OTL logfile created on: 14/10/2013 11 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Zach\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd/MM/yyyy
15.98 Gb Total Physical Memory | 13.13 Gb Available Physical Memory | 82.17% Memory free
31.95 Gb Paging File | 28.46 Gb Available in Paging File | 89.07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.79 Gb Total Space | 59.40 Gb Free Space | 25.51% Space Free | Partition Type: NTFS
Drive D: | 698.54 Gb Total Space | 87.11 Gb Free Space | 12.47% Space Free | Partition Type: NTFS
Computer Name: ZACH-PC | User Name: Zach | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2013/10/12 02 () -- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
PRC - [2013/10/08 22 (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2013/10/02 10 (OldTimer Tools) -- C:\Users\Zach\Desktop\OTL.exe
PRC - [2013/09/17 14 (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/09/12 01 (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/08/27 17 (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013/08/27 17 (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/08/07 14 (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2013/06/14 19 (Valve Corporation) -- C:\Program Files (x86)\Steam\GameOverlayUI.exe
PRC - [2013/05/11 06 (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/17 17 (BillP Studios) -- C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2013/03/15 15 (Almico Software (www.almico.com)) -- C:\Program Files (x86)\SpeedFan\speedfan.exe
PRC - [2012/12/20 07 (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
PRC - [2012/12/20 07 (Western Digital ) -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
PRC - [2012/12/20 07 (Western Digital ) -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
PRC - [2012/11/19 12 (Impulse Point, LLC) -- C:\Program Files (x86)\SafeConnect\scManager.sys
PRC - [2012/09/06 10 (Western Digital) -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
PRC - [2012/06/13 16 (Western Digital) -- C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
PRC - [2010/12/29 03 (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/12/29 03 (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/11/29 13 () -- C:\Program Files (x86)\Hotkey\Hotkey.exe
PRC - [2010/11/18 19 () -- C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
========== Modules (No Company Name) ========== MOD - [2013/10/14 10 () -- C:\Users\Zach\AppData\Local\Temp\sfareca00001.dll
MOD - [2013/10/14 10 () -- C:\Users\Zach\AppData\Local\Temp\sfamcc00001.dll
MOD - [2013/10/12 02 () -- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\vstdlib.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\vscript.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\vphysics.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\vguimatsurface.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\vgui2.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\vaudio_miles.dll
MOD - [2013/10/12 02 () -- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\tier0.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\StudioRender.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\stdshader_dx9.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\stdshader_dbg.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\SoundEmitterSystem.dll
MOD - [2013/10/12 02 () -- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\shaderapidx9.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota\bin\server.dll
MOD - [2013/10/12 02 () -- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\scenefilecache.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\scaleformui_4.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\networksystem.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\mssvoice.asi
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\mssmp3.asi
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\msseax.flt
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\mssds3d.flt
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\MaterialSystem.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\localize.dll
MOD - [2013/10/12 02 () -- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\libcef.dll
MOD - [2013/10/12 02 () -- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\launcher.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\inputsystem.dll
MOD - [2013/10/12 02 () -- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\FileSystem_Stdio.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\engine.dll
MOD - [2013/10/12 02 () -- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\datacache.dll
MOD - [2013/10/12 02 () -- c:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota\bin\client.dll
MOD - [2013/10/12 02 () -- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\chromehtml.dll
MOD - [2013/10/12 02 () -- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\avutil-51.dll
MOD - [2013/10/12 02 () -- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\avformat-53.dll
MOD - [2013/10/12 02 () -- C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\bin\avcodec-53.dll
MOD - [2013/10/09 00 () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013/10/08 22 () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2013/09/17 14 () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/09/10 18 () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2013/08/21 18 () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2013/08/15 01 () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9a1bc983c28c695729b3e46acdc6933e\System.Management.ni.dll
MOD - [2013/08/15 00 () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\c664f44617c6a89edcc171fa8596c89d\System.ServiceProcess.ni.dll
MOD - [2013/08/15 00 () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/08/15 00 () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/07/10 11 () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/07/10 11 () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\8c20095bd7d46cdfa7933eb258a07daa\Accessibility.ni.dll
MOD - [2013/06/14 19 () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2013/06/14 19 () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2013/06/14 19 () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2013/01/28 13 () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/01/28 13 () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/12/09 21 () -- C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
MOD - [2010/11/29 13 () -- C:\Program Files (x86)\Hotkey\Hotkey.exe
MOD - [2009/06/06 14 () -- C:\Program Files (x86)\Hotkey\Audiodll.dll
========== Services (SafeList) ========== SRV:
64bit: - [2013/08/27 17 (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:
64bit: - [2013/08/12 14 (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:
64bit: - [2013/08/12 14 (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:
64bit: - [2013/08/07 14 (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:
64bit: - [2013/07/17 11 (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:
64bit: - [2013/07/17 11 (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:
64bit: - [2013/07/17 11 (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:
64bit: - [2013/07/17 11 () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:
64bit: - [2013/06/13 15 (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:
64bit: - [2013/05/27 01 (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:
64bit: - [2013/05/21 08 (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:
64bit: - [2013/04/01 14 () [Disabled | Stopped] -- C:\Program Files\FileMind\FileMind.Windows.Service.exe -- (Filemind.Windows.Service)
SRV:
64bit: - [2012/09/12 18 (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:
64bit: - [2009/07/13 21 (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/10/08 17 (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/12 01 (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/08/31 14 (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/08/27 17 (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/06/21 09 (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/11 06 (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/20 07 (Western Digital ) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe -- (WDRulesService)
SRV - [2012/12/20 07 (Western Digital ) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe -- (WDBackup)
SRV - [2012/11/19 17 (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/11/19 12 (Impulse Point, LLC) [Auto | Running] -- C:\Program Files (x86)\SafeConnect\scManager.sys -- (SCManager)
SRV - [2012/09/06 10 (Western Digital) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe -- (WDDriveService)
SRV - [2012/07/09 04 (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/12/29 03 (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/12/29 03 (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/11/18 19 () [Auto | Running] -- C:\Program Files (x86)\Hotkey\PowerBiosServer.exe -- (PowerBiosServer)
SRV - [2009/06/10 17 (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2013/10/02 05 (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:
64bit: - [2013/09/08 16 (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)
DRV:
64bit: - [2013/08/20 09 (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:
64bit: - [2013/08/07 14 (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:
64bit: - [2013/08/07 14 (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:
64bit: - [2013/06/22 19 (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:
64bit: - [2013/06/18 21 (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:
64bit: - [2013/06/16 08 (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:
64bit: - [2013/05/29 06 (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwsw00.sys -- (NETwNs64)
DRV:
64bit: - [2013/05/23 02 (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:
64bit: - [2013/05/23 02 (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:
64bit: - [2013/05/23 02 (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:
64bit: - [2013/05/23 02 (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:
64bit: - [2013/05/23 02 (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:
64bit: - [2013/05/21 08 (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:
64bit: - [2013/05/21 08 (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:
64bit: - [2013/03/28 15 (GFI Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gfibto.sys -- (gfibto)
DRV:
64bit: - [2013/03/27 23 (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:
64bit: - [2013/02/25 17 (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:
64bit: - [2013/01/31 05 (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple)
DRV:
64bit: - [2013/01/17 15 (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:
64bit: - [2012/12/13 13 (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:
64bit: - [2012/10/25 05 (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:
64bit: - [2012/10/10 23 (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys -- (ManyCam)
DRV:
64bit: - [2012/08/27 19 (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:
64bit: - [2012/08/27 19 (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:
64bit: - [2012/08/23 10 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:
64bit: - [2012/08/23 10 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:
64bit: - [2012/08/23 10 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:
64bit: - [2012/08/23 10 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:
64bit: - [2012/08/21 13 (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:
64bit: - [2012/04/15 17 (Windows ® Win 7 DDK provider) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\wcmvcam64.sys -- (WCMVCAM)
DRV:
64bit: - [2012/03/01 02 (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2011/03/11 02 (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2011/03/11 02 (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2011/01/15 05 (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\JME.sys -- (JME)
DRV:
64bit: - [2010/12/29 03 (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:
64bit: - [2010/12/06 07 (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:
64bit: - [2010/11/20 23 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:
64bit: - [2010/11/20 23 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:
64bit: - [2010/11/20 23 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:
64bit: - [2010/11/20 23 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:
64bit: - [2010/11/20 23 (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2010/11/05 23 (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:
64bit: - [2010/07/13 17 (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\itecir.sys -- (itecir)
DRV:
64bit: - [2010/07/01 13 () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV:
64bit: - [2009/11/23 21 (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:
64bit: - [2009/11/23 21 (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:
64bit: - [2009/07/13 21 (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009/07/13 21 (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009/07/13 21 (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009/06/10 16 (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:
64bit: - [2009/06/10 16 (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009/06/10 16 (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009/06/10 16 (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2008/05/06 16 (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:
64bit: - [2007/04/09 14 (Waytech Development, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UsbFltr.sys -- (UsbFltr)
DRV - [2011/06/02 10 () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2009/07/13 21 (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:
64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:
64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRCIE:
64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://www.msn.com/?ocid=iehpIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4D 20 09 24 2E 24 CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...Box&FORM=IE10SRIE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B3d7eb24f-2740-49df-8937-200b1cc08f8a%7D:1.5.17
FF - prefs.js..extensions.enabledAddons: smarterwiki%40wikiatic.com:5.1.9
FF - prefs.js..extensions.enabledAddons: %7Bbb6bc1bb-f824-4702-90cd-35e2fb24f25d%7D:1.5.2
FF - prefs.js..extensions.enabledAddons: %7BEDA7B1D7-F793-4e03-B074-E6F303317FB0%7D:1.2.7
FF - prefs.js..extensions.enabledAddons: %7B4a313247-8330-4a81-948e-b79936516f78%7D:2.0.2
FF - prefs.js..extensions.enabledAddons: %7B1A2D0EC4-75F5-4c91-89C4-3656F6E44B68%7D:0.6.3
FF - prefs.js..extensions.enabledAddons: support%40lastpass.com:2.0.20
FF - prefs.js..extensions.enabledAddons: nosquint%40urandom.ca:2.1.9
FF - prefs.js..extensions.enabledAddons: autopager%40mozilla.org:0.8.0.8
FF - prefs.js..extensions.enabledAddons: SkipScreen%40SkipScreen:0.7.2
FF - prefs.js..extensions.enabledAddons: %7Bcd617375-6743-4ee8-bac4-fbf10f35729e%7D:2.9.5
FF - prefs.js..extensions.enabledAddons: %7B98449521-9320-4257-aa35-9e1a39c8cbe0%7D:2.0.3
FF - prefs.js..extensions.enabledAddons: %7B578e7caa-210f-4967-a0d3-88fe5b59a39f%7D:0.8.10
FF - prefs.js..extensions.enabledAddons: canitbecheaper%40trafficbroker.co.uk:3.9.4
FF - prefs.js..extensions.enabledAddons: %7B65e41d20-f092-41b7-bb83-c6e8a9ab0f57%7D:1.2.1
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.12
FF - prefs.js..extensions.enabledAddons: mozilla_cc%40internetdownloadmanager.com:7.3.61
FF - prefs.js..extensions.enabledAddons: %7BF003DA68-8256-4b37-A6C4-350FA04494DF%7D:6.5
FF - prefs.js..extensions.enabledAddons: treestyletab%40piro.sakura.ne.jp:0.14.2013100901
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF - user.js - File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013/08/22 00
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/09/17 14
FF - HKEY_LOCAL_MACHINE\software\mozilla\Nightly 26.0a1\extensions\\Components: C:\Program Files (x86)\Nightly\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Nightly 26.0a1\extensions\\Plugins: C:\Program Files (x86)\Nightly\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Waterfox 18.0.1\extensions\\Components: C:\Program Files\\Waterfox\components [2013/04/04 20
FF - HKEY_LOCAL_MACHINE\software\mozilla\Waterfox 18.0.1\extensions\\Plugins: C:\Program Files\\Waterfox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Users\Zach\AppData\Roaming\IDM\idmmzcc5 [2013/10/07 10
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\
[email protected]: C:\Users\Zach\AppData\Roaming\IDM\idmmzcc5 [2013/10/07 10
[2013/03/18 20
[2013/08/17 13
[2013/08/17 13
[2013/10/09 17
[2013/08/17 13
[2013/09/17 15
[2013/09/17 15
[2013/08/17 13
[2013/08/17 13
[2013/08/17 13 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\
[email protected][2013/09/22 22 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\
[email protected][2013/08/30 22 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\
[email protected][2013/10/03 01 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\
[email protected][2013/08/25 18 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\
[email protected][2013/08/30 22 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\
[email protected][2013/08/17 13 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\
[email protected][2013/08/17 17 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\
[email protected][2013/08/17 13 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\
[email protected][2013/10/09 17 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\
[email protected][2013/08/17 13 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
[2013/08/17 13 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi
[2013/08/17 13 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\{4a313247-8330-4a81-948e-b79936516f78}.xpi
[2013/09/30 10 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\{65e41d20-f092-41b7-bb83-c6e8a9ab0f57}.xpi
[2013/08/24 13 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi
[2013/10/09 15 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/10/01 18 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013/08/17 13 () (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\do5y9nnf.default-1376761741539\extensions\{EDA7B1D7-F793-4e03-B074-E6F303317FB0}.xpi
[2013/09/17 14
[2013/09/17 14
[2013/08/22 00
[2013/10/07 10
[2013/06/13 20 (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
========== Chrome ========== CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
http://www.google.com/CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: reddit companion = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\algjnflpgoopkdijmkalfcifomdhmcbe\1.1.2_0\
CHR - Extension: WikiTube = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\aneddidibfifdpbeppmpoackniodpekj\2.3_0\
CHR - Extension: WikiTube = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\aneddidibfifdpbeppmpoackniodpekj\2.4_0\
CHR - Extension: WikiTube = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\aneddidibfifdpbeppmpoackniodpekj\2.5_0\
CHR - Extension: Logitech Smooth Scrolling = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk\6.60.170_0\
CHR - Extension: The Camelizer - Amazon Price Tracker = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnomdcacenbmilgjigehppbamfndblo\2.3.1_0\
CHR - Extension: LastPass = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.5.3_0\
CHR - Extension: LastPass = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.5.4_0\
CHR - Extension: IDM Integration Module = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.17.6_0\
CHR - Extension: IDM Integration Module = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.17.7_0\
CHR - Extension: Reddit Enhancement Suite = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.3.0.1_0\
CHR - Extension: Cookie Manager = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbnfbcpkiaganjpcanopcgeoehkleeck\1.1_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\
CHR - Extension: SABconnect++ = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\okphadhbbjadcifjplhifajfacbkkbod\0.6.8_0\
CHR - Extension: reddit companion = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\algjnflpgoopkdijmkalfcifomdhmcbe\1.1.2_0\
CHR - Extension: WikiTube = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\aneddidibfifdpbeppmpoackniodpekj\2.3_0\
CHR - Extension: WikiTube = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\aneddidibfifdpbeppmpoackniodpekj\2.4_0\
CHR - Extension: WikiTube = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\aneddidibfifdpbeppmpoackniodpekj\2.5_0\
CHR - Extension: Logitech Smooth Scrolling = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk\6.60.170_0\
CHR - Extension: The Camelizer - Amazon Price Tracker = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnomdcacenbmilgjigehppbamfndblo\2.3.1_0\
CHR - Extension: LastPass = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.5.3_0\
CHR - Extension: LastPass = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.5.4_0\
CHR - Extension: IDM Integration Module = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.17.6_0\
CHR - Extension: IDM Integration Module = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.17.7_0\
CHR - Extension: Reddit Enhancement Suite = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.3.0.1_0\
CHR - Extension: Cookie Manager = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbnfbcpkiaganjpcanopcgeoehkleeck\1.1_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\
CHR - Extension: SABconnect++ = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\okphadhbbjadcifjplhifajfacbkkbod\0.6.8_0\
O1 HOSTS File: () - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:
64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:
64bit: - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:
64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:
64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:
64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:
64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:
64bit: - HKLM..\Run: [SpeedFan] C:\Program Files (x86)\SpeedFan\speedfan.exe (Almico Software (www.almico.com))
O4 - HKLM..\Run: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe (Western Digital)
O4 - HKLM..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Western Digital Technologies, Inc.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionName = Bing Search
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionAction =
http://search.bing.c...sults.aspx?q=%wO8:
64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:
64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13
64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2A936B49-CC00-4762-983E-66987E017634}: DhcpNameServer = 10.10.101.201 10.10.100.200
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8FAECE5C-6A31-41A3-BE76-57E63394ACFA}: DhcpNameServer = 10.0.1.1
O18:
64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:
64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files (x86)\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/03/23 21 () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ========== [2013/10/12 02
[2013/10/12 02
[2013/10/12 02
[2013/10/11 21
[2013/10/11 12
[2013/10/11 12
[2013/10/11 12
[2013/10/11 10
[2013/10/11 10
[2013/10/11 10
[2013/10/11 10 (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013/10/09 15
[2013/10/08 22 (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/10/08 22 (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/10/08 22 (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/10/08 22 (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/10/08 22 (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/10/08 22 (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/10/08 22 (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/10/08 22 (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/10/08 22 (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/10/08 22 (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/10/08 22 (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/10/08 22 (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/10/08 22 (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/10/08 22 (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/10/08 22 (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2013/10/08 15 (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2013/10/08 15 (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2013/10/08 15 (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2013/10/08 15 (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2013/10/08 15 (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2013/10/07 10
[2013/10/06 11
[2013/10/06 11
[2013/10/06 11
[2013/10/06 11
[2013/10/06 11
[2013/10/05 19
[2013/10/05 19
[2013/10/05 19
[2013/10/05 19
[2013/10/05 19
[2013/10/05 18
[2013/10/05 17
[2013/10/05 17
[2013/10/05 17
[2013/10/05 17
[2013/10/05 17 (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/10/05 17 (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/10/05 17 (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/10/05 17 (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/10/04 11
[2013/10/04 11
[2013/10/04 11
[2013/10/04 11
[2013/10/04 11
[2013/10/04 07 (Tonec Inc.) -- C:\Windows\SysNative\drivers\idmwfp.sys
[2013/10/02 10 (OldTimer Tools) -- C:\Users\Zach\Desktop\OTL.exe
[2013/09/30 11
[2013/09/30 11
[2013/09/30 11
[2013/09/26 01
[2013/09/25 10
[2013/09/20 23
[2013/09/20 23
[2013/09/20 23
[2013/09/20 23
[2013/09/20 23
[2013/09/20 12
[2013/09/19 23
[2013/09/19 23
[2013/09/19 13
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvstusb.sys
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvir3dgenco6420172.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6432723.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6432723.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2013/09/19 13 (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2013/09/19 13 (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013/09/19 13 (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013/09/17 18
[2013/09/17 14
[2013/09/16 15
[2013/05/08 04 (Advanced Micro Devices Inc.) -- C:\Program Files (x86)\Common Files\atimpenc.dll
[2013/03/12 08 (Yamicsoft) -- C:\Users\Zach\AppData\Roaming\windows7manager.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2013/10/14 11 () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/14 11 () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/10/14 10 () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/10/14 10 () -- C:\Windows\SysNative\perfh009.dat
[2013/10/14 10 () -- C:\Windows\SysNative\perfc009.dat
[2013/10/14 10 () -- C:\hiberfil.sys
[2013/10/14 10 () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/14 10 () -- C:\Windows\bootstat.dat
[2013/10/14 10 () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/10/14 10 () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/10/13 13 () -- C:\Program Files (x86)\Bradford Dissolvable Agent.exe
[2013/10/12 02 () -- C:\Users\Public\Desktop\Steam.lnk
[2013/10/12 02 () -- C:\Users\Zach\Desktop\Dota 2.url
[2013/10/11 12 (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013/10/11 12 () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/10/11 12 () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/10/11 10 () -- C:\Windows\tweaking.com-regbackup-ZACH-PC-Microsoft-Windows-7-Ultimate-(64-bit).dat
[2013/10/11 10 () -- C:\Users\Zach\Desktop\tweaking.com_windows_repair_aio_setup.exe
[2013/10/10 19 () -- C:\Users\Zach\Desktop\AutoRuns.zip
[2013/10/10 19 () -- C:\Users\Zach\Desktop\AutoRuns.arn
[2013/10/09 14 () -- C:\Windows\epplauncher.mif
[2013/10/08 22 () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/10/08 22 () -- C:\Users\Zach\Desktop\Hw4.pdf
[2013/10/08 17 (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/10/08 17 (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/10/06 11 () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/10/05 19 () -- C:\Windows\SysNative\sc
[2013/10/05 17 (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/10/05 17 (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013/10/05 17 (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/10/05 17 (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/10/05 17 (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/10/05 17 (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013/10/04 16 ( ) -- C:\Users\Zach\Desktop\VEW.exe
[2013/10/04 11 () -- C:\Users\Zach\Desktop\MBR.dat
[2013/10/03 18 (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys
[2013/10/02 17 () -- C:\Users\Zach\Desktop\Dur.torrent
[2013/10/02 10 (OldTimer Tools) -- C:\Users\Zach\Desktop\OTL.exe
[2013/10/02 10 () -- C:\Users\Zach\Desktop\Troubleshoot problems error.JPG
[2013/10/02 05 (Tonec Inc.) -- C:\Windows\SysNative\drivers\idmwfp.sys
[2013/09/30 11 () -- C:\Users\Zach\Desktop\Ventrilo.lnk
[2013/09/30 11 () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2013/09/28 16 () -- C:\Users\Zach\Desktop\i3nF4.jpg
[2013/09/28 16 () -- C:\Users\Zach\Desktop\1aZuY.jpg
[2013/09/26 01 () -- C:\Users\Zach\Desktop\Minecraft.exe
[2013/09/25 10 () -- C:\Users\Zach\Desktop\SteamInstall.msi
[2013/09/22 19 (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/09/22 19 (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/09/22 19 (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/09/22 19 (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/09/22 19 (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/09/22 18 (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/09/22 18 (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/09/22 18 (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/09/22 18 (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/09/22 18 (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/09/22 18 (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/09/22 18 (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/09/22 18 (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/09/20 23 () -- C:\Users\Public\Desktop\Urban Trial Freestyle.lnk
[2013/09/20 22 (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/09/20 22 (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/09/20 12 () -- C:\Users\Zach\Desktop\Puzzle Pirates.lnk
[2013/09/16 17 () -- C:\Users\Zach\Desktop\Lab2 - Zachary Bazarsky.rar
[2013/09/16 15 () -- C:\Users\Zach\Documents\cc_20130916_151927.reg
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ========== [2013/10/13 13 () -- C:\Program Files (x86)\Bradford Dissolvable Agent.exe
[2013/10/12 02 () -- C:\Users\Public\Desktop\Steam.lnk
[2013/10/12 02 () -- C:\Users\Zach\Desktop\Dota 2.url
[2013/10/11 10 () -- C:\Windows\tweaking.com-regbackup-ZACH-PC-Microsoft-Windows-7-Ultimate-(64-bit).dat
[2013/10/11 10 () -- C:\Users\Zach\Desktop\tweaking.com_windows_repair_aio_setup.exe
[2013/10/10 19 () -- C:\Users\Zach\Desktop\AutoRuns.zip
[2013/10/10 19 () -- C:\Users\Zach\Desktop\AutoRuns.arn
[2013/10/08 22 () -- C:\Users\Zach\Desktop\Hw4.pdf
[2013/10/06 11 () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/10/05 19 () -- C:\Windows\SysNative\sc
[2013/10/04 16 ( ) -- C:\Users\Zach\Desktop\VEW.exe
[2013/10/04 11 () -- C:\Users\Zach\Desktop\MBR.dat
[2013/10/02 17 () -- C:\Users\Zach\Desktop\Dur.torrent
[2013/10/02 10 () -- C:\Users\Zach\Desktop\Troubleshoot problems error.JPG
[2013/09/30 11 () -- C:\Users\Zach\Desktop\Ventrilo.lnk
[2013/09/30 11 () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2013/09/28 16 () -- C:\Users\Zach\Desktop\i3nF4.jpg
[2013/09/28 16 () -- C:\Users\Zach\Desktop\1aZuY.jpg
[2013/09/26 01 () -- C:\Users\Zach\Desktop\Minecraft.exe
[2013/09/25 10 () -- C:\Users\Zach\Desktop\SteamInstall.msi
[2013/09/20 23 () -- C:\Users\Public\Desktop\Urban Trial Freestyle.lnk
[2013/09/20 12 () -- C:\Users\Zach\Desktop\Puzzle Pirates.lnk
[2013/09/20 12 () -- C:\Users\Zach\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Puzzle Pirates.lnk
[2013/09/20 12 () -- C:\ProgramData\hash.dat
[2013/09/19 13 () -- C:\Windows\SysNative\nvinfo.pb
[2013/09/16 17 () -- C:\Users\Zach\Desktop\Lab2 - Zachary Bazarsky.rar
[2013/09/16 15 () -- C:\Users\Zach\Documents\cc_20130916_151927.reg
[2013/09/13 11 () -- C:\Users\Zach\AppData\Roaming\keygen.il
[2013/09/13 11 () -- C:\Users\Zach\AppData\Roaming\InstallMTW6.9.il
[2013/07/20 13 () -- C:\Users\Zach\AppData\Local\Resmon.ResmonCfg
[2013/06/23 12 () -- C:\ProgramData\1372005809.bdinstall.bin
[2013/04/23 18 () -- C:\ProgramData\1366757276.bdinstall.bin
[2013/04/23 18 () -- C:\ProgramData\1366756389.bdinstall.bin
[2013/04/02 23 () -- C:\Windows\WebFerretUninstall.exe
[2013/04/02 23 () -- C:\Windows\SysWow64\NetFerret.dll
[2013/03/30 13 () -- C:\ProgramData\1364665264.bdinstall.bin
[2013/03/30 12 () -- C:\Windows\asfbinwin.INI
[2013/03/26 17 () -- C:\Users\Zach\PUTTY.RND
[2013/03/18 19 () -- C:\Windows\SysWow64\unrar.dll
[2013/02/16 00 () -- C:\Windows\SysWow64\PerfStringBackup.INI
========== ZeroAccess Check ========== [2009/07/14 00 () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 22 (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 21 (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21 (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23 (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21 (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Custom Scans ========== < MD5 for: SDIAGENG.DLL >[2009/07/13 21 (Microsoft Corporation) MD5=5FEBDA813BD116EBC9DFF730EB8ECB7C -- C:\Windows\SysNative\sdiageng.dll
[2009/07/13 21 (Microsoft Corporation) MD5=5FEBDA813BD116EBC9DFF730EB8ECB7C -- C:\Windows\winsxs\amd64_microsoft-windows-s..engine-nativeengine_31bf3856ad364e35_6.1.7600.16385_none_5064a7d08ea0882d\sdiageng.dll
[2009/07/13 21 (Microsoft Corporation) MD5=B45934FDAEB1710CEC3D8F797FD481CA -- C:\Windows\SysWOW64\sdiageng.dll
[2009/07/13 21 (Microsoft Corporation) MD5=B45934FDAEB1710CEC3D8F797FD481CA -- C:\Windows\winsxs\wow64_microsoft-windows-s..engine-nativeengine_31bf3856ad364e35_6.1.7600.16385_none_5ab95222c3014a28\sdiageng.dll
< MD5 for: SDIAGNHOST.EXE >[2009/07/13 21 (Microsoft Corporation) MD5=15F07E50407139AA93D3FB6E612D2F74 -- C:\Windows\SysWOW64\sdiagnhost.exe
[2009/07/13 21 (Microsoft Corporation) MD5=15F07E50407139AA93D3FB6E612D2F74 -- C:\Windows\winsxs\wow64_microsoft-windows-s..csengine-nativehost_31bf3856ad364e35_6.1.7600.16385_none_806f80a8aaa33dd4\sdiagnhost.exe
[2009/07/13 21 (Microsoft Corporation) MD5=DEC77AFE38AB182857BD3025A6544E23 -- C:\Windows\SysNative\sdiagnhost.exe
[2009/07/13 21 (Microsoft Corporation) MD5=DEC77AFE38AB182857BD3025A6544E23 -- C:\Windows\winsxs\amd64_microsoft-windows-s..csengine-nativehost_31bf3856ad364e35_6.1.7600.16385_none_761ad65676427bd9\sdiagnhost.exe
< MD5 for: SDIAGPRV.DLL >[2009/07/13 21 (Microsoft Corporation) MD5=800B7FBFF56BF97EB25C3B4C997F25FB -- C:\Windows\SysNative\sdiagprv.dll
[2009/07/13 21 (Microsoft Corporation) MD5=800B7FBFF56BF97EB25C3B4C997F25FB -- C:\Windows\winsxs\amd64_microsoft-windows-s..icsprovider-library_31bf3856ad364e35_6.1.7600.16385_none_adb6e8740a39ba16\sdiagprv.dll
[2009/07/13 21 (Microsoft Corporation) MD5=E22CF2157EA7D798CA5CFA6A30A5D9FA -- C:\Windows\SysWOW64\sdiagprv.dll
[2009/07/13 21 (Microsoft Corporation) MD5=E22CF2157EA7D798CA5CFA6A30A5D9FA -- C:\Windows\winsxs\x86_microsoft-windows-s..icsprovider-library_31bf3856ad364e35_6.1.7600.16385_none_51984cf051dc48e0\sdiagprv.dll
========== Alternate Data Streams ========== @Alternate Data Stream - 225 bytes -> C:\ProgramData\TEMP:D30E8FC9
< End of report >
OTL Extras logfile created on: 14/10/2013 11
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Zach\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd/MM/yyyy
15.98 Gb Total Physical Memory | 13.13 Gb Available Physical Memory | 82.17% Memory free
31.95 Gb Paging File | 28.46 Gb Available in Paging File | 89.07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.79 Gb Total Space | 59.40 Gb Free Space | 25.51% Space Free | Partition Type: NTFS
Drive D: | 698.54 Gb Total Space | 87.11 Gb Free Space | 12.47% Space Free | Partition Type: NTFS
Computer Name: ZACH-PC | User Name: Zach | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- "%1" %*
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "C:\Windows\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office15\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office15\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] --
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "C:\Windows\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office15\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office15\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] --
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{002C5105-370A-46AE-BF5F-9905BAC6CA16}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{0C5DB97A-D484-425D-9A40-27B9DE588F62}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{2DE8B863-722C-4E06-8E83-3E7F1C3EEC2E}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{31D5AE17-9223-4A8B-8C21-F40C670DD7DD}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{3B33CC63-F75F-483A-9BD3-0A16D43D8EBB}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{A73E2D92-6E7A-48AB-BB4C-051C22EDB956}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{B4DE5AA9-AFB8-4540-A5C6-723AF6F36D88}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{B99ADA06-7F1B-45E0-97CF-111F9757A78F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CF025AF9-55B3-420C-87B1-64BAC001A8A8}" = lport=5353 | protocol=17 | dir=in | name=bonjour |
"{D35FCAD1-99C5-4214-8E47-A2D7ACB638EB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D3ECDDA8-F774-4CE5-A012-4ADED1B1E11A}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0120DA67-F5EA-4DCA-881C-07AC3DE51641}" = protocol=6 | dir=in | app=c:\program files (x86)\steam1\steam.exe |
"{05F9C584-CC2F-433F-9ABE-CF3E5EFB7F67}" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader\jdupdate.exe |
"{0FBD9BAB-1155-43E3-9C9A-7A04AC1D911F}" = protocol=6 | dir=in | app=c:\program files (x86)\bradford dissolvable agent.exe |
"{12986842-B9DC-421B-96A1-2E2FDD8BE8B5}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{12CFAD18-07F7-4843-ACFE-0D45A46AAFB8}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{16EB5F45-E4B0-4DE0-80C3-3BE87DAC9053}" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader\jdownloaderportable.exe |
"{18A275E2-2874-4314-A767-50C020C7C989}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{2BEDF813-7E65-4FD4-8308-57678A323CC1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{340CEA2B-E0ED-4D58-8C93-1DF502EFE273}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{3A7B8ADE-E803-42D5-8DFB-6942D0C5F68C}" = protocol=6 | dir=in | app=c:\program files (x86)\qbittorrent\qbittorrent.exe |
"{433A7281-75C3-47D4-99DD-42DA2CC7D90B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{490EDE6C-4E22-4FB2-9619-9A75E15407FC}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{4E17CC80-1C60-4B59-9D00-9F3FED7AA69B}" = protocol=17 | dir=in | app=c:\users\zach\appdata\roaming\utorrent\utorrent.exe |
"{4F5B8326-0B0A-48EE-917D-D62B0FDCF85C}" = protocol=17 | dir=in | app=c:\program files (x86)\qbittorrent\qbittorrent.exe |
"{5F330A7D-B125-49F7-99F5-6533B4C9F4B5}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{65C39604-521C-42CC-BEE6-48BA0D154A4E}" = dir=in | app=c:\program files (x86)\airport\apagent.exe |
"{6790586D-0CAA-41EF-9F1D-06EE609A78E1}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{70DDFA3A-E971-480A-A162-2B0E61BCC7F1}" = protocol=6 | dir=in | app=c:\program files\kmsnano\data\qemu-system-i386.exe |
"{73743CD5-221D-4A17-9831-5427A87301AA}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{809C0060-D287-484B-94E8-EE5162971E5D}" = protocol=17 | dir=in | app=c:\program files\kmsnano\data\qemu-system-i386.exe |
"{85D60093-BEE2-4BA0-BAAB-A2CC43972319}" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader\jdupdate.exe |
"{8AEB53EC-CC88-4B7C-9CB9-CEE673A82762}" = protocol=6 | dir=in | app=c:\users\zach\appdata\roaming\utorrent\utorrent.exe |
"{8BA40E28-A76D-421C-B678-6B5439106F18}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{9093A09A-4792-4B6D-9FE0-030370227812}" = protocol=17 | dir=in | app=c:\program files (x86)\bradford dissolvable agent.exe |
"{942DFE5B-8E36-4906-A82D-BB29FFCBFB8B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{97E23419-B87A-4D69-8F4A-70E1F546B83A}" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader\jdownloaderportable.exe |
"{9940C7BA-4DFE-42DA-ABD9-5D0096D6B8BF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{A328F7D8-8B33-4C1C-8A49-6C631EA6D476}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A636601A-C8B4-4744-A4ED-585E9A6B3DDA}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AF6E5FD9-F921-4A08-B5BD-F539879FA0FF}" = dir=in | app=%programfiles% (x86)\steam\steam.exe |
"{AFB950EA-50A7-45F8-8E0C-FA1B1743BB25}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AFDAE0B7-B7F8-4993-840D-DB3E1C90D946}" = protocol=6 | dir=in | app=c:\program files (x86)\safeconnect\scclient.exe |
"{B226E207-D7FC-493A-ACD3-233915326027}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{B756F811-FF73-42D5-B478-0E78B8A994B9}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{B8AA7512-A0AB-4E10-B682-2081F3E4D178}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{C72B7AC3-9275-4F0F-8513-EFFC95F72EB6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam1\steam.exe |
"{CEC21F85-E1E5-4BF3-8FA6-CE3D9ED1BE2E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{D4F7B4A6-36AB-4FC7-9162-4D66F6C8E1B2}" = protocol=17 | dir=in | app=c:\program files (x86)\safeconnect\scclient.exe |
"{D706868D-DB27-41E2-A63E-DBBADCC3968E}" = dir=out | app=%programfiles% (x86)\steam\steam.exe |
"{E1173887-C30F-4935-B697-C861142E0E64}" = protocol=17 | dir=in | app=c:\program files\kmsnano\data\qemu-system-i386.exe |
"{E1D2822F-2CC9-48DF-A438-44CC47F3778A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{E3E2095F-F245-482E-BC80-5A3CFEFEA67E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{E72B2EAB-8046-4AB2-B1C5-61443E4CE999}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{E877519A-F70E-49AE-AEF2-64989BDD695A}" = protocol=6 | dir=in | app=c:\program files\kmsnano\data\qemu-system-i386.exe |
"{EA41F840-30E0-4CD1-8CE9-CD104D1288C6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{EF3D9F21-3795-424F-9DD2-239F06DD9ED7}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{FA23C7E3-398B-470B-B581-D797DDB72EAA}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"TCP Query User{5AA61DC4-B13A-4372-BAEC-90AD329AACA6}C:\program files (x86)\sabnzbd\sabnzbd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sabnzbd\sabnzbd.exe |
"TCP Query User{B25CCDA3-CE95-4E6F-8AAC-5A635D35B7F0}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{CCA276DC-32A3-48D5-B821-46260E6D60E0}C:\program files (x86)\airport\aputil.exe" = protocol=6 | dir=in | app=c:\program files (x86)\airport\aputil.exe |
"TCP Query User{D701142C-0697-447A-A5BB-0AE9A9AC59A8}C:\windows\syswow64\java.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\java.exe |
"UDP Query User{0D9ADEAD-EA70-4DEB-945F-2F62619D8945}C:\program files (x86)\airport\aputil.exe" = protocol=17 | dir=in | app=c:\program files (x86)\airport\aputil.exe |
"UDP Query User{2B518824-CE91-4CDF-8CE3-61BC7EF93FE1}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{3FD66EA8-4FBD-4583-9866-B288F28CBEB5}C:\windows\syswow64\java.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\java.exe |
"UDP Query User{B6BB642F-3B82-4760-8891-2544DCBB81FE}C:\program files (x86)\sabnzbd\sabnzbd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sabnzbd\sabnzbd.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{3C28BFD4-90C7-3138-87EF-418DC16E9598}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel® Rapid Storage Technology
"{4BB7A109-FDB5-45E3-9DB9-ECB2EA7B80EE}" = WinPatrol
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7288D4E1-8050-4B81-B9EC-F812D17AD693}" = Intel® PROSet/Wireless for Bluetooth® + High Speed
"{73ca1ddf-9d19-45f2-ad4c-04169ec13342}" = Intel® PRO/Wireless Driver
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D26D58C-3464-4C03-BB61-5695F984EFEF}" = Microsoft Security Client
"{90150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{90150000-0015-0409-1000-0000000FF1CE}" = Microsoft Access MUI (English) 2013
"{90150000-0016-0409-1000-0000000FF1CE}" = Microsoft Excel MUI (English) 2013
"{90150000-0018-0409-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (English) 2013
"{90150000-0019-0409-1000-0000000FF1CE}" = Microsoft Publisher MUI (English) 2013
"{90150000-001A-0409-1000-0000000FF1CE}" = Microsoft Outlook MUI (English) 2013
"{90150000-001B-0409-1000-0000000FF1CE}" = Microsoft Word MUI (English) 2013
"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-1000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office - Français
"{90150000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Español
"{90150000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2013
"{90150000-0044-0409-1000-0000000FF1CE}" = Microsoft InfoPath MUI (English) 2013
"{90150000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2013
"{90150000-0090-0409-1000-0000000FF1CE}" = Microsoft DCF MUI (English) 2013
"{90150000-00A1-0409-1000-0000000FF1CE}" = Microsoft OneNote MUI (English) 2013
"{90150000-00BA-0409-1000-0000000FF1CE}" = Microsoft Groove MUI (English) 2013
"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
"{90150000-00C1-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2013
"{90150000-00E1-0409-1000-0000000FF1CE}" = Microsoft Office OSM MUI (English) 2013
"{90150000-00E2-0409-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (English) 2013
"{90150000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2013
"{90150000-0117-0409-1000-0000000FF1CE}" = Microsoft Access Setup Metadata MUI (English) 2013
"{90150000-012B-0409-1000-0000000FF1CE}" = Microsoft Lync MUI (English) 2013
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{93F692D4-0C4D-4EED-9BFE-657C1D5959FE}" = Intel® Rapid Storage Technology
"{9798BB87-01B9-4D46-8EA0-6681E72BDE87}" = WD SmartWare
"{9C481E27-751F-48B9-801D-C583F032DA50}" = Intel® PROSet/Wireless WiFi Software
"{A535111D-95C8-487F-869E-CE4C239972D2}" = iTunes
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 327.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 327.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 327.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.6.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 326.01
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 8.3.14
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.5
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{FD7DEB7B-8CEA-44E5-AB2D-7C66786C0563}" = Waterfox
"CCleaner" = CCleaner
"KLiteCodecPack64_is1" = K-Lite Codec Pack 9.8.0 (64-bit)
"KMSnano 25_is1" = KMSnano 25
"Logitech Gaming Software" = Logitech Gaming Software 8.46
"Logitech Unifying" = Logitech Unifying Software 2.10
"Microsoft Security Client" = Microsoft Security Essentials
"Office15.PROPLUS" = Microsoft Office Professional Plus 2013
"PotPlayer64" = Daum PotPlayer 1.5.36205 x64 Edition
"sp6" = Logitech SetPoint 6.61
"Speccy" = Speccy
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeraCopy_is1" = TeraCopy 2.3 beta 2
"Unlocker" = Unlocker 1.9.1-x64
"WinRAR archiver" = WinRAR 5.00 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06D085C8-1F00-11B2-96A7-8f0CE39193ED}" = Intel® SSD Toolbox
"{100C8F3B-82D6-4B14-BB7A-5E8C3FF810C8}_is1" = Driver Fusion
"{164714B6-46BC-4649-9A30-A6ED32F03B5A}" = Hotkey 3.3017
"{1e9b4847-4e73-4d00-91f5-96e0f6ce3e5a}" = Intel® PROSet/Wireless Software
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 40
"{3B673B37-EFF7-3BA0-94FF-CE8C46C36DD6}" = Google Chrome
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{40580068-9B10-40B5-9548-536CE88AB23C}" = ITE Infrared Transceiver
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6B75BAF2-A67A-418D-A3D4-B27A5C04F2F5}_is1" = Duplicate Video Search version 15.3.3
"{6BF04C63-EAC0-4F19-9E88-9A745493E7BF}" = IconPackager
"{6e8f74e0-43bd-4dce-8477-6ff6828acc07}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
"{72E40002-8CEC-47C1-A099-83AC8E173BF0}" = WD Drive Utilities
"{78091D68-706D-4893-B287-9F1DFB24F7AF}" = Intel® Update Manager
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{8172B41A-9BB5-4A64-BF28-1FB5FE43C3FF}" = WD Security
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}" = JMicron Ethernet Adapter NDIS Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}" = OpenOffice.org 3.4.1
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA68AAAE-41F0-40B5-8896-5947F5FD6889}" = AirPort
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.04)
"{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}" = System Requirements Lab for Intel
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{E357C7B4-E337-4E43-84F1-8FDAF1EF4038}" = calibre
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Digital Editions 2.0" = Adobe Digital Editions 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"A-PDF Page Cut_is1" = A-PDF Page Cut
"AsfTools 3.1" = AsfTools 3.1 (remove only)
"BitMeter" = BitMeter
"CrystalDiskInfo_is1" = CrystalDiskInfo 5.4.2 Shizuku Edition
"DAEMON Tools Lite" = DAEMON Tools Lite
"DSMT6" = MathType 6
"Everything" = Everything 1.2.1.371
"Foxit Reader_is1" = Foxit Reader
"IconPackager" = IconPackager
"iFunbox_is1" = iFunbox (v2.6.2375.747), iFunbox DevTeam
"ImgBurn" = ImgBurn
"InstallShield_{164714B6-46BC-4649-9A30-A6ED32F03B5A}" = Hotkey 3.3017
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"Internet Download Manager" = Internet Download Manager
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.8.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"MiKTeX 2.9" = MiKTeX 2.9
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 24.0 (x86 en-US)" = Mozilla Firefox 24.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP3Resizer_is1" = MP3Resizer 2.1.0
"Nightly 26.0a1 (x86 en-US)" = Nightly 26.0a1 (x86 en-US)
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"QuickPar" = QuickPar 0.9
"Rainmeter" = Rainmeter
"Revo Uninstaller" = Revo Uninstaller 1.94
"SABnzbd" = SABnzbd 0.7.16
"SafeConnect" = SafeConnect
"SecureW2 Enterprise Client" = SecureW2 Enterprise Client 3.5.9
"SpeedFan" = SpeedFan (remove only)
"Steam App 570" = Dota 2
"SumatraPDF" = SumatraPDF
"Texmaker" = Texmaker
"The KMPlayer" = The KMPlayer (remove only)
"TreeSize Free_is1" = TreeSize Free V2.7
"TrueCrypt" = TrueCrypt
"Tweaking.com - Windows Repair (All in One)" = Tweaking.com - Windows Repair (All in One)
"Urban Trial Freestyle_is1" = Urban Trial Freestyle
"VLC media player" = VLC media player 2.0.8
"WebFerret" = WebFerret
"Xilisoft Video Converter Ultimate" = Xilisoft Video Converter Ultimate
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CopyTrans Suite" = CopyTrans Suite Remove Only
"Flux" = F.lux
"Puzzle Pirates" = Puzzle Pirates
"uTorrent" = µTorrent
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 13/10/2013 16
Description = Faulting application name: GameOverlayUI.exe, version: 1.32.20.50,
time stamp: 0x4f46a9bf Faulting module name: libcef.dll_unloaded, version: 0.0.0.0,
time stamp: 0x521bcf8e Exception code: 0xc0000005 Fault offset: 0x5b730a80 Faulting
process id: 0x1bc0 Faulting application start time: 0x01cec83785b000e8 Faulting application
path: C:\Program Files (x86)\Steam\GameOverlayUI.exe Faulting module path: libcef.dll
Report
Id: bf304347-3442-11e3-91e0-0090f5bc5fb2
Error - 14/10/2013 10
Description =
Error - 14/10/2013 10
Description =
Error - 14/10/2013 10
Description =
[ System Events ]
Error - 13/10/2013 12
Description = The Superfetch service terminated with the following error: %%2
Error - 13/10/2013 13
Description =
Error - 13/10/2013 13
Description = The Superfetch service terminated with the following error: %%2
Error - 13/10/2013 20
Description = The Superfetch service terminated with the following error: %%2
Error - 14/10/2013 10
Description = The Superfetch service terminated with the following error: %%2
< End of report >