View Full Version : win32.downloader.gen
TheBlackVanguard
2014-01-07, 04:25
Hey there, TBV here. Seemingly acquired win32.downloader.gen from a P2P connection with a friend [who will no longer be doing the dubious activities that got him the trojan, and also will no longer be sharing files with me again without running a virus scan first] and after running Spybot 2.2 in administrator mode, I was unable to remove it.
I have run MalwareBytes [which also found and failed to remove something lodged in my computer, but could not give me more information on what it was] and I have run Spybot which failed 5 times to remove win32.downloader.gen, even in administrative mode.
ERUNT was not utilized as I am running Windows 7.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.25.2
Run by Jason at 20:14:54 on 2014-01-06
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8143.3927 [GMT -5:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2013 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\SysWOW64\Rundll32.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\loggingserver.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\System32\rundll32.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Users\Jason\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
C:\Program Files (x86)\Desktop-Reminder 2\DesktopReminder2.exe
C:\Users\Jason\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\ooVoo\ooVoo.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Users\Jason\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\msiexec.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
mURLSearchHooks: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
mWinlogon: Userinit = userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
BHO: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.2.0.38\AVG Secure Search_toolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: uTorrentControl_v2 Toolbar: {7473B6BD-4691-4744-A82B-7854EB3D70B6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.2.0.38\AVG Secure Search_toolbar.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
TB: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [SanDiskSecureAccess_Manager.exe] C:\Users\Jason\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
uRun: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
uRun: [DesktopReminder2ByPolenter] "C:\Program Files (x86)\Desktop-Reminder 2\DesktopReminder2.exe" -silent
uRun: [Akamai NetSession Interface] "C:\Users\Jason\AppData\Local\Akamai\netsession_win.exe"
uRun: [Google Update] "C:\Users\Jason\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe /minimized
uRun: "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Jason\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRunOnce: [SpybotSnD] "C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
StartupFolder: C:\Users\Jason\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: Interfaces\{78C34527-9DE5-4B6D-AC5F-BDDBAC3CB62D} : DHCPNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.2.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\67436fqj.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://search.yahoo.com/?type=714647&fr=spigot-yhp-ff
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=714647&p=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.2.0\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Heroes & Generals\live\npretoxlive.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Jason\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Users\Jason\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Jason\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\Jason\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Users\Jason\AppData\Roaming\raidcall\plugins\nprcplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: !HIDDEN! 2013-08-27 15:50; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 asahci64;asahci64;C:\Windows\System32\drivers\asahci64.sys [2012-1-6 49760]
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-7-20 71480]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-7-20 311608]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-7-1 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-10-23 45880]
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2011-12-2 565528]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2012-9-25 23832]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-25 246072]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-7-20 206648]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-10-3 46368]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-7-4 4939312]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-11-20 283136]
R2 Freemake Improver;Freemake Improver;C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2013-2-7 100864]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-11-29 2210640]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2013-5-20 9216]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe [2012-9-25 7168]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2013-10-11 377104]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2012-11-29 16056]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [2013-1-30 72216]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-18 1494304]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-7-31 15129376]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-1-6 3921880]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-1-6 1042272]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-1-6 171416]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-11-23 414496]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
R2 vToolbarUpdater17.2.0;vToolbarUpdater17.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [2013-12-8 1771544]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-11-3 130536]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-11-3 395752]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136]
R3 LVUVC64;Logitech HD Webcam C525(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-12-18 39200]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-9-25 677480]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\System32\drivers\tap0901t.sys [2012-11-9 31232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 anvsnddrv;AnvSoft Virtual Sound Device;C:\Windows\System32\drivers\anvsnddrv.sys [2013-10-7 33872]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [2012-12-25 25832]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-20 71168]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-13 111616]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\System32\drivers\MijXfilt.sys [2013-4-7 115272]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 TunngleService;TunngleService;C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2012-11-9 746392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-3-1 1255736]
S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [2012-11-13 14544]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile="C:\Program Files\Just Great Software\EditPad Lite 7\EditPadLite7.exe" "%1"
.
=============== Created Last 30 ================
.
2014-01-07 01:12:17 -------- d-----r- C:\Program Files (x86)\Skype
2014-01-06 23:03:53 21040 ----a-w- C:\Windows\System32\sdnclean64.exe
2014-01-06 23:03:50 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-01-02 15:57:44 -------- d-----w- C:\Nether
2013-12-29 19:25:50 -------- d-----w- C:\ProgramData\Ironclad Games
2013-12-18 15:18:31 -------- d-----w- C:\Users\Jason\AppData\Local\NVIDIA Corporation
2013-12-18 15:11:28 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2013-12-18 15:11:27 32544 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2013-12-18 05:00:28 982232 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2013-12-18 05:00:28 1100248 ----a-w- C:\Windows\System32\nvspcap64.dll
2013-12-18 04:39:52 1510176 ----a-w- C:\Windows\System32\nvhdagenco64.dll
2013-12-18 04:39:51 1884448 ----a-w- C:\Windows\System32\nvdispco6433182.dll
2013-12-18 04:39:51 1511712 ----a-w- C:\Windows\System32\nvdispgenco6433182.dll
2013-12-12 08:03:38 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2013-12-12 08:03:38 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2013-12-12 08:03:37 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2013-12-12 08:03:36 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2013-12-11 13:42:00 335360 ----a-w- C:\Windows\System32\msieftp.dll
2013-12-11 13:42:00 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
2013-12-10 04:29:18 -------- d-----w- C:\Program Files (x86)\TERA
2013-12-10 04:29:16 -------- d-----w- C:\Users\Jason\AppData\Local\TERA
.
==================== Find3M ====================
.
2013-12-17 02:29:02 290776 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2013-12-17 02:29:02 290776 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2013-12-17 02:28:01 281288 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2013-12-13 02:02:18 92488 ----a-w- C:\Windows\System32\LMIinit.dll
2013-12-13 02:02:18 35656 ----a-w- C:\Windows\System32\LMIport.dll
2013-12-13 02:02:18 107368 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll
2013-12-10 21:18:14 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-10 21:18:14 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-05 08:42:26 35104 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll
2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-11-25 06:48:36 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-11-23 17:42:12 6674208 ----a-w- C:\Windows\System32\nvcpl.dll
2013-11-23 17:42:12 3490080 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-11-23 17:42:10 922912 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-11-23 17:42:10 63776 ----a-w- C:\Windows\System32\nvshext.dll
2013-11-23 17:42:10 219424 ----a-w- C:\Windows\System32\nvmctray.dll
2013-11-23 17:18:38 590112 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2013-11-22 16:28:31 3498475 ----a-w- C:\Windows\System32\nvcoproc.bin
2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-11-11 19:08:42 46368 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2013-10-30 01:24:31 3155968 ----a-w- C:\Windows\System32\win32k.sys
2013-10-24 22:08:32 107368 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll.000.bak
2013-10-23 06:05:08 45880 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
2013-10-19 02:18:57 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2013-10-19 01:36:59 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2013-10-12 02:32:04 150016 ----a-w- C:\Windows\System32\wshom.ocx
2013-10-12 02:31:04 202752 ----a-w- C:\Windows\System32\scrrun.dll
2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2013-10-12 02:04:36 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx
2013-10-12 02:03:31 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll
2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2013-10-12 01:33:39 156160 ----a-w- C:\Windows\System32\cscript.exe
2013-10-12 01:33:26 168960 ----a-w- C:\Windows\System32\wscript.exe
2013-10-12 01:15:48 141824 ----a-w- C:\Windows\SysWow64\wscript.exe
2013-10-12 01:15:48 126976 ----a-w- C:\Windows\SysWow64\cscript.exe
2013-10-11 02:19:33 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
.
============= FINISH: 20:16:03.50 ===============
[B]LOGS FROM SPYBOT
[i] 14-01-06 19:54:41 Summary
[i] 14-01-06 19:54:41 Errors while cleaning 0
[i] 14-01-06 19:54:41 Files moved into quarantine 1
[i] 14-01-06 19:54:41 Files successfully cleaned 86
[-] 14-01-06 19:54:41 1 items are not yet cleaned from file 140106-181654.xml
[i] 14-01-06 19:55:50
[i] 14-01-06 19:55:50 Processing 140106-181654.xml
[i] 14-01-06 19:55:50
[i] 14-01-06 19:55:50 Product Win32.Downloader.gen
[+] 14-01-06 19:55:50 Moving into quarantine C:\Users\Jason\AppData\Local\Conduit\
[+] 14-01-06 19:55:50 Successfully cleaned C:\Users\Jason\AppData\Local\Conduit\
Win32.Downloader.gen: [SBI $E6AD2227] Program directory (Directory, nothing done)
C:\Users\Jason\AppData\Local\Conduit\
Directory.subfile=C:\Users\Jason\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll
Directory.subfile.size=319264
Directory.subfile.md5=FD42EA980FE1833B3A5EB429273CD1B2
Directory.subfile.filedate=1381759240
Directory.subfile.filedatetext=2013-10-14 09:00:40
Directory.subfile=C:\Users\Jason\AppData\Local\Conduit\BackgroundContainer\TBUpdaterLogic_1.0.0.2.dll
Directory.subfile.size=278272
Directory.subfile.md5=1E6D9E1EB2729FC9879B666695D6F46A
Directory.subfile.filedate=1386444407
Directory.subfile.filedatetext=2013-12-07 14:26:47
Hi TheBlackVanguard,
My name is OCD. I would be more than happy to take a look at your log and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:
I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
The fixes are specific to your problem and should only be used for the issues on this machine.
Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
It's often worth reading through these instructions and printing them for ease of reference.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.
Copy and Paste logs directly into the reply window. DO NOT attach the logs unless specifically instructed to do so.
IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.
DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your Operating System and losing all your programs and data.
Please stay with this topic until I let you know that your system appears to be "All Clear"
Important: All tools MUST be run from the Desktop.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) P2P - (Peer to Peer)
I see you have/had P2P software uTorrent installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections and possibly Identity Theft. It likely contributed to your current situation. This page (http://malwareremoval.com/p2pindex.php) will give you further information.
Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.
I would strongly recommend that you uninstall this now.
Click Start > Control Panel > Programs and Features. Locate and select the following that are present on the list and click the Remove button:
uTorrent
If you choose to not remove this programs please refrain from using it until we have finished cleaning your computer.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye2_zpse2245433.png.html) Uninstall via Programs and Features
Click Start > Control Panel > Programs and Features. Locate and select the following that are present on the list and click the Remove button:
AVG Secure Search
AVG Security Toolbar
uTorrentControl_v2 Toolbar
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Security Check
Download Security Check by screen317 from here (http://screen317.spywareinfoforum.org/SecurityCheck.exe) or here (http://screen317.changelog.fr/SecurityCheck.exe).
Save it to your Desktop.
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
A Notepad document should open automatically called checkup.txt; please post the contents of that document.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) aswMBR
Download aswMBR.exe (http://public.avast.com/~gmerek/aswMBR.exe) and save it to your desktop.
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
When asked if you want to download Avast's virus definitions please select Yes.
Click Scan
Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file, save it to your desktop.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) OTL
Download OTL (http://oldtimer.geekstogo.com/OTL.exe) to your desktop.
Make sure all other windows are closed and to let it run uninterrupted.
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
When the window appears, underneath Output at the top change it to Minimal Output.
Check the boxes beside LOP Check and Purity Check.
Under Custom Scan paste this in
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
services.exe
/md5stop
%systemroot%\*. /rp /s
%systemdrive%\$Recycle.Bin|@;true;true;true
%USERPROFILE%\..|smtmp;true;true;true /FP
%temp%\smtmp\*.* /s >
BASESERVICES
DRIVES
CREATERESTOREPOINT
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.
You may need two posts to fit them both in.
=========================
In your next post please provide the following:
checkup.txt
aswMBR.txt
OTL.txt
Extras.txt
TheBlackVanguard
2014-01-08, 20:18
I have elected to keep utorrent, but have uninstalled the toolbars as directed. Here are the logs of the scans.
Results of screen317's Security Check version 0.99.78
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
AVG AntiVirus Free Edition 2013
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
MVPS Hosts File
Spybot - Search & Destroy
Malwarebytes Anti-Malware version 1.75.0.1300
Java 7 Update 25
Java version out of Date!
Adobe Flash Player 11.9.900.170
Adobe Reader XI
Mozilla Firefox 25.0.1 Firefox out of Date!
Google Chrome 31.0.1650.63
Google Chrome 32.0.1700.72
````````Process Check: objlist.exe by Laurent````````
Spybot Teatimer.exe is disabled!
AVG avgwdsvc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-01-08 03:08:25
-----------------------------
03:08:25.581 OS Version: Windows x64 6.1.7601 Service Pack 1
03:08:25.581 Number of processors: 8 586 0x2D07
03:08:25.581 ComputerName: JASON-PC UserName: Jason
03:08:28.296 Initialize success
03:09:24.871 AVAST engine defs: 14010701
03:09:35.290 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006e
03:09:35.291 Disk 0 Vendor: ATA_____ CC4B Size: 1907729MB BusType: 11
03:09:35.597 Disk 0 MBR read successfully
03:09:35.599 Disk 0 MBR scan
03:09:35.601 Disk 0 Windows 7 default MBR code
03:09:35.620 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
03:09:35.656 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 1907627 MB offset 206848
03:09:36.253 Disk 0 scanning C:\Windows\system32\drivers
03:10:09.490 Service scanning
03:10:31.100 Modules scanning
03:10:31.112 Disk 0 trace - called modules:
03:10:31.158 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys ACPI.sys storport.sys hal.dll iaStorA.sys
03:10:31.162 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007c1d790]
03:10:31.490 3 CLASSPNP.SYS[fffff8800118b43f] -> nt!IofCallDriver -> [0xfffffa8007b34a40]
03:10:31.497 5 iaStorF.sys[fffff880047f52fa] -> nt!IofCallDriver -> [0xfffffa8007811ae0]
03:10:31.504 7 ACPI.sys[fffff88000f057a1] -> nt!IofCallDriver -> \Device\0000006e[0xfffffa800787f160]
03:10:35.111 AVAST engine scan C:\Windows
03:13:52.300 AVAST engine scan C:\Windows\system32
03:25:39.683 AVAST engine scan C:\Windows\system32\drivers
03:29:48.405 AVAST engine scan C:\Users\Jason
04:32:14.603 AVAST engine scan C:\ProgramData
04:35:54.757 Scan finished successfully
12:29:27.496 Disk 0 MBR has been saved successfully to "C:\Users\Jason\Desktop\MBR.dat"
12:29:27.499 The log file has been saved successfully to "C:\Users\Jason\Desktop\aswMBR.txt"
OTL logfile created on: 1/8/2014 12:55:55 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jason\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.95 Gb Total Physical Memory | 5.47 Gb Available Physical Memory | 68.75% Memory free
15.90 Gb Paging File | 12.72 Gb Available in Paging File | 79.99% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1862.92 Gb Total Space | 727.30 Gb Free Space | 39.04% Space Free | Partition Type: NTFS
Drive D: | 415.07 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: JASON-PC | User Name: Jason | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Jason\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Users\Jason\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
PRC - C:\Program Files (x86)\Desktop-Reminder 2\DesktopReminder2.exe (Polenter - Software Solutions)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Users\Jason\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe (Gemalto N.V.)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe (Intel Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\c94852f43f7ac59fcbe4c54b119788d2\System.ServiceModel.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\a42743bb1ed71d59b6594b67cf6c9384\System.IdentityModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\4774201dc923674852e089053f76e76e\System.ServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\c5f2c02bd940c74019ed4a183c7830c0\System.WorkflowServices.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\3d075c3b7d099aca217beecac1f66b4b\System.Web.Services.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\6ebbfafc5521934f7e1c154937a2788b\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\1327ad2637aab17189c5461fbf30dc19\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9a1bc983c28c695729b3e46acdc6933e\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\fcddb216f43107d2bc873df990ec6e09\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5970036570c1e44e8ae0f6f94c1039aa\System.EnterpriseServices.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5970036570c1e44e8ae0f6f94c1039aa\System.EnterpriseServices.Wrapper.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\4ada2213cefea889a5ed6e2fb6839b93\System.Transactions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\764054efc88f51b54c8d7e44df26b671\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvcInt#\ea63b6100ac062f5eb4cead7a86e9d2c\IAStorDataMgrSvcInterfaces.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\95bdf80fce73ff7b1226eeda9cdce051\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\8c20095bd7d46cdfa7933eb258a07daa\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Users\Jason\AppData\Roaming\SanDisk\My Vaults\dmBackup.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll ()
MOD - C:\Windows\SysWOW64\msjetoledb40.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()
========== Services (SafeList) ==========
SRV:[b]64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (LMIMaint) -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe (LogMeIn, Inc.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (LMIGuardianSvc) -- C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (LogMeIn, Inc.)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (HiPatchService) -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Hi-Rez Studios)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (TunngleService) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
SRV - (Freemake Improver) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (Freemake)
SRV - (DAUpdaterSvc) -- C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe (BioWare)
SRV - (LogMeIn) -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe (LogMeIn, Inc.)
SRV - (UMVPFSrv) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (LMIRfsClientNP) -- C:\Windows\SysNative\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgloga) -- C:\Windows\SysNative\drivers\avgloga.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (SCDEmu) -- C:\Windows\SysNative\drivers\scdemu.sys (Power Software Ltd)
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (LMIRfsDriver) -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV:64bit: - (lmimirr) -- C:\Windows\SysNative\drivers\lmimirr.sys (LogMeIn, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (MotioninJoyXFilter) -- C:\Windows\SysNative\drivers\MijXfilt.sys (MotioninJoy)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (asahci64) -- C:\Windows\SysNative\drivers\asahci64.sys (Asmedia Technology)
DRV:64bit: - (iaStorF) -- C:\Windows\SysNative\drivers\iaStorF.sys (Intel Corporation)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (anvsnddrv) -- C:\Windows\SysNative\drivers\anvsnddrv.sys (AnvSoft Inc.)
DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc)
DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (tap0901t) -- C:\Windows\SysNative\drivers\tap0901t.sys (Tunngle.net)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (aswMBR) -- C:\Users\Jason\AppData\Local\Temp\aswMBR.sys ()
DRV - (LMIInfo) -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys (LogMeIn, Inc.)
DRV - (WinRing0_1_2_0) -- C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys (OpenLibSys.org)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {21A51130-7285-49FE-B3F6-2385CC71CDEA}
IE:64bit: - HKLM\..\SearchScopes\{21A51130-7285-49FE-B3F6-2385CC71CDEA}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {366AC853-B450-4207-8240-37FBE66829F6}
IE - HKLM\..\SearchScopes\{21A51130-7285-49FE-B3F6-2385CC71CDEA}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BE 9F 95 93 4D FD CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {4FF9D86C-BF94-49AE-9616-014616CDBCE1}
IE - HKCU\..\SearchScopes\{4FF9D86C-BF94-49AE-9616-014616CDBCE1}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
========== FireFox ==========
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=714647"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://search.yahoo.com/?type=714647&fr=spigot-yhp-ff"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=714647&p="
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.3.0: C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@live.heroesandgenerals.com/npretox: C:\Program Files (x86)\Heroes & Generals\live\npretoxlive.dll (Reto-Moto ApS)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@raidcall.en/RCplugin: C:\Users\Jason\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Jason\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Jason\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Jason\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jason\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jason\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013/02/07 21:59:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/10/01 23:33:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/10/01 23:33:52 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2013/08/27 20:01:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jason\AppData\Roaming\Mozilla\Extensions
[2012/10/11 16:57:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\extensions
[2012/10/11 16:57:32 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
[2013/10/06 13:49:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\67436fqj.default\extensions
[2013/10/30 00:05:49 | 000,000,915 | ---- | M] () -- C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\67436fqj.default\searchplugins\yahoo.xml
[2013/11/16 09:31:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/11/16 09:31:04 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: Yahoo! (Enabled)
CHR - default_search_provider: search_url = http://search.yahoo.com/search?fr=chr-greentree_gc&ei=utf-8&ilc=12&type=714647&p={searchTerms}
CHR - default_search_provider: suggest_url = http://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms},
CHR - homepage: http://search.yahoo.com/?type=714647&fr=spigot-yhp-ch
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.72\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll
CHR - Extension: Google Translate = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.4_0\
CHR - Extension: Google Translate = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.5_0\
CHR - Extension: YouTube = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0\
CHR - Extension: Adblock Plus = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_0\
CHR - Extension: Adblock Plus = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\
CHR - Extension: Adblock Plus = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6_0\
CHR - Extension: Adblock Plus = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0\
CHR - Extension: Adblock Plus = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7_0\
CHR - Extension: Google Search = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: uTorrentControl_v2 = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.20.101.5_0\
CHR - Extension: uTorrentControl_v2 = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.22.3.518_0\
CHR - Extension: uTorrentControl_v2 = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.22.3.518_0\nativeMessaging\nmHost
CHR - Extension: uTorrentControl_v2 = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.22.5.510_0\
CHR - Extension: uTorrentControl_v2 = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.22.5.510_0\nativeMessaging\nmHost
CHR - Extension: uTorrentControl_v2 = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.23.0.822_0\
CHR - Extension: uTorrentControl_v2 = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.23.0.822_0\nativeMessaging\nmHost
CHR - Extension: uTorrentControl_v2 = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.24.3.503_0\
CHR - Extension: uTorrentControl_v2 = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.24.3.503_0\nativeMessaging\nmHost
CHR - Extension: uTorrentControl_v2 = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\2.5.0.1_0\
CHR - Extension: AdBlock = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.10_0\
CHR - Extension: AdBlock = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.11_0\
CHR - Extension: AdBlock = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\
CHR - Extension: AdBlock = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.14_0\
CHR - Extension: AdBlock = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0\
CHR - Extension: AdBlock = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.4_0\
CHR - Extension: AdBlock = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.5_0\
CHR - Extension: AdBlock = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.6_0\
CHR - Extension: AdBlock = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.7_0\
CHR - Extension: AdBlock = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.8_0\
CHR - Extension: Colorfull Sun Set = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\iknflcjkkahjgichcidlfcalplplegii\1_0\
CHR - Extension: Google Wallet = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Google Wallet = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Google Wallet = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\
CHR - Extension: Google Wallet = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Google Wallet = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Google Wallet = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Todo.ly = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhefmbclkekanpjjpkbciloojcmpkap\2_0\
CHR - Extension: Weather Underground = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej\1.6_0\
CHR - Extension: Gmail = C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2014/01/06 20:10:36 | 000,450,772 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.123fporn.info
O1 - Hosts: 15470 more lines...
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Jason\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [DesktopReminder2ByPolenter] C:\Program Files (x86)\Desktop-Reminder 2\DesktopReminder2.exe (Polenter - Software Solutions)
O4 - HKCU..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe (ooVoo LLC)
O4 - HKCU..\Run: [SanDiskSecureAccess_Manager.exe] C:\Users\Jason\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe (Gemalto N.V.)
O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe ()
O4 - HKLM..\RunOnce: [SpybotSnD] "C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe" /autocheck File not found
O4 - Startup: C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{78C34527-9DE5-4B6D-AC5F-BDDBAC3CB62D}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/01/06 17:18:59 | 000,028,047 | ---- | M] () - C:\autoupdate.log -- [ NTFS ]
O32 - AutoRun File - [2010/01/29 17:07:49 | 000,672,700 | R--- | M] () - D:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{e56a11dc-072e-11e2-9303-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e56a11dc-072e-11e2-9303-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup.exe -- [2010/01/27 17:44:51 | 001,137,792 | R--- | M] (Hewlett-Packard)
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2014/01/08 02:57:50 | 000,000,000 | ---D | C] -- C:\Users\Jason\Desktop\Malware Software
[2014/01/08 02:56:47 | 000,000,000 | ---D | C] -- C:\Users\Jason\Desktop\Folders
[2014/01/07 22:57:23 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jason\Desktop\OTL.exe
[2014/01/06 20:39:27 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2014/01/06 20:39:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/01/06 20:39:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/01/06 20:14:25 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Jason\Desktop\aswMBR.exe
[2014/01/06 18:03:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2014/01/06 18:03:53 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2014/01/06 18:03:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2014/01/02 10:57:44 | 000,000,000 | ---D | C] -- C:\Nether
[2013/12/29 14:25:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Ironclad Games
[2013/12/29 12:13:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AGOT
[2013/12/24 15:14:57 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DarthMod Empire
[2013/12/22 22:29:54 | 000,000,000 | ---D | C] -- C:\Users\Jason\Documents\NIGORO
[2013/12/18 10:33:36 | 030,361,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013/12/18 10:33:36 | 025,257,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013/12/18 10:33:36 | 022,951,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013/12/18 10:33:36 | 018,208,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013/12/18 10:33:36 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013/12/18 10:33:36 | 015,862,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013/12/18 10:33:36 | 011,566,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013/12/18 10:33:36 | 011,441,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013/12/18 10:33:36 | 009,663,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013/12/18 10:33:36 | 009,619,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013/12/18 10:33:36 | 003,132,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013/12/18 10:33:36 | 003,125,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013/12/18 10:33:36 | 002,947,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013/12/18 10:33:36 | 002,747,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013/12/18 10:33:36 | 001,884,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433193.dll
[2013/12/18 10:33:36 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433193.dll
[2013/12/18 10:33:36 | 001,242,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2013/12/18 10:33:36 | 000,707,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2013/12/18 10:33:36 | 000,657,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2013/12/18 10:33:36 | 000,609,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2013/12/18 10:33:36 | 000,562,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2013/12/18 10:33:36 | 000,479,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2013/12/18 10:33:36 | 000,405,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2013/12/18 10:33:36 | 000,317,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2013/12/18 10:33:36 | 000,266,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2013/12/18 10:33:36 | 000,168,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2013/12/18 10:33:36 | 000,141,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2013/12/18 10:18:31 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\NVIDIA Corporation
[2013/12/18 10:11:28 | 000,039,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2013/12/18 10:11:27 | 000,032,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2013/12/18 00:00:28 | 001,100,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2013/12/18 00:00:28 | 000,982,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2013/12/17 23:58:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013/12/17 23:39:52 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco64.dll
[2013/12/17 23:39:51 | 001,884,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433182.dll
[2013/12/17 23:39:51 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433182.dll
[2013/12/13 00:25:07 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2013/12/13 00:25:06 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/12/13 00:25:05 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/12/13 00:25:05 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2013/12/13 00:25:05 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2013/12/13 00:25:05 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/12/13 00:25:05 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/12/13 00:25:05 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/12/13 00:25:05 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2013/12/13 00:25:05 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/12/13 00:25:05 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2013/12/13 00:25:05 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/12/13 00:25:04 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/12/13 00:25:03 | 001,995,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/12/13 00:25:03 | 001,928,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/12/13 00:25:01 | 005,769,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/12/12 03:03:37 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2013/12/12 03:03:36 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2013/12/12 03:03:36 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2013/12/12 03:03:34 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2013/12/11 08:42:00 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2013/12/11 08:42:00 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2013/12/11 08:41:57 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/12/11 08:41:57 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/12/11 08:41:55 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2013/12/11 08:41:52 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2013/12/11 08:41:52 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2013/12/11 08:41:28 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2013/12/11 08:41:28 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2013/12/11 08:41:27 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2013/12/11 08:41:27 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2013/12/11 08:41:27 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2013/12/11 08:41:27 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2013/12/10 15:43:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013/12/09 23:29:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TERA
[2013/12/09 23:29:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TERA
[2013/12/09 23:29:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\En Masse Entertainment
[2013/12/09 23:29:16 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\TERA
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/01/08 12:29:27 | 000,000,512 | ---- | M] () -- C:\Users\Jason\Desktop\MBR.dat
[2014/01/08 12:20:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-984004395-656196476-2895514723-1001UA.job
[2014/01/08 12:19:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/08 12:18:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/07 23:20:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-984004395-656196476-2895514723-1001Core.job
[2014/01/07 22:57:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jason\Desktop\OTL.exe
[2014/01/07 22:57:14 | 000,987,410 | ---- | M] () -- C:\Users\Jason\Desktop\SecurityCheck.exe
[2014/01/07 21:19:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/07 07:45:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/07 00:29:46 | 000,025,632 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/07 00:29:46 | 000,025,632 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/06 20:39:27 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/01/06 20:14:31 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Jason\Desktop\aswMBR.exe
[2014/01/06 20:10:36 | 000,450,772 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/01/06 20:05:09 | 000,001,003 | ---- | M] () -- C:\Windows\wininit.ini
[2014/01/06 17:59:05 | 000,450,662 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20140106-201036.backup
[2014/01/06 17:18:37 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2014/01/06 17:18:14 | 2108,567,551 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/02 18:04:30 | 000,774,374 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/01/02 18:04:30 | 000,661,106 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/02 18:04:30 | 000,121,532 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/01/02 18:04:25 | 000,774,374 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/12/29 20:00:37 | 000,001,857 | ---- | M] () -- C:\Users\Public\Desktop\ooVoo.lnk
[2013/12/29 19:55:12 | 1007,726,421 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/12/24 15:21:04 | 000,002,583 | ---- | M] () -- C:\Users\Jason\Desktop\DarthMod Empire.lnk
[2013/12/18 00:01:45 | 000,001,347 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2013/12/17 21:43:59 | 000,001,532 | ---- | M] () -- C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
[2013/12/17 21:43:58 | 000,001,239 | ---- | M] () -- C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
[2013/12/16 21:29:02 | 000,290,776 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013/12/16 21:29:02 | 000,290,776 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/12/16 21:28:01 | 000,281,288 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013/12/12 21:02:18 | 000,107,368 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIRfsClientNP.dll
[2013/12/12 21:02:18 | 000,092,488 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIinit.dll
[2013/12/12 21:02:18 | 000,035,656 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIport.dll
[2013/12/12 03:23:31 | 000,300,440 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/12/10 16:18:14 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/12/10 16:18:14 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/12/09 23:29:18 | 000,001,666 | ---- | M] () -- C:\Users\Public\Desktop\TERA-Launcher.lnk
[2013/12/09 21:13:11 | 000,982,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2013/12/09 21:13:01 | 001,100,248 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
TheBlackVanguard
2014-01-08, 20:20
========== Files Created - No Company Name ==========
[2014/01/08 12:29:27 | 000,000,512 | ---- | C] () -- C:\Users\Jason\Desktop\MBR.dat
[2014/01/07 22:57:12 | 000,987,410 | ---- | C] () -- C:\Users\Jason\Desktop\SecurityCheck.exe
[2014/01/06 20:12:17 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/01/06 19:53:54 | 000,001,003 | ---- | C] () -- C:\Windows\wininit.ini
[2014/01/06 18:03:56 | 000,001,391 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013/12/24 15:14:59 | 000,002,635 | ---- | C] () -- C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DarthMod Empire.lnk
[2013/12/24 15:14:59 | 000,002,583 | ---- | C] () -- C:\Users\Jason\Desktop\DarthMod Empire.lnk
[2013/12/18 10:33:36 | 000,357,152 | ---- | C] () -- C:\Windows\SysNative\NvIFROpenGL.dll
[2013/12/18 10:33:36 | 000,314,656 | ---- | C] () -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2013/12/18 10:33:36 | 000,023,754 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2013/12/18 00:01:45 | 000,001,347 | ---- | C] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2013/12/17 21:43:59 | 000,001,532 | ---- | C] () -- C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
[2013/12/17 21:43:58 | 000,001,239 | ---- | C] () -- C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
[2013/12/09 23:29:18 | 000,001,666 | ---- | C] () -- C:\Users\Public\Desktop\TERA-Launcher.lnk
[2013/10/07 19:10:36 | 000,715,038 | ---- | C] () -- C:\Windows\unins000.exe
[2013/10/07 19:10:36 | 000,001,894 | ---- | C] () -- C:\Windows\unins000.dat
[2013/10/01 23:09:48 | 000,208,534 | ---- | C] () -- C:\Windows\hpoins43.dat
[2013/09/01 23:25:38 | 003,360,624 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2013/08/27 15:04:44 | 000,208,521 | ---- | C] () -- C:\Windows\hpoins43.dat.temp
[2013/08/27 15:04:43 | 000,000,601 | ---- | C] () -- C:\Windows\hpomdl43.dat.temp
[2013/07/17 01:11:26 | 000,290,776 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/07/17 01:11:24 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013/07/17 01:11:23 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2013/07/16 18:22:46 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2013/07/16 18:22:46 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2013/07/16 18:22:46 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2013/07/16 18:18:39 | 000,039,487 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2013/02/08 01:34:28 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2013/02/08 01:34:28 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2013/02/08 01:34:26 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013/02/07 23:29:05 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013/02/07 23:29:05 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012/11/05 20:48:57 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2012/11/05 12:51:41 | 000,000,288 | ---- | C] () -- C:\Users\Jason\AppData\Roaming\.backup.dm
[2012/09/25 11:38:10 | 000,774,374 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/09/25 11:24:19 | 000,053,056 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2012/09/25 11:17:06 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012/09/25 11:16:52 | 000,036,119 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012/01/18 06:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012/01/18 06:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012/01/18 06:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
========== ZeroAccess Check ==========
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/10/26 13:31:56 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\.minecraft
[2013/09/21 13:33:33 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\.mono
[2013/10/22 15:33:41 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\3909
[2013/07/25 15:29:07 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\ACD Systems
[2013/10/07 20:40:04 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\AnvSoft
[2013/02/28 14:29:58 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Audacity
[2012/10/03 18:46:42 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\AVG2013
[2013/07/01 06:03:50 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\DesktopReminder
[2013/06/22 02:24:16 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Downloaded Installations
[2013/12/17 21:43:37 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\DVDVideoSoft
[2012/10/07 17:21:11 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\DVDVideoSoftIEHelpers
[2013/09/07 13:32:09 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\ftblauncher
[2013/12/06 17:49:55 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\GameMaker-Studio
[2013/03/19 06:10:52 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\JGsoft
[2012/10/03 20:34:05 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\LolClient
[2013/03/08 17:46:16 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Might & Magic Heroes VI
[2013/04/07 10:46:43 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\MotioninJoy
[2013/04/19 01:47:29 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Mount&Blade Warband
[2013/02/07 17:42:10 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\MPEG Streamclip
[2012/12/19 10:07:20 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\My Battle for Middle-earth(tm) II Files
[2012/12/19 16:09:58 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\My The Lord of the Rings, The Rise of the Witch-king Files
[2013/11/03 16:53:07 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\OBS
[2013/08/15 02:38:51 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\ooVoo Details
[2012/10/07 17:46:26 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\OpenOffice.org
[2013/10/04 22:49:53 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Origin
[2013/07/28 21:21:29 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Pokémon Trading Card Game Online
[2012/11/09 21:46:26 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\PowerISO
[2013/07/03 21:07:57 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Process Hacker 2
[2013/04/19 12:32:37 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Rags
[2013/09/19 19:09:24 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\raidcall
[2013/09/01 23:57:57 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Rogue Legacy
[2012/11/05 12:59:23 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\SanDisk
[2012/11/05 12:58:26 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\SanDisk SecureAccess
[2013/11/27 11:43:26 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\SanDisk SecureAccess Manager
[2014/01/06 16:52:13 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Search Protection
[2013/07/03 15:45:12 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\SplitMediaLabs
[2013/02/13 21:17:39 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\SystemRequirementsLab
[2013/12/24 15:28:10 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\The Creative Assembly
[2013/09/03 09:56:15 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\TS3Client
[2012/10/03 18:46:08 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\TuneUp Software
[2013/05/25 20:16:13 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Tunngle
[2013/07/14 16:31:05 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\UDP Software
[2013/10/30 00:29:17 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\uTorrent
[2012/12/17 21:22:23 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Windows Live Writer
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: EXPLORER.EXE >
[2011/02/26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 01:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 22:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 22:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2013/09/20 10:51:08 | 003,885,120 | ---- | M] (Safer-Networking Ltd.) MD5=CDEB46FE688F062D3033209B29755203 -- C:\Program Files (x86)\Spybot - Search & Destroy 2\explorer.exe
< MD5 for: SERVICES.EXE >
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: SVCHOST.EXE >
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013/04/04 13:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: USERINIT.EXE >
[2010/11/20 22:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 22:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 22:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 22:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010/11/20 22:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 22:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2013/04/04 13:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
< %systemroot%\*. /rp /s >
< %systemdrive%\$Recycle.Bin|@;true;true;true >
< %USERPROFILE%\..|smtmp;true;true;true /FP >
< %temp%\smtmp\*.* /s > >
========== Base Services ==========
SRV:64bit: - [2009/07/13 20:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2013/02/27 00:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009/07/13 20:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2010/11/20 22:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010/11/20 22:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2013/09/24 20:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/07/13 20:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/13 20:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012/07/04 17:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2013/07/09 00:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2013/07/08 23:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010/11/20 22:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010/11/20 22:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 22:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2011/03/03 01:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009/07/13 20:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/07/13 20:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/13 20:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2009/07/13 20:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2010/11/20 22:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009/07/13 20:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/07/13 20:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009/07/13 20:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009/07/13 20:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/13 20:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2012/10/03 12:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009/07/13 20:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2011/05/24 06:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012/02/11 01:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2013/09/24 20:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009/07/13 20:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010/11/20 22:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010/11/20 22:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010/11/20 22:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2013/09/24 20:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009/07/13 20:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010/11/20 22:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010/11/20 22:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 22:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010/11/20 22:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010/11/20 22:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 22:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/07/13 20:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012/05/01 00:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010/11/20 22:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010/11/20 22:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010/11/20 22:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010/11/20 22:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/11/20 22:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010/11/20 22:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010/11/20 22:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010/11/20 22:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/20 22:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/07/13 20:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012/06/02 17:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010/11/20 22:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/07/13 20:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010/11/20 22:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
========== Drive Information ==========
Physical Drives
---------------
Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: SCSI
Media Type: Fixed hard disk media
Model: ATA ST2000DM001-9YN1 SCSI Disk Device
Partitions: 2
Status: OK
Status Info: 0
Partitions
---------------
DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00MB
Starting Offset: 1048576
Hidden sectors: 0
DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 1,863.00GB
Starting Offset: 105906176
Hidden sectors: 0
< End of report >
OTL Extras logfile created on: 1/8/2014 12:55:55 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jason\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.95 Gb Total Physical Memory | 5.47 Gb Available Physical Memory | 68.75% Memory free
15.90 Gb Paging File | 12.72 Gb Available in Paging File | 79.99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1862.92 Gb Total Space | 727.30 Gb Free Space | 39.04% Space Free | Partition Type: NTFS
Drive D: | 415.07 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: JASON-PC | User Name: Jason | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.txt [@ = txtfile] -- C:\Program Files\Just Great Software\EditPad Lite 7\EditPadLite7.exe (Just Great Software)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0951F2B4-44C7-4B2E-92B6-EADE460AE85D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0B3661CD-6F20-4E67-8D8B-9BE5F4110FCF}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{24F9653A-C052-4D2E-9E31-811DAC49D60D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{261EEAF4-7CC1-4982-92AF-BCBD0B0DB68F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{52E073F3-A438-4D37-B291-FE76776B8D62}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5B42BE8E-3716-4EB2-9C46-D8F1E81E2315}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\tools\launcher.exe |
"{5B4BDE23-CE43-47DB-82B6-37F4AB8D1532}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{72259FD6-2BCF-4690-AAD1-F7009ADA6442}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{72348AF3-C4A9-4DD0-9EE0-AB8D9BF678DC}" = rport=10243 | protocol=6 | dir=out | app=system |
"{72FB8207-809D-42CA-9F2F-37F680442BAC}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{775A35A1-E292-4509-BA12-1318B141E0E8}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{841FD28A-49D4-419E-B629-558745D69C65}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8424DC43-C44C-41BD-A5BC-383D9A044A2E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{903ABCF0-CB29-453D-9ADB-A9DF84CF00FA}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{971065B4-4285-4B58-A4E1-259D8A40751B}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{9A8FBE6F-BD2E-4739-B2A8-7E7834F2AF81}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{9EDBE96D-EC2C-4675-A7AC-586DD62D7F95}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{9FB1589B-E6BB-4E79-BD31-6BD73D895FE8}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{A69493BB-02C8-4ACE-94CB-1F1DF94A891D}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{B0CC8793-1018-485F-97C7-630CB4FA3698}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B40DA0FA-0166-4CCA-A63B-2182FEDE60A9}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{C987EA03-2FF0-4C1D-A200-A5DE7E734419}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CB403631-B84F-4916-9AD2-E08FA9E76CE7}" = lport=10243 | protocol=6 | dir=in | app=system |
"{CEF63D42-2FCF-4E70-B971-E04AFAF248FF}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{D388728A-0BA6-40DD-809A-C4C50FE3B0C1}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.x64.exe |
"{D780D2D3-2C6E-4A4B-808C-291839ED713A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{DC5190FA-9F6F-4DFA-9AFA-236AB201C968}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{DE12E627-C732-41CD-A3C2-096A7B57883C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E71104D4-D1E8-4C25-9CD4-BEBCA5BAFC53}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{E790E09B-194A-4E08-8113-DAB9E60C5603}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EF26A479-D49A-4A24-A13C-08D99F4628DF}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{FCF1DFB2-136E-42BF-93C0-3AE9F4222994}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{FDAE1F1D-02C4-45B2-86DD-B7698A031E51}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.exe |
TheBlackVanguard
2014-01-08, 20:22
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00243819-6C87-40C7-9153-ED4178E70F30}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{00CCCFB1-B459-4597-820A-75F6D6EB7A46}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{00D5D1BF-4308-4F7E-9479-FC12F56CF36A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{0145CBB5-32B4-445C-9F6F-3CDE3FEB27A5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{01A6F8BF-CE4B-4EDF-83CB-6E8161D4D9F0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\blood bowl legendary edition\bb_le.exe |
"{02AB472C-4F0D-4783-A70F-5F9475550DB3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mountblade warband\mb_warband.exe |
"{038936A3-91A3-4791-BFD0-47AC84067760}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\damned\damned.exe |
"{03BE4FB0-6E3F-49D9-8400-FBA7BC69129D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rogue legacy\roguelegacy.exe |
"{03D79DC3-3C2F-42A7-89C9-A70590D7F3F9}" = protocol=6 | dir=out | app=c:\program files (x86)\tera\client\tera.exe |
"{03E04A2D-6F8A-460F-94DC-0958E86B0B10}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\chivlauncher.exe |
"{03E8AC63-3203-4850-923E-3F05E9DE0BC8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{03F26A96-CA67-477C-BB13-3A7A5DC6BD43}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{04319309-4E43-40F5-993F-3D6E2022D24D}" = protocol=6 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe |
"{043CA553-CFDD-41A7-8F70-D798C9F7AC6B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crusader kings ii\ck2game.exe |
"{05C064C8-F604-4095-B05B-276D8155F92C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\project zomboid demo\projectzomboid64.exe |
"{05C2412F-824C-48AA-AE5A-46A0FBEE33EC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{061DD3ED-0409-4974-AAAB-3EC95E850703}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{0771347E-FDFE-4B4F-BB4A-920518E2F466}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mountblade warband\mb_warband.exe |
"{07D7664C-3EC5-4AB6-BCDD-1E97134E506C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magicka\magicka.exe |
"{08291A03-EF8E-41FD-84DD-61EFB5E1DDD9}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{084A6AC5-34B2-4F6A-A860-48E8DBCABD36}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{0868FC57-62E4-4121-A9DC-1F0975B830A5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crusader kings ii\ck2game.exe |
"{09130DA5-C508-43EE-93CE-EFE146D64477}" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"{09360318-1CF2-4AD7-9B2F-2B9D089C18F5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\launchpad.exe |
"{0938418A-ED1A-4F54-B175-07A647E6B763}" = protocol=6 | dir=in | app=c:\nether\nether\binaries\win64\nether.exe |
"{096C8264-425D-4D57-869B-F6309C29D1C5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gratuitous space battles\gsb.exe |
"{097D4494-59D5-478E-97C1-EBAEA0C69264}" = protocol=6 | dir=out | app=c:\program files (x86)\tera\client\tl.exe |
"{09C11C8E-F561-45A7-9F7D-B4FC3CD2EB1C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{0A283E09-5C06-49FA-8CCB-4102C9404A12}" = protocol=17 | dir=in | app=c:\ubisoft\ghost recon online\ncsa-live\ghostrecononline.exe |
"{0A7F0B84-858F-42F8-8AF9-A8D613376AA2}" = protocol=17 | dir=in | app=c:\users\jason\appdata\roaming\utorrent\utorrent.exe |
"{0B7FFE00-5C03-476A-8E10-8C88A4BF7DB3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\path of exile\pathofexilesteam.exe |
"{0D1C3B60-6262-4E71-A735-656CB7DE82B8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trine 2\trine2_launcher.exe |
"{0E04B56B-D33A-4EE2-92D0-A8E9F4EE03AB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 3 alpha lite\arma3demo.exe |
"{0E51778D-2EC9-4943-A775-15B74278029B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bastion\bastion.exe |
"{0E8AB2A4-0F4F-4226-BA98-49A7A7A996E6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\europa universalis iv\eu4_launch.exe |
"{0EFA198F-2830-45AC-8183-A6E67053ADB8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\nmrih\sdk\hl2.exe |
"{0F976E97-8DBE-4BCF-90D6-08BB2FBF07FB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daupdatersvc.service.exe |
"{100AE6DC-FFD3-486C-8012-756387A50BE7}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\the battle for middle-earth (tm) ii\game.dat |
"{102581B3-F2CC-4BE3-8754-00B7B01ECB14}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.exe |
"{10569D5C-0BFD-400A-813F-217664009BA2}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{105A0176-A369-4A1D-AC51-10B078EB8573}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the stanley parable\stanley.exe |
"{105C6439-18FB-4797-B685-A94B6862EB0E}" = protocol=6 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"{10ACF896-002E-4401-8AF0-A7219C27AFA6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\path of exile\pathofexilesteam.exe |
"{123AD79E-3996-46BC-8C0A-F39E7E8BF3F2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sins of a solar empire rebellion\sins of a solar empire rebellion.exe |
"{123D83A9-01CC-4351-BB1E-95BD8783D3A1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\america's army 3\binaries\aa3game.exe |
"{128D4D13-638C-4758-B276-8EC05EA71DF1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\medieval ii total war\launcher.exe |
"{12EB7225-03CC-4A57-BA8C-DEBB33A12F23}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\project zomboid demo\projectzomboid64.exe |
"{12F96480-94A8-484D-AC0E-718429E37AB9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the binding of isaac\isaac.exe |
"{13DB13D3-EBE3-4ADE-8DF6-503EC7C34AB5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{14EBCAB1-AE4E-412C-94AB-20BB2A8FA7FE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\rise of nations\thrones.exe |
"{15AD7A23-6373-44A3-B86D-0CFBC4BC2A15}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\chivlauncher.exe |
"{1601F721-75EC-4094-BCF8-378BF0B11087}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe |
"{16898DB5-671D-42EA-AF5C-869C5749E492}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\path of exile\pathofexilesteam.exe |
"{186FA115-63FB-4511-B9F8-9EE43C0B110A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\project zomboid demo\projectzomboid64.exe |
"{19D0A3C1-E3E6-40D6-98BF-9717E601DE3F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\binaries\apb.exe |
"{19D7B66E-F1DE-4558-AEEE-9F48013AF037}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\america's army\aapg\binaries\aalauncher32.exe |
"{1A463916-65DE-433A-ABFA-13DC59DA2278}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{1A839D39-AEF5-4D66-9A4E-D747609A4DEF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daupdatersvc.service.exe |
"{1B23466C-5263-4643-8217-101B14ED8792}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{1B97C8C6-71DB-4F84-A63F-03095273D8E9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\star wars empire at war\runme.exe |
"{1C075034-E20A-4457-8005-FFFAE4DCBBF6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{1C86C049-597B-404A-A9D6-A5AD89D39C64}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\might & magic - duel of champions\game.exe |
"{1CFD06F9-A40D-4666-B324-671B5A4CA6DB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rogue legacy\roguelegacy.exe |
"{1D6CBAE0-E2E9-4CE3-9B8A-6D7806BCF11B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\penny arcade's on the rain-slick precipice of darkness 4\rainslick4.exe |
"{1DAFEB4A-D301-48EF-8AC3-B7670208865F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\endless space\endlessspace.exe |
"{1DEDD3A8-5277-477F-825D-39A538B502B2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shadowrun returns\shadowrun.exe |
"{1E2BBD0A-64AA-4DF5-8D0C-9B1795660060}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{1FD33122-3161-4957-B3BE-7914556D3E55}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{1FE92CF6-2D26-4D5B-8021-4C7A2F1B1215}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{20788AB6-335B-47F5-92B7-07AF76D179A1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{20A6AA8F-B0AA-4AC9-9316-B5FBE747A9DE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\soldierfront2\binaries\win32\sf2.exe |
"{2188F891-00AB-4052-938C-70A52365519E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gratuitous space battles\gsb.exe |
"{21915C1A-B98B-4B70-A08B-C4FE2ECA3233}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{2228C777-C664-40C9-A7C0-269BA0C0D6BC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\smashmuck champions\smashmuck.exe |
"{22A7620D-A14D-4F33-B7C0-5A09BCFAA460}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\spiral knights\java_vm\bin\javaw.exe |
"{2377000B-1B11-4DC5-B053-FE3384FE7A33}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\might and magic heroes vi\might & magic heroes vi.exe |
"{23B110FB-6C7E-4E0E-BB2B-BF140BF77FFA}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{23C197DC-24C0-4079-9942-BBB4E5B27A06}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\chivlauncher.exe |
"{244C7781-D42E-4CCB-A95D-220184E82592}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bastion\bastion.exe |
"{246F0793-42F2-4505-8290-32E77B32CE5A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bastion\bastion.exe |
"{24D50111-2BF2-403D-9F2F-A37B702AAE7D}" = protocol=17 | dir=in | app=c:\program files (x86)\tera\client\tera.exe |
"{25235D6F-C14C-40FA-8883-C8B3AF916F62}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{2529274D-D05A-4210-867B-3A15B689C872}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\company of heroes\reliccoh.exe |
"{26270E5B-C841-460E-B685-2C0968A9FAB7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{2636821E-E974-4A77-98C5-AC536AF419B7}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{266709FC-4E7D-4CD9-BD61-90E87DF23A77}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{26DA51E9-154B-4E41-A248-F931458CCE8C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\deadlight\binaries\win32\lotdgame.exe |
"{2708850F-E570-4F71-8862-87934D812E2D}" = protocol=17 | dir=out | app=c:\program files (x86)\tera\tera-launcher.exe |
"{2787E90C-AF10-42B9-8310-87B2F65F780C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{28007887-E5A6-42C7-AB06-571828FB2E96}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{283286FB-BF0D-4172-A6DB-50B38B2F9ACD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gratuitous space battles\gsb.exe |
"{28368369-B409-4052-A26A-DE0C7D201B3E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{284638E1-5102-4EDE-9922-31A363554FC0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\launcher\apblauncher.exe |
"{287F745F-A5A0-4156-B559-B4AB5DB35AF0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the stanley parable\stanley.exe |
"{2995C736-040B-4BB1-B885-28E00B23C5CE}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{29A91163-CB21-4D9D-9E61-1C43E3EAF8F2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |
"{2A0070BB-691C-4A9F-B41D-2585FFB29221}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\spiral knights\java_vm\bin\javaw.exe |
"{2AEA533E-A208-487C-B684-0B3AAF2977D3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{2B369EFB-7292-4601-B095-F1054B0533A3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro last light\metroll.exe |
"{2C8AAB28-597E-4468-A4EB-F3E2B7D20DBF}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4 beta\bf4.exe |
"{2CA6355E-2CEE-469F-88C9-74F4C89DDA29}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\srcds.exe |
"{2CDAB1FC-3728-4BA9-8A81-824EF6B2337E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{2D0E6EF4-7AD4-4CB3-800C-D1CDAF5FA77F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rogue legacy\roguelegacy.exe |
"{2D1491C9-C1D9-486C-ACDC-6DD9C3017B75}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rogue legacy\roguelegacy.exe |
"{2D5A452F-5180-4A56-9A8E-F300BD95D514}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hammerwatch\hammerwatch.exe |
"{2DB12F48-753E-4E7B-B895-9BB07DD5ABCB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\path of exile\pathofexilesteam.exe |
"{2E0B06E2-A444-4B72-84D1-76FCA3A24F28}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\bin\sdklauncher.exe |
"{2E621338-5C5B-49DF-9B4B-40165BC59B61}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{2E98FE59-310E-4535-BE77-F219C6B00BCC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{2F2E48CD-1D89-4CA2-9991-B4BC4314F9CD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2F46154C-F359-4329-B129-4A5A997B3275}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{2FB94440-D6CA-41B2-8B02-78E5F2DFB12F}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{30091F05-F4A3-4C66-A4E2-3753117904A4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\psychonauts\psychonauts.exe |
"{313BB981-28A6-4162-9009-06EF31713218}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{319AB780-6C8B-4D85-865F-272B7C0BC968}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war 2\dow2.exe |
"{319CD37B-9BC9-42D5-8E03-686194EF5EEF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{32E73F23-6ECD-434D-A9C0-1C32A6E0A29C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\la-mulana\lamulanawin.exe |
"{32F142D3-1CD6-4690-8AA2-BF05C530DA1B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crusader kings ii\ck2game.exe |
"{3321D84F-41A6-452F-B4CC-7DB7FE3EDD02}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{33A223A8-5974-4321-9849-ADB65D635B76}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe |
"{33BEF70A-EB69-4B48-BD5B-F10A6916444F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{33C786E3-6F98-456C-9A87-31F8E8F62893}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\daoriginslauncher.exe |
"{354306CC-C505-4AFA-8712-9453F4883DA0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\project zomboid demo\projectzomboid64.exe |
"{36165983-27BF-4EDE-9735-F1677FC5E7BA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{362C6D5B-B5C6-4B0C-8B76-C81CFC3CB587}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{366ABAB5-2911-4D1C-B221-2E817185050D}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\the battle for middle-earth (tm) ii\game.dat |
"{36855ABB-EFF3-4CA1-A7CC-457804800860}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\smashmuck champions\smashmuck.exe |
"{36874C77-2EBC-4BEB-86C1-1BD16902DDE9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\might & magic - duel of champions\game.exe |
"{36EA4116-5A69-43AF-BA3E-E1192820A378}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\company of heroes\reliccoh.exe |
"{3794164C-D570-484D-8008-8ACA77C9FCBB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{38249D9B-D15B-476F-BA76-C14C1B1D5CB7}" = protocol=6 | dir=in | app=c:\game\tasofro\th135\th135.exe |
"{3948D2FC-3E3D-4EC1-9346-965C57442542}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{39B36C1B-CE53-4BB5-8D2E-0B1D00678E5C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\nether\launcher\launcher.exe |
"{39FF9D4E-1A9F-4BBF-B7CA-935C6C144242}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\chivlauncher.exe |
"{3A0632C6-6E51-45B2-AAB3-81F147EB373E}" = protocol=17 | dir=in | app=c:\game\tasofro\th135\th135.exe |
"{3A115CFB-6416-4159-AD69-8441CFC08029}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{3A5AE479-ACBF-461C-A89A-67F85C3341AB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{3AB7A266-2D7C-4F16-ACEB-37D7A17986CD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dominions3\dom3.exe |
"{3B9989D3-2D10-40B9-B0AA-CCD525DFD890}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\smashmuck champions\smashmuck.exe |
"{3BAA3E3B-3E3F-4E56-8704-243DEEFB4B79}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\project zomboid demo\projectzomboid64.exe |
"{3C40FAFF-BEDF-483E-89BC-921EBD974DF4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rogue legacy\roguelegacy.exe |
"{3CBE2035-0C80-40E2-A650-34E844BDFBAC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\europa universalis iv\eu4_launch.exe |
"{3CF7D7E8-DCBE-4309-9F01-38506DD9897B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crusader kings ii\ck2game.exe |
"{3D1C94F3-42AD-44C9-A4B1-148354AB284A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\galactic civilizations ii - ultimate edition\twilight\gc2twilightofthearnor.exe |
"{3F5BF1ED-E01A-4FB4-B188-A57F26D26894}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{3F67089C-E893-4BBE-88CD-721D0A313001}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe |
"{405D7A25-61EA-48F4-947F-A64B3CDDF7EF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{410EBD3D-6E3E-48D5-987A-8E3D53BCD996}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\project zomboid demo\projectzomboid64.exe |
"{41691CD4-08C3-4B09-80D4-F055E49C6980}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead island\deadislandgame.exe |
"{42F2ED17-D3CD-4FD4-B0A8-DC282598F644}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\psychonauts\psychonauts.exe |
"{430707F3-6C06-4820-99F3-8BDE3BA9E2CF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{43457461-D9E8-4654-AF05-B1796AC29584}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\frozen synapse\frozensynapse.exe |
"{43ED77A8-75F9-4836-9404-DB6C94B3F835}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\contagionbeta\contagion.exe |
"{44743752-34E7-4154-858C-2D5A1C80A6D6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rogue legacy\roguelegacy.exe |
"{44F6A0E0-0866-4141-9F61-32432C594DC8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lone survivor\lonesurvivor\lonesurvivor.exe |
"{4503CBC8-4385-429A-AFAD-23D56423596C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\damned\damned.exe |
"{468FFD79-DF38-455D-88F0-C3C3FDB98C08}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sengoku\sengoku.exe |
"{46E593EA-97C0-435F-A291-BEAF9BDEEF53}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{471CB552-E4A1-4BD1-91BF-915C7A9B1E01}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lone survivor\lonesurvivor\lonesurvivor.exe |
"{477C2ADF-41EE-4C00-9E8A-498195346C7D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\launcher\apblauncher.exe |
"{4787FD88-8B90-4EB7-8B34-1F0E3F34FB7E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\blacklightretribution\blacklight retribution.exe |
"{47C41544-C9A3-47E8-8043-ADC485DF7C8E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\might and magic heroes vi\might & magic heroes vi.exe |
"{484137B2-C8E5-4C27-B71F-C910E63E88E9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{48BE2B35-AC4B-4DF7-A47B-CDD58F7C6DEA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\endless space\endlessspace.exe |
"{49FA4B7A-D7BE-4FB9-A288-2A97768BEF91}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\blood bowl legendary edition\bb_le.exe |
"{4A33EBE9-6DA0-403B-BE76-79C2E858258D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sins of a solar empire rebellion\sins of a solar empire rebellion.exe |
"{4A7D1EA2-1244-4332-8741-A6EE5361E58E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\launchpad.exe |
"{4AB70BB7-EBEC-4B31-B1F7-CBFCEA0176D9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\swarm.exe |
"{4B6452AD-67E9-4C46-8B32-2D2EC811D2AE}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{4BA7E801-E587-4B98-B0F1-AC92C63D1ED0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the ship\ship.exe |
"{4BC0F8F8-2CC8-40E1-A982-EC4C2138EA7E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\endless space\endlessspace.exe |
"{4C47826C-56D8-4020-BD7D-C96AABA656CF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{4CB3D7C1-C025-426B-BD31-FD1293F2565D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\marchofwar\game.exe |
"{4D47FC7C-244A-4129-A6CD-3C2F31E72C91}" = protocol=17 | dir=in | app=c:\program files (x86)\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe |
"{4EAA869A-8EEB-44E1-A347-81E402489704}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\darksouls.exe |
"{4ED18B40-1B77-4A81-94C5-075CB43AB94C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trine 2\trine2_launcher.exe |
"{4ED4A783-87A4-43CB-968D-22864288C527}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{4F256DFD-9387-4C10-B168-2C2A8D6223B4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\blacklightretribution\blacklight retribution.exe |
"{4F933EEC-C62C-485B-947B-0838EACC4037}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{504460CB-851C-4F66-A3FC-18AF087C19FF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\america's army 3\binaries\aa3loader.exe |
"{517F0233-4E06-4F2E-A396-C8FB9A2E3CB2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{51C95BB5-60A7-4DE9-8CAC-086E37AAFC27}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{52090D0C-3FA2-4CCC-89E5-ABF1ED7C8F37}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{522998BE-9BB3-45D4-854B-62E1996946A3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\theblackvanguard\zombie panic! source\hl2.exe |
"{54E6C0C9-76F4-4179-8039-6001EEDBE168}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{55B4DA33-A9DF-44AA-848F-2C58A6CEE330}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\nmrih\sdk\hl2.exe |
"{55BF3A7C-F74D-49BD-BDA7-A6E43BA2FEE6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\medieval ii total war\launcher.exe |
"{5685C55B-B5E2-4B35-A20C-ECA22DDC8686}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\simcity 4 deluxe\support\ea help\electronic_arts_technical_support.htm |
"{5747FCB4-BEE8-4DB6-BBB2-79D6C74E739A}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{5841BDBA-C1A3-485A-ABC1-A10C60A951C4}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{591F2BF1-F818-4FF7-A5E3-EED5076A93EE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5921479F-6AB4-4AF6-80C1-F5FE65981829}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{59C9F2A8-E741-455F-9C00-7E6B777D7532}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\agarest generations of war\agarest.exe |
"{59E4F48B-D45B-482D-ADD1-67E891A278C1}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{5A7DD672-4B25-4F1B-BCF7-DD177B833FE5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rogue legacy\roguelegacy.exe |
"{5A7E0613-C9FA-4550-93AE-12F88D715044}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5A95E54E-CB50-4E3B-B787-9F61C3EEE9F9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{5AE44A8C-88FC-46B9-A76B-4EBBE239C672}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\project zomboid demo\projectzomboid64.exe |
"{5AFB5951-BA5A-4D3E-8B15-597BA0D55984}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\chivlauncher.exe |
"{5B0D4F72-060F-4A53-AA25-FE463B51EF2B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday the heist\payday_win32_release.exe |
"{5B589DC7-0D25-4665-9408-94ACDECAA4D3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\company of heroes\reliccoh.exe |
"{5B7B44D6-EC97-4FDA-816E-2BB5BB69DF47}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\might & magic - duel of champions\game.exe |
"{5C797003-C0D0-4252-AE02-4BDBE394EF9C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\galactic civilizations ii - ultimate edition\twilight\gc2twilightofthearnor.exe |
"{5EAB010B-DE0F-4FF5-A9B1-2FE71FCB4FDD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\blade symphony\berimbau.exe |
"{5EB2B367-C710-474C-A58C-34242462FDFA}" = protocol=17 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.exe |
"{5EDA4477-56D5-44EE-A0A9-38636BF0B2C0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\spiral knights\java_vm\bin\javaw.exe |
"{5FAEA830-ED2A-426C-AE99-425F3B0CFDFA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{5FCF66A5-9BDF-4A09-9746-37C7657ED5F6}" = protocol=58 | dir=in | app=system |
"{5FF98944-5AE0-470E-96F7-484D5A14E5CB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hammerwatch\hammerwatch.exe |
"{60B111C3-B320-4B68-B6E5-94E159DF592E}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{6132C1D7-6A99-43FD-94D0-1B723254E63E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\might and magic heroes vi\might & magic heroes vi.exe |
"{6213857A-1A8D-479B-B94D-92560C63C324}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lone survivor\lonesurvivor\lonesurvivor.exe |
"{622FAB6B-5485-4D5D-9DF9-76704B99C64E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\spiral knights\java_vm\bin\javaw.exe |
"{624C86C6-D7F2-49D7-9CC4-9658D3BDFA62}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe |
"{6251F28A-8D1A-4D97-9DA5-8FDF538AE20F}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{63A718AA-5E44-487B-B720-E59A4FF37B10}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{649064D1-F15B-414A-A228-C6927612F5BD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\marchofwar\game.exe |
"{64936559-0365-4380-8B7E-FE8B23B8F3B1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\contagionbeta\contagion.exe |
"{64E5A694-BA18-46C3-9F9A-2E10DA906A49}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{64EA9DCC-674F-4542-8B3F-E0562DEEDC21}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\chivlauncher.exe |
"{656A1A8C-522E-42B4-A284-DFD945941BAF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magicka\magicka.exe |
"{65C91E63-7F93-4175-85BF-0B48110F37B7}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{67397CA2-DFDE-45A9-A7E3-FF8959144403}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{6746E7E3-FB06-454B-9DC0-B0D22961338A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war ii - retribution\dow2.exe |
"{6797A619-4A49-4298-A798-D57A80C7ACF2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\galactic civilizations ii - ultimate edition\twilight\gc2twilightofthearnor.exe |
"{6866A302-EC55-4066-89FE-D6B95DC646F2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\modlauncher.exe |
"{69093C70-CE58-41D8-AD0F-455D7192E25E}" = protocol=6 | dir=in | app=c:\users\jason\appdata\local\temp\7zs3cb4\hpdiagnosticcoreui.exe |
"{6944DD3C-144B-4D50-8704-FC9E3D447BF1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\srcds.exe |
"{696FE428-2835-4C1D-860A-5C1A03843AB6}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{69A28BC3-3FE5-406E-8DDC-A6A49A421993}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\marchofwar\game.exe |
"{69BC9E3A-81BE-4AD9-8410-32A2D1D86FC7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\bin\sdklauncher.exe |
"{69C7073C-50A7-415D-A0D5-D72475761487}" = protocol=6 | dir=in | app=c:\users\jason\appdata\local\akamai\netsession_win.exe |
"{6A793096-803E-4B45-A0ED-8ECCF38137A0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 3 alpha lite\arma3demo.exe |
"{6B0289DE-9DFF-4BB7-8EB5-E6150478A2EA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{6B10A336-33A0-4F4B-8F80-9817F6047C9C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\penny arcade's on the rain-slick precipice of darkness 4\rainslick4.exe |
"{6B150A4F-6077-4AE5-BCEF-8C0928AF1C64}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\smashmuck champions\smashmuck.exe |
"{6B1AAFE4-DA7F-4DA3-84E8-6497972FCEEC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war rome ii\launcher\launcher.exe |
"{6B371989-F237-48EC-9001-D47451B6DEA5}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{6BA74D28-9DB1-4140-8BCB-31CCD60A0FAA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{6BD5A3CA-9499-40D9-92FE-A3E6ADC1173D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{6C52CA0A-3BB2-4F44-A3C3-1EFA2222DCA9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\spiral knights\java_vm\bin\javaw.exe |
"{6C64A47C-E53E-4D2C-99CE-CE549E4217C2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{6C785486-B932-4F5F-B6B9-6B0C5A8BA514}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday the heist\payday_win32_release.exe |
"{6D4E4A4E-7F99-46BE-87D5-CC710412CB23}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{6D6FC913-5014-476B-B1F0-10A6F88ED95B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\nmrih\sdk\hl2.exe |
"{6E8EA0B4-AA02-463E-8BF6-F0799F4F01F2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe |
"{6EB14584-A10D-471A-8A17-E7756A807987}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crusader kings ii\ck2game.exe |
"{6EE02F8C-716B-4EB5-9D4A-ADF48DA07D5F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\agarest generations of war\agarest.exe |
"{6F85527B-1EE5-4473-A0AC-7DFCFA212670}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{6FA24F40-7990-434C-AAC1-68E075D8D8ED}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.x64.exe |
"{6FBE2632-9CDE-4B52-B6F7-4DD8F831091D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{7019900C-3954-4C88-A174-A405770A8B34}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\path of exile\pathofexilesteam.exe |
"{70588BF7-B72A-47C0-8BC0-40A14E1F3A02}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war ii - retribution\dow2.exe |
"{71C04CAB-0C0B-48EB-BA43-9DC4C573587B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fe legendary heroes\legendaryheroes.exe |
"{72A75F04-C9E8-4A88-BB1C-C5BF44D14AB7}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\the lord of the rings, the rise of the witch-king\game.dat |
"{731D4D9D-307A-4646-B11A-DB707FCE65BC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{73402E2E-ED03-463C-8179-506D2275FED5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\blade symphony\berimbau.exe |
"{740DB2E0-1D4A-4F03-B9FA-CCEEC9DD989B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{745F4D9C-8FE5-4FAD-8D57-8AF03EB21428}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{74C90532-3AA9-4364-8914-BFD12FD6B820}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\might and magic heroes vi\might & magic heroes vi.exe |
"{7519749E-3EF6-4152-A89A-BA6A781C1326}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\launcher\apblauncher.exe |
"{752C6B96-81BE-4796-B47D-6CB5FA491747}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\towns\towns.exe |
"{755326D6-98BF-4E1B-9554-2A1DB577DB7B}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{75772208-CC5D-471A-98DA-A186DAD7B5DC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rogue legacy\roguelegacy.exe |
"{764A5796-3997-4C47-900C-C3ADAA4B0E65}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{7747A796-4F28-4CF5-8F21-54BE88E987C6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{785E7D7D-35F5-449A-AE5B-DC7D1E7D9390}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe |
"{78793332-563F-4826-8946-E4B0BCFB5A8B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\chivlauncher.exe |
"{789CCC44-936E-40B6-8A4A-5989DBF5EAD5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\theblackvanguard\source sdk base 2007\hl2.exe |
"{78A3FF3A-6548-4427-8884-35631E6D6394}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\baldur's gate enhanced edition\bgee.exe |
"{78DAA004-92DA-4EDD-90DA-BC8602633F86}" = protocol=17 | dir=in | app=c:\users\jason\appdata\local\akamai\netsession_win.exe |
"{792EA378-E702-44C6-8E43-A1CF77270261}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\marchofwar\game.exe |
"{7999DB4A-8C03-4107-BB68-3026E1F5E6A6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\atlantica\nxsteam.exe |
"{79B095A4-EA9D-49B6-A832-8C5F3F520DF3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\path of exile\pathofexilesteam.exe |
"{7A32F467-F3D3-4128-B08B-1378A1333256}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{7B062DD9-3EA5-456D-89A2-D6D0612B0F3E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\company of heroes relaunch\reliccoh.exe |
"{7B637439-A80E-4154-8F6E-09034B4D11F1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\blood bowl legendary edition\bb_le.exe |
"{7B7A0E03-B99F-433B-810D-28DC2527E40C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war ii - retribution\dow2.exe |
"{7B8815AE-D187-46C6-9229-3D72D64E999F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\blade symphony\berimbau.exe |
"{7B931664-8AAB-48C2-8C52-9929CA7F9010}" = protocol=6 | dir=out | app=system |
"{7C3EE07D-E3EC-4991-8E8D-49E1358225A8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe |
"{7D44B4BA-64D4-4C3F-8120-BB700F7BEACB}" = protocol=17 | dir=in | app=c:\program files (x86)\tera\client\tl.exe |
"{7FE3ED5C-BA7E-41D5-A30F-2B8DA1BA5829}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shadowrun returns\shadowrun.exe |
"{8032AEEC-8250-4AC6-BDE6-44237BF0ABE0}" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"{80DD7B7E-F7A2-4FFC-A02D-6E8816F7BEF0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe |
"{813687C3-7F9D-4E36-ADDF-07BBB08B4ED5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{81D84648-8ED4-4F9D-AE6B-573817EF217E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\marchofwar\game.exe |
"{8366ADB2-574D-47D5-B53B-F7CC4C1491D3}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo ii\diablo ii.exe |
"{84C5069B-3030-42F3-960F-C6E303C2FA5F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{84DE2739-FE77-4986-9097-E263A6C1A538}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\project zomboid demo\projectzomboid64.exe |
"{85EA5EDF-1FD8-4EEB-9558-C8DCD54D0B00}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\nmrih\sdk\bin\hammer.bat |
"{85FCFE23-7D03-4AD7-8298-8868C6F51D20}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe |
"{871B5626-2B77-42CB-A8B7-7D0DED807139}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{87DBDAB5-3B01-4164-931C-786098588105}" = protocol=6 | dir=in | app=c:\users\jason\appdata\roaming\utorrent\utorrent.exe |
"{888D372B-66E6-4B36-8C02-13D7338A78AC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\chivlauncher.exe |
"{88918DB5-6AA6-4ED0-8F8F-F1B5E9EFDC39}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\primeworld\pwlauncher.exe |
"{88F34D9C-7527-4FDF-9539-717D67FEC99E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8904952D-9A5A-4C10-9451-B19C31A24558}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4 beta\bf4.exe |
"{8930757D-8267-4F42-9FE8-88639645156D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{8945E8F0-4222-4502-AE54-5368C6D65092}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gratuitous space battles\gsb.exe |
"{895C5A26-5FA7-42D8-85A7-0585D92A36B5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\project zomboid demo\projectzomboid64.exe |
"{899D6C5C-E32B-4FE0-821B-C74DDD86C6B8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe |
"{8AF056AF-B9C1-4EEF-9F7B-2405B8A37D85}" = protocol=17 | dir=in | app=c:\warcraft iii\war3.exe |
"{8B776BB8-8943-4B73-ACF3-F4B7E758EDAF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{8C365D14-2894-4F99-B6B6-CDD5CA867B67}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{8C5532D6-4B37-49B5-B6E1-666AF38E21A1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\nmrih\sdk\bin\hammer.bat |
"{8CE74E16-5234-4F75-8363-A92BB4BAD400}" = protocol=6 | dir=in | app=c:\ubisoft\ghost recon online\ncsa-live\ghostrecononline.exe |
"{8D0C93DB-B266-42FE-8AC0-2B254F100F75}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rogue legacy\roguelegacy.exe |
"{8D18EA0C-FE34-4485-A12C-AD497A1AE55A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |
"{8D84ECBB-2BAD-40AB-90DA-9E3017B316D7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\simcity 4 deluxe\apps\simcity 4.exe |
"{8E1D44B9-8FA6-45E0-83E6-4F7122979569}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\marchofwar\game.exe |
"{8E6E0192-A8CC-4477-9937-E2D0D0BEE866}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\star trek online\star trek online.exe |
"{8E7943EE-AF99-46C3-9350-48AB9F6E7F1E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{8EA5D142-A34E-421D-9569-1B2DC94499F9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{8EAE7F4A-F994-430E-98AF-69C1948F21DA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crusader kings ii\ck2game.exe |
"{8EDC32DE-24E3-4FD7-80BD-891BD7E88DCD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{8F1323B3-7E83-4F2F-A6B3-C2411C9FCC3E}" = protocol=17 | dir=in | app=c:\program files (x86)\logmein hamachi\hamachi-2.exe |
"{8F335311-E21D-449F-9F94-4E57F14B8838}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\psychonauts\psychonauts.exe |
"{8F79E273-3A96-403C-B98F-3C72F55F60FA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the ship\ship.exe |
"{90E91C3D-77FF-4490-B321-C7A4199111D8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tacticalintervention\bin\tacint.exe |
"{90F86F2A-5CA0-4B6A-BB97-EDA51C4EB3D7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magicka\magicka.exe |
"{9138E24E-1A08-4B9B-9017-333C5E5D7662}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\path of exile\pathofexilesteam.exe |
"{9193CF86-AEA2-4394-8B88-48024CC31279}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age2hd\launcher.exe |
"{91A8F687-CF77-4506-9512-725FB97969FD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\chivlauncher.exe |
"{92581DBE-548D-4351-8D3E-88AA41E4DE51}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{92B3FFBA-388E-408C-9BF3-27BC8284C9AB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{934689CE-DB7E-414B-9B45-212C268AF0EB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\chivlauncher.exe |
"{9385A9EC-06A8-4563-A54C-DE82ED4B663C}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{94461899-80E6-4A43-BF5D-C668216720A6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{944FBB9D-9F47-4801-88B5-D26888283360}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{95134429-F87A-489D-9DFF-E88917060F4B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mount & blade with fire and sword\mb_wfas.exe |
"{95B27C64-8F6D-4DFC-A2E6-F2EA77ADCE97}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{960AB18C-A7C6-4C02-AD11-03888A5FD6D2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\europa universalis iv\eu4_launch.exe |
"{960EBCC6-29C5-40CA-8759-949FA13A0801}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{9612FBBC-C303-42EB-8730-A8C1C890E097}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{969217B3-78CB-4304-9F31-2F82117B86CC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe |
"{97014D8C-7985-496C-85E8-AC9322C85943}" = protocol=6 | dir=in | app=c:\program files (x86)\logmein hamachi\hamachi-2.exe |
"{9738297A-0F77-45B7-BF34-BD9FE7E27474}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the binding of isaac\isaac.exe |
"{98245E8F-112C-4972-98FB-B5EE704B1690}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sins of a solar empire rebellion\sins of a solar empire rebellion.exe |
"{98294853-EEB8-4FB1-B595-B866FDCB6DD0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\modlauncher.exe |
"{985EE6CF-3AB2-4359-9FA2-C2E5EEA3814E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{988E0270-0520-4A95-ADE0-9F1367C52F0C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\swkotor\swkotor.exe |
"{98E6AAD0-E1F7-417C-8861-F3FBC1435C41}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age2hd\launcher.exe |
"{99194BC7-03D7-4D2B-BB51-BECFD9960F07}" = protocol=6 | dir=in | app=c:\warcraft iii\war3.exe |
"{993704F5-B002-4195-8214-681A53EE9286}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fe legendary heroes\legendaryheroes.exe |
"{99378CBA-BC77-408B-ACB7-F80DD4876C71}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crusader kings ii\ck2game.exe |
"{99D2D920-E896-4DCD-AF66-FEA2946438DA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal\hl2.exe |
"{99E4CF0A-855E-4E97-B55E-160C811701EF}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{99E80B90-1624-42FE-AFFF-9E91DC15F822}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{9A1CBE51-644C-495D-920C-E90D835B3367}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\tools\launcher.exe |
"{9B6C8239-79CB-4108-BEAE-1274B6647157}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crusader kings ii\ck2game.exe |
"{9BB44673-916C-4E7C-A6B7-5F6211974CF8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\project zomboid demo\projectzomboid64.exe |
"{9BB78788-0CC2-4332-BE33-3E684D399658}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9C373661-4DB8-425F-B853-E366A8238066}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{9C47C5E7-3042-45D0-B353-9B94BCF8DC1D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\nmrih\sdk\bin\hammer.bat |
"{9C736B2A-1342-4619-9C16-433D3782B222}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{9CC4C9B1-5907-43D5-AED4-7898C62DE3C6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\simcity 4 deluxe\support\ea help\electronic_arts_technical_support.htm |
"{9D614F2C-7E46-4F25-9D46-B1806F1976C5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\they bleed pixels\they bleed pixels pc.exe |
"{9DF81EA4-2C73-47D0-8457-582D75948A64}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\spiral knights\java_vm\bin\javaw.exe |
"{9E053F82-6CA7-4476-91C1-947DEC65F919}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{9E1CA761-D176-4D86-A8C8-1A9D24180465}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mount and blade\runme.exe |
"{9E697162-9151-465B-8105-D750AC2D7F6B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\rise of nations\thrones.exe |
"{9E990005-5553-495B-9B4A-6B48043E6DE1}" = protocol=17 | dir=out | app=c:\program files (x86)\tera\client\tera.exe |
"{9EA09040-4398-42DB-A2B0-9D7ADDE9BF83}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{9F6FDC4A-C977-4D99-A74F-B35474C814B9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe |
"{9FAC6B3D-0B31-40A1-AAC3-60A1D4F95407}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\america's army\aapg\binaries\aalauncher32.exe |
"{A01D472F-1FCD-457B-8036-F5F6990AC0C6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hammerwatch\editor\hammereditor.exe |
"{A16098A5-3A91-4A97-AE23-5571AEA4EF3B}" = protocol=6 | dir=in | app=c:\program files (x86)\tera\client\tera.exe |
"{A1CB26FA-9E48-448A-84F5-26A55F375E80}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\atlantica\nxsteam.exe |
"{A1E1373D-2469-4A42-84BA-217380194D34}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lone survivor\lonesurvivor\lonesurvivor.exe |
"{A1F7C6B9-0B7B-41DA-AF4C-074C6202B147}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mountblade warband\mb_warband.exe |
"{A21E8571-99DF-4C0E-B7E2-ABC33AA2057F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe |
"{A2296ED8-41A6-49D8-B773-E14088EF0F5F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A2CD41C8-EAA2-4FBD-A334-9FBEB995AEB8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\baldur's gate enhanced edition\bgee.exe |
"{A2D798A6-537E-451E-A514-7536F79C555F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A2EA0CE0-C817-452E-A593-FD0D984A1EA8}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{A337F59A-1230-48A9-BD86-408611F29653}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{A3610973-B019-4E02-9DF1-F9FD6D65D233}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\knights of the old republic ii\swkotor2.exe |
"{A3EA6358-A71F-4F61-BF49-FA4B1497312F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\soldierfront2\binaries\win32\sf2.exe |
"{A468F9BF-9614-4C92-B2F8-AF0BCA55E06B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\damned\damned.exe |
"{A525B52C-21BE-4638-9F7D-24503C38B056}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\contagionbeta\contagionds.exe |
"{A5BE669B-AD41-43CC-A7FE-597ABA57089C}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{A5D3E1B2-AF6C-4469-82C0-9F64A66C747E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{A616923F-9E8F-4D49-B521-D9BDAAF41DB7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\contagionbeta\contagion.exe |
"{A74698A0-1CBA-4708-B145-E2E98246FCF5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\takedown red sabre early access\binaries\takedownlauncher.bat |
"{A79DC64C-A2B4-4037-870B-10E2E9F8AC34}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crusader kings ii\ck2game.exe |
"{A86D58E8-8339-462E-A0A1-6BD68FD90FD6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\chivlauncher.exe |
"{A87EE651-0350-4190-9817-88ACE2F7990A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
TheBlackVanguard
2014-01-08, 20:23
"{A886C7A6-6AF3-4057-B378-19F22D9688C3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{A8FC3637-23D1-4D9F-B090-4C24865813F1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A945E911-4AEB-4896-BD77-2FB3CD5D2FA3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{A98EC3FE-1D1B-4ED1-9391-6D91128CD06C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{A9C75D2D-1AF6-49A7-991F-F11CAC97AE18}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crusader kings ii\ck2game.exe |
"{A9E76DAA-0836-4AE7-B740-1B372FF02D3C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\europa universalis iv\eu4_launch.exe |
"{AA067A6A-041F-4801-A46F-ED0DDE4C3EA1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\contagionbeta\contagion.exe |
"{AA96E507-52C2-419E-B3CF-9A53F0191033}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\chivlauncher.exe |
"{AAA4F1C7-EF68-4353-8954-8E667ECF37EC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\galactic civilizations ii - ultimate edition\twilight\gc2twilightofthearnor.exe |
"{AB2B14C2-A31D-4B03-B031-C91E48BA96D8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{ABE1E488-ACDA-4848-BCDD-A27780D65FFE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shadowrun returns\shadowrun.exe |
"{AC25D620-D6E8-4ABA-94E7-BA506857AF72}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{AC6E1101-F9DC-4267-9F09-837DD211A659}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\launcher\apblauncher.exe |
"{AD3CDBF8-091F-4198-882F-743B31A5D7CA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\to the moon\to the moon\to the moon.exe |
"{ADC97A56-87FF-4EB7-AE3F-2D2079C73071}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\star wars empire at war\runme.exe |
"{ADDCE4FB-AD45-4494-805E-43C463458F76}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{AE2B29B4-FF63-4BAD-B02A-48C076DF69EE}" = protocol=17 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.x64.exe |
"{AE701BFC-7B80-493B-B4EE-EA541FA02820}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\binaries\apb.exe |
"{B112DEAB-5C30-40DF-8E99-61F243D4DD94}" = protocol=17 | dir=in | app=c:\users\jason\downloads\downloader_warcraft3_reign_of_chaos_enus.exe |
"{B13076AB-FE21-49A5-8C64-C796FAAA8F80}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\damned\damned.exe |
"{B16859AC-CB60-4470-BD18-561D8E738E2D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{B1A21E88-07F9-47FC-9ABC-D0936FDA93A0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\theblackvanguard\source sdk base 2007\hl2.exe |
"{B23877F3-1BF2-479D-B06C-2F69AB69CEB3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{B258BD91-210B-4A7A-9D3F-BB46F7B596E6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\star wars empire at war\runme2.exe |
"{B2C82313-4367-43CD-9316-378B3910CB9F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{B2F1D64B-8E45-49B8-8500-631AA505CA5F}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{B32C772B-21DB-4BBF-B18F-40D4365AC5FC}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{B3897422-F91B-4354-86B5-AB6EE718DA26}" = protocol=6 | dir=in | app=c:\program files (x86)\tera\client\tl.exe |
"{B3D759E8-3084-49C5-9DCE-3ED737BFF27C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\damned\damned.exe |
"{B425E26B-065B-4709-B50C-445BB62C737D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magicka\magicka.exe |
"{B4607E2B-756F-4401-99C1-E29993667F25}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{B4A45486-47E3-4B5A-BD7C-5B3B3BE9983C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\star wars republic commando\gamedata\system\swrepubliccommando.exe |
"{B4CF50D3-C732-455D-8C31-632A3DBF8E33}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mountblade warband\mb_warband.exe |
"{B5AB4AB9-3D29-4B19-9ED6-2356236E5864}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\spiral knights\java_vm\bin\javaw.exe |
"{B5F54D13-3267-488F-9A5B-FC8CAC6C5841}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\contagionbeta\contagion.exe |
"{B5F80923-F5D5-44F7-94B9-6DF3DB06240B}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{B6E986DE-5D86-430B-A139-2777F903715B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\medieval ii total war\launcher.exe |
"{B73B6440-2923-4F12-BF12-F575FF23A498}" = protocol=17 | dir=in | app=c:\nether\nether\binaries\win64\nether.exe |
"{B756C862-8898-4ED7-8F21-97299E309ED3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war rome ii\launcher\launcher.exe |
"{B795F663-19C2-4892-96F6-3B8EFE0AF389}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{B7CABC88-A7F9-415E-8334-4909746969EC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{B8120417-9292-4B88-97D6-55870BDE11D8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalry_ded_server\binaries\win32\udk.exe |
"{B8CBC7B0-A800-4D4D-BA9A-97CEA546A661}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |
"{B8D4574F-731F-4B94-B457-68E9F0D56D3B}" = protocol=6 | dir=out | app=c:\program files (x86)\tera\tera-launcher.exe |
"{B8F4ACF3-571A-40A2-BF83-32614E63A2F4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{B912DF23-A59B-4F77-BC60-7594FA299461}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\miasmata\miasmata.exe |
"{B9B26818-AEBB-4403-8820-DA9F88AA1671}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{B9B9BE9E-0C6D-42BE-8D37-7385979FC008}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\might & magic - duel of champions\game.exe |
"{BA44DF8B-2071-49D2-879E-6C279E7F8794}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crusader kings ii\ck2game.exe |
"{BA50A626-F16C-40E5-9702-D0F3B585784C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sengoku\sengoku.exe |
"{BA7FD6F8-42C3-4246-BE6B-3C113399252C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{BB3A2688-AC8C-42E6-A708-CBE00B23C37A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age2hd\launcher.exe |
"{BC2247B1-C141-4D0A-9C52-863419ED1083}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\contagionbeta\contagion.exe |
"{BCB1E4DC-54DC-42DF-A7CF-DDF5A3AFAA95}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\theblackvanguard\zombie panic! source\hl2.exe |
"{BD99BD2C-C649-464B-B65B-DBBC441C4670}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\launchpad.exe |
"{BDC29201-51F4-49AE-8123-26CD48357C47}" = protocol=17 | dir=in | app=c:\program files (x86)\heroes & generals\live\hng.exe |
"{BE127BDC-91FC-4AA3-9755-713ABCE683F3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\empire total war\empire.exe |
"{BE56548F-861A-4B94-A04E-27F2B6224C7E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{BF60121A-12DD-4FBE-BCCC-5C0B6CCDF139}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\daoriginslauncher.exe |
"{BF84DC44-C3A4-43D4-A5D0-703EC6999C5E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war ii - retribution\dow2.exe |
"{BFF01FDE-C2CE-43E8-A942-3AC78A52DBA2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\nether\launcher\launcher.exe |
"{C03FAAFC-2987-4DC1-B9D6-4BCDB475A343}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{C0E96820-07BE-4A33-8E12-72E711291451}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{C19CE953-7F29-40FD-A7B0-84DC052E1BB0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\star wars republic commando\gamedata\system\swrepubliccommando.exe |
"{C22866F3-6374-4F60-95F7-961F68E726EB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{C2EE2FED-2017-4C5B-95C3-B29587BF21F3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\they bleed pixels\they bleed pixels pc.exe |
"{C329890D-20F4-4AD6-B08B-133617E12289}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the stanley parable\stanley.exe |
"{C343BDFA-A452-4F08-AACD-461E6A69A713}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\damned\damned.exe |
"{C3444D26-9309-424C-9057-3030B82E2993}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\takedown red sabre early access\binaries\win32\takedowngame-win32-shipping.exe |
"{C35302F7-0F1C-4ED8-AB13-F999E2E89E74}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{C3693F1D-D93B-4D01-A05D-F7EE30BDDE09}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\path of exile\pathofexilesteam.exe |
"{C3D4C0A1-1EEE-49DB-AE91-99D3EC9D771D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien swarm\swarm.exe |
"{C437EB5E-45FD-4FC4-B8B4-3148F04FBD96}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\star wars empire at war\runme2.exe |
"{C44C003D-C0D3-4FC5-B116-74050524ACFE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\marchofwar\game.exe |
"{C45F074B-4A0A-43AA-BD76-739A11030B51}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{C73BE8C5-983C-419C-B1A5-5779E4B964D8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{C77CB4BF-D8C6-43E5-B28D-89775577C88E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{C793247C-86EB-413E-AAD4-57AE1C428A2A}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\the lord of the rings, the rise of the witch-king\game.dat |
"{C83EA4A2-1F76-4862-8679-E481D78F0F7C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\america's army 3\binaries\aa3game.exe |
"{C8EBC4AD-E015-4C08-A0EF-C71822717EB6}" = protocol=6 | dir=in | app=c:\program files (x86)\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe |
"{C9556E50-7A93-4525-AC16-FAE3D7202506}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\company of heroes relaunch\reliccoh.exe |
"{C984835D-AFBF-4FA7-9C50-845E930CACF1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\empire total war\empire.exe |
"{C9CB8E5A-C106-420D-889B-F188E52A0A71}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\takedown red sabre early access\binaries\win32\takedowngame-win32-shipping.exe |
"{C9D3ADFD-39EF-4F30-91C0-50FCB266815D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\tools\launcher.exe |
"{CA8602A1-105D-431C-B4D0-032C4626A5FF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\company of heroes\reliccoh.exe |
"{CAB7EC74-A7A9-4D14-AC9A-BA5587005B21}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{CAD733CA-BB00-4B08-8B70-EB655029EA71}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{CBE97F7F-F595-4C0F-A4FA-243A18B8805A}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{CBEC7D59-34C0-4C70-A87E-62C4CAC57E61}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sins of a solar empire rebellion\sins of a solar empire rebellion.exe |
"{CC369466-8F37-4BB0-8233-E80FD0B09BDA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\america's army 3\binaries\aa3loader.exe |
"{CC54ED82-AFC4-4E44-8B0B-B1D688C0F39B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{CC6ED0E2-4DDE-4B7D-9803-BC8954B55AE3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{CC75C372-9878-4C1B-B583-FBA3C9DF4C9C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{CCB49775-4515-4DBE-BBC1-4720403639ED}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\to the moon\to the moon\to the moon.exe |
"{CE0B2D2A-6C72-43C8-AC4F-2E46ABD4E62B}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo ii\diablo ii.exe |
"{CE2A6225-32F8-402E-8608-604C2CDC6DAA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe |
"{CE93BBC8-6F5A-4753-8C54-3FFF146B0569}" = protocol=17 | dir=in | app=c:\users\jason\appdata\local\temp\7zs3cb4\hpdiagnosticcoreui.exe |
"{CEB27C83-EDD2-4AB2-9236-3468B0BCBF88}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war in the north\witn.exe |
"{CED5044F-4A8E-4818-9BCC-4A368A6BACDF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{CF22E044-09A8-4714-BE20-B1FD4BA9F3B6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |
"{D07644AA-A3B0-40E5-A733-265C172D3F50}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{D077891C-489A-4C08-BD54-96F75C2B3FE8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tacticalintervention\bin\tacint.exe |
"{D1BC32A0-1869-42C3-81C4-65515C8E41F3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{D2461922-E359-40AE-B70C-E86072762D6A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{D2696CEB-7B0C-4FAF-AD3E-B6FC43247C0B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{D2A80BD1-B672-4E45-8018-7D26F603A84E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\towns\towns.exe |
"{D2F3FC55-2D53-41C6-A3EB-301C89815548}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{D4043E3B-F1E1-46CD-90EF-48E2882125AB}" = protocol=6 | dir=in | app=c:\users\jason\appdata\local\apps\2.0\hdn63ynp.aol\oe577kg2.bb9\laun...app_59711684aa47878d_0001.0022_85c03d047e576393\launcher.exe |
"{D46E9966-423C-4354-8B49-469D95B96787}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\medieval ii total war\launcher.exe |
"{D4725440-4A27-439E-825F-E3E07D41A359}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crusader kings ii\ck2game.exe |
"{D487A015-8D30-4992-8A03-D634AA9C26FB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war in the north\witn.exe |
"{D4A3E4AF-2CD5-4120-900F-9CBA51A89D26}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe |
"{D4BE8BC1-9BFD-477E-AA77-6C93B4AE540B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\chivlauncher.exe |
"{D5B615B6-EAFF-4C57-B283-3B51FD7517F4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dominions3\dom3.exe |
"{D644940E-5590-4090-9617-3A70AFE1E8B4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{D64B94E0-74D9-4369-A531-F3021EF565F6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\launchpad.exe |
"{D69FD428-A0FB-4B3A-B298-37E7A7BE79E6}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{D78E8719-9367-49E5-B4CD-69C41581EF34}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\chivlauncher.exe |
"{D856C9E5-2118-4DB2-BF2E-53084B362331}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\blade symphony\berimbau.exe |
"{D896CBB9-CC54-4029-AE49-FC0FEC851F32}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rogue legacy\roguelegacy.exe |
"{D932A430-4D02-4879-AF05-340B94673D2A}" = protocol=6 | dir=in | app=c:\gog games\strike suit zero\pc\main\binary\ssz.exe |
"{D9D0EAB9-14F6-4797-83B0-FC76C4BC8CF5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\endless space\endlessspace.exe |
"{DAF19F25-B193-4B9B-882B-4F97B16C7053}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war 2\dow2.exe |
"{DAFE4B2A-C2CC-44B2-B308-9D99C526FD68}" = protocol=17 | dir=in | app=c:\users\jason\appdata\local\apps\2.0\hdn63ynp.aol\oe577kg2.bb9\laun...app_59711684aa47878d_0001.0022_85c03d047e576393\launcher.exe |
"{DB16D3A8-A8B2-4C50-8CC9-46EE0D16D618}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\la-mulana\lamulanawin.exe |
"{DC1F45FA-2DD6-405C-8F0F-5AC4B089B786}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{DCBC4E13-F932-4531-94D1-C84E28EF3CB7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalry_ded_server\binaries\win32\udk.exe |
"{DCD5B2E0-B192-4FA0-B877-B804370C5719}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\world of goo\worldofgoo.exe |
"{DD3EED0D-3B2D-4BAA-85D0-23B43EAE0734}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\deadlight\binaries\win32\lotdgame.exe |
"{DD5F519B-6E4E-4321-97FE-1B661F67C463}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{DD8902CC-37F9-4430-8BDA-768D2860AC07}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\binaries\vivoxvoiceservice.exe |
"{DE3B1865-B372-48E2-8B20-787C0809D2EA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\nmrih\sdk\hl2.exe |
"{DE7930CA-FB75-4254-8A8C-2C93AA7E97B8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shadowrun returns\shadowrun.exe |
"{DF482F43-E22B-4A30-BD1C-2A5C48544BD2}" = protocol=17 | dir=in | app=c:\gog games\strike suit zero\pc\main\binary\ssz.exe |
"{DF548C0F-9247-432F-ACCE-6A6417F0883F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\psychonauts\psychonauts.exe |
"{DF611F1E-B8FB-4E85-B214-4E43F601FC1C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\contagionbeta\contagion.exe |
"{DFE3BDB0-176E-42C4-B712-9EE795142FCF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mount and blade\runme.exe |
"{E05114C2-4B1D-46FE-A93A-514D05642A01}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{E28ABD9F-E2E3-4ACA-BACB-AFE9444D7CB5}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{E33D008B-B9CC-4299-B789-DB668C88816E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro last light\metroll.exe |
"{E391834B-DDBF-4774-B423-804AA1CC321D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{E4019A5A-133B-492D-A348-B4D4906D50A2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{E598AC00-7611-4F51-B7BE-C1FBDE31B0EC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\blood bowl legendary edition\bb_le.exe |
"{E61EBDD8-466D-422F-BDB2-E267518602F7}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{E66FAE00-11F2-495B-B48B-42BC87B43527}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\swkotor\swkotor.exe |
"{E6A51DFA-42DE-4C21-AAC1-576CDFE1BFAA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{E6B389E0-ACE3-4C56-8AD3-09011DD15BA4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mount & blade with fire and sword\mb_wfas.exe |
"{E6FE8BD8-4814-4650-84AD-A68629415C8D}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{E783D3EA-D30D-486A-AF61-B71E92E0E382}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{E7AA190E-2DD3-4AD6-A880-A21DE3D8C797}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\star trek online\star trek online.exe |
"{E7FA76C8-845D-48A1-856C-75A180D096AB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E81A7664-73CB-4985-9927-807FBD515291}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{E8200E64-7455-45D0-BA0D-E8F44E04F0A0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\chivlauncher.exe |
"{E8428E3C-2DF5-4189-8C0C-3DE86AD2BF5F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead island\deadislandgame.exe |
"{E85487F9-FFBD-4A5C-AF84-073AC65B61EB}" = protocol=17 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"{E877B95F-20BF-413C-B00E-21CDE0667B78}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{E898AA04-F479-4402-B179-F78374DDDE6A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\chivlauncher.exe |
"{E8A93868-DCD5-4490-8830-BFC29F78102A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{E9B840E9-D188-47EE-B9FD-4BAB1C2A27E4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\binaries\vivoxvoiceservice.exe |
"{E9BF1499-AB12-4A45-BA77-C5F21B621A23}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{EAAE8896-5F96-4308-9B72-8D8D757BCE13}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\chivlauncher.exe |
"{EB20C45F-336B-4FA8-89F3-4DF4FF5B2B3E}" = protocol=17 | dir=out | app=c:\program files (x86)\tera\client\tl.exe |
"{EB4B18C6-3D7D-4530-9D64-F48CD7608708}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\takedown red sabre early access\binaries\takedownlauncher.bat |
"{EB6DEB4A-F233-4FA6-B547-0A8DDE0C29C0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\darksouls.exe |
"{EB8F86F4-5709-40B9-A946-D6B4DC89C856}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hammerwatch\editor\hammereditor.exe |
"{EBC33BA6-8B48-4CDF-A965-1CDE269F6353}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\contagionbeta\contagionds.exe |
"{EBEA5C3D-AEB1-449F-8AE5-69720C20BB59}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\nmrih\sdk\bin\hammer.bat |
"{EC049634-6E50-4F3D-9CEF-B8DB56544D53}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war 2\dow2.exe |
"{EC0B80C0-9E8C-4D69-9242-113CB95D44DF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{EC366F08-C02A-4D98-83D2-828363F4CE62}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EC4F1B56-DB7F-48C1-B972-F7E148933237}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age2hd\launcher.exe |
"{EC532293-0081-4534-8F2A-B9DD16B3F8A0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{ECFC5F83-72AF-4D79-AD29-FBDABD8E8EB9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EE08CFE4-DB19-4770-9D92-A0593C4A7314}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{EE36173E-679C-49D9-BAB3-572DF3609ECF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\contagionbeta\contagion.exe |
"{EE4DC555-3573-4CE3-99B9-929216B4F43D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{EEED729F-2078-4E0B-A223-A540B1158204}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal\hl2.exe |
"{EEEEA7E1-1E66-488B-9088-198AFE7718D7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{EF11DA74-938A-4308-98FD-26446C448546}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{EF5CE872-7378-4E73-A84A-7E6885E967FC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe |
"{F07548FA-EABF-4424-9114-1A0BF4071A3F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{F1457848-C5DD-4499-85AC-CC090CB13E42}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\path of exile\pathofexilesteam.exe |
"{F19B421D-2FFE-482B-BD36-BADD0B1D0363}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{F1E9059C-7FD8-4507-B164-D9E377EDA4C9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\miasmata\miasmata.exe |
"{F22C986C-EB0A-410F-AC55-5C4F01C248D6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{F288E1AF-7D14-475E-B4D4-2538464E6773}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the stanley parable\stanley.exe |
"{F2E077AB-133B-49AC-921E-B1996874C266}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{F2F38AB3-8995-4AAF-AA59-8CAD5683A0AD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{F3BFF6AC-4FB2-43FF-BBF5-E7B40ECD1306}" = protocol=6 | dir=in | app=c:\users\jason\downloads\downloader_warcraft3_reign_of_chaos_enus.exe |
"{F3D8B346-D9FB-486D-B240-4F7C9139D6D0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\spiral knights\java_vm\bin\javaw.exe |
"{F48F59D4-D98B-4827-96A1-DB99810CDAA9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war 2\dow2.exe |
"{F55F78FA-C34C-4078-B677-88CB2FC57E3A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\simcity 4 deluxe\apps\simcity 4.exe |
"{F5613166-34EA-4FFA-8FAE-46FFC9D36FDC}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{F66E9FD3-C86A-4DFF-BE02-7159BED842EB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\primeworld\pwlauncher.exe |
"{F6B2DC49-2DA6-4E0F-BECA-A0D70956CAFE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\frozen synapse\frozensynapse.exe |
"{F6D5EC1C-763D-4C8A-A79E-B6A629092E96}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{F6F4294D-72E3-49E5-8FA7-898658D1D4F5}" = protocol=17 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe |
"{F811E58D-C66B-4D1E-B8E9-D631D91EF7BC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\path of exile\pathofexilesteam.exe |
"{F8EF6463-99F9-4A20-BAE8-E1B5813B45B7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bastion\bastion.exe |
"{FADC11B5-A290-4D9B-A91B-33E0721192ED}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\knights of the old republic ii\swkotor2.exe |
"{FB439366-D02B-4ED0-A911-7176AA518A87}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{FBFFC70A-CB55-4D50-8009-0C603F187F59}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{FC479445-BEC9-4145-BC68-317CBF2BDBCF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{FC818F19-F90C-4F0E-B695-B7242722471C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\world of goo\worldofgoo.exe |
"{FD3BE8EB-2AC7-48C9-AD62-8DFFC06AACB7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\marchofwar\game.exe |
"{FE6FB5DE-25AD-47A0-8DB8-907ABED725CF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\chivlauncher.exe |
"{FE7D9073-7F7D-4034-BC26-94A364CC5947}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{FEBDE4F8-1509-448A-AD50-B7E09C433AF3}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{FF0B4D3A-AF7B-4ECA-9C9D-52D45F11FE6B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{FF3088FD-0E7C-47AB-B1BD-983C18AF54E1}" = dir=in | app=d:\setup\hpznui40.exe |
"{FF9D4D13-4A0B-44F5-A583-65801279360A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{FF9F573F-3EF9-4BC4-9603-93A72B5224D1}" = protocol=6 | dir=in | app=c:\program files (x86)\heroes & generals\live\hng.exe |
"{FFE5B01D-BDC6-424A-BE47-B1A9CC322543}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"TCP Query User{0DB44EFC-75DC-4122-9710-737DE363C033}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe |
"TCP Query User{1374E5BA-4F99-4A08-B1F4-B5D88E9DB903}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"TCP Query User{1ACFD948-0D8F-47C7-860B-FB3481E2885A}C:\program files (x86)\gog.com\neverwinter nights diamond edition\nwmain.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gog.com\neverwinter nights diamond edition\nwmain.exe |
"TCP Query User{1DDD65D6-A63F-4447-A474-C273D25F0A93}C:\program files (x86)\icechat7\icechat7.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icechat7\icechat7.exe |
"TCP Query User{296FC3D5-B285-4741-B320-62FA123BFFD4}C:\ubisoft\ghost recon online\ncsa-live\ghostrecononline.exe" = protocol=6 | dir=in | app=c:\ubisoft\ghost recon online\ncsa-live\ghostrecononline.exe |
"TCP Query User{2FC6D886-61D2-479A-8957-12301534ED07}C:\program files (x86)\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe |
"TCP Query User{4633F6AC-4BD5-4706-B4F3-00F56134672E}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe |
"TCP Query User{47516E37-92AF-4DF2-A07A-2661C646E5A0}C:\users\jason\downloads\downloader_warcraft3_reign_of_chaos_enus.exe" = protocol=6 | dir=in | app=c:\users\jason\downloads\downloader_warcraft3_reign_of_chaos_enus.exe |
"TCP Query User{4A4FDFE3-5A1D-4B50-AE2A-8150989963FE}C:\program files (x86)\steam\steamapps\common\america's army 3\binaries\aa3game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\america's army 3\binaries\aa3game.exe |
"TCP Query User{4B902F40-75E9-4A57-B696-0B107CAE9906}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe |
"TCP Query User{4F532771-87EB-4234-B199-826B84A0006A}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe |
"TCP Query User{5992046A-7BED-46B6-8B0E-F3CF7E32F1BC}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{6112BCD6-F65E-41FA-A67E-81500606D33B}C:\program files (x86)\steam\steamapps\theblackvanguard\zombie panic! source\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\theblackvanguard\zombie panic! source\hl2.exe |
"TCP Query User{64D4EB12-ACB6-404E-B480-AE0CC2330552}C:\users\jason\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\jason\appdata\local\akamai\netsession_win.exe |
"TCP Query User{6E89E585-FD9A-40C1-8522-AEEEFEC8CC90}C:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"TCP Query User{8053C4D2-321A-480A-AD1F-E0EA6718390F}C:\nether\nether\binaries\win64\nether.exe" = protocol=6 | dir=in | app=c:\nether\nether\binaries\win64\nether.exe |
"TCP Query User{95ACF3AC-8A2C-4B4D-AB68-5631D39E57DE}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe |
"TCP Query User{9C22E818-13C4-44C5-9033-E454ECC15350}C:\users\jason\downloads\downloader_warcraft3_the_frozen_throne_enus.exe" = protocol=6 | dir=in | app=c:\users\jason\downloads\downloader_warcraft3_the_frozen_throne_enus.exe |
"TCP Query User{ADE424A4-7241-4FBE-AEB9-A8F89580F5BD}C:\programdata\battle.net\agent\agent.1737\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"TCP Query User{B76DEEC6-82DD-4C6F-905B-223CBE124D3C}C:\programdata\battle.net\agent\agent.2045\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"TCP Query User{C9ADF485-B734-4E74-BA32-94A3147484F9}C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe |
"TCP Query User{D5475BC1-4244-458D-86CA-BD3172656770}C:\gog games\strike suit zero\pc\main\binary\ssz.exe" = protocol=6 | dir=in | app=c:\gog games\strike suit zero\pc\main\binary\ssz.exe |
"TCP Query User{DBB37897-94F9-4B6A-BB2B-843BCE3ABE77}C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe |
"TCP Query User{E0C2B5A8-F1CD-4217-ACE9-5BF53B5FAA20}C:\game\tasofro\th135\th135.exe" = protocol=6 | dir=in | app=c:\game\tasofro\th135\th135.exe |
"TCP Query User{E6C1056E-3236-4AD0-8D62-23673CDA37D7}C:\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\warcraft iii\war3.exe |
"TCP Query User{EE2C0FAD-0ABE-4692-83AE-5ABCF5FC4B37}C:\program files (x86)\steam\steamapps\common\crusader kings ii\ck2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crusader kings ii\ck2.exe |
"TCP Query User{F00609CB-72B0-4F2D-921C-FA99AC04CBEB}C:\users\jason\appdata\local\apps\2.0\hdn63ynp.aol\oe577kg2.bb9\laun...app_59711684aa47878d_0001.0022_85c03d047e576393\launcher.exe" = protocol=6 | dir=in | app=c:\users\jason\appdata\local\apps\2.0\hdn63ynp.aol\oe577kg2.bb9\laun...app_59711684aa47878d_0001.0022_85c03d047e576393\launcher.exe |
"TCP Query User{F3CF196C-3EF0-44E7-8107-F9A1ECE95DA9}C:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"UDP Query User{08B7B1B3-88AD-416A-B4C7-A043D84C011D}C:\program files (x86)\steam\steamapps\theblackvanguard\zombie panic! source\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\theblackvanguard\zombie panic! source\hl2.exe |
"UDP Query User{0F22027B-4179-46E6-B833-054CAB35C1D0}C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe |
"UDP Query User{134E607C-5EE7-44EE-B1CA-F370E62F76CD}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe |
"UDP Query User{16813DC4-7614-4AC7-B13E-EEA427437D1B}C:\ubisoft\ghost recon online\ncsa-live\ghostrecononline.exe" = protocol=17 | dir=in | app=c:\ubisoft\ghost recon online\ncsa-live\ghostrecononline.exe |
"UDP Query User{222CF786-94AF-42CC-B676-DEAE9FB5C5BD}C:\program files (x86)\steam\steamapps\common\america's army 3\binaries\aa3game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\america's army 3\binaries\aa3game.exe |
"UDP Query User{22B63442-9330-4DE6-A200-5902B809D728}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe |
"UDP Query User{27094DC9-8A48-4D38-B1D7-D67EF214FF32}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe |
"UDP Query User{34F1AD1B-146E-4ABA-BA40-CFC00B08D51D}C:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"UDP Query User{4BE03524-FB7A-45DB-97C3-15CDDFCA1A0C}C:\gog games\strike suit zero\pc\main\binary\ssz.exe" = protocol=17 | dir=in | app=c:\gog games\strike suit zero\pc\main\binary\ssz.exe |
"UDP Query User{562F9B63-A3B5-4B8B-9288-E5BF3C4CD264}C:\program files (x86)\icechat7\icechat7.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icechat7\icechat7.exe |
"UDP Query User{5EA98F42-1478-4A07-BBD2-E222D4142A54}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"UDP Query User{668758A8-3FB1-4E42-B81D-93D493694D4F}C:\users\jason\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\jason\appdata\local\akamai\netsession_win.exe |
"UDP Query User{67AB9967-90DE-443E-B8EC-243E728D260F}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe |
"UDP Query User{68F002ED-4FEF-4E52-92E2-05B180C5FD83}C:\nether\nether\binaries\win64\nether.exe" = protocol=17 | dir=in | app=c:\nether\nether\binaries\win64\nether.exe |
"UDP Query User{6AC62E20-76CA-4DFC-A46C-5E4D37F96DAF}C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe |
"UDP Query User{6DBE2ED8-A827-45EF-8DA5-1A8D96A8CAB6}C:\program files (x86)\gog.com\neverwinter nights diamond edition\nwmain.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gog.com\neverwinter nights diamond edition\nwmain.exe |
"UDP Query User{96E91D37-26C3-4198-955F-ED22D22B196F}C:\game\tasofro\th135\th135.exe" = protocol=17 | dir=in | app=c:\game\tasofro\th135\th135.exe |
"UDP Query User{99C84DF1-2257-4397-B222-B78A353D89D2}C:\users\jason\downloads\downloader_warcraft3_the_frozen_throne_enus.exe" = protocol=17 | dir=in | app=c:\users\jason\downloads\downloader_warcraft3_the_frozen_throne_enus.exe |
"UDP Query User{A5ECC2E0-35B0-470D-BA00-69E13A3839E6}C:\programdata\battle.net\agent\agent.1737\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"UDP Query User{AE678DE0-AEB5-4724-90CE-6FFC56B322BC}C:\program files (x86)\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe |
"UDP Query User{C7B54B24-7546-4E92-9007-C6A235FF6FBB}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{CF8AD1AF-78FF-4CBD-96D4-2415B36476B9}C:\users\jason\appdata\local\apps\2.0\hdn63ynp.aol\oe577kg2.bb9\laun...app_59711684aa47878d_0001.0022_85c03d047e576393\launcher.exe" = protocol=17 | dir=in | app=c:\users\jason\appdata\local\apps\2.0\hdn63ynp.aol\oe577kg2.bb9\laun...app_59711684aa47878d_0001.0022_85c03d047e576393\launcher.exe |
"UDP Query User{D06462B2-37F4-448E-9987-BE7BC92C4A93}C:\program files (x86)\steam\steamapps\common\crusader kings ii\ck2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crusader kings ii\ck2.exe |
"UDP Query User{D1892BAC-549B-46B1-9D8E-9ED3DFD9A360}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe |
"UDP Query User{DCA38B6C-FB0B-4E21-AB51-53FB02FBA77F}C:\users\jason\downloads\downloader_warcraft3_reign_of_chaos_enus.exe" = protocol=17 | dir=in | app=c:\users\jason\downloads\downloader_warcraft3_reign_of_chaos_enus.exe |
"UDP Query User{FC6122A2-6C48-4D93-A4B9-566272C4F81F}C:\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\warcraft iii\war3.exe |
"UDP Query User{FCCEDF89-114A-4C4B-892E-5296D24478FF}C:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"UDP Query User{FF6D502B-7CF6-4658-84B5-7D23FD3F7B8F}C:\programdata\battle.net\agent\agent.2045\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{26A24AE4-039D-4CA4-87B4-2F86417011FF}" = Java 7 Update 11 (64-bit)
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy Gamepad tool 0.7.0000
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4E2C5655-556D-479A-A85B-CD93325E5594}" = AVG 2013
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6177064c-e1cb-4f80-bfec-1d8cb07b244e}.sdb" = GOG.com Thief - Deadly Shadows
"{68550918-63B5-4762-85CB-3C160AA4B213}" = HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AB3AFCA5-A2BB-4F31-8FEC-0295DB7BF928}" = AVG 2013
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 331.93
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 331.93
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 331.93
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 331.93
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.19
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"AVG" = AVG 2013
"EditPad Lite" = EditPad Lite 7.2.3
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"KLiteCodecPack64_is1" = K-Lite Codec Pack 9.7.5 (64-bit)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Process_Hacker2_is1" = Process Hacker 2.30 (r5267)
"Shop for HP Supplies" = Shop for HP Supplies
"TeamSpeak 3 Client" = TeamSpeak 3 Client
TheBlackVanguard
2014-01-08, 20:24
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{0A80329D-1B59-4F10-8D1D-924C59B2840B}" = ShufflePlusVLOI
"{0FCDA0F8-F3E5-402E-B9B6-13CB2B01182B}" = TERA
"{10631C28-62E5-477C-9B40-40C5EA8219BE}" = Black & White® 2 Battle of the Gods
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1EA7C505-E6DA-4B85-9432-EBD3C70D510D}" = Windows Live Messenger
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20E23A40-38E5-4DD6-B738-BC8097AE66B6}_is1" = FTL version 1.03.3
"{2115B757-91FB-4FCE-BE37-B61B2B1DE958}" = A Virus Named TOM
"{23A3E560-069F-4CFC-8F6C-1B526EC735FC}" = Windows Live Writer Resources
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{288487BA-D8C5-4C81-BD89-C7E49DD48E18}" = Desktop-Reminder 2
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2A83AD05-56E6-3FBD-8752-B4143162EF59}" = Google Talk Plugin
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = The Battle for Middle-earth (tm) II
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{456A5815-604D-4D72-94DF-346D2B978A59}_is1" = GOG.com Downloader version 3.6.0
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype 6.9
"{537DB9D6-1AB1-4CE9-8DE7-312256B49A98}" = PS_AIO_06_C4700_SW_Min
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}" = Asmedia ASM106x SATA Host Controller Driver
"{64893225-ADBA-469E-B114-F3B2C1FBBA77}" = RTKXI
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{662140BE-138C-4DC1-B4CD-B62C6C855A25}" = Pirate101
"{68E4C751-272B-44E1-94C7-4E1FDC40F7DA}" = Livestream Procaster
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{7C82709E-75FE-4C3A-976A-8C97908DDD7B}_is1" = A Game of Thrones version 0.5
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{86C40513-B5A4-476E-9EAB-EC118DCF4502}" = Windows Live Writer
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8B313BF5-9BD5-42a3-94C1-A28AF3AA51CC}" = Intel(R) Rapid Storage Technology enterprise
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}" = OpenOffice.org 3.4.1
"{9F2A2F03-5F43-4BD1-860E-F61284EE7AC5}_is1" = XCom Long War Mod version 2.11
"{A0AFB64E-79E1-45BF-BA6C-18C21E007D8E}" = Age of Wushu
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.05)
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B431C2DC-1119-40F2-9EDD-55E384FE91AD}" = XSplit Broadcaster
"{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}" = Mumble 1.2.3
"{B5978DF3-8A04-4F22-AF67-8CCE52E04B13}" = C4700
"{B5E6D105-DFB4-46B4-88BF-9DC52686DBE7}_is1" = Broken Crescent version 2.3
"{B641E348-377C-4819-B92F-03F1D35A7EE3}_is1" = ūSćYO Ver1.10c
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B80D3EA9-A252-4AE5-AC51-81729F5C586F}" = Windows Live Mail
"{B931FB80-537A-4600-00AD-AC5DEDB6C25B}" = The Lord of the Rings, The Rise of the Witch-king
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C3592426-531E-4110-911D-BFECE2CE284C}" = osu!
"{C41F1ACF-6424-4AF9-BCDE-926BC8E93840}_is1" = Broken Crescent version 2.3
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CFAB3721-549D-4827-A4E8-7F90192114AB}" = Battlefield 4 Beta
"{D0549B3F-23A2-478B-8DAA-C67095448447}_is1" = Broken Crescent version 2.3
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}" = Microsoft XNA Framework Redistributable 4.0 Refresh
"{D81F39D4-FDA9-4356-92B1-16081D8BF71A}" = Pokémon Trading Card Game Online
"{D84F41A8-33E6-402A-8DD6-D2244235BCB8}" = LogMeIn Hamachi
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}" = Black & White® 2
"{DBDD570E-0952-475F-9453-AB88F3DD5659}" = Python 2.7.5
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E21CB4DC-94EC-480F-A075-9C9385182CB9}" = S4 League_EU
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E50D4D29-C7B5-4136-AADE-D85794926840}" = Rags Suite
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E5F05232-96B6-4552-A480-785A60A94B21}" = System Requirements Lab CYRI
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F59AC46C-10C3-4023-882C-4212A92283B3}_is1" = Lagarith Lossless Codec (1.3.27)
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FA653F5B-483A-4E92-BF75-BB3BBF1D550D}" = LogMeIn
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FCB790E3-0FCF-4202-BD08-DC88443476A6}" = Modern Combat
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.20
"ACDSee Free" = ACDSee Free
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Anki" = Anki
"Any Video Converter_is1" = Any Video Converter 5.0.9
"Audacity_is1" = Audacity 2.0.3
"Battle for Wesnoth 1.10.6" = Battle for Wesnoth 1.10.6
"Battlelog Web Plugins" = Battlelog Web Plugins
"Bear Force II" = Bear Force II 0.3
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"DarthMod Empire8.0 Platinum" = DarthMod Empire
"DarthMod Empire8.0.1 Platinum" = DarthMod Empire
"DarthMod: Shogun II" = DarthMod: Shogun II
"Desktop-Reminder 2" = Desktop-Reminder 2
"Diablo II" = Diablo II
"DivX Setup" = DivX Setup
"ESN Sonar-0.70.4" = ESN Sonar
"Fraps" = Fraps (remove only)
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.17.1127
"Freemake Video Converter_is1" = Freemake Video Converter version 3.2.1
"GOGPACKAVADONTHEBLACKFORTRESS_is1" = Avadon - The Black Fortress
"GOGPACKBALDURSGATE1_is1" = Baldur's Gate - The Original Saga
"GOGPACKBALDURSGATE2_is1" = Baldur's Gate 2 Complete
"GOGPACKFALLOUT_is1" = Fallout
"GOGPACKFALLOUT2_is1" = Fallout 2
"GOGPACKFALLOUTTACTICS_is1" = Fallout Tactics
"GOGPACKINQUISITOR_is1" = Inquisitor
"GOGPACKPAPERSPLEASE_is1" = Papers, Please
"GOGPACKSTRIKESUITZERO_is1" = Strike Suit Zero
"GOGPACKTHIEF1GOLD_is1" = Thief GOLD
"GOGPACKTHIEF2_is1" = Thief 2 - The Metal Age
"GOGPACKTHIEF3_is1" = Thief - Deadly Shadows
"GOGPACKUNEPIC_is1" = Unepic
"GOGPACKZAFEHOUSEDIARIES_is1" = Zafehouse Diaries
"Google Chrome" = Google Chrome
"Gothic 3_is1" = Gothic 3
"Heroes & Generals" = Heroes & Generals
"HP Photo Creations" = HP Photo Creations
"IceChat_is1" = IceChat 7.70 (Build 20101031)
"King's Bounty_is1" = King's Bounty
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 9.7.5
"LogMeIn Hamachi" = LogMeIn Hamachi
"LOLReplay" = LOLReplay
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Might and Magic IX_is1" = Might and Magic IX
"Modern Combat 1.016" = Modern Combat
"Mozilla Firefox 25.0.1 (x86 en-US)" = Mozilla Firefox 25.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Neverwinter" = Neverwinter
"Neverwinter Nights Diamond Edition_is1" = Neverwinter Nights Diamond Edition
"Neverwinter Nights(TM) Kingmaker" = BioWare Premium Module: Neverwinter Nights(TM) Kingmaker
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Open Broadcaster Software" = Open Broadcaster Software
"OpenAL" = OpenAL
"Origin" = Origin
"PowerISO" = PowerISO
"PunkBusterSvc" = PunkBuster Services
"PuTTY_is1" = PuTTY version 0.62
"QWdlIG9mIEVtcGlyZXMgSUkgSEQgKGMpIE1pY3Jvc29mdCBTdHVkaW9z_is1" = Age of Empires II HD (c) Microsoft Studios version 1
"RaidCall" = RaidCall
"Razer Game Booster_is1" = Razer Game Booster
"RiseOfNationsExpansion 1.0" = Rise of Nations
"RmFsbGVuRW5jaGFudHJlc3NMZWdlbmRhcnlIZXJvZXM=_is1" = Fallen Enchantress Legendary Heroes (c) Stardock Entertainment version 1
"Silent Storm GOLD_is1" = Silent Storm GOLD
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"StarCraft II" = StarCraft II
"Steam App 10500" = Empire: Total War
"Steam App 105600" = Terraria
"Steam App 107100" = Bastion
"Steam App 113200" = The Binding of Isaac
"Steam App 113400" = APB Reloaded
"Steam App 1250" = Killing Floor
"Steam App 13140" = America's Army 3
"Steam App 15620" = Warhammer® 40,000: Dawn of War® II
"Steam App 17505" = Zombie Panic Source Dedicated Server
"Steam App 200710" = Torchlight II
"Steam App 202200" = Galactic Civilizations II: Ultimate Edition
"Steam App 203290" = America's Army: Proving Grounds Beta
"Steam App 203770" = Crusader Kings II
"Steam App 204880" = Sins of a Solar Empire: Rebellion
"Steam App 20540" = Company of Heroes: Tales of Valor
"Steam App 20570" = Warhammer® 40,000: Dawn of War® II - Chaos Rising
"Steam App 206440" = To the Moon
"Steam App 208140" = Endless Space
"Steam App 209830" = Lone Survivor
"Steam App 209870" = Blacklight: Retribution
"Steam App 211260" = They Bleed Pixels
"Steam App 211400" = Deadlight
"Steam App 211420" = Dark Souls: Prepare to Die Edition
"Steam App 211820" = Starbound
"Steam App 212240" = Atlantica
"Steam App 218" = Source SDK Base 2007
"Steam App 218230" = PlanetSide 2
"Steam App 218330" = Smashmuck Champions
"Steam App 218620" = PAYDAY 2
"Steam App 219640" = Chivalry: Medieval Warfare
"Steam App 219740" = Don't Starve
"Steam App 22000" = World of Goo
"Steam App 220070" = Chivalry: Medieval Warfare Dedicated Server
"Steam App 22100" = Mount & Blade
"Steam App 221020" = Towns
"Steam App 221380" = Age of Empires II: HD Edition
"Steam App 221910" = The Stanley Parable
"Steam App 223510" = Miasmata
"Steam App 22380" = Fallout: New Vegas
"Steam App 224260" = No More Room in Hell
"Steam App 225600" = Blade Symphony
"Steam App 228200" = Company of Heroes (New Steam Version)
"Steam App 228260" = Fallen Enchantress: Legendary Heroes
"Steam App 228280" = Baldur's Gate: Enhanced Edition
"Steam App 228800" = Arma 3 Alpha Lite
"Steam App 230410" = Warframe
"Steam App 230700" = La-Mulana
"Steam App 234310" = March of War
"Steam App 234650" = Shadowrun Returns
"Steam App 235340" = Prime World
"Steam App 236510" = Takedown: Red Sabre
"Steam App 236850" = Europa Universalis IV
"Steam App 237570" = Penny Arcade's On the Rain-Slick Precipice of Darkness 4
"Steam App 237890" = Agarest: Generations of War
"Steam App 238430" = Contagion
"Steam App 238960" = Path of Exile
"Steam App 239070" = Hammerwatch
"Steam App 2400" = The Ship
"Steam App 241600" = Rogue Legacy
"Steam App 24240" = PAYDAY: The Heist
"Steam App 247730" = Nether
"Steam App 24780" = SimCity 4 Deluxe
"Steam App 248510" = Dominions 3
"Steam App 251170" = Damned
"Steam App 256410" = Might & Magic: Duel of Champions
"Steam App 264910" = Project Zomboid Demo
"Steam App 32470" = Star Wars: Empire at War Gold
"Steam App 32800" = The Lord of the Rings: War in the North
"Steam App 34330" = Total War: SHOGUN 2
"Steam App 35420" = Killing Floor Mod: Defence Alliance 2
"Steam App 35720" = Trine 2
"Steam App 3830" = Psychonauts
"Steam App 400" = Portal
"Steam App 4000" = Garry's Mod
"Steam App 41800" = Gratuitous Space Battles
"Steam App 42910" = Magicka
"Steam App 43160" = Metro: Last Light
"Steam App 440" = Team Fortress 2
"Steam App 4560" = Company of Heroes
"Steam App 4700" = Medieval II: Total War
"Steam App 4780" = Medieval II: Total War Kingdoms
"Steam App 47810" = Dragon Age: Origins - Ultimate Edition
"Steam App 48220" = Might & Magic ® Heroes ® VI
"Steam App 48700" = Mount & Blade: Warband
"Steam App 48720" = Mount & Blade: With Fire and Sword
"Steam App 49520" = Borderlands 2
"Steam App 51100" = Tactical Intervention
"Steam App 550" = Left 4 Dead 2
"Steam App 56400" = Warhammer® 40,000: Dawn of War® II Retribution
"Steam App 570" = Dota 2
"Steam App 58520" = Blood Bowl: Legendary Edition
"Steam App 6000" = Star Wars Republic Commando
"Steam App 620" = Portal 2
"Steam App 630" = Alien Swarm
"Steam App 635" = Alien Swarm Dedicated Server
"Steam App 640" = Alien Swarm - SDK
"Steam App 65800" = Dungeon Defenders
"Steam App 73210" = Sengoku
"Steam App 8930" = Sid Meier's Civilization V
"Steam App 91310" = Dead Island
"Steam App 9340" = Company of Heroes: Opposing Fronts
"Steam App 98200" = Frozen Synapse
"Steam App 9900" = Star Trek Online
"Steam App 99900" = Spiral Knights
"The Elder Scrolls Online Beta_is1" = The Elder Scrolls Online Beta
"The Witcher 2 - Assassins of Kings Enhanced Edition_is1" = The Witcher 2 - Assassins of Kings Enhanced Edition
"Tunngle beta_is1" = Tunngle beta
"Warcraft III" = Warcraft III
"WinLiveSuite" = Windows Live Essentials
"Xvid Video Codec 1.3.2" = Xvid Video Codec
"Yahoo! Companion" = Yahoo! Toolbar
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"@@__UNKNOWN__@@SanDiskSecureAccess_Manager.exe" = SanDiskSecureAccess_Manager.exe
"AIM" = AIM for Windows
"Akamai" = Akamai NetSession Interface
"Elder Kings CK2 Total Conversion 0.1.4a" = Elder Kings CK2 Total Conversion
"fc418bf9b18f76aa" = Ghost Recon Online (NCSA-Live)
"GameMaker-Studio12" = GameMaker-Studio 1.2
"InstallShield_{64893225-ADBA-469E-B114-F3B2C1FBBA77}" = RTKXI
"Limbo" = LIMBO
"Search Protection" = Search Protection
"Third Age - Total War 3.0 (Part 1of2)" = Third Age - Total War 3.0 (Part 1of2)
"Third Age - Total War 3.0 (Part 2of2)" = Third Age - Total War 3.0 (Part 2of2)
"uTorrent" = µTorrent
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 10/10/2013 9:44:54 PM | Computer Name = Jason-PC | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(BZDN2012089293-QkxaMDAwMkJETUZERDAwQ0N9a0ZFMTg5N0pFNDkxQkQ=._bzdn._tcp.local.)
active for over two minutes. This places considerable burden on the network.
Error - 10/11/2013 12:36:56 AM | Computer Name = Jason-PC | Source = SideBySide | ID = 16842811
Description = Activation context generation failed for "c:\program files (x86)\microsoft\search
enhancement pack\search helper\searchhelper.dll".Error in manifest or policy file
"c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll"
on line 2. Invalid Xml syntax.
Error - 10/12/2013 10:44:55 AM | Computer Name = Jason-PC | Source = NvStreamSvc | ID = 131073
Description =
Error - 10/12/2013 10:44:56 AM | Computer Name = Jason-PC | Source = NvStreamSvc | ID = 131073
Description =
Error - 10/12/2013 10:44:56 AM | Computer Name = Jason-PC | Source = WinMgmt | ID = 10
Description =
Error - 10/12/2013 3:38:52 PM | Computer Name = Jason-PC | Source = SideBySide | ID = 16842811
Description = Activation context generation failed for "c:\program files (x86)\microsoft\search
enhancement pack\search helper\searchhelper.dll".Error in manifest or policy file
"c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll"
on line 2. Invalid Xml syntax.
Error - 10/13/2013 3:25:55 PM | Computer Name = Jason-PC | Source = NvStreamSvc | ID = 131073
Description =
Error - 10/13/2013 3:26:01 PM | Computer Name = Jason-PC | Source = NvStreamSvc | ID = 131073
Description =
Error - 10/13/2013 3:26:05 PM | Computer Name = Jason-PC | Source = WinMgmt | ID = 10
Description =
Error - 10/13/2013 3:32:09 PM | Computer Name = Jason-PC | Source = Application Error | ID = 1000
Description = Faulting application name: LolClient.exe, version: 0.0.0.0, time stamp:
0x515663e0 Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp:
0x4ce7b96f Exception code: 0xc0000096 Fault offset: 0x00048665 Faulting process id:
0xc1c Faulting application start time: 0x01cec84a42765cf7 Faulting application path:
C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.53\deploy\LolClient.exe
Faulting
module path: C:\Windows\syswow64\ole32.dll Report Id: 26104ced-343e-11e3-a64c-50465d6f4e41
Error - 10/13/2013 3:32:09 PM | Computer Name = Jason-PC | Source = Application Error | ID = 1005
Description = Windows cannot access the file for one of the following reasons: there
is a problem with the network connection, the disk that the file is stored on,
or the storage drivers installed on this computer; or the disk is missing. Windows
closed the program LolClient.exe because of this error. Program: LolClient.exe File:
The error value is listed in the Additional Data section. User Action 1. Open the
file again. This situation might be a temporary problem that corrects itself when
the program runs again. 2. If the file still cannot be accessed and - It is on the
network, your network administrator should verify that there is not a problem with
the network and that the server can be contacted. - It is on a removable disk, for
example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the
computer. 3. Check and repair the file system by running CHKDSK. To run CHKDSK,
click Start, click Run, type CMD, and then click OK. At the command prompt, type
CHKDSK /F, and then press ENTER. 4. If the problem persists, restore the file from
a backup copy. 5. Determine whether other files on the same disk can be opened.
If not, the disk might be damaged. If it is a hard disk, contact your administrator
or computer hardware vendor for further assistance. Additional Data Error value: 00000000
Disk
type: 0
[ Spybot - Search and Destroy Events ]
Error - 1/6/2014 8:54:41 PM | Computer Name = Jason-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions
Error - 1/6/2014 8:56:20 PM | Computer Name = Jason-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions
Error - 1/6/2014 8:58:37 PM | Computer Name = Jason-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions
Error - 1/6/2014 9:05:12 PM | Computer Name = Jason-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions
[ System Events ]
Error - 1/6/2014 11:40:03 AM | Computer Name = Jason-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the ShellHWDetection service.
Error - 1/6/2014 2:11:21 PM | Computer Name = Jason-PC | Source = bowser | ID = 8003
Description =
Error - 1/6/2014 5:05:45 PM | Computer Name = Jason-PC | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5
Error - 1/6/2014 5:51:09 PM | Computer Name = Jason-PC | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5
Error - 1/6/2014 6:17:13 PM | Computer Name = Jason-PC | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5
Error - 1/7/2014 12:18:43 AM | Computer Name = Jason-PC | Source = Service Control Manager | ID = 7034
Description = The Freemake Improver service terminated unexpectedly. It has done
this 1 time(s).
Error - 1/7/2014 2:08:20 AM | Computer Name = Jason-PC | Source = BROWSER | ID = 8032
Description =
Error - 1/7/2014 6:10:07 PM | Computer Name = Jason-PC | Source = bowser | ID = 8003
Description =
Error - 1/8/2014 10:17:41 AM | Computer Name = Jason-PC | Source = Service Control Manager | ID = 7031
Description = The Superfetch service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 1/8/2014 1:59:29 PM | Computer Name = Jason-PC | Source = bowser | ID = 8003
Description =
< End of report >
TheBlackVanguard
2014-01-08, 20:25
Sorry for the number of posts. It told me I had to shorten it to 64000 characters and I had over 250,000 between those four files. The MBT.zip is attached to the first post I made. Thank you for volunteering to help me, OCD. :D
Hi TheBlackVanguard,
Your logs look pretty good, let's continue to make sure nothing is hiding.
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye2_zpse2245433.png.html) Run OTL.exe
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
:OTL
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
:Commands
[purity]
[createrestorepoint]
[emptyjava]
[emptyflash]
[Reboot]
Then click the Run Fix button at the top
Let the program run unhindered, reboot when it is done
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) AdwCleaner v3: Scan & Clean (http://www.bleepingcomputer.com/download/adwcleaner/)
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
Click on the Scan button.
AdwCleaner will begin to scan your computer like it did before.
After the scan has finished...
Click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a log file report (AdwCleaner[S0].txt) will open automatically.
Copy and paste the contents of that log file in your next reply.
A copy of that log file will also be saved in the C:\AdwCleaner folder.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Junkware Removal Tool
Download Junkware Removal Tool (http://thisisudax.org/downloads/JRT.exe) to your desktop.
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
Shut down your protection software now to avoid potential conflicts.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.
=========================
In your next post please provide the following:
AdwCleaner[S0].txt
JRT.txt
How is the computer running, any issues?
TheBlackVanguard
2014-01-11, 00:48
Apologies for the delay. I had to work a double last night, and I have to work overnight this night. I was also in urgent care for a second degree burn on my thumb. I'll try and get everything done for tomorrow.
Hi TheBlackVanguard,
No problem, post when you can.
Hi TheBlackVanguard,
It's been 5 days since your last post. Do you still require more time to get the logs together?
This thread has been closed due to inactivity. If it has been three days or more since your last post it will not be re-opened.
If you still require help, please start a new topic and include fresh DDS and aswMBR logs, along with a link to your previous thread.
Please do not add any logs that might have been requested previously, you would be starting fresh.
Applies only to the original poster, anyone else with similar problems please start your own topic.