Advertisement
Help Keep Boards Alive. Support us by going ad free today. See here: https://subscriptions.boards.ie/.
If we do not hit our goal we will be forced to close the site.
Current status: https://keepboardsalive.com/
Annual subs are best for most impact. If you are still undecided on going Ad Free - you can also donate using the Paypal Donate option. All contribution helps. Thank you.
If we do not hit our goal we will be forced to close the site.
Current status: https://keepboardsalive.com/
Annual subs are best for most impact. If you are still undecided on going Ad Free - you can also donate using the Paypal Donate option. All contribution helps. Thank you.
https://www.boards.ie/group/1878-subscribers-forum
Private Group for paid up members of Boards.ie. Join the club.
Private Group for paid up members of Boards.ie. Join the club.
Something to worry about or not?
-
20-07-2015 08:47PM#1Join Date:Posts: 19737
Just after starting my computer and the attached image popped up on screen. Can anyone shed any light on it?
Thanks0
Comments
-
possibly, run this, don't attach the logs
Download OTL to your Desktop- Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
- Click the Quick Scan button. Do not change any settings. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files here
0 -
Join Date:Posts: 19737
OTL logfile created on: 7/20/2015 8:57:51 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Rory\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17914)
Locale: 00000409 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy
3.93 Gb Total Physical Memory | 2.41 Gb Available Physical Memory | 61.25% Memory free
7.87 Gb Paging File | 5.98 Gb Available in Paging File | 75.99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286.69 Gb Total Space | 88.52 Gb Free Space | 30.88% Space Free | Partition Type: NTFS
Computer Name: RORY-PC | User Name: Rory | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2015/07/20 20:57:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Rory\Desktop\OTL.exe
PRC - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/09/06 18:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/03/04 03:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/04 03:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009/10/01 05:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009/10/01 05:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/07/22 15:52:12 | 002,384,896 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
========== Modules (No Company Name) ==========
MOD - [2015/05/16 04:26:09 | 002,297,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\63e9d5c341d64a753cde97f5a3d65c71\System.Core.ni.dll
MOD - [2015/05/13 22:30:53 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\b3eb55fa5864a2fc7accbbbbe7fa7246\PresentationFramework.Aero.ni.dll
MOD - [2015/05/13 22:29:55 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ea543310204d0addfaf9792d820e958d\PresentationFramework.ni.dll
MOD - [2015/05/13 22:29:29 | 012,438,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6949c4470a81970ec3de0a575d93babc\System.Windows.Forms.ni.dll
MOD - [2015/05/13 22:29:14 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5a401fd2a7689ff13fb54182953f9c40\System.Drawing.ni.dll
MOD - [2015/05/13 22:29:09 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\007fc007edc388d9806dff94ee04f129\System.Configuration.ni.dll
MOD - [2015/05/13 22:28:47 | 012,254,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\ef204c8310562595a0518e356fb15387\PresentationCore.ni.dll
MOD - [2015/05/13 22:28:36 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1c3513960037508558358652f2d202a1\WindowsBase.ni.dll
MOD - [2015/04/15 19:41:44 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0967cf5c31691f38d013263304d2dacb\System.Runtime.Remoting.ni.dll
MOD - [2014/10/16 08:24:28 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\2ca8cdf617184cf813f8777f0db6b7a7\System.Xml.ni.dll
MOD - [2014/10/16 08:23:04 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014/09/10 08:16:25 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2009/07/22 15:52:12 | 002,384,896 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
========== Services (SafeList) ==========
SRV:64bit: - [2015/06/20 20:34:46 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015/05/25 19:19:13 | 001,255,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/07/31 14:14:45 | 009,390,440 | ---- | M] (DisplayLink Corp.) [Auto | Running] -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe -- (DisplayLinkService)
SRV:64bit: - [2010/01/22 09:01:12 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/12/14 22:28:54 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_42d83e1760b1e973\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/11/02 19:48:18 | 000,126,352 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/07/17 18:06:22 | 000,033,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2009/03/03 11:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_42d83e1760b1e973\AESTSr64.exe -- (AESTFilters)
SRV - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/12/11 10:30:48 | 000,315,496 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/03/20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/12/11 03:34:44 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/16 01:30:02 | 005,175,856 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/07/26 23:46:24 | 000,563,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/08/18 16:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Stopped] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2010/07/07 10:56:58 | 001,461,064 | ---- | M] (Wisair Ltd.) [Auto | Running] -- C:\Program Files (x86)\Wireless USB\Components\Association\CableAssociation.exe -- (CableAssociation)
SRV - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/04 03:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009/12/14 22:28:54 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_42d83e1760b1e973\STacSV64.exe -- (STacSV)
SRV - [2009/10/01 05:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/10/01 05:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/23 23:02:42 | 000,060,928 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe -- (InstallFilterService)
SRV - [2009/03/03 11:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_42d83e1760b1e973\AESTSr64.exe -- (AESTFilters)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/11/04 01:33:14 | 000,384,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/12/10 04:28:34 | 000,127,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2012/11/08 04:49:24 | 000,307,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012/05/16 16:38:35 | 000,017,408 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DisplayLinkUsbPort_5.4.26772.0.sys -- (DisplayLinkUsbPort)
DRV:64bit: - [2012/04/19 04:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/31 04:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2012/01/05 00:01:54 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2011/12/23 13:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/12/23 13:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/08/11 00:20:26 | 000,091,864 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:64bit: - [2011/07/29 13:54:56 | 000,016,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv)
DRV:64bit: - [2011/07/29 13:54:56 | 000,009,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/08/05 14:35:14 | 000,165,376 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSR_RCI.SYS -- (HWARadio)
DRV:64bit: - [2010/08/05 14:34:54 | 000,570,880 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSR_DWA.SYS -- (DWA)
DRV:64bit: - [2010/08/05 14:34:12 | 000,947,200 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSR_HWA.SYS -- (hwa)
DRV:64bit: - [2010/07/31 14:15:12 | 000,199,280 | ---- | M] (DisplayLink Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dlkmd.sys -- (dlkmd)
DRV:64bit: - [2010/07/31 14:15:12 | 000,013,936 | ---- | M] (DisplayLink Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\dlkmdldr.sys -- (dlkmdldr)
DRV:64bit: - [2010/07/29 00:25:10 | 000,029,720 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ivusb.sys -- (ivusb)
DRV:64bit: - [2010/07/21 15:47:14 | 000,052,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSR_TBF.sys -- (DLCopyFilter)
DRV:64bit: - [2010/07/12 19:36:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/07/01 14:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2010/06/23 15:20:44 | 000,189,952 | ---- | M] (Hauppauge, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcwhdpvr.sys -- (hcwhdpvr)
DRV:64bit: - [2010/05/10 11:03:46 | 000,048,640 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSR_USF.sys -- (WSR_USF)
DRV:64bit: - [2010/03/04 03:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/01/22 09:13:24 | 006,233,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010/01/22 09:13:24 | 006,233,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/01/22 08:07:56 | 000,161,280 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2009/12/14 22:28:54 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/11/02 19:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/09/30 18:34:32 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/09/17 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/08/24 20:20:22 | 000,285,744 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/08/21 09:05:06 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/24 23:13:02 | 000,023,912 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Acceler.sys -- (Acceler)
DRV:64bit: - [2009/07/23 19:57:48 | 000,018,792 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdflt.sys -- (stdflt)
DRV:64bit: - [2009/07/17 18:06:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2009/07/17 18:06:16 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/05 04:27:02 | 000,055,808 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpe64.sys -- (rixdpcie)
DRV:64bit: - [2009/07/02 17:54:52 | 000,060,416 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspe64.sys -- (rimspci)
DRV:64bit: - [2009/07/02 03:31:58 | 000,080,896 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdpe64.sys -- (risdpcie)
DRV:64bit: - [2009/06/26 02:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009/06/26 01:38:52 | 000,057,856 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2009/06/26 01:13:44 | 000,055,296 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2009/06/15 20:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/12/26 12:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer)
DRV:64bit: - [2007/05/14 17:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2007/02/16 14:42:28 | 000,022,528 | ---- | M] (Christian Diefer) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\fanio.sys -- (fanio)
DRV:64bit: - [2006/11/01 19:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2011/07/29 13:54:56 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv)
DRV - [2011/07/29 13:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/default.aspx?c=uk&l=en&s=gen
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ie.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-IE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8E BF BE C2 04 AD CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@winzip.com/Winzip Courier: C:\Program Files (x86)\WinZip Courier\npwzwmc.dll (WinZip Computing, S.L.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@alibaba.com/npAliSSOLogin;version=1.0: C:\Program Files (x86)\Trademanager\npAliSSOLogin.dll (Alibaba software (Shanghai) Corporation.)
FF - HKCU\Software\MozillaPlugins\{@alibaba.com/alisetup;version=1.0}: C:\Users\Rory\AppData\Local\Alibaba\AliSetup\0.1.0.52\npAliSetupOneClick.dll (alibaba)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2015/07/11 19:13:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{74c841e3-b59f-479e-8d7a-e26a942a87c8}: C:\Program Files (x86)\WinZip Courier\FFExt [2011/08/23 14:30:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2015/07/11 19:13:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/11/23 19:56:29 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/11/23 19:56:29 | 000,000,000 | ---D | M]
[2011/08/11 13:18:12 | 000,128,960 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll
[2011/08/11 00:16:34 | 000,096,192 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll
[2011/08/11 13:18:30 | 000,092,096 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll
[2011/08/11 13:18:08 | 000,022,976 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll
[2010/11/12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/08/11 13:19:38 | 000,436,136 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll
[2012/05/31 10:16:36 | 000,108,576 | ---- | M] ( ) -- C:\Program Files (x86)\mozilla firefox\plugins\nptrademanager.dll
[2011/08/11 00:16:34 | 000,024,512 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll
========== Chrome ==========
CHR - Extension: No name found = C:\Users\Rory\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Rory\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\Rory\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\Rory\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: No name found = C:\Users\Rory\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\
CHR - Extension: No name found = C:\Users\Rory\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\
CHR - Extension: No name found = C:\Users\Rory\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\
CHR - Extension: No name found = C:\Users\Rory\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (no name) - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - No CLSID value found.
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (WinZip Courier BHO) - {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} - C:\Program Files (x86)\WinZip Courier\wzwmcie.dll (WinZip Computing, S.L.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe ()
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WirelessUSBManager] C:\Program Files (x86)\Wireless USB\Components\WirelessUSBManager\WirelessUSBManager.exe (Wisair Ltd.)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: alipay.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: alipay.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: alisoft.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: alisoft.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: taobao.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: taobao.com ([]https in Trusted sites)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell.com/systemprofiler/SysProExe.CAB (WMI Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 10.9.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.101.160.5 89.101.160.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{47C2517D-3DF6-49C8-8159-D199B8C6EEDB}: DhcpNameServer = 89.101.160.5 89.101.160.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{79D25402-CF35-4816-8AEA-4720882FEB91}: DhcpNameServer = 89.101.160.5 89.101.160.4
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\ica - No CLSID value found
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{7a80a03f-f7b1-11e0-a88d-b8ac6f76e227}\Shell - "" = AutoRun
O33 - MountPoints2\{7a80a03f-f7b1-11e0-a88d-b8ac6f76e227}\Shell\AutoRun\command - "" = E:\DTVP_Launcher.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2015/07/20 20:57:02 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Rory\Desktop\OTL.exe
[2015/07/20 20:48:59 | 000,000,000 | ---D | C] -- C:\Users\Rory\Desktop\True.Detective.S02E05.HDTV.x264-ASAP[ettv]
[2015/07/20 20:48:28 | 000,000,000 | ---D | C] -- C:\Users\Rory\Desktop\The.Strain.S02E02.720p.HDTV.x264-KILLERS[rarbg]
[2015/07/13 21:26:20 | 000,000,000 | ---D | C] -- C:\Users\Rory\Desktop\True.Detective.S02E04.HDTV.x264-ASAP[ettv]
[2015/07/13 21:26:07 | 000,000,000 | ---D | C] -- C:\Users\Rory\Desktop\The.Strain.S02E01.HDTV.x264-KILLERS[rarbg]
[2015/07/08 22:40:35 | 000,000,000 | ---D | C] -- C:\Users\Rory\AppData\Local\Avg2015
[2015/07/08 22:39:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AV
[2015/07/08 22:36:07 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2015
[7 C:\Users\Rory\Desktop\*.tmp files -> C:\Users\Rory\Desktop\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Rory\*.tmp files -> C:\Users\Rory\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2015/07/20 20:57:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Rory\Desktop\OTL.exe
[2015/07/20 20:52:22 | 000,022,464 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/07/20 20:52:22 | 000,022,464 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/07/20 20:43:52 | 000,023,207 | ---- | M] () -- C:\Users\Rory\Desktop\Untitled.png
[2015/07/20 20:41:50 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/07/20 20:41:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/07/20 20:41:12 | 3168,165,888 | -HS- | M] () -- C:\hiberfil.sys
[2015/07/19 23:27:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/07/19 12:22:41 | 000,025,567 | ---- | M] () -- C:\Users\Rory\Desktop\[kat.cr.prx.websiteproxy.co.uk.prx.websiteproxy.co.uk]power.2014.s02e06.hdtv.x264.asap.rartv.torrent
[2015/07/19 09:06:25 | 005,030,312 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/07/18 21:22:02 | 000,018,082 | ---- | M] () -- C:\Users\Rory\Desktop\[kat.cr.prx.websiteproxy.co.uk.prx.websiteproxy.co.uk]wayward.pines.s01e09.hdtv.x264.lol.ettv.torrent
[2015/07/08 22:32:08 | 186,296,034 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2015/07/04 12:14:01 | 000,736,104 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/07/04 12:14:01 | 000,634,746 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/07/04 12:14:01 | 000,114,114 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/06/24 22:06:17 | 000,002,285 | ---- | M] () -- C:\Users\Rory\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[7 C:\Users\Rory\Desktop\*.tmp files -> C:\Users\Rory\Desktop\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Rory\*.tmp files -> C:\Users\Rory\*.tmp -> ]
========== Files Created - No Company Name ==========
[2015/07/20 20:43:52 | 000,023,207 | ---- | C] () -- C:\Users\Rory\Desktop\Untitled.png
[2015/07/19 12:22:41 | 000,025,567 | ---- | C] () -- C:\Users\Rory\Desktop\[kat.cr.prx.websiteproxy.co.uk.prx.websiteproxy.co.uk]power.2014.s02e06.hdtv.x264.asap.rartv.torrent
[2015/07/18 21:22:02 | 000,018,082 | ---- | C] () -- C:\Users\Rory\Desktop\[kat.cr.prx.websiteproxy.co.uk.prx.websiteproxy.co.uk]wayward.pines.s01e09.hdtv.x264.lol.ettv.torrent
[2014/07/11 21:32:15 | 000,003,584 | ---- | C] () -- C:\Users\Rory\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/04/01 09:51:53 | 000,000,180 | ---- | C] () -- C:\Users\Rory\AppData\Roaming\COPA_Last_Connected_Device.ini
[2014/04/01 09:45:48 | 000,000,098 | ---- | C] () -- C:\Users\Rory\AppData\Roaming\SDC_Path.ini
[2014/02/26 17:01:41 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/02/25 13:20:26 | 000,771,420 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/01/21 15:13:53 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI
[2011/06/24 04:22:41 | 000,007,639 | ---- | C] () -- C:\Users\Rory\AppData\Local\Resmon.ResmonCfg
[2010/12/21 23:09:46 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
========== ZeroAccess Check ==========
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/02/13 06:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/13 06:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/08/22 08:49:36 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\Alibaba
[2015/04/03 02:04:51 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\Audacity
[2012/04/19 10:04:46 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\AVG
[2015/07/11 19:13:44 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\AVG2012
[2014/08/24 11:58:06 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\Avnex
[2013/10/13 08:38:50 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\calibre
[2012/02/13 15:20:32 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\Datel
[2014/03/07 12:52:34 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\EDrawings
[2011/03/20 14:11:12 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\eTeks
[2012/02/13 15:22:25 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\ICAClient
[2013/03/21 16:03:07 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\LolClient
[2012/02/11 07:58:50 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\Manue
[2013/04/14 23:09:59 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\Opera
[2010/12/23 23:46:04 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\Publish Providers
[2014/08/23 13:42:54 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\REAPER
[2014/08/21 20:52:11 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\Screaming Bee
[2012/02/13 15:20:33 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\Sony
[2013/06/22 10:10:18 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\Sports Interactive
[2013/02/08 00:09:43 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\SystemRequirementsLab
[2012/05/23 12:34:36 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\TuneUp Software
[2015/07/19 12:28:41 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\uTorrent
[2012/02/11 07:58:50 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\Wea
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:0B4227B4
< End of report >0 -
Join Date:Posts: 19737
OTL logfile created on: 7/20/2015 8:57:51 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Rory\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17914)
Locale: 00000409 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy
3.93 Gb Total Physical Memory | 2.41 Gb Available Physical Memory | 61.25% Memory free
7.87 Gb Paging File | 5.98 Gb Available in Paging File | 75.99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286.69 Gb Total Space | 88.52 Gb Free Space | 30.88% Space Free | Partition Type: NTFS
Computer Name: RORY-PC | User Name: Rory | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2015/07/20 20:57:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Rory\Desktop\OTL.exe
PRC - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/09/06 18:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/03/04 03:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/04 03:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009/10/01 05:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009/10/01 05:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/07/22 15:52:12 | 002,384,896 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
========== Modules (No Company Name) ==========
MOD - [2015/05/16 04:26:09 | 002,297,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\63e9d5c341d64a753cde97f5a3d65c71\System.Core.ni.dll
MOD - [2015/05/13 22:30:53 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\b3eb55fa5864a2fc7accbbbbe7fa7246\PresentationFramework.Aero.ni.dll
MOD - [2015/05/13 22:29:55 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ea543310204d0addfaf9792d820e958d\PresentationFramework.ni.dll
MOD - [2015/05/13 22:29:29 | 012,438,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6949c4470a81970ec3de0a575d93babc\System.Windows.Forms.ni.dll
MOD - [2015/05/13 22:29:14 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5a401fd2a7689ff13fb54182953f9c40\System.Drawing.ni.dll
MOD - [2015/05/13 22:29:09 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\007fc007edc388d9806dff94ee04f129\System.Configuration.ni.dll
MOD - [2015/05/13 22:28:47 | 012,254,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\ef204c8310562595a0518e356fb15387\PresentationCore.ni.dll
MOD - [2015/05/13 22:28:36 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1c3513960037508558358652f2d202a1\WindowsBase.ni.dll
MOD - [2015/04/15 19:41:44 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0967cf5c31691f38d013263304d2dacb\System.Runtime.Remoting.ni.dll
MOD - [2014/10/16 08:24:28 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\2ca8cdf617184cf813f8777f0db6b7a7\System.Xml.ni.dll
MOD - [2014/10/16 08:23:04 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014/09/10 08:16:25 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2009/07/22 15:52:12 | 002,384,896 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
========== Services (SafeList) ==========
SRV:64bit: - [2015/06/20 20:34:46 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015/05/25 19:19:13 | 001,255,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/07/31 14:14:45 | 009,390,440 | ---- | M] (DisplayLink Corp.) [Auto | Running] -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe -- (DisplayLinkService)
SRV:64bit: - [2010/01/22 09:01:12 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/12/14 22:28:54 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_42d83e1760b1e973\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/11/02 19:48:18 | 000,126,352 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/07/17 18:06:22 | 000,033,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2009/03/03 11:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_42d83e1760b1e973\AESTSr64.exe -- (AESTFilters)
SRV - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/12/11 10:30:48 | 000,315,496 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/03/20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/12/11 03:34:44 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/16 01:30:02 | 005,175,856 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/07/26 23:46:24 | 000,563,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/08/18 16:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Stopped] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2010/07/07 10:56:58 | 001,461,064 | ---- | M] (Wisair Ltd.) [Auto | Running] -- C:\Program Files (x86)\Wireless USB\Components\Association\CableAssociation.exe -- (CableAssociation)
SRV - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/04 03:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009/12/14 22:28:54 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_42d83e1760b1e973\STacSV64.exe -- (STacSV)
SRV - [2009/10/01 05:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/10/01 05:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/23 23:02:42 | 000,060,928 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe -- (InstallFilterService)
SRV - [2009/03/03 11:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_42d83e1760b1e973\AESTSr64.exe -- (AESTFilters)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/11/04 01:33:14 | 000,384,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/12/10 04:28:34 | 000,127,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2012/11/08 04:49:24 | 000,307,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012/05/16 16:38:35 | 000,017,408 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DisplayLinkUsbPort_5.4.26772.0.sys -- (DisplayLinkUsbPort)
DRV:64bit: - [2012/04/19 04:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/31 04:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2012/01/05 00:01:54 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2011/12/23 13:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/12/23 13:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/08/11 00:20:26 | 000,091,864 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:64bit: - [2011/07/29 13:54:56 | 000,016,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv)
DRV:64bit: - [2011/07/29 13:54:56 | 000,009,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/08/05 14:35:14 | 000,165,376 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSR_RCI.SYS -- (HWARadio)
DRV:64bit: - [2010/08/05 14:34:54 | 000,570,880 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSR_DWA.SYS -- (DWA)
DRV:64bit: - [2010/08/05 14:34:12 | 000,947,200 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSR_HWA.SYS -- (hwa)
DRV:64bit: - [2010/07/31 14:15:12 | 000,199,280 | ---- | M] (DisplayLink Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dlkmd.sys -- (dlkmd)
DRV:64bit: - [2010/07/31 14:15:12 | 000,013,936 | ---- | M] (DisplayLink Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\dlkmdldr.sys -- (dlkmdldr)
DRV:64bit: - [2010/07/29 00:25:10 | 000,029,720 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ivusb.sys -- (ivusb)
DRV:64bit: - [2010/07/21 15:47:14 | 000,052,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSR_TBF.sys -- (DLCopyFilter)
DRV:64bit: - [2010/07/12 19:36:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/07/01 14:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2010/06/23 15:20:44 | 000,189,952 | ---- | M] (Hauppauge, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcwhdpvr.sys -- (hcwhdpvr)
DRV:64bit: - [2010/05/10 11:03:46 | 000,048,640 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSR_USF.sys -- (WSR_USF)
DRV:64bit: - [2010/03/04 03:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/01/22 09:13:24 | 006,233,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010/01/22 09:13:24 | 006,233,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/01/22 08:07:56 | 000,161,280 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2009/12/14 22:28:54 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/11/02 19:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/09/30 18:34:32 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/09/17 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/08/24 20:20:22 | 000,285,744 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/08/21 09:05:06 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/24 23:13:02 | 000,023,912 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Acceler.sys -- (Acceler)
DRV:64bit: - [2009/07/23 19:57:48 | 000,018,792 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdflt.sys -- (stdflt)
DRV:64bit: - [2009/07/17 18:06:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2009/07/17 18:06:16 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/05 04:27:02 | 000,055,808 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpe64.sys -- (rixdpcie)
DRV:64bit: - [2009/07/02 17:54:52 | 000,060,416 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspe64.sys -- (rimspci)
DRV:64bit: - [2009/07/02 03:31:58 | 000,080,896 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdpe64.sys -- (risdpcie)
DRV:64bit: - [2009/06/26 02:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009/06/26 01:38:52 | 000,057,856 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2009/06/26 01:13:44 | 000,055,296 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2009/06/15 20:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/12/26 12:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer)
DRV:64bit: - [2007/05/14 17:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2007/02/16 14:42:28 | 000,022,528 | ---- | M] (Christian Diefer) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\fanio.sys -- (fanio)
DRV:64bit: - [2006/11/01 19:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2011/07/29 13:54:56 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv)
DRV - [2011/07/29 13:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/default.aspx?c=uk&l=en&s=gen
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ie.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-IE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8E BF BE C2 04 AD CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@winzip.com/Winzip Courier: C:\Program Files (x86)\WinZip Courier\npwzwmc.dll (WinZip Computing, S.L.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@alibaba.com/npAliSSOLogin;version=1.0: C:\Program Files (x86)\Trademanager\npAliSSOLogin.dll (Alibaba software (Shanghai) Corporation.)
FF - HKCU\Software\MozillaPlugins\{@alibaba.com/alisetup;version=1.0}: C:\Users\Rory\AppData\Local\Alibaba\AliSetup\0.1.0.52\npAliSetupOneClick.dll (alibaba)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2015/07/11 19:13:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{74c841e3-b59f-479e-8d7a-e26a942a87c8}: C:\Program Files (x86)\WinZip Courier\FFExt [2011/08/23 14:30:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2015/07/11 19:13:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/11/23 19:56:29 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/11/23 19:56:29 | 000,000,000 | ---D | M]
[2011/08/11 13:18:12 | 000,128,960 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll
[2011/08/11 00:16:34 | 000,096,192 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll
[2011/08/11 13:18:30 | 000,092,096 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll
[2011/08/11 13:18:08 | 000,022,976 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll
[2010/11/12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/08/11 13:19:38 | 000,436,136 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll
[2012/05/31 10:16:36 | 000,108,576 | ---- | M] ( ) -- C:\Program Files (x86)\mozilla firefox\plugins\nptrademanager.dll
[2011/08/11 00:16:34 | 000,024,512 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll
========== Chrome ==========
CHR - Extension: No name found = C:\Users\Rory\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Rory\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\Rory\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\Rory\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: No name found = C:\Users\Rory\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\
CHR - Extension: No name found = C:\Users\Rory\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\
CHR - Extension: No name found = C:\Users\Rory\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\
CHR - Extension: No name found = C:\Users\Rory\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (no name) - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - No CLSID value found.
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (WinZip Courier BHO) - {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} - C:\Program Files (x86)\WinZip Courier\wzwmcie.dll (WinZip Computing, S.L.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe ()
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WirelessUSBManager] C:\Program Files (x86)\Wireless USB\Components\WirelessUSBManager\WirelessUSBManager.exe (Wisair Ltd.)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: alipay.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: alipay.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: alisoft.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: alisoft.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: taobao.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: taobao.com ([]https in Trusted sites)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell.com/systemprofiler/SysProExe.CAB (WMI Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 10.9.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.101.160.5 89.101.160.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{47C2517D-3DF6-49C8-8159-D199B8C6EEDB}: DhcpNameServer = 89.101.160.5 89.101.160.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{79D25402-CF35-4816-8AEA-4720882FEB91}: DhcpNameServer = 89.101.160.5 89.101.160.4
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\ica - No CLSID value found
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{7a80a03f-f7b1-11e0-a88d-b8ac6f76e227}\Shell - "" = AutoRun
O33 - MountPoints2\{7a80a03f-f7b1-11e0-a88d-b8ac6f76e227}\Shell\AutoRun\command - "" = E:\DTVP_Launcher.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2015/07/20 20:57:02 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Rory\Desktop\OTL.exe
[2015/07/20 20:48:59 | 000,000,000 | ---D | C] -- C:\Users\Rory\Desktop\True.Detective.S02E05.HDTV.x264-ASAP[ettv]
[2015/07/20 20:48:28 | 000,000,000 | ---D | C] -- C:\Users\Rory\Desktop\The.Strain.S02E02.720p.HDTV.x264-KILLERS[rarbg]
[2015/07/13 21:26:20 | 000,000,000 | ---D | C] -- C:\Users\Rory\Desktop\True.Detective.S02E04.HDTV.x264-ASAP[ettv]
[2015/07/13 21:26:07 | 000,000,000 | ---D | C] -- C:\Users\Rory\Desktop\The.Strain.S02E01.HDTV.x264-KILLERS[rarbg]
[2015/07/08 22:40:35 | 000,000,000 | ---D | C] -- C:\Users\Rory\AppData\Local\Avg2015
[2015/07/08 22:39:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AV
[2015/07/08 22:36:07 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2015
[7 C:\Users\Rory\Desktop\*.tmp files -> C:\Users\Rory\Desktop\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Rory\*.tmp files -> C:\Users\Rory\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2015/07/20 20:57:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Rory\Desktop\OTL.exe
[2015/07/20 20:52:22 | 000,022,464 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/07/20 20:52:22 | 000,022,464 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/07/20 20:43:52 | 000,023,207 | ---- | M] () -- C:\Users\Rory\Desktop\Untitled.png
[2015/07/20 20:41:50 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/07/20 20:41:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/07/20 20:41:12 | 3168,165,888 | -HS- | M] () -- C:\hiberfil.sys
[2015/07/19 23:27:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/07/19 12:22:41 | 000,025,567 | ---- | M] () -- C:\Users\Rory\Desktop\[kat.cr.prx.websiteproxy.co.uk.prx.websiteproxy.co.uk]power.2014.s02e06.hdtv.x264.asap.rartv.torrent
[2015/07/19 09:06:25 | 005,030,312 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/07/18 21:22:02 | 000,018,082 | ---- | M] () -- C:\Users\Rory\Desktop\[kat.cr.prx.websiteproxy.co.uk.prx.websiteproxy.co.uk]wayward.pines.s01e09.hdtv.x264.lol.ettv.torrent
[2015/07/08 22:32:08 | 186,296,034 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2015/07/04 12:14:01 | 000,736,104 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/07/04 12:14:01 | 000,634,746 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/07/04 12:14:01 | 000,114,114 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/06/24 22:06:17 | 000,002,285 | ---- | M] () -- C:\Users\Rory\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[7 C:\Users\Rory\Desktop\*.tmp files -> C:\Users\Rory\Desktop\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Rory\*.tmp files -> C:\Users\Rory\*.tmp -> ]
========== Files Created - No Company Name ==========
[2015/07/20 20:43:52 | 000,023,207 | ---- | C] () -- C:\Users\Rory\Desktop\Untitled.png
[2015/07/19 12:22:41 | 000,025,567 | ---- | C] () -- C:\Users\Rory\Desktop\[kat.cr.prx.websiteproxy.co.uk.prx.websiteproxy.co.uk]power.2014.s02e06.hdtv.x264.asap.rartv.torrent
[2015/07/18 21:22:02 | 000,018,082 | ---- | C] () -- C:\Users\Rory\Desktop\[kat.cr.prx.websiteproxy.co.uk.prx.websiteproxy.co.uk]wayward.pines.s01e09.hdtv.x264.lol.ettv.torrent
[2014/07/11 21:32:15 | 000,003,584 | ---- | C] () -- C:\Users\Rory\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/04/01 09:51:53 | 000,000,180 | ---- | C] () -- C:\Users\Rory\AppData\Roaming\COPA_Last_Connected_Device.ini
[2014/04/01 09:45:48 | 000,000,098 | ---- | C] () -- C:\Users\Rory\AppData\Roaming\SDC_Path.ini
[2014/02/26 17:01:41 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/02/25 13:20:26 | 000,771,420 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/01/21 15:13:53 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI
[2011/06/24 04:22:41 | 000,007,639 | ---- | C] () -- C:\Users\Rory\AppData\Local\Resmon.ResmonCfg
[2010/12/21 23:09:46 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
========== ZeroAccess Check ==========
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/02/13 06:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/13 06:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/08/22 08:49:36 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\Alibaba
[2015/04/03 02:04:51 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\Audacity
[2012/04/19 10:04:46 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\AVG
[2015/07/11 19:13:44 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\AVG2012
[2014/08/24 11:58:06 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\Avnex
[2013/10/13 08:38:50 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\calibre
[2012/02/13 15:20:32 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\Datel
[2014/03/07 12:52:34 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\EDrawings
[2011/03/20 14:11:12 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\eTeks
[2012/02/13 15:22:25 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\ICAClient
[2013/03/21 16:03:07 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\LolClient
[2012/02/11 07:58:50 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\Manue
[2013/04/14 23:09:59 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\Opera
[2010/12/23 23:46:04 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\Publish Providers
[2014/08/23 13:42:54 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\REAPER
[2014/08/21 20:52:11 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\Screaming Bee
[2012/02/13 15:20:33 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\Sony
[2013/06/22 10:10:18 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\Sports Interactive
[2013/02/08 00:09:43 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\SystemRequirementsLab
[2012/05/23 12:34:36 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\TuneUp Software
[2015/07/19 12:28:41 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\uTorrent
[2012/02/11 07:58:50 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\Wea
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:0B4227B4
< End of report >0 -
Join Date:Posts: 19737
OTL Extras logfile created on: 7/20/2015 8:57:51 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Rory\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17914)
Locale: 00000409 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy
3.93 Gb Total Physical Memory | 2.41 Gb Available Physical Memory | 61.25% Memory free
7.87 Gb Paging File | 5.98 Gb Available in Paging File | 75.99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286.69 Gb Total Space | 88.52 Gb Free Space | 30.88% Space Free | Partition Type: NTFS
Computer Name: RORY-PC | User Name: Rory | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0454CD27-55B3-4FCC-BD1F-895F5D7B1283}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{1432F898-1B8A-4823-9788-8FA2B8B0AF4D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{153D5173-330B-4D50-B836-EAC4B08CF38E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{17F4574A-D123-4C08-B3AC-A9C32F075483}" = lport=3390 | protocol=6 | dir=in | app=system |
"{1BF06A34-E76B-4076-A9FA-C0E7569899D0}" = lport=3390 | protocol=6 | dir=in | app=system |
"{1FBA97E3-D144-4AAB-A1C9-A43CDB84AA0E}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{20B2986A-1E8F-4B21-B105-B48CA8096B08}" = lport=137 | protocol=17 | dir=in | app=system |
"{220F1134-4B24-4DE2-A64B-2B5A661FE5D8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{253048BA-E2E7-4647-ADEC-C4E47611F88A}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{253A81C0-A664-418B-B47F-C75E58C7BB59}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{41B55433-2938-4C33-9CC4-07ADA3DBD3C0}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{4650EEDF-DBF0-4DD2-9037-07FCCE98C36C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4B732E41-B8FF-4CB7-924D-B67111DF6042}" = lport=10244 | protocol=6 | dir=in | app=system |
"{55C569A2-B290-476E-9CD2-A77BDB5B9E17}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{59A086FB-3C61-489D-94DF-90D8ACFA7504}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5CD494BE-F4D0-4D94-96E9-288A2BB6F8C2}" = rport=139 | protocol=6 | dir=out | app=system |
"{5E97D9FD-17E5-4151-ABEA-A7ED954D0FAD}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{66C572C4-F2FD-47FA-BCF7-DE0FD58ECD88}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{67FA2DDE-5C72-4374-AB20-B0A16D270C07}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6C1C876A-3876-43CC-85A8-2A245E0ED39F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7174916F-C696-496F-B473-E787B7E768D7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{72901496-CF77-44E3-B43C-3B3C0F7AA5B2}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{783B9806-870A-4628-8F09-208B711473AA}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{798CA25B-AD0B-447E-9321-84F0A4787DC6}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=%systemroot%\microsoft.net\framework64\v3.0\windows communication foundation\smsvchost.exe |
"{7B0AED13-529D-4CC2-8316-D12FEFC5F1CA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{808D9F17-ED6E-4F86-90D3-5F9D5F31A270}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{81F3F47F-96C0-418B-9BFD-61BD22A77DC5}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{84F39381-D93D-4E71-AE07-6F3A79DDC3E3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{878F4A55-C665-4DEB-B7C6-F1AFB7CC2ECE}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{8B8C88D7-478E-4D03-8E4B-9481C1E11307}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{8CA56F11-E73A-4FA6-AC7F-2729CF20CE16}" = lport=10244 | protocol=6 | dir=in | app=system |
"{8F2B9F6C-CBEA-4B2C-99B8-C7ECCEC37DFB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8F60A284-DC2D-466B-B439-19B4DA1DC9AF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{95865155-4796-4B5F-B6EE-EAB48FB1A306}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{982E0857-251C-459A-8B93-4ECD1EA610B9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9ABB9393-665B-4801-9004-18451ABA90D0}" = rport=445 | protocol=6 | dir=out | app=system |
"{9D2350F3-C3B0-4FFF-B350-A918B5B89920}" = rport=10243 | protocol=6 | dir=out | app=system |
"{9E4994A7-CB5B-4719-B351-A2FD293BC0FF}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9F6E21F7-A1C0-46C6-B527-EBFF2B7639FE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B7D9D793-8812-436C-9C48-21DC8B92A488}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C11B5F56-8706-436E-8E8C-1C6643115C1D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C1FC37C2-4390-4110-AD64-C9D389258F01}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C2812715-D08D-45D7-8C9F-3B7E9D6EDC4C}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{C498FC4E-CA8B-4E84-BE3C-18053FCD2052}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C4AC71A8-535D-4609-A981-7AC438F54EFD}" = lport=139 | protocol=6 | dir=in | app=system |
"{C5E9BF3A-888A-46DE-95A4-8A7D6493B983}" = lport=445 | protocol=6 | dir=in | app=system |
"{C8F6004F-F4DC-48EE-862B-AB1F8E3BB2CD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CC3DF1D6-7B43-473D-82FF-7384E1D2E545}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D4494515-ABA0-4773-8D71-D7E3C86ACD81}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D456AE76-18D1-49B8-A2EA-53D2D1E09D17}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DCD62A30-0451-4721-AE75-7D22A781ABF0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DD035739-C54E-4F17-8618-BB3950AAD6F0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E019A989-3E16-4EF8-8CEB-3F3DE229A4E8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E24677A8-E42C-44D3-B93A-F2545567A974}" = rport=138 | protocol=17 | dir=out | app=system |
"{E5B4EEFA-B56A-47FA-8C23-A9E62F2A5B85}" = rport=137 | protocol=17 | dir=out | app=system |
"{E844B77A-A0B4-446A-A684-797EA95DB872}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{EF235757-A99F-494E-8F67-EEAFF3436401}" = lport=138 | protocol=17 | dir=in | app=system |
"{F87E6133-8453-4501-9091-A20F440FBFA5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0073F586-24B1-4EAF-A209-BFCFD8BD9FA5}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{092A6719-CFCE-4F28-AFBF-F1F7BAC173CA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0A8E1DA5-DC83-4BB4-95C5-B11773BFA68A}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{0B63B1A2-DFA8-401B-8AB4-1688AC80E082}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{0B6D8FBC-D4F5-40A9-B43F-06250632179C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0EB93B7F-FE55-4EAB-A871-7DF32797466E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{0FB68317-BC51-4318-870A-5047DAD745F6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{12CDC8B5-341A-45FB-BF30-645E796E6E7B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{132E99EA-B3F1-41BC-9487-D395FE852574}" = protocol=6 | dir=out | app=system |
"{197B7F4E-4CCA-4F31-8905-9FDF2375B821}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{1AF77AC7-1A1B-417C-8026-5D9BAEED150D}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{1C7DDC3E-D447-453E-A650-6BC3D089F690}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{22BC9BE8-45D9-4C99-9D3E-D08515B72A26}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{24104236-7EC7-47DF-9E9F-2A07807DC86C}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{242BE846-1DEB-4B6E-86D9-5DD5257503D6}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{27039E02-50A9-4A1C-B79F-0DF0712E4409}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\multiwinia\multiwinia.exe |
"{27EB2136-F97B-42F5-BC1D-03366FF467C4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{27FE0CFA-60ED-4FB6-A35F-7F5BEC35F9A8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{28C2DB04-C808-43FA-9CD9-9D3B8EABBBAE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\darwinia\darwinia.exe |
"{2CD93E2C-ACE0-480D-AE2C-506B8FF6E31F}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{2F4FDB70-D76A-4AFB-99F3-BEAC040E7412}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{350307FB-E782-4C4D-B444-031772D0422A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{35B9B9BA-887B-4848-93C1-7CD58B6A9938}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{371869D9-BF6C-48F0-8BF2-D78E31CDD213}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{38C5270A-015F-46E7-BBAF-3B8379D79A5D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3AA6A155-31D0-4208-A171-AD35DBAB95ED}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{3C438330-A9BB-4E86-988A-315824185A2C}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
"{4387F914-EE34-4D56-A06D-932B0D40A72E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magic 2013\dotp_d13.exe |
"{451F67AF-D271-4764-84C0-5D9B57E8CAE9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{4589FB18-498A-4E68-A64C-E2E0C5776656}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{48630E49-47AD-41B3-A2C5-14D573299EE1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe |
"{4A4B7B15-AD5F-4B93-B39F-F8362CC291FD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4A71AAC1-84BE-4B7D-8701-38ACB714CA6A}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{4BB303A5-0B61-44D7-BCFA-DBCF1946981A}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4C66C988-96C4-44B7-8645-11C116240D37}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{4CF0569A-5194-4D1F-8936-490762C7DDA4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5200BDF2-82C3-45A1-AF93-5874CA6E691E}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{5310157C-89CE-40F1-9975-5D29B11E4B49}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{5328F65C-9D8C-4D35-A395-681F4EFA2E06}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\uplink\uplink.exe |
"{5763AD4A-22AC-4E72-9306-82CC71986304}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{57844AF6-CF6E-4FD9-AEBB-71A9A51578E2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{57CE3DFE-7E51-484B-AAEF-DE99289607E7}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{5AF16543-A24F-460B-9F3F-8AA3F3AF415C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{5FECBC4F-AC1E-473C-8797-D1DE44D8DDDB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\uplink\uplink.exe |
"{65A9DE2B-AB9E-441C-B42B-D840A85D26A7}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{6AD4B533-A4C7-4A35-B320-5E4A96C94C4F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6F23122F-7AF8-4D99-9620-CB6CD1EC5583}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{703D8404-9390-4F1C-82AF-A7311C2AC7D8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{70EDD852-E2E7-453F-81B9-09641F33B8FE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\darwinia\darwinia.exe |
"{72D721B8-53C0-406A-8CDD-A6149802BEF7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{74A46881-0685-4174-8754-7F0CB7992A1D}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
"{77D2CDDC-41A9-4709-B5E3-B4169430CF61}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{79EBE45B-344B-4BE5-8CFE-4C3C67AB7191}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{7B635C13-8819-41BC-B6B7-69A6B3BCBD28}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{7D89537C-0248-4B50-B1AE-19486E0B8BD2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7EDCC956-965E-45AE-94E8-BADA15C571FF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\defcon\defcon.exe |
"{7F31C3EB-E8A9-4815-9207-451FF5591EC9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{7F78C56E-FF4E-482A-93A8-B2FD552B9E2F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{846AA675-C341-42D6-AD80-D4F858550B72}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\prison architect\prison architect.exe |
"{87B3D942-5AFA-406F-9852-669FCB25534F}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{88290169-24FC-4F80-A1F8-08FACE4B7565}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\defcon\defcon.exe |
"{8B5CF9A1-C577-4D79-ADE6-831E071D0E48}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{8F10F9DD-1D2D-4E08-979A-7608079C023B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{8F2B6097-84FB-4E80-86D5-B5EEF4AC1285}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{90C55989-5FCC-4FFC-B279-CA9D41C858E1}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{93459882-A733-40D4-9616-2183258FD358}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{96D84655-641D-4A37-96C0-624B74D09B21}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{9F3A864E-AB94-479D-9066-A3A91ED318EC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{A12B3CB7-BBBA-408E-9BE0-F0223FC228DC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A2C02DE0-07F1-491F-95CE-E2FC1AE3EFB6}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{A2E97C7C-8B1E-4C8B-813D-6A08DB4A4DE9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\multiwinia\multiwinia.exe |
"{A34B1C6B-6E87-4BEF-8244-2AB407ECB552}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A74BCB5D-203F-46F7-9071-7FAB8995BEA0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B6FA0552-6A1F-4C55-8C1B-4F39598CDE26}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B9E49FFD-164A-44C2-B896-E768BB3E7991}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magic 2013\dotp_d13.exe |
"{BBB97767-D0B8-4A1D-A114-9CBFE700BB58}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\prison architect\prison architect.exe |
"{BF04ADCB-8454-4EC6-A136-FCD5E85FEB97}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{BF265D49-6427-4470-96AF-9DDAF8CBE762}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{C4C02DDD-D066-4D31-BEB1-86E8ADE806F8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{C78BD0A8-5A7A-42A2-B4D0-1B51E7FB89F3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C7DE5CA9-702A-4C67-B2CB-EDD78599C5F5}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{CAB26D67-03A0-4BE2-9548-9CF8CBBEBF79}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{CB6F8F9E-0937-41FF-982C-D5A1CF37A934}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CC9D956B-D856-4B0B-AF0E-38B09A0A90CA}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{D19EB95A-9E4C-4CBA-8E7A-74C5E05A439F}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{D2453CA2-B2B0-44BD-9849-15BE167EDDE6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D6F5ABD9-9961-4C90-A9D8-A1856845E436}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{DB34C102-9DE9-4AEC-9EC5-58E9433574D7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{DBEEDFBA-0BE3-415A-9E92-74F0FC0C4D05}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{EA8548CC-C6E5-4A0D-92A9-7B5536C8C116}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{EE18AAC7-E1EA-46DA-8C23-5F92CA0B6FF9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{F9BFFE67-4680-4A44-AAE6-2B5BE9513B0B}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{FB0A1C6C-F2FF-499A-94C9-AC0D096D0CBD}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FE9BD336-EB11-4DBD-A01E-EAD4FF1D9C6D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{FFF22539-2AA5-4081-9270-14442342DE96}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"TCP Query User{26645D7C-892B-4E49-87DB-6B67442B12B0}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{4BC2B1F1-9916-4236-BBAC-B248F4F13A60}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{11B7FDD0-6D31-1CAB-3BC4-9EB1ACD67803}" = ATI AVIVO64 Codecs
"{14BC5667-22B0-4DC4-8205-597053BBDDC9}" = HP Photosmart C4200 All-In-One Driver Software 13.0 Rel. 1
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java(TM) 6 Update 22 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit)
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel(R) Turbo Boost Technology Monitor
"{3EF53D70-F472-9A93-2E09-737FBB4A5AE8}" = ATI Catalyst Install Manager
"{4ADF194B-B0B6-4C06-9318-DDE5171A655A}" = AVG 2012
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60617D41-12B1-4D1F-B826-985727E26121}" = AVG 2015
"{64A3A4F4-B792-11D6-A78A-00B0D0170070}" = Java SE Development Kit 7 Update 7 (64-bit)
"{655D4D89-82AC-4B45-AE41-246281CC3886}" = DisplayLink Graphics
"{6D45461F-F0FF-4E32-A16D-C636722FCA12}" = Wireless USB WinDrivers
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{482CB0DF-849D-479C-8CBB-F9DA6AF0F8C5}" =
"{90140000-0015-0409-1000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-1000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-1000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2010
"{90140000-0044-0409-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-1000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-1000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AE124EE9-EF32-69C5-60F9-FFA0FFF7F9B1}" = ccc-utility64
"{B12F5507-1E4B-46B8-A37A-1771913191F7}" = DisplayLink Core Software
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240CD}" = WinZip 16.0
"{E852F060-08FF-FFD5-0C98-2A066B42EBBB}" = ccc-utility64
"AVG" = AVG 2012
"CCleaner" = CCleaner
"Dell Wireless WLAN Card Utility" = Dell Wireless WLAN Card Utility
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Dell Touchpad
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0B74F57C-4636-4D70-A7A9-95074DF21802}" = Citrix Receiver(Aero)
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{164B26C5-9BC9-48E8-8FB5-C3C0AC0FE1C8}" = Citrix Receiver Inside
"{16FB54B9-8AC9-F064-38FB-DF7B69583218}" = CCC Help Chinese Standard
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1B367D21-5307-428C-DEDA-D073071CB89B}" = CCC Help Japanese
"{1B7D12BE-D1D8-4CCE-A01B-43CAFF8ECA9B}" = C4200
"{1DC7DFF9-2180-0E7E-DB49-817280EE4E93}" = Catalyst Control Center Graphics Light
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.0
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 23
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{27B94460-B1A6-BE42-D92A-4FCDCF4A719F}" = CCC Help German
"{2D5941A7-146F-4509-B35C-E58CE68FE204}" = eDrawings 2014
"{2DE12376-E648-D16E-3E0A-0CAEE233BF64}" = CCC Help Spanish
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3347400D-F491-6DB5-9F57-0A9EA8E435C9}" = Catalyst Control Center Core Implementation
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{47BC5D36-B837-B2A8-FB46-F6EC602A7F9C}" = Catalyst Control Center Graphics Previews Common
"{4817D846-700B-474E-A31B-80892B3E92E3}" = Adobe After Effects CS6
"{4979A82C-4EBE-32C4-81E5-94532C4BAEED}" = Catalyst Control Center Localization All
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{4B8C6616-F310-60D3-71FD-057C16DB3E8A}" = CCC Help Finnish
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{54EE63E3-9960-41B6-9644-BB0167C6DD42}" = Catalyst Control Center - Branding
"{5A11DB94-53E7-0232-3AF6-8DD9612094CD}" = CCC Help Chinese Traditional
"{5B079F85-A24D-4642-BF1A-32D5A6B3A003}" = calibre
"{5CF3C617-83A2-3D8E-39D6-45B593BB5F89}" = CCC Help German
"{5F8D5450-5BD8-4B8A-A1DE-8326C0395D5D}" = PS_AIO_Software_min
"{5FEF1894-CF67-B16C-11B6-5818358B3FC9}" = CCC Help Russian
"{60495020-5A67-DE2D-B768-5E77E734D263}" = CCC Help Italian
"{60E9E76A-FB31-67CB-8071-A1D38A499A86}" = CCC Help French
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{61C06586-0FAD-1E43-20C6-08F4F1483C3D}" = CCC Help Norwegian
"{62499375-AB9C-5279-EEEE-F5AB863CA996}" = CCC Help Danish
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6464EA89-7B34-C15B-B39F-4638EFF931DE}" = Catalyst Control Center Graphics Previews Common
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{6869DEA9-8FA6-E3E0-05B6-8187FEB71D52}" = Skins
"{69533745-1E2D-4C98-8B4A-B7643EF9E1A2}" = Catalyst Control Center - Branding
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6ED86F6F-7130-48F5-2AF7-5D693098057F}" = CCC Help Norwegian
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{7087BFF5-88C7-4B82-2EF6-B7F09DD4A86B}" = ccc-core-static
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{719CCEF3-234C-6C1A-3891-79FA208E8025}" = CCC Help Portuguese
"{764490A7-9DF2-B0CE-DA9F-72DDFD342ACA}" = CCC Help Russian
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77534F47-08D5-4A50-8249-403C9ECE9840}" = Smart Organizing Monitor
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{860CF8EA-A8ED-01BD-8344-26DB1058A563}" = CCC Help Korean
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = Accelerometer
"{88B05038-C890-468B-A563-0015FD53CDC3}" = ArcSoft TotalMedia Extreme
"{90B45DFA-5DD9-47F0-BCC7-F25B9562A738}" = Citrix Receiver(USB)
"{92F39985-0DA5-4CC4-869F-2A3048C182E6}" = System Requirements Lab
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9B362AE0-1F0D-370B-F468-FFEF38682508}" = Catalyst Control Center Graphics Full Existing
"{9B9F49A2-6791-761F-6077-22977B0FD03D}" = CCC Help Dutch
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FF5AF7A-F7C7-D4F0-D93F-40800E2F8C20}" = Catalyst Control Center InstallProxy
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A498BF75-59BD-6EDB-1C19-13AAA2FD3034}" = CCC Help French
"{A697D62C-643B-5315-204B-D43055A86649}" = CCC Help Swedish
"{A6B483B0-E8E8-0EE1-D678-FEEBDF27FE15}" = Catalyst Control Center Localization All
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9316AC7-CAB2-C29B-F8B6-6239817B1B45}" = CCC Help Chinese Standard
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AB834517-C040-6115-A231-0A62F0A08294}" = CCC Help Swedish
"{AC76BA86-0804-1033-1959-001824147215}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.12)
"{AD6E2415-407E-40D3-A550-126E67509D84}" = Citrix Receiver(DV)
"{AE2E0F4A-E08F-4A15-B4DC-D8FC9CEFF9C7}" = Online Plug-in
"{AE3A67EE-0C5D-11E0-BC1D-0013D3D69929}" = Vegas Pro 10.0
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{AFF254B3-ABBC-15E7-200E-FABF74314C13}" = ccc-core-static
"{B1924580-0C5D-11E0-B655-0013D3D69929}" = MSVCRT Redists
"{B27E389B-AE9B-BEB6-8FCF-BA293F884C70}" = CCC Help Japanese
"{B2939EC4-6FB6-3153-0F9E-CE1AE76F0AE8}" = Catalyst Control Center Graphics Light
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{B5747FE9-AC7C-3512-02EA-2C6A089EC68F}" = CCC Help Finnish
"{B5AB153E-59F3-AB56-F8A7-43E531368327}" = Catalyst Control Center Graphics Full New
"{BA214394-CDD8-BB3C-3FCC-8294C9A02ACA}" = CCC Help Chinese Traditional
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BF8DC895-9CC3-E284-6ADF-67077E3FBCA2}" = CCC Help Danish
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{CD95F661-A5C4-11AF-B2CC-ABCD21A325B5}" = WinZip Courier
"{CFBB5529-2532-1F5E-8706-F0D1BE3B8C35}" = Catalyst Control Center Graphics Previews Vista
"{D0016802-8E49-0DED-0B9C-F8946945998F}" = Catalyst Control Center Graphics Full Existing
"{D1D603C4-8C68-40F3-85AE-6DBEF3B712B5}" = Citrix Receiver (HDX Flash Redirection)
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{DC068C99-4AF6-C4B4-178F-790CC62B93ED}" = Catalyst Control Center Graphics Previews Vista
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DCC9335C-09BD-3017-096F-931FDB8E7663}" = Catalyst Control Center Graphics Full New
"{DD786529-8C5E-4C64-9FA6-D47FBF17C392}" = Catalyst Control Center InstallProxy
"{DDBBE693-E9E5-A743-4C11-D693F94A80D7}" = Catalyst Control Center Core Implementation
"{DE4AD67B-9EA0-31F1-F5EE-E9B836248839}" = CCC Help English
"{DF6BCD20-50DC-4DE6-4798-948DF8CAC38A}" = CCC Help Korean
"{DF8F8A4A-C9EB-79EC-7597-166D3042EAA8}" = CCC Help Spanish
"{E19F161D-7FD0-FECB-41B1-A036862C3E47}" = CCC Help English
"{E393AA7A-33AE-1F62-0C33-D107BB03E74E}" = CCC Help Portuguese
"{E65CA2A8-1F2A-4400-AE55-FFD43D3B6980}" = c4200_Help
"{E77DA909-3532-4C95-AFEB-06310E88462A}" = System Requirements Lab CYRI
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7BEE99-4C13-DF3E-142B-5E4BA8D10CEC}" = CCC Help Italian
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FCAC5BFF-0A4E-3E71-C486-5E55C0630817}" = CCC Help Dutch
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Audacity_is1" = Audacity 2.0.5
"AV Voice Changer Software DIAMOND 7.0" = AV Voice Changer Software DIAMOND 7.0
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"CitrixOnlinePluginPackWeb" = Citrix Receiver
"Dell Webcam Central" = Dell Webcam Central
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 9.1.0 Home Edition
"Google Chrome" = Google Chrome
"Hauppauge HDPVR Scheduler" = Hauppauge HDPVR Scheduler
"Hauppauge WinTV IR Blaster" = Hauppauge WinTV IR Blaster
"Hauppauge WinTV Scheduler" = Hauppauge WinTV Scheduler
"InstallShield_{6D45461F-F0FF-4E32-A16D-C636722FCA12}" = Wireless USB WinDrivers
"LADSPA_plugins-win_is1" = LADSPA_plugins-win-0.4.15
"Steam App 1500" = Darwinia
"Steam App 1510" = Uplink
"Steam App 1520" = DEFCON
"Steam App 1530" = Multiwinia
"Steam App 233450" = Prison Architect
"Steam App 570" = Dota 2
"Steam App 97330" = Magic: The Gathering - Duels of the Planeswalkers 2013
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.6
"WindPower Trial_is1" = WindPower Trial
"XPort 360_is1" = XPort 360
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"3557924970.go.sky.com" = Sky Go Desktop
"9f2df17776476c05" = Magic The Gathering Online
"uTorrent" = µTorrent
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 7/18/2015 4:47:14 PM | Computer Name = Rory-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3011
Error - 7/18/2015 4:47:14 PM | Computer Name = Rory-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3011
Error - 7/18/2015 4:47:15 PM | Computer Name = Rory-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 7/18/2015 4:47:15 PM | Computer Name = Rory-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4010
Error - 7/18/2015 4:47:15 PM | Computer Name = Rory-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4010
Error - 7/18/2015 7:06:24 PM | Computer Name = Rory-PC | Source = Desktop Window Manager | ID = 9020
Description = The Desktop Window Manager has encountered a fatal error (0x88980406)
Error - 7/19/2015 4:06:35 AM | Computer Name = Rory-PC | Source = Desktop Window Manager | ID = 9020
Description = The Desktop Window Manager has encountered a fatal error (0x88980406)
Error - 7/19/2015 2:14:44 PM | Computer Name = Rory-PC | Source = Desktop Window Manager | ID = 9020
Description = The Desktop Window Manager has encountered a fatal error (0x88980406)
Error - 7/20/2015 3:41:38 PM | Computer Name = Rory-PC | Source = Desktop Window Manager | ID = 9020
Description = The Desktop Window Manager has encountered a fatal error (0x88980406)
Error - 7/20/2015 3:41:52 PM | Computer Name = Rory-PC | Source = Application Error | ID = 1000
Description = Faulting application name: sftservice.EXE, version: 1.0.82.72, time
stamp: 0x4e45499a Faulting module name: ntdll.dll, version: 6.1.7601.18869, time
stamp: 0x55636317 Exception code: 0xc0000005 Fault offset: 0x0002e45b Faulting process
id: 0xbe4 Faulting application start time: 0x01d0c32416802d12 Faulting application
path: C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE Faulting
module path: C:\Windows\SysWOW64\ntdll.dll Report Id: 5ddf53f1-2f17-11e5-8203-b8ac6f76e227
[ Broadcom Wireless LAN Events ]
Error - 6/7/2015 8:00:05 AM | Computer Name = Rory-PC | Source = WLAN-Tray | ID = 0
Description = 13:00:05, Sun, Jun 07, 15 Error - Unable to gain access to user store
Error - 6/7/2015 12:04:24 PM | Computer Name = Rory-PC | Source = WLAN-Tray | ID = 0
Description = 17:04:23, Sun, Jun 07, 15 Error - Unable to gain access to user store
Error - 6/9/2015 6:14:23 PM | Computer Name = Rory-PC | Source = WLAN-Tray | ID = 0
Description = 23:14:21, Tue, Jun 09, 15 Error - Unable to gain access to user store
Error - 6/10/2015 2:03:56 AM | Computer Name = Rory-PC | Source = WLAN-Tray | ID = 0
Description = 07:03:56, Wed, Jun 10, 15 Error - Unable to gain access to user store
Error - 7/11/2015 8:19:04 AM | Computer Name = Rory-PC | Source = WLAN-Tray | ID = 0
Description = 13:19:04, Sat, Jul 11, 15 Error - Unable to gain access to user store
[ Dell Events ]
Error - 10/22/2011 6:18:59 PM | Computer Name = Rory-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 10/22/2011 6:28:18 PM | Computer Name = Rory-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 10/22/2011 6:28:18 PM | Computer Name = Rory-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 10/22/2011 6:28:42 PM | Computer Name = Rory-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 10/22/2011 6:28:42 PM | Computer Name = Rory-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 10/23/2011 11:18:40 AM | Computer Name = Rory-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 10/23/2011 11:18:40 AM | Computer Name = Rory-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 10/23/2011 5:24:50 PM | Computer Name = Rory-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 10/23/2011 5:24:50 PM | Computer Name = Rory-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 10/24/2011 2:16:10 PM | Computer Name = Rory-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
[ Media Center Events ]
Error - 12/27/2010 12:03:13 AM | Computer Name = Rory-PC | Source = MCUpdate | ID = 0
Description = 04:03:13 - Error connecting to the internet. 04:03:13 - Unable
to contact server..
Error - 12/27/2010 12:03:22 AM | Computer Name = Rory-PC | Source = MCUpdate | ID = 0
Description = 04:03:18 - Error connecting to the internet. 04:03:18 - Unable
to contact server..
Error - 3/1/2014 5:27:54 PM | Computer Name = Rory-PC | Source = MCUpdate | ID = 0
Description = 21:27:53 - Error connecting to the internet. 21:27:54 - Unable
to contact server..
Error - 3/1/2014 5:28:02 PM | Computer Name = Rory-PC | Source = MCUpdate | ID = 0
Description = 21:27:59 - Error connecting to the internet. 21:27:59 - Unable
to contact server..
Error - 3/1/2014 6:28:11 PM | Computer Name = Rory-PC | Source = MCUpdate | ID = 0
Description = 22:28:10 - Error connecting to the internet. 22:28:10 - Unable
to contact server..
Error - 3/1/2014 6:28:18 PM | Computer Name = Rory-PC | Source = MCUpdate | ID = 0
Description = 22:28:16 - Error connecting to the internet. 22:28:16 - Unable
to contact server..
Error - 3/1/2014 7:28:26 PM | Computer Name = Rory-PC | Source = MCUpdate | ID = 0
Description = 23:28:26 - Error connecting to the internet. 23:28:26 - Unable
to contact server..
Error - 3/1/2014 7:28:32 PM | Computer Name = Rory-PC | Source = MCUpdate | ID = 0
Description = 23:28:31 - Error connecting to the internet. 23:28:31 - Unable
to contact server..
Error - 3/1/2014 8:28:40 PM | Computer Name = Rory-PC | Source = MCUpdate | ID = 0
Description = 00:28:40 - Error connecting to the internet. 00:28:40 - Unable
to contact server..
Error - 3/1/2014 8:28:46 PM | Computer Name = Rory-PC | Source = MCUpdate | ID = 0
Description = 00:28:45 - Error connecting to the internet. 00:28:45 - Unable
to contact server..
[ System Events ]
Error - 7/20/2015 3:42:34 PM | Computer Name = Rory-PC | Source = Service Control Manager | ID = 7023
Description = The Peer Name Resolution Protocol service terminated with the following
error: %%997
Error - 7/20/2015 3:42:34 PM | Computer Name = Rory-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
Protocol service which failed to start because of the following error: %%997
Error - 7/20/2015 3:42:36 PM | Computer Name = Rory-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.
Error - 7/20/2015 3:42:39 PM | Computer Name = Rory-PC | Source = Service Control Manager | ID = 7034
Description = The SoftThinks Agent Service service terminated unexpectedly. It
has done this 1 time(s).
Error - 7/20/2015 3:42:45 PM | Computer Name = Rory-PC | Source = PNRPSvc | ID = 102
Description =
Error - 7/20/2015 3:42:46 PM | Computer Name = Rory-PC | Source = PNRPSvc | ID = 102
Description =
Error - 7/20/2015 3:42:45 PM | Computer Name = Rory-PC | Source = Service Control Manager | ID = 7023
Description = The Peer Name Resolution Protocol service terminated with the following
error: %%997
Error - 7/20/2015 3:42:45 PM | Computer Name = Rory-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
Protocol service which failed to start because of the following error: %%997
Error - 7/20/2015 3:42:46 PM | Computer Name = Rory-PC | Source = Service Control Manager | ID = 7023
Description = The Peer Name Resolution Protocol service terminated with the following
error: %%997
Error - 7/20/2015 3:42:46 PM | Computer Name = Rory-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
Protocol service which failed to start because of the following error: %%997
< End of report >0 -
Join Date:Posts: 19737
OTL Extras logfile created on: 7/20/2015 8:57:51 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Rory\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17914)
Locale: 00000409 | Country: Ireland | Language: ENI | Date Format: dd/MM/yyyy
3.93 Gb Total Physical Memory | 2.41 Gb Available Physical Memory | 61.25% Memory free
7.87 Gb Paging File | 5.98 Gb Available in Paging File | 75.99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286.69 Gb Total Space | 88.52 Gb Free Space | 30.88% Space Free | Partition Type: NTFS
Computer Name: RORY-PC | User Name: Rory | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0454CD27-55B3-4FCC-BD1F-895F5D7B1283}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{1432F898-1B8A-4823-9788-8FA2B8B0AF4D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{153D5173-330B-4D50-B836-EAC4B08CF38E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{17F4574A-D123-4C08-B3AC-A9C32F075483}" = lport=3390 | protocol=6 | dir=in | app=system |
"{1BF06A34-E76B-4076-A9FA-C0E7569899D0}" = lport=3390 | protocol=6 | dir=in | app=system |
"{1FBA97E3-D144-4AAB-A1C9-A43CDB84AA0E}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{20B2986A-1E8F-4B21-B105-B48CA8096B08}" = lport=137 | protocol=17 | dir=in | app=system |
"{220F1134-4B24-4DE2-A64B-2B5A661FE5D8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{253048BA-E2E7-4647-ADEC-C4E47611F88A}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{253A81C0-A664-418B-B47F-C75E58C7BB59}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{41B55433-2938-4C33-9CC4-07ADA3DBD3C0}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{4650EEDF-DBF0-4DD2-9037-07FCCE98C36C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4B732E41-B8FF-4CB7-924D-B67111DF6042}" = lport=10244 | protocol=6 | dir=in | app=system |
"{55C569A2-B290-476E-9CD2-A77BDB5B9E17}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{59A086FB-3C61-489D-94DF-90D8ACFA7504}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5CD494BE-F4D0-4D94-96E9-288A2BB6F8C2}" = rport=139 | protocol=6 | dir=out | app=system |
"{5E97D9FD-17E5-4151-ABEA-A7ED954D0FAD}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{66C572C4-F2FD-47FA-BCF7-DE0FD58ECD88}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{67FA2DDE-5C72-4374-AB20-B0A16D270C07}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6C1C876A-3876-43CC-85A8-2A245E0ED39F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7174916F-C696-496F-B473-E787B7E768D7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{72901496-CF77-44E3-B43C-3B3C0F7AA5B2}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{783B9806-870A-4628-8F09-208B711473AA}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{798CA25B-AD0B-447E-9321-84F0A4787DC6}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=%systemroot%\microsoft.net\framework64\v3.0\windows communication foundation\smsvchost.exe |
"{7B0AED13-529D-4CC2-8316-D12FEFC5F1CA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{808D9F17-ED6E-4F86-90D3-5F9D5F31A270}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{81F3F47F-96C0-418B-9BFD-61BD22A77DC5}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{84F39381-D93D-4E71-AE07-6F3A79DDC3E3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{878F4A55-C665-4DEB-B7C6-F1AFB7CC2ECE}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{8B8C88D7-478E-4D03-8E4B-9481C1E11307}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{8CA56F11-E73A-4FA6-AC7F-2729CF20CE16}" = lport=10244 | protocol=6 | dir=in | app=system |
"{8F2B9F6C-CBEA-4B2C-99B8-C7ECCEC37DFB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8F60A284-DC2D-466B-B439-19B4DA1DC9AF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{95865155-4796-4B5F-B6EE-EAB48FB1A306}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{982E0857-251C-459A-8B93-4ECD1EA610B9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9ABB9393-665B-4801-9004-18451ABA90D0}" = rport=445 | protocol=6 | dir=out | app=system |
"{9D2350F3-C3B0-4FFF-B350-A918B5B89920}" = rport=10243 | protocol=6 | dir=out | app=system |
"{9E4994A7-CB5B-4719-B351-A2FD293BC0FF}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9F6E21F7-A1C0-46C6-B527-EBFF2B7639FE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B7D9D793-8812-436C-9C48-21DC8B92A488}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C11B5F56-8706-436E-8E8C-1C6643115C1D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C1FC37C2-4390-4110-AD64-C9D389258F01}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C2812715-D08D-45D7-8C9F-3B7E9D6EDC4C}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{C498FC4E-CA8B-4E84-BE3C-18053FCD2052}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C4AC71A8-535D-4609-A981-7AC438F54EFD}" = lport=139 | protocol=6 | dir=in | app=system |
"{C5E9BF3A-888A-46DE-95A4-8A7D6493B983}" = lport=445 | protocol=6 | dir=in | app=system |
"{C8F6004F-F4DC-48EE-862B-AB1F8E3BB2CD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CC3DF1D6-7B43-473D-82FF-7384E1D2E545}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D4494515-ABA0-4773-8D71-D7E3C86ACD81}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D456AE76-18D1-49B8-A2EA-53D2D1E09D17}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DCD62A30-0451-4721-AE75-7D22A781ABF0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DD035739-C54E-4F17-8618-BB3950AAD6F0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E019A989-3E16-4EF8-8CEB-3F3DE229A4E8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E24677A8-E42C-44D3-B93A-F2545567A974}" = rport=138 | protocol=17 | dir=out | app=system |
"{E5B4EEFA-B56A-47FA-8C23-A9E62F2A5B85}" = rport=137 | protocol=17 | dir=out | app=system |
"{E844B77A-A0B4-446A-A684-797EA95DB872}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{EF235757-A99F-494E-8F67-EEAFF3436401}" = lport=138 | protocol=17 | dir=in | app=system |
"{F87E6133-8453-4501-9091-A20F440FBFA5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0073F586-24B1-4EAF-A209-BFCFD8BD9FA5}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{092A6719-CFCE-4F28-AFBF-F1F7BAC173CA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0A8E1DA5-DC83-4BB4-95C5-B11773BFA68A}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{0B63B1A2-DFA8-401B-8AB4-1688AC80E082}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{0B6D8FBC-D4F5-40A9-B43F-06250632179C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0EB93B7F-FE55-4EAB-A871-7DF32797466E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{0FB68317-BC51-4318-870A-5047DAD745F6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{12CDC8B5-341A-45FB-BF30-645E796E6E7B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{132E99EA-B3F1-41BC-9487-D395FE852574}" = protocol=6 | dir=out | app=system |
"{197B7F4E-4CCA-4F31-8905-9FDF2375B821}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{1AF77AC7-1A1B-417C-8026-5D9BAEED150D}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{1C7DDC3E-D447-453E-A650-6BC3D089F690}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{22BC9BE8-45D9-4C99-9D3E-D08515B72A26}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{24104236-7EC7-47DF-9E9F-2A07807DC86C}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{242BE846-1DEB-4B6E-86D9-5DD5257503D6}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{27039E02-50A9-4A1C-B79F-0DF0712E4409}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\multiwinia\multiwinia.exe |
"{27EB2136-F97B-42F5-BC1D-03366FF467C4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{27FE0CFA-60ED-4FB6-A35F-7F5BEC35F9A8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{28C2DB04-C808-43FA-9CD9-9D3B8EABBBAE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\darwinia\darwinia.exe |
"{2CD93E2C-ACE0-480D-AE2C-506B8FF6E31F}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{2F4FDB70-D76A-4AFB-99F3-BEAC040E7412}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{350307FB-E782-4C4D-B444-031772D0422A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{35B9B9BA-887B-4848-93C1-7CD58B6A9938}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{371869D9-BF6C-48F0-8BF2-D78E31CDD213}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{38C5270A-015F-46E7-BBAF-3B8379D79A5D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3AA6A155-31D0-4208-A171-AD35DBAB95ED}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{3C438330-A9BB-4E86-988A-315824185A2C}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
"{4387F914-EE34-4D56-A06D-932B0D40A72E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magic 2013\dotp_d13.exe |
"{451F67AF-D271-4764-84C0-5D9B57E8CAE9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{4589FB18-498A-4E68-A64C-E2E0C5776656}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{48630E49-47AD-41B3-A2C5-14D573299EE1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe |
"{4A4B7B15-AD5F-4B93-B39F-F8362CC291FD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4A71AAC1-84BE-4B7D-8701-38ACB714CA6A}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{4BB303A5-0B61-44D7-BCFA-DBCF1946981A}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4C66C988-96C4-44B7-8645-11C116240D37}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{4CF0569A-5194-4D1F-8936-490762C7DDA4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5200BDF2-82C3-45A1-AF93-5874CA6E691E}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{5310157C-89CE-40F1-9975-5D29B11E4B49}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{5328F65C-9D8C-4D35-A395-681F4EFA2E06}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\uplink\uplink.exe |
"{5763AD4A-22AC-4E72-9306-82CC71986304}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{57844AF6-CF6E-4FD9-AEBB-71A9A51578E2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{57CE3DFE-7E51-484B-AAEF-DE99289607E7}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{5AF16543-A24F-460B-9F3F-8AA3F3AF415C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{5FECBC4F-AC1E-473C-8797-D1DE44D8DDDB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\uplink\uplink.exe |
"{65A9DE2B-AB9E-441C-B42B-D840A85D26A7}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{6AD4B533-A4C7-4A35-B320-5E4A96C94C4F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6F23122F-7AF8-4D99-9620-CB6CD1EC5583}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{703D8404-9390-4F1C-82AF-A7311C2AC7D8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{70EDD852-E2E7-453F-81B9-09641F33B8FE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\darwinia\darwinia.exe |
"{72D721B8-53C0-406A-8CDD-A6149802BEF7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{74A46881-0685-4174-8754-7F0CB7992A1D}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
"{77D2CDDC-41A9-4709-B5E3-B4169430CF61}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{79EBE45B-344B-4BE5-8CFE-4C3C67AB7191}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{7B635C13-8819-41BC-B6B7-69A6B3BCBD28}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{7D89537C-0248-4B50-B1AE-19486E0B8BD2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7EDCC956-965E-45AE-94E8-BADA15C571FF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\defcon\defcon.exe |
"{7F31C3EB-E8A9-4815-9207-451FF5591EC9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{7F78C56E-FF4E-482A-93A8-B2FD552B9E2F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{846AA675-C341-42D6-AD80-D4F858550B72}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\prison architect\prison architect.exe |
"{87B3D942-5AFA-406F-9852-669FCB25534F}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{88290169-24FC-4F80-A1F8-08FACE4B7565}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\defcon\defcon.exe |
"{8B5CF9A1-C577-4D79-ADE6-831E071D0E48}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{8F10F9DD-1D2D-4E08-979A-7608079C023B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{8F2B6097-84FB-4E80-86D5-B5EEF4AC1285}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{90C55989-5FCC-4FFC-B279-CA9D41C858E1}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{93459882-A733-40D4-9616-2183258FD358}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{96D84655-641D-4A37-96C0-624B74D09B21}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{9F3A864E-AB94-479D-9066-A3A91ED318EC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{A12B3CB7-BBBA-408E-9BE0-F0223FC228DC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A2C02DE0-07F1-491F-95CE-E2FC1AE3EFB6}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{A2E97C7C-8B1E-4C8B-813D-6A08DB4A4DE9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\multiwinia\multiwinia.exe |
"{A34B1C6B-6E87-4BEF-8244-2AB407ECB552}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A74BCB5D-203F-46F7-9071-7FAB8995BEA0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B6FA0552-6A1F-4C55-8C1B-4F39598CDE26}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B9E49FFD-164A-44C2-B896-E768BB3E7991}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magic 2013\dotp_d13.exe |
"{BBB97767-D0B8-4A1D-A114-9CBFE700BB58}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\prison architect\prison architect.exe |
"{BF04ADCB-8454-4EC6-A136-FCD5E85FEB97}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{BF265D49-6427-4470-96AF-9DDAF8CBE762}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{C4C02DDD-D066-4D31-BEB1-86E8ADE806F8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{C78BD0A8-5A7A-42A2-B4D0-1B51E7FB89F3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C7DE5CA9-702A-4C67-B2CB-EDD78599C5F5}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{CAB26D67-03A0-4BE2-9548-9CF8CBBEBF79}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{CB6F8F9E-0937-41FF-982C-D5A1CF37A934}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CC9D956B-D856-4B0B-AF0E-38B09A0A90CA}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{D19EB95A-9E4C-4CBA-8E7A-74C5E05A439F}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{D2453CA2-B2B0-44BD-9849-15BE167EDDE6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D6F5ABD9-9961-4C90-A9D8-A1856845E436}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{DB34C102-9DE9-4AEC-9EC5-58E9433574D7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{DBEEDFBA-0BE3-415A-9E92-74F0FC0C4D05}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{EA8548CC-C6E5-4A0D-92A9-7B5536C8C116}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{EE18AAC7-E1EA-46DA-8C23-5F92CA0B6FF9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{F9BFFE67-4680-4A44-AAE6-2B5BE9513B0B}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{FB0A1C6C-F2FF-499A-94C9-AC0D096D0CBD}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FE9BD336-EB11-4DBD-A01E-EAD4FF1D9C6D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{FFF22539-2AA5-4081-9270-14442342DE96}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"TCP Query User{26645D7C-892B-4E49-87DB-6B67442B12B0}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{4BC2B1F1-9916-4236-BBAC-B248F4F13A60}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{11B7FDD0-6D31-1CAB-3BC4-9EB1ACD67803}" = ATI AVIVO64 Codecs
"{14BC5667-22B0-4DC4-8205-597053BBDDC9}" = HP Photosmart C4200 All-In-One Driver Software 13.0 Rel. 1
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java(TM) 6 Update 22 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit)
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel(R) Turbo Boost Technology Monitor
"{3EF53D70-F472-9A93-2E09-737FBB4A5AE8}" = ATI Catalyst Install Manager
"{4ADF194B-B0B6-4C06-9318-DDE5171A655A}" = AVG 2012
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60617D41-12B1-4D1F-B826-985727E26121}" = AVG 2015
"{64A3A4F4-B792-11D6-A78A-00B0D0170070}" = Java SE Development Kit 7 Update 7 (64-bit)
"{655D4D89-82AC-4B45-AE41-246281CC3886}" = DisplayLink Graphics
"{6D45461F-F0FF-4E32-A16D-C636722FCA12}" = Wireless USB WinDrivers
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{482CB0DF-849D-479C-8CBB-F9DA6AF0F8C5}" =
"{90140000-0015-0409-1000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-1000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-1000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2010
"{90140000-0044-0409-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-1000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-1000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AE124EE9-EF32-69C5-60F9-FFA0FFF7F9B1}" = ccc-utility64
"{B12F5507-1E4B-46B8-A37A-1771913191F7}" = DisplayLink Core Software
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240CD}" = WinZip 16.0
"{E852F060-08FF-FFD5-0C98-2A066B42EBBB}" = ccc-utility64
"AVG" = AVG 2012
"CCleaner" = CCleaner
"Dell Wireless WLAN Card Utility" = Dell Wireless WLAN Card Utility
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Dell Touchpad
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0B74F57C-4636-4D70-A7A9-95074DF21802}" = Citrix Receiver(Aero)
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{164B26C5-9BC9-48E8-8FB5-C3C0AC0FE1C8}" = Citrix Receiver Inside
"{16FB54B9-8AC9-F064-38FB-DF7B69583218}" = CCC Help Chinese Standard
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1B367D21-5307-428C-DEDA-D073071CB89B}" = CCC Help Japanese
"{1B7D12BE-D1D8-4CCE-A01B-43CAFF8ECA9B}" = C4200
"{1DC7DFF9-2180-0E7E-DB49-817280EE4E93}" = Catalyst Control Center Graphics Light
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.0
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 23
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{27B94460-B1A6-BE42-D92A-4FCDCF4A719F}" = CCC Help German
"{2D5941A7-146F-4509-B35C-E58CE68FE204}" = eDrawings 2014
"{2DE12376-E648-D16E-3E0A-0CAEE233BF64}" = CCC Help Spanish
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3347400D-F491-6DB5-9F57-0A9EA8E435C9}" = Catalyst Control Center Core Implementation
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{47BC5D36-B837-B2A8-FB46-F6EC602A7F9C}" = Catalyst Control Center Graphics Previews Common
"{4817D846-700B-474E-A31B-80892B3E92E3}" = Adobe After Effects CS6
"{4979A82C-4EBE-32C4-81E5-94532C4BAEED}" = Catalyst Control Center Localization All
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{4B8C6616-F310-60D3-71FD-057C16DB3E8A}" = CCC Help Finnish
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{54EE63E3-9960-41B6-9644-BB0167C6DD42}" = Catalyst Control Center - Branding
"{5A11DB94-53E7-0232-3AF6-8DD9612094CD}" = CCC Help Chinese Traditional
"{5B079F85-A24D-4642-BF1A-32D5A6B3A003}" = calibre
"{5CF3C617-83A2-3D8E-39D6-45B593BB5F89}" = CCC Help German
"{5F8D5450-5BD8-4B8A-A1DE-8326C0395D5D}" = PS_AIO_Software_min
"{5FEF1894-CF67-B16C-11B6-5818358B3FC9}" = CCC Help Russian
"{60495020-5A67-DE2D-B768-5E77E734D263}" = CCC Help Italian
"{60E9E76A-FB31-67CB-8071-A1D38A499A86}" = CCC Help French
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{61C06586-0FAD-1E43-20C6-08F4F1483C3D}" = CCC Help Norwegian
"{62499375-AB9C-5279-EEEE-F5AB863CA996}" = CCC Help Danish
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6464EA89-7B34-C15B-B39F-4638EFF931DE}" = Catalyst Control Center Graphics Previews Common
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{6869DEA9-8FA6-E3E0-05B6-8187FEB71D52}" = Skins
"{69533745-1E2D-4C98-8B4A-B7643EF9E1A2}" = Catalyst Control Center - Branding
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6ED86F6F-7130-48F5-2AF7-5D693098057F}" = CCC Help Norwegian
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{7087BFF5-88C7-4B82-2EF6-B7F09DD4A86B}" = ccc-core-static
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{719CCEF3-234C-6C1A-3891-79FA208E8025}" = CCC Help Portuguese
"{764490A7-9DF2-B0CE-DA9F-72DDFD342ACA}" = CCC Help Russian
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77534F47-08D5-4A50-8249-403C9ECE9840}" = Smart Organizing Monitor
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{860CF8EA-A8ED-01BD-8344-26DB1058A563}" = CCC Help Korean
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = Accelerometer
"{88B05038-C890-468B-A563-0015FD53CDC3}" = ArcSoft TotalMedia Extreme
"{90B45DFA-5DD9-47F0-BCC7-F25B9562A738}" = Citrix Receiver(USB)
"{92F39985-0DA5-4CC4-869F-2A3048C182E6}" = System Requirements Lab
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9B362AE0-1F0D-370B-F468-FFEF38682508}" = Catalyst Control Center Graphics Full Existing
"{9B9F49A2-6791-761F-6077-22977B0FD03D}" = CCC Help Dutch
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FF5AF7A-F7C7-D4F0-D93F-40800E2F8C20}" = Catalyst Control Center InstallProxy
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A498BF75-59BD-6EDB-1C19-13AAA2FD3034}" = CCC Help French
"{A697D62C-643B-5315-204B-D43055A86649}" = CCC Help Swedish
"{A6B483B0-E8E8-0EE1-D678-FEEBDF27FE15}" = Catalyst Control Center Localization All
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9316AC7-CAB2-C29B-F8B6-6239817B1B45}" = CCC Help Chinese Standard
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AB834517-C040-6115-A231-0A62F0A08294}" = CCC Help Swedish
"{AC76BA86-0804-1033-1959-001824147215}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.12)
"{AD6E2415-407E-40D3-A550-126E67509D84}" = Citrix Receiver(DV)
"{AE2E0F4A-E08F-4A15-B4DC-D8FC9CEFF9C7}" = Online Plug-in
"{AE3A67EE-0C5D-11E0-BC1D-0013D3D69929}" = Vegas Pro 10.0
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{AFF254B3-ABBC-15E7-200E-FABF74314C13}" = ccc-core-static
"{B1924580-0C5D-11E0-B655-0013D3D69929}" = MSVCRT Redists
"{B27E389B-AE9B-BEB6-8FCF-BA293F884C70}" = CCC Help Japanese
"{B2939EC4-6FB6-3153-0F9E-CE1AE76F0AE8}" = Catalyst Control Center Graphics Light
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{B5747FE9-AC7C-3512-02EA-2C6A089EC68F}" = CCC Help Finnish
"{B5AB153E-59F3-AB56-F8A7-43E531368327}" = Catalyst Control Center Graphics Full New
"{BA214394-CDD8-BB3C-3FCC-8294C9A02ACA}" = CCC Help Chinese Traditional
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BF8DC895-9CC3-E284-6ADF-67077E3FBCA2}" = CCC Help Danish
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{CD95F661-A5C4-11AF-B2CC-ABCD21A325B5}" = WinZip Courier
"{CFBB5529-2532-1F5E-8706-F0D1BE3B8C35}" = Catalyst Control Center Graphics Previews Vista
"{D0016802-8E49-0DED-0B9C-F8946945998F}" = Catalyst Control Center Graphics Full Existing
"{D1D603C4-8C68-40F3-85AE-6DBEF3B712B5}" = Citrix Receiver (HDX Flash Redirection)
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{DC068C99-4AF6-C4B4-178F-790CC62B93ED}" = Catalyst Control Center Graphics Previews Vista
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DCC9335C-09BD-3017-096F-931FDB8E7663}" = Catalyst Control Center Graphics Full New
"{DD786529-8C5E-4C64-9FA6-D47FBF17C392}" = Catalyst Control Center InstallProxy
"{DDBBE693-E9E5-A743-4C11-D693F94A80D7}" = Catalyst Control Center Core Implementation
"{DE4AD67B-9EA0-31F1-F5EE-E9B836248839}" = CCC Help English
"{DF6BCD20-50DC-4DE6-4798-948DF8CAC38A}" = CCC Help Korean
"{DF8F8A4A-C9EB-79EC-7597-166D3042EAA8}" = CCC Help Spanish
"{E19F161D-7FD0-FECB-41B1-A036862C3E47}" = CCC Help English
"{E393AA7A-33AE-1F62-0C33-D107BB03E74E}" = CCC Help Portuguese
"{E65CA2A8-1F2A-4400-AE55-FFD43D3B6980}" = c4200_Help
"{E77DA909-3532-4C95-AFEB-06310E88462A}" = System Requirements Lab CYRI
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7BEE99-4C13-DF3E-142B-5E4BA8D10CEC}" = CCC Help Italian
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FCAC5BFF-0A4E-3E71-C486-5E55C0630817}" = CCC Help Dutch
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Audacity_is1" = Audacity 2.0.5
"AV Voice Changer Software DIAMOND 7.0" = AV Voice Changer Software DIAMOND 7.0
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"CitrixOnlinePluginPackWeb" = Citrix Receiver
"Dell Webcam Central" = Dell Webcam Central
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 9.1.0 Home Edition
"Google Chrome" = Google Chrome
"Hauppauge HDPVR Scheduler" = Hauppauge HDPVR Scheduler
"Hauppauge WinTV IR Blaster" = Hauppauge WinTV IR Blaster
"Hauppauge WinTV Scheduler" = Hauppauge WinTV Scheduler
"InstallShield_{6D45461F-F0FF-4E32-A16D-C636722FCA12}" = Wireless USB WinDrivers
"LADSPA_plugins-win_is1" = LADSPA_plugins-win-0.4.15
"Steam App 1500" = Darwinia
"Steam App 1510" = Uplink
"Steam App 1520" = DEFCON
"Steam App 1530" = Multiwinia
"Steam App 233450" = Prison Architect
"Steam App 570" = Dota 2
"Steam App 97330" = Magic: The Gathering - Duels of the Planeswalkers 2013
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.6
"WindPower Trial_is1" = WindPower Trial
"XPort 360_is1" = XPort 360
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"3557924970.go.sky.com" = Sky Go Desktop
"9f2df17776476c05" = Magic The Gathering Online
"uTorrent" = µTorrent
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 7/18/2015 4:47:14 PM | Computer Name = Rory-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3011
Error - 7/18/2015 4:47:14 PM | Computer Name = Rory-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3011
Error - 7/18/2015 4:47:15 PM | Computer Name = Rory-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 7/18/2015 4:47:15 PM | Computer Name = Rory-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4010
Error - 7/18/2015 4:47:15 PM | Computer Name = Rory-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4010
Error - 7/18/2015 7:06:24 PM | Computer Name = Rory-PC | Source = Desktop Window Manager | ID = 9020
Description = The Desktop Window Manager has encountered a fatal error (0x88980406)
Error - 7/19/2015 4:06:35 AM | Computer Name = Rory-PC | Source = Desktop Window Manager | ID = 9020
Description = The Desktop Window Manager has encountered a fatal error (0x88980406)
Error - 7/19/2015 2:14:44 PM | Computer Name = Rory-PC | Source = Desktop Window Manager | ID = 9020
Description = The Desktop Window Manager has encountered a fatal error (0x88980406)
Error - 7/20/2015 3:41:38 PM | Computer Name = Rory-PC | Source = Desktop Window Manager | ID = 9020
Description = The Desktop Window Manager has encountered a fatal error (0x88980406)
Error - 7/20/2015 3:41:52 PM | Computer Name = Rory-PC | Source = Application Error | ID = 1000
Description = Faulting application name: sftservice.EXE, version: 1.0.82.72, time
stamp: 0x4e45499a Faulting module name: ntdll.dll, version: 6.1.7601.18869, time
stamp: 0x55636317 Exception code: 0xc0000005 Fault offset: 0x0002e45b Faulting process
id: 0xbe4 Faulting application start time: 0x01d0c32416802d12 Faulting application
path: C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE Faulting
module path: C:\Windows\SysWOW64\ntdll.dll Report Id: 5ddf53f1-2f17-11e5-8203-b8ac6f76e227
[ Broadcom Wireless LAN Events ]
Error - 6/7/2015 8:00:05 AM | Computer Name = Rory-PC | Source = WLAN-Tray | ID = 0
Description = 13:00:05, Sun, Jun 07, 15 Error - Unable to gain access to user store
Error - 6/7/2015 12:04:24 PM | Computer Name = Rory-PC | Source = WLAN-Tray | ID = 0
Description = 17:04:23, Sun, Jun 07, 15 Error - Unable to gain access to user store
Error - 6/9/2015 6:14:23 PM | Computer Name = Rory-PC | Source = WLAN-Tray | ID = 0
Description = 23:14:21, Tue, Jun 09, 15 Error - Unable to gain access to user store
Error - 6/10/2015 2:03:56 AM | Computer Name = Rory-PC | Source = WLAN-Tray | ID = 0
Description = 07:03:56, Wed, Jun 10, 15 Error - Unable to gain access to user store
Error - 7/11/2015 8:19:04 AM | Computer Name = Rory-PC | Source = WLAN-Tray | ID = 0
Description = 13:19:04, Sat, Jul 11, 15 Error - Unable to gain access to user store
[ Dell Events ]
Error - 10/22/2011 6:18:59 PM | Computer Name = Rory-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 10/22/2011 6:28:18 PM | Computer Name = Rory-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 10/22/2011 6:28:18 PM | Computer Name = Rory-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 10/22/2011 6:28:42 PM | Computer Name = Rory-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 10/22/2011 6:28:42 PM | Computer Name = Rory-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 10/23/2011 11:18:40 AM | Computer Name = Rory-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 10/23/2011 11:18:40 AM | Computer Name = Rory-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 10/23/2011 5:24:50 PM | Computer Name = Rory-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 10/23/2011 5:24:50 PM | Computer Name = Rory-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 10/24/2011 2:16:10 PM | Computer Name = Rory-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
[ Media Center Events ]
Error - 12/27/2010 12:03:13 AM | Computer Name = Rory-PC | Source = MCUpdate | ID = 0
Description = 04:03:13 - Error connecting to the internet. 04:03:13 - Unable
to contact server..
Error - 12/27/2010 12:03:22 AM | Computer Name = Rory-PC | Source = MCUpdate | ID = 0
Description = 04:03:18 - Error connecting to the internet. 04:03:18 - Unable
to contact server..
Error - 3/1/2014 5:27:54 PM | Computer Name = Rory-PC | Source = MCUpdate | ID = 0
Description = 21:27:53 - Error connecting to the internet. 21:27:54 - Unable
to contact server..
Error - 3/1/2014 5:28:02 PM | Computer Name = Rory-PC | Source = MCUpdate | ID = 0
Description = 21:27:59 - Error connecting to the internet. 21:27:59 - Unable
to contact server..
Error - 3/1/2014 6:28:11 PM | Computer Name = Rory-PC | Source = MCUpdate | ID = 0
Description = 22:28:10 - Error connecting to the internet. 22:28:10 - Unable
to contact server..
Error - 3/1/2014 6:28:18 PM | Computer Name = Rory-PC | Source = MCUpdate | ID = 0
Description = 22:28:16 - Error connecting to the internet. 22:28:16 - Unable
to contact server..
Error - 3/1/2014 7:28:26 PM | Computer Name = Rory-PC | Source = MCUpdate | ID = 0
Description = 23:28:26 - Error connecting to the internet. 23:28:26 - Unable
to contact server..
Error - 3/1/2014 7:28:32 PM | Computer Name = Rory-PC | Source = MCUpdate | ID = 0
Description = 23:28:31 - Error connecting to the internet. 23:28:31 - Unable
to contact server..
Error - 3/1/2014 8:28:40 PM | Computer Name = Rory-PC | Source = MCUpdate | ID = 0
Description = 00:28:40 - Error connecting to the internet. 00:28:40 - Unable
to contact server..
Error - 3/1/2014 8:28:46 PM | Computer Name = Rory-PC | Source = MCUpdate | ID = 0
Description = 00:28:45 - Error connecting to the internet. 00:28:45 - Unable
to contact server..
[ System Events ]
Error - 7/20/2015 3:42:34 PM | Computer Name = Rory-PC | Source = Service Control Manager | ID = 7023
Description = The Peer Name Resolution Protocol service terminated with the following
error: %%997
Error - 7/20/2015 3:42:34 PM | Computer Name = Rory-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
Protocol service which failed to start because of the following error: %%997
Error - 7/20/2015 3:42:36 PM | Computer Name = Rory-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.
Error - 7/20/2015 3:42:39 PM | Computer Name = Rory-PC | Source = Service Control Manager | ID = 7034
Description = The SoftThinks Agent Service service terminated unexpectedly. It
has done this 1 time(s).
Error - 7/20/2015 3:42:45 PM | Computer Name = Rory-PC | Source = PNRPSvc | ID = 102
Description =
Error - 7/20/2015 3:42:46 PM | Computer Name = Rory-PC | Source = PNRPSvc | ID = 102
Description =
Error - 7/20/2015 3:42:45 PM | Computer Name = Rory-PC | Source = Service Control Manager | ID = 7023
Description = The Peer Name Resolution Protocol service terminated with the following
error: %%997
Error - 7/20/2015 3:42:45 PM | Computer Name = Rory-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
Protocol service which failed to start because of the following error: %%997
Error - 7/20/2015 3:42:46 PM | Computer Name = Rory-PC | Source = Service Control Manager | ID = 7023
Description = The Peer Name Resolution Protocol service terminated with the following
error: %%997
Error - 7/20/2015 3:42:46 PM | Computer Name = Rory-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
Protocol service which failed to start because of the following error: %%997
< End of report >0 -
Advertisement
-
I'm not readin' all that! :mad:0
-
-
Doesn't take as long as you think, once you have read 1000's of these logs before
the popup is related to this, dell datasafe backup
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
It should disappear after a reboot, if not we can remove it
do you recognise these folders, they look suspicious
[2012/02/11 07:58:50 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\Wea
[2012/02/11 07:58:50 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\Manue0 -
Join Date:Posts: 19737
never heard if them before. In the folders:
manue: sofyva.icr
wea: kygofof.exe
what should I do now? And thanks0 -
definitely malware
open OTL copy this into the box
:OTL
[2012/02/11 07:58:50 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\Wea
[2012/02/11 07:58:50 | 000,000,000 | ---D | M] -- C:\Users\Rory\AppData\Roaming\Manue
:Commands
[PURITY]
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[EMPTYJAVA]
[CREATERESTOREPOINT]
:Files
ipconfig /flushdns /c
click run fix post the log it gives0 -
Advertisement
-
Join Date:Posts: 19737
All processes killed
========== OTL ==========
Folder C:\Users\Rory\AppData\Roaming\Wea\ not found.
Folder C:\Users\Rory\AppData\Roaming\Manue\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Mcx1-RORY-PC
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: Rory
->Temp folder emptied: 5714 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 7257852 bytes
->Flash cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5212 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 7.00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Mcx1-RORY-PC
User: Public
User: Rory
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0.00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYJAVA]
User: All Users
User: Default
User: Default User
User: Mcx1-RORY-PC
User: Public
User: Rory
->Java cache emptied: 0 bytes
Total Java Files Cleaned = 0.00 mb
Restore point Set: OTL Restore Point
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Rory\Desktop\cmd.bat deleted successfully.
C:\Users\Rory\Desktop\cmd.txt deleted successfully.
OTL by OldTimer - Version 3.2.69.0 log created on 07212015_061301
Files\Folders moved on Reboot...
File\Folder C:\Users\Rory\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
PendingFileRenameOperations files...
Registry entries deleted on Reboot...0 -
all done unless there is anything else0
-
Join Date:Posts: 19737
Thanks for all the help jsa. Hopefully the issue has been resolved0
Advertisement