07cfae93-9c64-11e2-842b-0024215b0d23}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{07cfae93-9c64-11e2-842b-0024215b0d23}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{12ee8539-a148-11e2-8437-0024215b0d23}\Shell - "" = AutoRun
O33 - MountPoints2\{12ee8539-a148-11e2-8437-0024215b0d23}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{12ee8539-a148-11e2-8437-0024215b0d23}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{388cb639-058b-11e2-a8d9-0024215b0d23}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{8a6cf41f-a0ad-11e2-8435-0024215b0d23}\Shell - "" = AutoRun
O33 - MountPoints2\{8a6cf41f-a0ad-11e2-8435-0024215b0d23}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{8a6cf41f-a0ad-11e2-8435-0024215b0d23}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{b8d839e9-2d7e-11e2-a8eb-0024215b0d23}\Shell - "" = AutoRun
O33 - MountPoints2\{b8d839e9-2d7e-11e2-a8eb-0024215b0d23}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b8d839e9-2d7e-11e2-a8eb-0024215b0d23}\Shell\AutoRun\command - "" = F:\steambackup2.EXE
O33 - MountPoints2\{c79442ca-fe07-11d5-a8ca-0024215b0d23}\Shell - "" = AutoRun
O33 - MountPoints2\{c79442ca-fe07-11d5-a8ca-0024215b0d23}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c79442ca-fe07-11d5-a8ca-0024215b0d23}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/04/16 13:35:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\Application Data\Malwarebytes
[2013/04/16 13:35:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/04/16 13:35:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2013/04/16 13:35:07 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/04/16 13:35:07 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/04/16 13:32:36 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2013/04/16 13:15:25 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Dela Cruz\Recent
[2013/04/16 13:08:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\Application Data\Windows
[2013/04/16 13:03:06 | 000,000,000 | ---D | C] -- C:\Downloads
[2013/04/16 12:58:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Searcch-NeewaTabb
[2013/04/16 12:57:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Barowse2sAvvee
[2013/04/16 12:57:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Barowse2sAvvee
[2013/04/16 12:57:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\X86
[2013/04/16 12:57:25 | 000,000,000 | ---D | C] -- C:\Program Files\Solibo Ltd
[2013/04/16 12:57:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Solibo Ltd
[2013/04/16 12:57:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\AMD64
[2013/04/16 12:47:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Age of Empires 2 HD Edition
[2013/04/15 17:28:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\Desktop\CryptLoad_1.1.8
[2013/04/10 03:12:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\Start Menu\Programs\DC-Unlocker
[2013/04/10 03:12:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\Desktop\DC-Unlocker
[2013/04/10 03:03:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\pocketwifi
[2013/04/10 03:03:41 | 000,000,000 | ---D | C] -- C:\Program Files\pocketwifi
[2013/04/04 15:13:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\CrashDump
[2013/04/04 14:21:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SoftSafe
[2013/04/04 14:16:31 | 000,000,000 | ---D | C] -- C:\Program Files\BrowseToSave
[2013/04/04 14:16:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\BRowsE2soave
[2013/04/04 14:16:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BRowsE2soave
[2013/04/04 14:15:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2013/04/04 02:38:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2013/04/04 02:34:18 | 000,181,784 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\WINDOWS\System32\drivers\ssudmdm.sys
[2013/04/04 02:34:17 | 000,083,864 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\WINDOWS\System32\drivers\ssudbus.sys
[2013/04/04 02:06:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\MyFree Codec
[2013/04/04 01:41:53 | 000,000,000 | ---D | C] -- C:\Program Files\MarkAny
[2013/04/04 01:38:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\NativeFus_Log
[2013/04/04 01:38:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Samsung
[2013/04/04 01:38:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\Application Data\Samsung
[2013/04/04 01:37:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\My Documents\samsung
[2013/04/03 21:41:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Smart Bro
[2013/04/03 21:41:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Smart Bro
[2013/04/03 21:41:08 | 000,861,696 | ---- | C] (DiBcom SA) -- C:\WINDOWS\System32\drivers\mod7700.sys
[2013/04/03 21:41:08 | 000,235,392 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbnet.sys
[2013/04/03 21:41:08 | 000,194,816 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys
[2013/04/03 21:41:08 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_hwusbdev.sys
[2013/04/03 21:41:08 | 000,090,368 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_jucdcacm.sys
[2013/04/03 21:41:08 | 000,073,216 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_jubusenum.sys
[2013/04/03 21:41:08 | 000,064,384 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_jucdcecm.sys
[2013/04/03 21:41:08 | 000,026,624 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_juextctrl.sys
[2013/04/03 21:41:08 | 000,025,856 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewdcsc.sys
[2013/04/03 21:41:08 | 000,019,200 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_hwupgrade.sys
[2013/04/03 21:41:08 | 000,011,136 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys
[2013/04/03 21:40:39 | 000,000,000 | ---D | C] -- C:\Program Files\Smart Bro
[2013/04/03 21:40:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DatacardService
[2013/03/28 22:41:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Package Cache
[2013/03/21 16:01:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\Application Data\iFunbox_UserCache
[2013/03/21 16:01:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\i-Funbox DevTeam
[2013/03/21 16:00:59 | 000,000,000 | ---D | C] -- C:\Program Files\i-Funbox DevTeam
[2013/03/20 13:30:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dela Cruz\Application Data\.minecraft
[2013/03/18 15:36:22 | 000,000,000 | ---D | C] -- C:\Program Files\AutoHotkey
[2013/03/18 15:36:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AutoHotkey
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/04/16 13:56:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/04/16 13:44:53 | 000,000,374 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2013/04/16 13:44:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/04/16 13:35:08 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/04/16 13:33:49 | 000,000,440 | RHS- | M] () -- C:\Documents and Settings\Dela Cruz\ntuser.pol
[2013/04/16 13:21:31 | 000,201,802 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\poclbm130302GeForce 9500 GTv1w256l4.bin
[2013/04/16 13:18:34 | 000,273,376 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/04/16 13:08:00 | 000,000,994 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1659004503-725345543-1003UA.job
[2013/04/16 12:47:46 | 000,000,803 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Age of Empires 2 HD Edition.lnk
[2013/04/16 12:20:01 | 000,001,014 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1960408961-1659004503-725345543-1003UA.job
[2013/04/16 12:20:00 | 000,000,992 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1960408961-1659004503-725345543-1003Core.job
[2013/04/14 22:31:17 | 000,000,628 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Desktop\Age of Empires II HD.lnk
[2013/04/14 21:58:27 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/04/12 05:18:10 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/04/12 01:08:00 | 000,000,942 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1659004503-725345543-1003Core.job
[2013/04/10 13:19:53 | 000,000,930 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Desktop\Shortcut to vlc.lnk
[2013/04/10 08:13:28 | 000,002,334 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/04/10 08:13:28 | 000,002,316 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Desktop\Google Chrome.lnk
[2013/04/10 03:14:50 | 000,013,816 | ---- | M] () -- C:\WINDOWS\System32\unikey.sys
[2013/04/10 03:14:45 | 000,000,621 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Application Data\Microsoft\Internet Explorer\Quick Launch\dc-unlocker client.lnk
[2013/04/06 02:31:38 | 000,029,184 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/04/04 15:02:17 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/04/04 03:09:36 | 000,002,759 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\.TransferManager.db
[2013/04/04 02:23:32 | 000,504,286 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/04/04 02:23:32 | 000,088,132 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/04/04 02:07:15 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01007.Wdf
[2013/04/03 21:41:25 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2013/04/03 21:41:25 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
[2013/04/03 21:40:51 | 000,861,696 | ---- | M] (DiBcom SA) -- C:\WINDOWS\System32\drivers\mod7700.sys
[2013/04/03 21:40:51 | 000,235,392 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbnet.sys
[2013/04/03 21:40:51 | 000,194,816 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys
[2013/04/03 21:40:51 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_hwusbdev.sys
[2013/04/03 21:40:51 | 000,090,368 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_jucdcacm.sys
[2013/04/03 21:40:51 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_jubusenum.sys
[2013/04/03 21:40:51 | 000,064,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_jucdcecm.sys
[2013/04/03 21:40:51 | 000,026,624 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_juextctrl.sys
[2013/04/03 21:40:51 | 000,025,856 | ---- | M] (Huawei Tech. Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewdcsc.sys
[2013/04/03 21:40:51 | 000,019,200 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_hwupgrade.sys
[2013/04/03 21:40:51 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys
[2013/03/26 12:29:56 | 000,003,083 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\My Documents\AutoHotkey.ahk
[2013/03/25 23:31:05 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/03/22 10:32:42 | 134,528,834 | ---- | M] () -- C:\Documents and Settings\Dela Cruz\Desktop\Block Fortress (v1.0.1 3GS Univ os43)-[CrackLords]-B_H.ipa
[2013/03/21 16:01:02 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iFunbox.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/04/16 13:35:08 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/04/16 13:33:17 | 000,000,440 | RHS- | C] () -- C:\Documents and Settings\Dela Cruz\ntuser.pol
[2013/04/16 13:21:31 | 000,201,802 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\poclbm130302GeForce 9500 GTv1w256l4.bin
[2013/04/16 13:18:34 | 000,273,376 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/04/16 12:47:46 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Age of Empires 2 HD Edition.lnk
[2013/04/14 22:31:17 | 000,000,628 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\Desktop\Age of Empires II HD.lnk
[2013/04/10 13:19:53 | 000,000,930 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\Desktop\Shortcut to vlc.lnk
[2013/04/10 03:12:40 | 000,013,816 | ---- | C] () -- C:\WINDOWS\System32\unikey.sys
[2013/04/10 03:12:28 | 000,000,621 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\Application Data\Microsoft\Internet Explorer\Quick Launch\dc-unlocker client.lnk
[2013/04/04 03:09:36 | 000,002,759 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\.TransferManager.db
[2013/04/04 02:07:15 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_WinUSB_01007.Wdf
[2013/04/03 21:41:25 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2013/04/03 21:41:25 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
[2013/03/22 10:03:01 | 134,528,834 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\Desktop\Block Fortress (v1.0.1 3GS Univ os43)-[CrackLords]-B_H.ipa
[2013/03/21 16:01:02 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iFunbox.lnk
[2013/03/18 15:37:14 | 000,003,083 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\My Documents\AutoHotkey.ahk
[2013/03/01 18:41:32 | 000,794,906 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2013/03/01 18:41:32 | 000,004,198 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2013/02/05 17:52:54 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2013/02/05 17:52:50 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2013/02/05 17:52:50 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2013/02/05 17:52:50 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2013/02/05 17:52:50 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2013/01/15 19:58:31 | 000,000,320 | ---- | C] () -- C:\WINDOWS\con_34195430.ini
[2013/01/03 17:38:34 | 000,758,465 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1960408961-1659004503-725345543-1003-0.dat
[2013/01/03 17:38:31 | 000,287,434 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/12/29 19:19:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat
[2012/12/05 15:45:33 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2012/10/09 10:25:44 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2012/08/01 00:46:38 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\fusioncache.dat
[2012/07/13 16:41:14 | 000,029,184 | ---- | C] () -- C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/01 14:46:41 | 000,000,032 | R--- | C] () -- C:\Documents and Settings\All Users\hash.dat
[2012/07/01 01:40:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\cd.dat
[2012/06/05 20:51:26 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012/06/05 17:18:44 | 000,064,200 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/06/05 17:01:53 | 001,094,820 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012/06/05 17:01:53 | 001,094,820 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012/06/05 17:01:53 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012/06/05 16:55:34 | 002,811,988 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012/06/05 14:22:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\diskpt.dat
[2012/06/05 14:09:08 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/06/05 13:33:25 | 000,217,088 | ---- | C] () -- C:\WINDOWS\NVGfxOgl.dll
[2012/06/05 13:30:08 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012/06/05 13:28:11 | 000,003,948 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2012/06/05 13:02:40 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/06/05 12:58:12 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
========== ZeroAccess Check ==========
[2012/06/05 13:31:52 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 05:42:06 | 003,682,304 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2008/04/14 05:41:54 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012/06/11 19:33:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ask
[2013/04/16 13:24:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Barowse2sAvvee
[2012/12/16 21:40:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2013/04/16 13:24:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BRowsE2soave
[2012/11/25 23:21:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Caphyon
[2012/11/14 00:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2013/04/10 03:03:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DatacardService
[2012/09/13 16:09:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2013/01/22 01:16:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Garena
[2013/04/16 13:50:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GarenaMessenger
[2012/06/11 23:21:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hotspot Shield
[2013/04/16 12:58:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2013/03/29 14:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Package Cache
[2012/12/20 15:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2012/12/05 15:28:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap Games
[2013/04/04 02:01:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2013/04/16 13:24:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Searcch-NeewaTabb
[2013/04/03 21:42:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Smart Bro
[2013/04/04 14:21:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SoftSafe
[2012/06/11 19:37:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Temp
[2012/12/31 22:49:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tunngle
[2012/12/01 22:46:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Xilisoft
[2013/02/09 19:41:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2013/03/20 13:45:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\.minecraft
[2012/12/01 22:32:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\AnvSoft
[2012/12/02 00:16:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Audacity
[2013/01/28 17:59:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\B1Toolbar
[2012/06/11 15:31:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Camfrog
[2012/11/14 07:00:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\DAEMON Tools Lite
[2013/04/16 12:33:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\DMCache
[2013/03/01 18:49:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Enterbrain
[2013/03/01 18:44:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\FFSJ
[2012/10/09 10:25:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\FreeBurner
[2013/01/22 01:16:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Garena
[2013/04/16 13:50:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\GarenaPlus
[2012/12/01 22:23:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\HandBrake
[2013/04/16 13:28:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\IDM
[2013/03/22 10:34:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\iFunbox_UserCache
[2012/07/01 01:22:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\LolClient
[2012/06/05 17:26:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\LolClient2
[2012/12/30 20:27:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\ManyCam
[2012/09/30 03:51:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\PowerISO
[2012/07/13 16:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\raidcall
[2012/06/05 15:01:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Rainmeter
[2013/02/10 13:57:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\redsn0w
[2013/04/04 01:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Samsung
[2012/06/05 14:55:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Shadow Defender
[2012/12/31 18:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\SystemRequirementsLab
[2013/01/05 00:33:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\TeamViewer
[2013/03/10 20:23:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Tunngle
[2002/01/01 00:31:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\TypingMaster7
[2013/03/10 20:41:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Unity
[2013/04/16 14:06:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\uTorrent
[2013/01/03 17:01:40 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Virtual CD v10
[2013/04/16 13:08:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Windows
[2012/12/01 22:51:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\Xilisoft
[2012/12/02 00:20:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\xim
[2012/12/16 21:54:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dela Cruz\Application Data\YaTQA
========== Purity Check ==========
< End of report >
OTL Extras logfile created on: 4/16/2013 2:00:01 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Dela Cruz\My Documents\Downloads\Programs
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 0.82 Gb Available Physical Memory | 41.06% Memory free
3.85 Gb Paging File | 2.79 Gb Available in Paging File | 72.52% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 61.15 Gb Total Space | 3.29 Gb Free Space | 5.37% Space Free | Partition Type: NTFS
Drive D: | 87.89 Gb Total Space | 4.18 Gb Free Space | 4.76% Space Free | Partition Type: NTFS
Computer Name: DELACRUZ | User Name: Dela Cruz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"57552:TCP" = 57552:TCP:*:Enabled:Pando Media Booster
"57552:UDP" = 57552:UDP:*:Enabled:Pando Media Booster
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"8370:TCP" = 8370:TCP:*:Enabled:League of Legends Launcher
"8370:UDP" = 8370:UDP:*:Enabled:League of Legends Launcher
"57552:TCP" = 57552:TCP:*:Enabled:Pando Media Booster
"57552:UDP" = 57552:UDP:*:Enabled:Pando Media Booster
"6927:TCP" = 6927:TCP:*:Enabled:League of Legends Launcher
"6927:UDP" = 6927:UDP:*:Enabled:League of Legends Launcher
"6971:TCP" = 6971:TCP:*:Enabled:League of Legends Launcher
"6971:UDP" = 6971:UDP:*:Enabled:League of Legends Launcher
"6908:TCP" = 6908:TCP:*:Enabled:League of Legends Launcher
"6908:UDP" = 6908:UDP:*:Enabled:League of Legends Launcher
"6934:TCP" = 6934:TCP:*:Enabled:League of Legends Launcher
"6934:UDP" = 6934:UDP:*:Enabled:League of Legends Launcher
"6884:TCP" = 6884:TCP:*:Enabled:League of Legends Launcher
"6884:UDP" = 6884:UDP:*:Enabled:League of Legends Launcher
"6943:TCP" = 6943:TCP:*:Enabled:League of Legends Launcher
"6943:UDP" = 6943:UDP:*:Enabled:League of Legends Launcher
"6904:TCP" = 6904:TCP:*:Enabled:League of Legends Launcher
"6904:UDP" = 6904:UDP:*:Enabled:League of Legends Launcher
"6950:TCP" = 6950:TCP:*:Enabled:League of Legends Launcher
"6950:UDP" = 6950:UDP:*:Enabled:League of Legends Launcher
"6941:TCP" = 6941:TCP:*:Enabled:League of Legends Launcher
"6941:UDP" = 6941:UDP:*:Enabled:League of Legends Launcher
"6885:TCP" = 6885:TCP:*:Enabled:League of Legends Launcher
"6885:UDP" = 6885:UDP:*:Enabled:League of Legends Launcher
"6881:TCP" = 6881:TCP:*:Enabled:League of Legends Launcher
"6881:UDP" = 6881:UDP:*:Enabled:League of Legends Launcher
"6923:TCP" = 6923:TCP:*:Enabled:League of Legends Launcher
"6923:UDP" = 6923:UDP:*:Enabled:League of Legends Launcher
"6931:TCP" = 6931:TCP:*:Enabled:League of Legends Launcher
"6931:UDP" = 6931:UDP:*:Enabled:League of Legends Launcher
"6886:TCP" = 6886:TCP:*:Enabled:League of Legends Launcher
"6886:UDP" = 6886:UDP:*:Enabled:League of Legends Launcher
"6920:TCP" = 6920:TCP:*:Enabled:League of Legends Launcher
"6920:UDP" = 6920:UDP:*:Enabled:League of Legends Launcher
"6937:TCP" = 6937:TCP:*:Enabled:League of Legends Launcher
"6937:UDP" = 6937:UDP:*:Enabled:League of Legends Launcher
"6958:TCP" = 6958:TCP:*:Enabled:League of Legends Launcher
"6958:UDP" = 6958:UDP:*:Enabled:League of Legends Launcher
"6980:TCP" = 6980:TCP:*:Enabled:League of Legends Launcher
"6980:UDP" = 6980:UDP:*:Enabled:League of Legends Launcher
"6907:TCP" = 6907:TCP:*:Enabled:League of Legends Launcher
"6907:UDP" = 6907:UDP:*:Enabled:League of Legends Launcher
"6915:TCP" = 6915:TCP:*:Enabled:League of Legends Launcher
"6915:UDP" = 6915:UDP:*:Enabled:League of Legends Launcher
"6992:TCP" = 6992:TCP:*:Enabled:League of Legends Launcher
"6992:UDP" = 6992:UDP:*:Enabled:League of Legends Launcher
"6994:TCP" = 6994:TCP:*:Enabled:League of Legends Launcher
"6994:UDP" = 6994:UDP:*:Enabled:League of Legends Launcher
"6933:TCP" = 6933:TCP:*:Enabled:League of Legends Launcher
"6933:UDP" = 6933:UDP:*:Enabled:League of Legends Launcher
"6892:TCP" = 6892:TCP:*:Enabled:League of Legends Launcher
"6892:UDP" = 6892:UDP:*:Enabled:League of Legends Launcher
"6969:TCP" = 6969:TCP:*:Enabled:League of Legends Launcher
"6969:UDP" = 6969:UDP:*:Enabled:League of Legends Launcher
"6897:TCP" = 6897:TCP:*:Enabled:League of Legends Launcher
"6897:UDP" = 6897:UDP:*:Enabled:League of Legends Launcher
"6959:TCP" = 6959:TCP:*:Enabled:League of Legends Launcher
"6959:UDP" = 6959:UDP:*:Enabled:League of Legends Launcher
"6949:TCP" = 6949:TCP:*:Enabled:League of Legends Launcher
"6949:UDP" = 6949:UDP:*:Enabled:League of Legends Launcher
"6968:TCP" = 6968:TCP:*:Enabled:League of Legends Launcher
"6968:UDP" = 6968:UDP:*:Enabled:League of Legends Launcher
"6945:TCP" = 6945:TCP:*:Enabled:League of Legends Launcher
"6945:UDP" = 6945:UDP:*:Enabled:League of Legends Launcher
"6910:TCP" = 6910:TCP:*:Enabled:League of Legends Launcher
"6910:UDP" = 6910:UDP:*:Enabled:League of Legends Launcher
"6895:TCP" = 6895:TCP:*:Enabled:League of Legends Launcher
"6895:UDP" = 6895:UDP:*:Enabled:League of Legends Launcher
"6978:TCP" = 6978:TCP:*:Enabled:League of Legends Launcher
"6978:UDP" = 6978:UDP:*:Enabled:League of Legends Launcher
"6979:TCP" = 6979:TCP:*:Enabled:League of Legends Launcher
"6979:UDP" = 6979:UDP:*:Enabled:League of Legends Launcher
"6962:TCP" = 6962:TCP:*:Enabled:League of Legends Launcher
"6962:UDP" = 6962:UDP:*:Enabled:League of Legends Launcher
"6882:TCP" = 6882:TCP:*:Enabled:League of Legends Launcher
"6882:UDP" = 6882:UDP:*:Enabled:League of Legends Launcher
"6966:TCP" = 6966:TCP:*:Enabled:League of Legends Launcher
"6966:UDP" = 6966:UDP:*:Enabled:League of Legends Launcher
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"6924:TCP" = 6924:TCP:*:Enabled:League of Legends Launcher
"6924:UDP" = 6924:UDP:*:Enabled:League of Legends Launcher
"6898:TCP" = 6898:TCP:*:Enabled:League of Legends Launcher
"6898:UDP" = 6898:UDP:*:Enabled:League of Legends Launcher
"6981:TCP" = 6981:TCP:*:Enabled:League of Legends Launcher
"6981:UDP" = 6981:UDP:*:Enabled:League of Legends Launcher
"6929:TCP" = 6929:TCP:*:Enabled:League of Legends Launcher
"6929:UDP" = 6929:UDP:*:Enabled:League of Legends Launcher
"6993:TCP" = 6993:TCP:*:Enabled:League of Legends Launcher
"6993:UDP" = 6993:UDP:*:Enabled:League of Legends Launcher
"6883:TCP" = 6883:TCP:*:Enabled:League of Legends Launcher
"6883:UDP" = 6883:UDP:*:Enabled:League of Legends Launcher
"6902:TCP" = 6902:TCP:*:Enabled:League of Legends Launcher
"6902:UDP" = 6902:UDP:*:Enabled:League of Legends Launcher
"6893:TCP" = 6893:TCP:*:Enabled:League of Legends Launcher
"6893:UDP" = 6893:UDP:*:Enabled:League of Legends Launcher
"6946:TCP" = 6946:TCP:*:Enabled:League of Legends Launcher
"6946:UDP" = 6946:UDP:*:Enabled:League of Legends Launcher
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"D:\Program Files\uTorrent\uTorrent.exe" = D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"D:\Program Files\Steam\steamapps\common\dota 2 test\dota.exe" = D:\Program Files\Steam\steamapps\common\dota 2 test\dota.exe:*:Enabled:dota
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"D:\Program Files\GarenaLoLPH\GameData\Apps\LoLPH\Air\LolClient.exe" = D:\Program Files\GarenaLoLPH\GameData\Apps\LoLPH\Air\LolClient.exe:*:Enabled:League of Legends Lobby
"D:\Program Files\GarenaLoLPH\GameData\Apps\LoLPH\Game\League of Legends.exe" = D:\Program Files\GarenaLoLPH\GameData\Apps\LoLPH\Game\League of Legends.exe:*:Enabled:League of Legends Game Client
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe" = C:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe:*:Enabled:Camfrog Video Chat -- (Camshare Inc.)
"C:\CherryDeGames\Dragon Nest\DragonNest.exe" = C:\CherryDeGames\Dragon Nest\DragonNest.exe:*:Enabled:Dragon Nest
"D:\Program Files\CherryDeGames\Dragon Nest\DragonNest.exe" = D:\Program Files\CherryDeGames\Dragon Nest\DragonNest.exe:*:Enabled:Dragon Nest
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"D:\Program Files\League of Legends\lol.launcher.exe" = D:\Program Files\League of Legends\lol.launcher.exe:*:Enabled:lol.launcher -- ()
"D:\Program Files\Steam\steamapps\common\dota 2 beta\dota.exe" = D:\Program Files\Steam\steamapps\common\dota 2 beta\dota.exe:*:Enabled:Dota 2
"D:\Garena\GarenaLoLPH_Launcher\GameData\Apps\LoLPH\Air\LolClient.exe" = D:\Garena\GarenaLoLPH_Launcher\GameData\Apps\LoLPH\Air\LolClient.exe:*:Enabled:League of Legends Lobby
"D:\Garena\GarenaLoLPH_Launcher\GameData\Apps\LoLPH\Game\League of Legends.exe" = D:\Garena\GarenaLoLPH_Launcher\GameData\Apps\LoLPH\Game\League of Legends.exe:*:Enabled:League of Legends Game Client
"D:\Program Files\Steam\steamapps\common\lord of the rings online\TurbineInvoker.exe" = D:\Program Files\Steam\steamapps\common\lord of the rings online\TurbineInvoker.exe:*:Enabled:The Lord of the Rings Online™
"D:\Program Files\Steam\steamapps\common\lord of the rings online\lotroclient.exe" = D:\Program Files\Steam\steamapps\common\lord of the rings online\lotroclient.exe:*:Enabled:lotroclient
"F:\Program Files\uTorrentPortable\App\uTorrent\uTorrent.exe" = F:\Program Files\uTorrentPortable\App\uTorrent\uTorrent.exe:*:Enabled:µTorrent
"D:\Program Files\Garena\GarenaLoLPH_Launcher\GameData\Apps\LoLPH\Air\LolClient.exe" = D:\Program Files\Garena\GarenaLoLPH_Launcher\GameData\Apps\LoLPH\Air\LolClient.exe:*:Enabled:League of Legends Lobby
"D:\Program Files\Garena\GarenaLoLPH_Launcher\GameData\Apps\LoLPH\Game\League of Legends.exe" = D:\Program Files\Garena\GarenaLoLPH_Launcher\GameData\Apps\LoLPH\Game\League of Legends.exe:*:Enabled:League of Legends Game Client
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Documents and Settings\Dela Cruz\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin -- (Skype Limited)
"C:\Yeah men\Dead Island\deadislandgame.exe" = C:\Yeah men\Dead Island\deadislandgame.exe:*:Enabled:DeadIsland
"D:\Program Files\GarenaLoLPH_Launcher\GameData\Apps\LoLPH\Air\LolClient.exe" = D:\Program Files\GarenaLoLPH_Launcher\GameData\Apps\LoLPH\Air\LolClient.exe:*:Enabled:League of Legends Lobby -- (Adobe Systems Inc.)
"D:\Program Files\GarenaLoLPH_Launcher\GameData\Apps\LoLPH\Game\League of Legends.exe" = D:\Program Files\GarenaLoLPH_Launcher\GameData\Apps\LoLPH\Game\League of Legends.exe:*:Enabled:League of Legends Game Client -- ()
"D:\Steam\steamapps\common\dota 2 beta\dota.exe" = D:\Steam\steamapps\common\dota 2 beta\dota.exe:*:Enabled:Dota 2
"C:\Program Files\Java\jre7\bin\javaw.exe" = C:\Program Files\Java\jre7\bin\javaw.exe:*:Enabled:Java Platform SE binary -- (Oracle Corporation)
"C:\GarenaDownload\Games\hon\HoNInstaller.exe" = C:\GarenaDownload\Games\hon\HoNInstaller.exe:*:Enabled:Garena Installer -- ()
"D:\Program Files\GarenaLoLPH_Launcher\GameData\GarenaMessenger.exe" = D:\Program Files\GarenaLoLPH_Launcher\GameData\GarenaMessenger.exe:*:Enabled:Garena Plus -- ()
"C:\Program Files\Ventrilo\Ventrilo.exe" = C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe -- (Flagship Industries, Inc.)
"C:\Documents and Settings\Dela Cruz\Local Settings\Temp\Rar$EXa0.045\teamspeak3-server_win32\ts3server_win32.exe" = C:\Documents and Settings\Dela Cruz\Local Settings\Temp\Rar$EXa0.045\teamspeak3-server_win32\ts3server_win32.exe:*:Enabled:TeamSpeak 3 Server
"D:\Program Files\GarenaLoLPH_Launcher\GameData\UpdateManager.exe" = D:\Program Files\GarenaLoLPH_Launcher\GameData\UpdateManager.exe:*:Disabled:UpdateManager Module -- ()
"C:\Program Files\Tunngle\TnglCtrl.exe" = C:\Program Files\Tunngle\TnglCtrl.exe:*:Enabled:Tunngle Service -- (Tunngle.net GmbH)
"C:\Program Files\Tunngle\Tunngle.exe" = C:\Program Files\Tunngle\Tunngle.exe:*:Enabled:Tunngle Client -- (Tunngle.net GmbH)
"D:\Dead Island\deadislandgame.exe" = D:\Dead Island\deadislandgame.exe:*:Enabled:DeadIsland
"C:\Program Files\ArmA 2\Expansion\beta\arma2oa.exe" = C:\Program Files\ArmA 2\Expansion\beta\arma2oa.exe:*:Enabled:ArmA 2 OA
"C:\Documents and Settings\Dela Cruz\Desktop\2K Games\Borderlands 2\Binaries\Win32\Borderlands2.exe" = C:\Documents and Settings\Dela Cruz\Desktop\2K Games\Borderlands 2\Binaries\Win32\Borderlands2.exe:*:Enabled:Borderlands 2 -- (Take-Two Interactive Software, Inc.)
"C:\Program Files\TeamViewer\Version7\TeamViewer.exe" = C:\Program Files\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Documents and Settings\Dela Cruz\Desktop\Game\2K Games\Borderlands 2\Binaries\Win32\Borderlands2.exe" = C:\Documents and Settings\Dela Cruz\Desktop\Game\2K Games\Borderlands 2\Binaries\Win32\Borderlands2.exe:*:Enabled:Borderlands 2
"C:\Documents and Settings\Dela Cruz\Desktop\SmartSteam_v1.4.1\SmartSteam\steamapps\common\Dead Island\deadislandgame.exe" = C:\Documents and Settings\Dela Cruz\Desktop\SmartSteam_v1.4.1\SmartSteam\steamapps\common\Dead Island\deadislandgame.exe:*:Enabled:DeadIsland -- (Techland)
"D:\Program Files\GarenaLoLPH_Launcher\GameData\bbtalk\BBTalk.exe" = D:\Program Files\GarenaLoLPH_Launcher\GameData\bbtalk\BBTalk.exe:*:Enabled:Garena Talk -- ()
"C:\Documents and Settings\Dela Cruz\My Documents\My Documents\tinyumbrella-6.10.02a.exe" = C:\Documents and Settings\Dela Cruz\My Documents\My Documents\tinyumbrella-6.10.02a.exe:*:Enabled:TinyUmbrella - Save your SHSH!
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"D:\Paws\tinyumbrella-6.10.02a.exe" = D:\Paws\tinyumbrella-6.10.02a.exe:*:Enabled:TinyUmbrella - Save your SHSH! -- ()
"C:\Program Files\mIRC\mirc.exe" = C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0F44DC3F-6E62-4961-A14B-95323C512F9B}_is1" = NCDownloader
"{10C51313-A308-4B40-90E3-B368D5882660}" = Virtual CD v10
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates!
"{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar
"{1D46A3A0-B37D-423A-91C2-101A49E2FF80}" = Ventrilo Server
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3566D7DB-EA10-49DE-A95B-F4AB41FC0A93}" = Dragon Nest SEA
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{49D57DC1-18C3-4BA5-95F6-8DD94350B7FD}" = DayZ Commander
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1" = Amnesia - The Dark Descent
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{64E455BC-88AF-46DA-941B-D621A9E3FAAD}_is1" = iPhoneYeta iHardware Plugins version 1.0
"{662140BE-138C-4DC1-B4CD-B62C6C855A25}" = Pirate101
"{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support
"{90140000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 14
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{93A07A0D-454E-43d1-86A9-5DE9C5F4411A}" = Shadow Defender
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98B6FB8A-8638-4037-AD44-CF7D0EEAB875}_is1" = TypingMaster Pro
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1033-7B44-000000000001}" = Adobe Reader 6.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C3F3165C-74D3-6FDB-3274-14FDA8698CFA}" = Barowse2sAvvee
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{E5F05232-96B6-4552-A480-785A60A94B21}" = System Requirements Lab CYRI
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F9DC39B6-9E0B-42FC-ACB7-FBFE74DB81E7}" = Mercenary Online
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"12bbe590-c890-11d9-9669-0800200c9a66_is1" = The Lord of the Rings Online™ v03.07.01.8015
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Age of Empires 2 HD Edition_is1" = Age of Empires 2 HD Edition
"Age Of Pirates 1.41_is1" = Age Of Pirates - Caribbean Tales 1.41
"Any Video Converter_is1" = Any Video Converter 3.5.7
"Audacity_is1" = Audacity 2.0.2
"AutoHotkey" = AutoHotkey 1.1.09.04
"BattlEye for OA" = BattlEye for OA Uninstall
"Camfrog 6.2" = Camfrog Video Chat 6.2
"CCleaner" = CCleaner
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"Defraggler" = Defraggler
"DualCoreCenter_is1" = DualCoreCenter
"File Splitter and Joiner_is1" = File Splitter and Joiner (FFSJ v3.3)
"Free Easy Burner_is1" = Free Easy Burner V 5.1
"HoN" = Garena - Heroes of Newerth
"HotspotShield" = Hotspot Shield 2.53
"ie8" = Windows Internet Explorer 8
"iFunbox_is1" = iFunbox (v2.1.2228.731), iFunbox DevTeam
"im" = Garena Plus
"InstallShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates!
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Internet Download Manager" = Internet Download Manager
"LoLPH" = Garena - League of Legends PH
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mercenary Online 0.0.3" = Mercenary Online
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 16.0 (x86 en-US)" = Mozilla Firefox 16.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP3 Cutter_is1" = MP3 Cutter 1.9
"MSI Live Update 3" = MSI Live Update 3
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"pocketwifi" = pocketwifi
"PowerISO" = PowerISO
"QWdlIG9mIEVtcGlyZXMgSUkgSEQgKGMpIE1pY3Jvc29mdCBTdHVkaW9z_is1" = Age of Empires II HD © Microsoft Studios version 1
"Rainmeter" = Rainmeter
"RPGVXAce_E_is1" = RPG MAKER VX Ace
"RPGVXAce_RTP_is1" = RPG MAKER VX Ace RTP
"Smart Bro" = Smart Bro
"SP_48c708f2" = BrowseToSave 1.74
"SP_b0285714" = Search Assistant WebSearch 1.74
"Steam App 212500" = The Lord of the Rings Online™
"TeamViewer 7" = TeamViewer 7
"Tunngle beta_is1" = Tunngle beta
"uTorrent" = µTorrent
"VistaMizer" = VistaMizer 4.1.0.0
"VLC media player" = VLC media player 2.0.1
"Vtune_is1" = Vtune 7.6
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.20 beta 3 (32-bit)
"winusb0100" = Microsoft WinUsb 1.0
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xilisoft Audio Converter 6" = Xilisoft Audio Converter 6
"Yahoo! Messenger" = Yahoo! Messenger
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dead Island Save Editor_is1" = Dead Island Save Editor
"Google Chrome" = Google Chrome
"MyFreeCodec" = MyFreeCodec
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 2/16/2013 2:16:07 AM | Computer Name = DELACRUZ | Source = Application Error | ID = 1000
Description = Faulting application lol.exe, version 1.0.0.29, faulting module launcher.maestro.dll,
version 1.0.0.29, fault address 0x00011289.
Error - 2/16/2013 8:08:58 AM | Computer Name = DELACRUZ | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Received from 192.168.1.33:5353 17 33.1.168.192.in-addr.arpa.
PTR Dela-Cruz.local.
Error - 2/16/2013 8:08:58 AM | Computer Name = DELACRUZ | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Unexpected conflict discarding 16 33.1.168.192.in-addr.arpa.
PTR delacruz.local.
Error - 2/17/2013 2:05:23 AM | Computer Name = DELACRUZ | Source = Application Error | ID = 1000
Description = Faulting application lol.exe, version 1.0.0.29, faulting module launcher.maestro.dll,
version 1.0.0.29, fault address 0x00011289.
Error - 2/17/2013 5:56:47 AM | Computer Name = DELACRUZ | Source = Application Error | ID = 1000
Description = Faulting application lol.exe, version 1.0.0.29, faulting module launcher.maestro.dll,
version 1.0.0.29, fault address 0x00011289.
Error - 2/17/2013 8:11:10 AM | Computer Name = DELACRUZ | Source = Application Error | ID = 1000
Description = Faulting application lol.exe, version 1.0.0.29, faulting module launcher.maestro.dll,
version 1.0.0.29, fault address 0x00011289.
Error - 2/17/2013 8:39:40 AM | Computer Name = DELACRUZ | Source = Application Error | ID = 1000
Description = Faulting application lol.exe, version 1.0.0.29, faulting module launcher.maestro.dll,
version 1.0.0.29, fault address 0x00011289.
Error - 2/17/2013 12:38:02 PM | Computer Name = DELACRUZ | Source = Application Error | ID = 1000
Description = Faulting application lol.exe, version 1.0.0.29, faulting module launcher.maestro.dll,
version 1.0.0.29, fault address 0x00011289.
Error - 2/23/2013 1:27:42 PM | Computer Name = DELACRUZ | Source = Application Error | ID = 1000
Description = Faulting application lol.exe, version 1.0.0.29, faulting module launcher.maestro.dll,
version 1.0.0.29, fault address 0x00011289.
Error - 2/25/2013 11:21:04 AM | Computer Name = DELACRUZ | Source = Application Error | ID = 1000
Description = Faulting application lol.exe, version 1.0.0.29, faulting module launcher.maestro.dll,
version 1.0.0.29, fault address 0x00011289.
[ System Events ]
Error - 4/16/2013 12:00:41 AM | Computer Name = DELACRUZ | Source = Service Control Manager | ID = 7000
Description = The Smart Bro. OUC service failed to start due to the following error:
%%1053
Error - 4/16/2013 1:18:42 AM | Computer Name = DELACRUZ | Source = Service Control Manager | ID = 7038
Description = The nvUpdatusService service was unable to log on as .\UpdatusUser
with the currently configured password due to the following error: %%1330 To ensure
that the service is configured properly, use the Services snap-in in Microsoft Management
Console
(MMC).
Error - 4/16/2013 1:18:42 AM | Computer Name = DELACRUZ | Source = Service Control Manager | ID = 7000
Description = The NVIDIA Update Service Daemon service failed to start due to the
following error: %%1069
Error - 4/16/2013 1:18:42 AM | Computer Name = DELACRUZ | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Smart Bro. OUC service
to connect.
Error - 4/16/2013 1:18:42 AM | Computer Name = DELACRUZ | Source = Service Control Manager | ID = 7000
Description = The Smart Bro. OUC service failed to start due to the following error:
%%1053
Error - 4/16/2013 1:44:38 AM | Computer Name = DELACRUZ | Source = Service Control Manager | ID = 7038
Description = The nvUpdatusService service was unable to log on as .\UpdatusUser
with the currently configured password due to the following error: %%1330 To ensure
that the service is configured properly, use the Services snap-in in Microsoft Management
Console
(MMC).
Error - 4/16/2013 1:44:38 AM | Computer Name = DELACRUZ | Source = Service Control Manager | ID = 7000
Description = The NVIDIA Update Service Daemon service failed to start due to the
following error: %%1069
Error - 4/16/2013 1:44:38 AM | Computer Name = DELACRUZ | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Smart Bro. OUC service
to connect.
Error - 4/16/2013 1:44:38 AM | Computer Name = DELACRUZ | Source = Service Control Manager | ID = 7000
Description = The Smart Bro. OUC service failed to start due to the following error:
%%1053
Error - 4/16/2013 1:44:47 AM | Computer Name = DELACRUZ | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000001'
while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring
the volume.
< End of report >