And now the OTL logs..
OTL logfile created on: 2012-05-15 07:40:35 - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Dicey\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041D | Country: Sweden | Language: SVE | Date Format: yyyy-MM-dd
6,00 Gb Total Physical Memory | 3,66 Gb Available Physical Memory | 61,07% Memory free
12,00 Gb Paging File | 9,35 Gb Available in Paging File | 77,93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 50,00 Gb Total Space | 10,85 Gb Free Space | 21,70% Space Free | Partition Type: NTFS
Drive D: | 99,05 Gb Total Space | 18,81 Gb Free Space | 18,99% Space Free | Partition Type: NTFS
Drive E: | 149,05 Gb Total Space | 16,00 Gb Free Space | 10,73% Space Free | Partition Type: NTFS
Drive F: | 465,66 Gb Total Space | 265,04 Gb Free Space | 56,92% Space Free | Partition Type: NTFS
Computer Name: DICETAS | User Name: Dicey | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - C:\Users\Dicey\Desktop\OTL.exe (OldTimer Tools)
PRC - F:\Program\ZoneAlarm\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD)
PRC - F:\Program\ZoneAlarm\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
PRC - D:\Furcadia\furc_on.exe (Dragon's Eye Productions, Inc.)
PRC - F:\Program\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - F:\Program\WinPatrol\WinPatrol.exe (BillP Studios)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - E:\Steam\Steam.exe (Valve Corporation)
PRC - F:\Program\Apache2.2\bin\httpd.exe (Apache Software Foundation)
PRC - F:\Program\Winamp\winamp.exe (Nullsoft, Inc.)
PRC - F:\Program\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
PRC - F:\Program\MSI Afterburner\MSIAfterburner.exe ()
PRC - F:\Program\Last.fm\LastFM.exe (Last.fm)
PRC - F:\Program\No-IP\DUC30.exe ()
PRC - F:\Program\Spybot\TeaTimer.exe (Safer-Networking Ltd.)
PRC - F:\Program\Spybot\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe (Creative Technology Ltd)
========== Modules (No Company Name) ========== MOD - F:\Program\Mozilla Firefox\mozjs.dll ()
MOD - E:\Steam\bin\libcef.dll ()
MOD - E:\Steam\bin\mssvoice.asi ()
MOD - E:\Steam\bin\mssmp3.asi ()
MOD - E:\Steam\bin\chromehtml.dll ()
MOD - E:\Steam\bin\avutil-51.dll ()
MOD - E:\Steam\bin\avformat-53.dll ()
MOD - E:\Steam\bin\avcodec-53.dll ()
MOD - F:\Program\Winamp\System\jnetlib.w5s ()
MOD - F:\Program\Winamp\Plugins\gen_ml.dll ()
MOD - F:\Program\Winamp\Plugins\in_wm.dll ()
MOD - F:\Program\Winamp\Plugins\ml_local.dll ()
MOD - F:\Program\Winamp\Plugins\in_mp3.dll ()
MOD - F:\Program\Winamp\Plugins\in_vorbis.dll ()
MOD - F:\Program\Winamp\Plugins\ml_devices.dll ()
MOD - F:\Program\Winamp\Plugins\ml_pmp.dll ()
MOD - F:\Program\Winamp\System\auth.w5s ()
MOD - F:\Program\Winamp\Plugins\in_mod.dll ()
MOD - F:\Program\Winamp\System\jpeg.w5s ()
MOD - F:\Program\Winamp\Plugins\in_midi.dll ()
MOD - F:\Program\Winamp\System\png.w5s ()
MOD - F:\Program\Winamp\Plugins\in_cdda.dll ()
MOD - F:\Program\Winamp\System\xml.w5s ()
MOD - F:\Program\Winamp\System\playlist.w5s ()
MOD - F:\Program\Winamp\tataki.dll ()
MOD - F:\Program\Winamp\Plugins\ml_playlists.dll ()
MOD - F:\Program\Winamp\Plugins\in_flac.dll ()
MOD - F:\Program\Winamp\Plugins\in_mp4.dll ()
MOD - F:\Program\Winamp\Plugins\out_ds.dll ()
MOD - F:\Program\Winamp\zlib.dll ()
MOD - F:\Program\Winamp\System\devices.w5s ()
MOD - F:\Program\Winamp\System\timer.w5s ()
MOD - F:\Program\Winamp\Plugins\ml_autotag.dll ()
MOD - F:\Program\Winamp\System\albumart.w5s ()
MOD - F:\Program\Winamp\Plugins\out_disk.dll ()
MOD - F:\Program\Winamp\System\tagz.w5s ()
MOD - F:\Program\Winamp\Plugins\pmp_njb.dll ()
MOD - F:\Program\Winamp\System\gif.w5s ()
MOD - F:\Program\Winamp\System\bmp.w5s ()
MOD - F:\Program\Winamp\Plugins\out_wave.dll ()
MOD - F:\Program\Winamp\Plugins\in_wave.dll ()
MOD - F:\Program\Winamp\System\dlmgr.w5s ()
MOD - F:\Program\Winamp\System\gracenote.w5s ()
MOD - F:\Program\Winamp\System\filereader.w5s ()
MOD - F:\Program\Winamp\Plugins\gen_ff.dll ()
MOD - F:\Program\Winamp\nsutil.dll ()
MOD - F:\Program\Winamp\Plugins\freeform\wacs\freetype\freetype.wac ()
MOD - F:\Program\Winamp\libsndfile.dll ()
MOD - F:\Program\Winamp\nde.dll ()
MOD - F:\Program\Winamp\Plugins\gen_hotkeys.dll ()
MOD - F:\Program\TortoiseSVN\bin\libsasl32.dll ()
MOD - F:\Program\Yahoo!\Messenger\yui.dll ()
MOD - F:\Program\Yahoo!\Messenger\pcre.dll ()
MOD - F:\Program\WinPatrol\sqlite3.dll ()
MOD - F:\Program\MSI Afterburner\MSIAfterburner.exe ()
MOD - F:\Program\MSI Afterburner\RTMUI.dll ()
MOD - F:\Program\MSI Afterburner\RTHAL.dll ()
MOD - F:\Program\MSI Afterburner\RTCore.dll ()
MOD - F:\Program\MSI Afterburner\RTUI.dll ()
MOD - F:\Program\MSI Afterburner\RTFC.dll ()
MOD - F:\Program\Last.fm\srv_rtaudioplayback.dll ()
MOD - F:\Program\Last.fm\ext_messengernotify.dll ()
MOD - F:\Program\Last.fm\ext_skypenotify.dll ()
MOD - F:\Program\Last.fm\srv_madtranscode.dll ()
MOD - F:\Program\Last.fm\srv_httpinput.dll ()
MOD - F:\Program\Last.fm\LastFmFingerprint1.dll ()
MOD - F:\Program\Last.fm\breakpad.dll ()
MOD - F:\Program\Last.fm\Moose1.dll ()
MOD - F:\Program\Last.fm\LastFmTools1.dll ()
MOD - F:\Program\Last.fm\libfftw3f-3.dll ()
MOD - F:\Program\Last.fm\zlibwapi.dll ()
MOD - F:\Program\MSI Afterburner\RTTSH.dll ()
MOD - F:\Program\No-IP\DUC30.exe ()
MOD - F:\Program\Last.fm\QtNetwork4.dll ()
MOD - F:\Program\Last.fm\QtSql4.dll ()
MOD - F:\Program\Last.fm\QtGui4.dll ()
MOD - F:\Program\Last.fm\QtXml4.dll ()
MOD - F:\Program\Last.fm\QtCore4.dll ()
MOD - F:\Program\Last.fm\imageformats\qmng4.dll ()
MOD - F:\Program\Last.fm\imageformats\qgif4.dll ()
MOD - F:\Program\Last.fm\imageformats\qjpeg4.dll ()
========== Win32 Services (SafeList) ========== SRV:
64bit: - (IswSvc) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe (Check Point Software Technologies)
SRV:
64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:
64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:
64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (vsmon) -- F:\Program\ZoneAlarm\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (SkypeUpdate) -- F:\Program\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Apache2.2) -- F:\Program\Apache2.2\bin\httpd.exe (Apache Software Foundation)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (SBSDWSCService) -- F:\Program\Spybot\SDWinSec.exe (Safer Networking Ltd.)
SRV - (CTUPnPSv) -- C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe (Creative Technology Ltd)
SRV - (CTDevice_Srv) -- C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe (Creative Technology Ltd)
========== Driver Services (SafeList) ========== DRV:
64bit: - (ISWKL) -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys (Check Point Software Technologies)
DRV:
64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:
64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:
64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:
64bit: - (SaiNtBus) -- C:\Windows\SysNative\drivers\SaiBus.sys (Saitek)
DRV:
64bit: - (SaiMini) -- C:\Windows\SysNative\drivers\SaiMini.sys (Saitek)
DRV:
64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:
64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:
64bit: - (kl2) -- C:\Windows\SysNative\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV:
64bit: - (busenum) -- C:\Windows\SysNative\drivers\SteelBus64.sys (SteelSeries Corporation)
DRV:
64bit: - (SAlphamHid) -- C:\Windows\SysNative\drivers\SAlpham64.sys (SteelSeries Corporation)
DRV:
64bit: - (Vsdatant) -- C:\Windows\SysNative\drivers\vsdatant.sys (Check Point Software Technologies LTD)
DRV:
64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:
64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:
64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:
64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:
64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:
64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:
64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:
64bit: - (cpuz135) -- C:\Windows\SysNative\drivers\cpuz135_x64.sys (CPUID)
DRV:
64bit: - (SaiK0CCB) -- C:\Windows\SysNative\drivers\SaiK0CCB.sys (Saitek)
DRV:
64bit: - (SaiU0CCB) -- C:\Windows\SysNative\drivers\SaiU0CCB.sys (Saitek)
DRV:
64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
DRV:
64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:
64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:
64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:
64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:
64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:
64bit: - (xnacc) -- C:\Windows\SysNative\drivers\xnacc.sys (Microsoft Corporation)
DRV:
64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:
64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:
64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:
64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:
64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:
64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )
DRV:
64bit: - (SaiK0728) -- C:\Windows\SysNative\drivers\SaiK0728.sys (Saitek)
DRV - (SecDrv) -- C:\Windows\SysWOW64\drivers\SECDRV.SYS (Macrovision Europe Ltd)
DRV - (RTCore64) -- F:\Program\MSI Afterburner\RTCore64.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:
64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-844620092-437053476-3928910320-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://vindictus.nexoneu.com/IE - HKU\S-1-5-21-844620092-437053476-3928910320-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://se.msn.com/?ocid=iehpIE - HKU\S-1-5-21-844620092-437053476-3928910320-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv
IE - HKU\S-1-5-21-844620092-437053476-3928910320-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8C 05 50 A1 F6 BE CB 01 [binary data]
IE - HKU\S-1-5-21-844620092-437053476-3928910320-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-844620092-437053476-3928910320-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-844620092-437053476-3928910320-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://www.youtube.com"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1209
FF - user.js - File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: F:\Program\Java64\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: F:\Program\Java32\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll File not found
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+(R),version=1.6.2.97: C:\Program Files (x86)\NOS\bin\np_gp.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2012-05-12 15:41:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ekort@orbiscom: F:\Program\ekort [2011-04-20 15:10:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2012-05-12 15:41:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: F:\Program\Mozilla Firefox\components [2012-05-04 02:38:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: F:\Program\Mozilla Firefox\plugins [2012-01-07 17:27:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: F:\Program\Mozilla Thunderbird\components [2012-05-14 17:27:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: F:\Program\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: F:\Program\Mozilla Firefox\components [2012-05-04 02:38:07 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: F:\Program\Mozilla Firefox\plugins [2012-01-07 17:27:13 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 12.0\extensions\\Components: F:\Program\Mozilla Thunderbird\components [2012-05-14 17:27:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 12.0\extensions\\Plugins: F:\Program\Mozilla Thunderbird\plugins
[2011-10-03 23:17:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dicey\AppData\Roaming\Mozilla\Extensions
[2011-01-15 17:56:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dicey\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011-10-03 23:17:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dicey\AppData\Roaming\Mozilla\Extensions\prism@developer.mozilla.org
[2012-05-03 01:01:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dicey\AppData\Roaming\Mozilla\Firefox\Profiles\ue9c6u84.default\extensions
[2012-04-08 13:56:13 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\Dicey\AppData\Roaming\Mozilla\Firefox\Profiles\ue9c6u84.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2012-02-26 22:53:14 | 000,028,481 | ---- | M] () (No name found) -- C:\USERS\DICEY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UE9C6U84.DEFAULT\EXTENSIONS\{258735DC-6743-4805-95FC-F95941FFFDAD}.XPI
O1 HOSTS File: ([2012-05-08 13:49:56 | 000,442,850 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1
www.007guard.comO1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1
www.008k.comO1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1
www.00hq.comO1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1
www.032439.comO1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1
www.0scan.comO1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1
www.1000gratisproben.comO1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1
www.1001namen.comO1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1
www.100888290cs.comO1 - Hosts: 127.0.0.1
www.100sexlinks.comO1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1
www.10sek.comO1 - Hosts: 127.0.0.1
www.1-2005-search.comO1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 15214 more lines...
O2:
64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program\Java64\bin\ssv.dll (Sun Microsystems, Inc.)
O2:
64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2:
64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program\Java64\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program\Java32\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (e-kort Helper Class) - {9065E913-4F23-4B47-9B5D-B055D32DB1F3} - F:\Program\ekort\EKortHelper.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program\Java32\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3:
64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (e-kort Toolbar) - {8DB2B2E8-579F-48A8-A496-18FEFCF8F4DF} - F:\Program\ekort\EKortToolbar.dll ()
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3:
64bit: - HKU\S-1-5-21-844620092-437053476-3928910320-1000\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKU\S-1-5-21-844620092-437053476-3928910320-1000\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4:
64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4:
64bit: - HKLM..\Run: [ProfilerU] C:\Program Files\SmartTechnology\Software\ProfilerU.exe (Saitek)
O4:
64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:
64bit: - HKLM..\Run: [SaiMfd] C:\Program Files\SmartTechnology\Software\SaiMfd.exe (Saitek)
O4:
64bit: - HKLM..\Run: [SaiVolume] C:\Program Files\Saitek\CyborgKeyboard\SaiVolume.exe (Saitek)
O4:
64bit: - HKLM..\Run: [SteelSeries Engine] F:\Program\SteelSeries Engine\SteelSeriesEngine.exe ()
O4:
64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WinPatrol] F:\Program\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKLM..\Run: [ZoneAlarm] F:\Program\ZoneAlarm\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-844620092-437053476-3928910320-1000..\Run: [Messenger (Yahoo!)] F:\Program\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-844620092-437053476-3928910320-1000..\Run: [SpybotSD TeaTimer] F:\Program\Spybot\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-844620092-437053476-3928910320-1000..\Run: [Steam] E:\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Dicey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Furcadia Pounce.lnk = D:\Furcadia\furc_on.exe (Dragon's Eye Productions, Inc.)
O4 - Startup: C:\Users\Dicey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\No-IP DUC.lnk = F:\Program\No-IP\DUC30.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:
64bit: - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O13
64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:
64bit: - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16:
64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {99FE5072-78AA-4FEE-89BA-69A5FA55343F}
http://download.microsoft.com/download/ ... dtoolx.cab (IGDTester Class)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.macromedia.com/pub/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 193.150.193.150 83.255.245.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C22C32AB-2CD0-4151-9FA6-FF34D49D5F22}: DhcpNameServer = 193.150.193.150 83.255.245.11
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4734c3a8-20aa-11e0-a1d5-6cf049e42fa1}\Shell - "" = AutoRun
O33 - MountPoints2\{4734c3a8-20aa-11e0-a1d5-6cf049e42fa1}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ========== [2012-05-15 07:34:18 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Dicey\Desktop\OTL.exe
[2012-05-15 07:34:08 | 002,075,184 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Dicey\Desktop\tdsskiller.exe
[2012-05-12 15:40:49 | 000,460,888 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kl1.sys
[2012-05-12 15:40:49 | 000,011,864 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kl2.sys
[2012-05-12 15:40:48 | 000,485,680 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2012-05-12 15:40:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
[2012-05-12 11:26:44 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012-05-12 11:26:42 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012-05-12 11:26:41 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012-05-12 11:26:41 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012-05-10 07:48:15 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2012-05-10 07:45:15 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Dicey\Desktop\dds.scr
[2012-05-09 13:59:16 | 000,000,000 | ---D | C] -- C:\Users\Dicey\Documents\My Kindle Content
[2012-05-09 13:59:09 | 000,000,000 | ---D | C] -- C:\Users\Dicey\AppData\Local\Amazon
[2012-04-27 02:44:49 | 000,000,000 | ---D | C] -- C:\Users\Dicey\AppData\Local\SniperV2 Demo
[2012-04-26 09:42:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012-04-25 10:13:32 | 000,000,000 | ---D | C] -- C:\Users\Dicey\Documents\Guild Wars 2
[2012-04-19 23:52:18 | 000,000,000 | ---D | C] -- C:\Users\Dicey\AppData\Local\Windows Live
[2012-04-19 23:51:56 | 000,000,000 | ---D | C] -- C:\Users\Dicey\AppData\Local\{967F5546-DEB6-4A5A-BF17-12EFC67FD3C1}
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2012-05-15 07:42:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-05-15 07:36:33 | 000,006,800 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-05-15 07:36:33 | 000,006,800 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-05-15 07:34:19 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Dicey\Desktop\OTL.exe
[2012-05-15 07:34:11 | 002,075,184 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Dicey\Desktop\tdsskiller.exe
[2012-05-15 07:29:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-05-12 15:46:29 | 000,415,915 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2012-05-12 14:01:08 | 000,364,864 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-05-10 07:45:16 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Dicey\Desktop\dds.scr
[2012-05-08 13:49:56 | 000,442,850 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012-04-15 19:04:55 | 000,283,416 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012-04-15 19:04:55 | 000,283,416 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
========== Files Created - No Company Name ========== [2012-05-09 15:40:30 | 000,006,800 | -H-- | C] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-05-09 15:40:30 | 000,006,800 | -H-- | C] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-04-03 03:44:10 | 000,283,416 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-04-03 03:44:10 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-03-10 14:32:22 | 000,000,093 | ---- | C] () -- C:\Users\Dicey\AppData\Local\fusioncache.dat
[2012-03-10 14:29:53 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012-02-25 16:24:33 | 000,075,031 | ---- | C] () -- C:\Users\Dicey\AppData\Roaming\icarus-dxdiag.xml
[2012-02-15 04:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012-02-15 04:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011-11-23 08:35:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\ealtest.exe
[2011-11-01 05:56:40 | 000,054,694 | ---- | C] () -- C:\Windows\SysWow64\pthreadGC.dll
[2011-11-01 01:54:07 | 000,000,424 | ---- | C] () -- C:\Windows\QIII.INI
[2011-09-28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011-09-13 01:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011-05-13 22:56:55 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011-05-13 22:22:54 | 000,495,104 | ---- | C] () -- C:\Windows\lame_enc.dll
[2011-05-05 01:28:10 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011-04-24 22:55:15 | 000,026,624 | ---- | C] () -- C:\Users\Dicey\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-04-20 15:10:44 | 000,145,920 | ---- | C] () -- C:\Windows\SysWow64\OBroker.exe
[2011-03-17 12:34:01 | 000,000,980 | ---- | C] () -- C:\Windows\eReg.dat
[2011-01-31 00:30:59 | 000,007,605 | ---- | C] () -- C:\Users\Dicey\AppData\Local\Resmon.ResmonCfg
[2011-01-16 00:36:42 | 000,005,370 | ---- | C] () -- C:\Users\Dicey\AppData\Local\Temp5.html
[2011-01-16 00:36:06 | 000,001,667 | ---- | C] () -- C:\Users\Dicey\AppData\Local\Temp1.html
[2011-01-15 16:28:09 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010-06-25 19:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
< End of report >
OTL Extras logfile created on: 2012-05-15 07:40:35 - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Dicey\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041D | Country: Sweden | Language: SVE | Date Format: yyyy-MM-dd
6,00 Gb Total Physical Memory | 3,66 Gb Available Physical Memory | 61,07% Memory free
12,00 Gb Paging File | 9,35 Gb Available in Paging File | 77,93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 50,00 Gb Total Space | 10,85 Gb Free Space | 21,70% Space Free | Partition Type: NTFS
Drive D: | 99,05 Gb Total Space | 18,81 Gb Free Space | 18,99% Space Free | Partition Type: NTFS
Drive E: | 149,05 Gb Total Space | 16,00 Gb Free Space | 10,73% Space Free | Partition Type: NTFS
Drive F: | 465,66 Gb Total Space | 265,04 Gb Free Space | 56,92% Space Free | Partition Type: NTFS
Computer Name: DICETAS | User Name: Dicey | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-844620092-437053476-3928910320-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- F:\Program\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "F:\Program\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "F:\Program\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "F:\Program\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "F:\Program\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{33E5E148-D855-4D11-B48D-B468AC2431D3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{76272F57-DA6E-497A-A358-89931259EA7E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{80652A81-BCB8-420E-B514-4F76FDC76EA0}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01E0BA78-A8C7-4F36-8530-B10856268C7D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{02FBA1B3-23F4-4AA6-A81E-193CD10924D0}" = protocol=17 | dir=in | app=d:\assassin's creed revelations\acrmp.exe |
"{047AAB5C-9291-42F2-8420-AB56B264FFA5}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\burnout(tm) paradise the ultimate box\burnoutconfigtool.exe |
"{109A2403-0121-4520-AAC4-15D2BF6FFA2D}" = protocol=6 | dir=in | app=d:\assassin's creed revelations\acrmp.exe |
"{12469E8E-ED36-44FC-86C1-A705BDDEB31F}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\portal 2\portal2.exe |
"{16F9A2BF-40F9-4619-A62F-136314C340CC}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\frozen synapse\frozensynapse.exe |
"{17153628-AD95-4BE2-9D3B-3813B6671ECA}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"{1C16F502-9100-4148-B403-6E775C55A1FF}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\the last remnant\binaries\tlr.exe |
"{1ED26AFA-1546-4C08-A2EC-E253E1EC2541}" = protocol=17 | dir=in | app=e:\steam\steamapps\asaguda\counter-strike source\hl2.exe |
"{1FDAC374-929A-4245-8176-AD5FCD41D950}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{20A2F849-7109-463B-A0D2-0EF060EBEF80}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\alien swarm\srcds.exe |
"{2376CCE0-385F-4198-B2FC-63E0D440B08D}" = protocol=6 | dir=in | app=e:\steam\steamapps\asaguda\garrysmod\hl2.exe |
"{27AA5396-FA58-447C-AD03-EB02C7B53655}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\recettear\recettear.exe |
"{2D89D541-2B14-4A7D-B677-5882D596182F}" = protocol=6 | dir=in | app=e:\steam\steamapps\asaguda\source sdk base 2007\hl2.exe |
"{2DD5E4FD-8E65-44F4-9D6D-E1ECC74F2524}" = protocol=17 | dir=in | app=d:\assassin's creed brotherhood\uplaybrowser.exe |
"{2E2675DD-8C3A-49D0-AC93-BC19F468E7E3}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\hoard\win32\reuben.exe |
"{2E604135-13D7-43E5-B7F6-583A92437A5E}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\burnout(tm) paradise the ultimate box\burnoutparadise.exe |
"{31830CB8-1C7C-4A91-8172-03390F1F2B3A}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{323F408D-C166-4C27-8501-28DA6C347297}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\recettear\recettear.exe |
"{362677B5-4AAD-42AF-A4A8-F7022F20AB39}" = protocol=6 | dir=in | app=f:\program\avg\avgmfapx.exe |
"{37D9C36C-9541-4C1C-AF8B-17EC9E0927CD}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\might and magic clash of heroes\clashofheroes.exe |
"{390C870F-8B1E-42B0-A17D-695292FC877E}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\saints row the third\saintsrowthethird.exe |
"{396398B5-8F45-42BC-A731-A2EAE8F1A8BE}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\apb reloaded\binaries\apb.exe |
"{3963D6D4-63E7-4615-A704-EC23FA944515}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{399564AA-3248-47B8-8CF4-1A7C5EFE9924}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\burnout(tm) paradise the ultimate box\burnoutparadise.exe |
"{3B382D56-E521-4A7F-9017-198F65D37CF5}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\orcs must die!\build\release\orcsmustdie.exe |
"{3CCE89F8-22B2-42DF-B4FE-F66F2C41C8E6}" = protocol=6 | dir=in | app=d:\assassin's creed revelations\acrsp.exe |
"{3DB3C9C4-A639-41C4-96E3-F28313888253}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\apb reloaded\binaries\vivoxvoiceservice.exe |
"{3FC2AF4D-20DD-43F3-BABB-78A3A24987E2}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\sword of the stars complete collection\sword of the stars.exe |
"{4054E7A3-09D1-4EB1-B02E-208771C64386}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\the last remnant\binaries\tlr.exe |
"{41618D51-DCB8-4785-998B-0CF431B063EB}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{41DD3A3E-D3BC-40E0-A987-E0B642D1BB30}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\hoard\win32\reuben.exe |
"{459B38CC-63B4-4B1B-87A1-BEE93B0CFA4F}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{46D88F91-B9D6-4CAE-80E8-8B1D522AF776}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{47115D5C-F117-482B-A3A9-6F5A474F5FF9}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\orcs must die!\build\release\orcsmustdie.exe |
"{4974D171-98FB-43EE-8FD2-DFAD463B67C7}" = dir=in | app=f:\program\skype\phone\skype.exe |
"{49DD62E7-6054-4CB3-BC57-B30FF71E4EF1}" = protocol=6 | dir=in | app=d:\assassin's creed brotherhood\acbsp.exe |
"{4D545388-ACE3-4C76-AA1F-5ACBA2F96072}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4DBD6CB7-3FC1-4EB9-95D2-6C07A7521576}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\payday the heist\payday_win32_release.exe |
"{5537379A-D4F5-457C-924B-DDFF72AF3148}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{579C5AE4-54AA-40E6-B5B5-12B32F0A8439}" = protocol=6 | dir=in | app=d:\assassin's creed brotherhood\uplaybrowser.exe |
"{57E99259-A4F5-44D7-B91D-0B3E03617464}" = protocol=17 | dir=in | app=c:\windows\syswow64\zonelabs\vsmon.exe |
"{581588B0-A79C-435D-B9E7-3385A8FB2A7D}" = protocol=17 | dir=in | app=e:\steam\steam.exe |
"{58E884CD-3C4E-463A-B123-1F3D5856B6FA}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{59ED9114-1609-40E5-950B-92795060CC08}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\pirates of black cove\bin\x86\dx9\blackcove.exe |
"{5C52566D-584E-4F33-87A9-C67D488E9D60}" = protocol=17 | dir=in | app=d:\assassin's creed revelations\acrsp.exe |
"{5D3CEC97-67DB-4EC8-A79F-A002991A8B2E}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\frozen synapse\frozensynapse.exe |
"{621FE6FF-106A-401D-B004-B00A5F9FE04F}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\dungeons of dredmor\dungeons of dredmor.exe |
"{63C968D5-8AB6-482E-8E9F-9267EE636AB7}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\recettear\custom.exe |
"{6581AC69-985C-4531-846A-F0F53AF5CB00}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{67E7E882-E42C-470D-BD05-E5CE7EF2697B}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\magic the gathering dotp 2012\magic_2012.exe |
"{6A1F5323-C56C-446D-B606-B04B06C6FD93}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{6BA91FFF-8C77-4C43-9A39-694659B1C438}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\apb reloaded\binaries\vivoxvoiceservice.exe |
"{6C60677C-0105-483C-8BBE-B08116967BAE}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\burnout(tm) paradise the ultimate box\burnoutconfigtool.exe |
"{6C8D310F-C73D-42E3-B35F-A66388B11EFD}" = protocol=6 | dir=in | app=f:\program\yahoo!\messenger\yahoomessenger.exe |
"{6F6B4F24-38BD-4B8F-88E1-9EFB9A8E9DE3}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\might and magic heroes vi\might & magic heroes vi.exe |
"{711AB980-591A-4AEE-8F79-3DD7A4F83DB5}" = protocol=17 | dir=in | app=d:\assassin's creed brotherhood\acbmp.exe |
"{722EF865-0623-4A66-8FC4-D02A8A55BE15}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\cubemen\cubemen.exe |
"{729A2EDF-8B78-48C0-922E-3BD03AA3C1DC}" = protocol=17 | dir=in | app=d:\assassin's creed revelations\assassinscreedrevelations.exe |
"{731408DC-58BE-4071-8214-45E92F8190E6}" = protocol=17 | dir=in | app=e:\steam\steamapps\asaguda\source sdk base 2007\hl2.exe |
"{738AD17E-6D09-40CC-844D-443A0C6C95A8}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\brawl busters\bin\pbclient.exe |
"{77A883C2-E47E-4B3B-BB3F-7378FCEAC541}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7862CF27-F651-491C-8956-B65670C13C8F}" = protocol=17 | dir=in | app=f:\program\yahoo!\messenger\yahoomessenger.exe |
"{7EAFC75C-A38D-4F45-B9C8-B0A8AAA9E55F}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\apb reloaded\launcher\apblauncher.exe |
"{821094C7-4571-4F19-8D54-EEA9FB6ADC1C}" = protocol=6 | dir=in | app=e:\steam\steam.exe |
"{8303A38F-3A11-4BE6-9BFF-8B669DA41A71}" = protocol=6 | dir=in | app=d:\vindictus eu\en-eu\nmservice.exe |
"{831646FC-DA4D-406A-8826-C1608C764F7F}" = protocol=6 | dir=in | app=d:\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{83E9DB77-6C2A-4E20-B57B-4ECBDB0BCE4E}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\brawl busters\bin\pbclient.exe |
"{87767F48-D598-48E7-8D6F-A05C9387BA03}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\dino d-day\srcds.exe |
"{8A223769-2D59-4A0B-9D10-394452264A7B}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\orion dino beatdown\binaries\win32\udk.exe |
"{8E2046AE-B50A-426E-A92F-D9705C3CFE89}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\orion dino beatdown\binaries\win32\udk.exe |
"{8E44E5BA-2BD2-4C05-83ED-8AD77429C608}" = protocol=6 | dir=in | app=d:\assassin's creed brotherhood\acbmp.exe |
"{93BED7A6-E9EE-474B-BEE8-FA430525C45C}" = protocol=17 | dir=in | app=e:\steam\steamapps\asaguda\garrysmod\hl2.exe |
"{944CAEF9-0699-4B68-AA39-8767E91CB4FD}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{94AD821C-F026-45E8-B400-FCFFAC1E663B}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"{95E4220F-0AC2-4D94-B91A-BF99CE8D69A7}" = protocol=6 | dir=in | app=f:\bnet\new folder\diablo iii beta\diablo iii.exe |
"{97535272-7DF2-4CB2-8E77-FB5C34DFBAD0}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\realm of the mad god\realm of the mad god.exe |
"{98F1DE7E-4CA0-4E32-B17D-8031563D699F}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\shoot many robots\shootmanyrobots\binaries\shootmanyrobots.exe |
"{99A1410D-CE1F-4378-924D-37FB78EF4292}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\brawl busters\bin\pblauncher.exe |
"{9A35969B-7444-4204-AFD5-2F11039F2593}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\alien swarm\srcds.exe |
"{9A9C4F00-8718-48BC-BC96-4FE13A8017DA}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\realm of the mad god\realm of the mad god.exe |
"{9E3E711A-B088-424D-B8CA-6254785BC45F}" = protocol=17 | dir=in | app=d:\vindictus eu\en-eu\nmservice.exe |
"{9EF9547E-C173-40DB-9F37-168036A27E87}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{9F6A1630-0BAD-46D1-A6B4-A66DC28374B2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A199E06E-4F13-46C9-8606-A181BF930D40}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{A3B1ED66-58E7-4056-89B7-7177565D85BC}" = protocol=6 | dir=in | app=d:\origin\spel\mass effect 3\binaries\win32\masseffect3.exe |
"{A3E2FAA9-3DBC-43A8-97FF-70425D4FDE34}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\payday the heist\payday_win32_release.exe |
"{A46625C2-07F9-420A-B486-5D5188875353}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{A6DE3D8E-9251-42E7-A12C-660C49B12260}" = protocol=17 | dir=in | app=d:\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{A96F9D79-4380-4772-A934-8B89115F5FCE}" = protocol=17 | dir=in | app=d:\origin\spel\mass effect 3\binaries\win32\masseffect3.exe |
"{A97ED646-68F1-4C35-B06B-428B35FF0BA0}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\flatout2\flatout2.exe |
"{AB81EE2B-5D2E-4726-BD17-743F22EBC9EF}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\the binding of isaac\binding_of_isaac.exe |
"{AD65C076-A05B-409C-A944-37DBB8B9C777}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\brawl busters\bin\pblauncher.exe |
"{ADCC3557-5E94-48B3-BBB8-31C43D2B460D}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\burnout(tm) paradise the ultimate box\support\ea help\electronic_arts_technical_support.htm |
"{ADFDB96C-FA7E-457D-85FC-9B256493D3B5}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\pirates of black cove\bin\x86\dx9\blackcove.exe |
"{AEFAC332-D357-4322-A35C-1EEC6147B626}" = protocol=17 | dir=in | app=d:\assassin's creed brotherhood\acbsp.exe |
"{B07C2396-D861-4D09-A87D-4AC9F9B5A245}" = protocol=6 | dir=in | app=d:\assassin's creed revelations\assassinscreedrevelations.exe |
"{B65985DB-D91B-4D12-9CC5-FA1240978CF4}" = protocol=17 | dir=in | app=f:\program\avg\avgmfapx.exe |
"{B9E27835-6288-45DF-89F7-B2E0EFCC8952}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{BC9D7979-9E1F-4A9F-953D-725C928C9896}" = protocol=6 | dir=in | app=e:\steam\steamapps\asaguda\counter-strike source\hl2.exe |
"{BCAF9590-9269-4191-9F06-F007E53EE400}" = protocol=6 | dir=in | app=c:\windows\syswow64\zonelabs\vsmon.exe |
"{BD91A714-B9B5-4EEC-AD91-65846475AE46}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\recettear\custom.exe |
"{BD95E293-7429-45CD-A8B2-16600353CAD0}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{BFE0CC47-8E83-4AAD-935E-3F9C952CC29F}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\apb reloaded\launcher\apblauncher.exe |
"{C60AC0D3-C047-468B-968E-E9222765DBF5}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C77A5AA8-63CB-4F98-9443-205D525ACDFF}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CA583C34-2098-4FBD-9643-B7EF19BBD69B}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{D0262B00-3B1B-40CE-A95C-8DB1DCB361C5}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{D22C3D9B-B2D6-423B-9F85-29B00D5DC036}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\the scourge project ep 1 - 2\binaries\win32\scourgegame.exe |
"{D2CDE503-F6FC-4DC9-BECC-C6FFF093F6F2}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{D4D6BB05-F291-4186-B65E-8A72C23A4805}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\saints row the third\saintsrowthethird.exe |
"{D8E2FF8F-F53B-4CAE-BB6C-C163AEBE9AF8}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\portal 2\portal2.exe |
"{DB70B00B-EC2B-44D2-9EB2-863F1C49E211}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\sword of the stars complete collection\sword of the stars.exe |
"{DC657D0B-D6CD-476C-AAF9-400A102E1A6F}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\might and magic clash of heroes\clashofheroes.exe |
"{DEE26CE4-56EC-4B03-8C68-8B5715419503}" = protocol=17 | dir=in | app=f:\bnet\new folder\diablo iii beta\diablo iii.exe |
"{E0409DB5-BBBB-4477-B6AB-3D9B579FE8B0}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\dungeons of dredmor\dungeons of dredmor.exe |
"{E67BDF32-B57B-4446-B893-DEF57DDE8F53}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\burnout(tm) paradise the ultimate box\support\ea help\electronic_arts_technical_support.htm |
"{E71F1BBF-86FC-4445-9308-89D7F7476C26}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{E7495987-EFB7-4348-930D-20CE59087987}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\the binding of isaac\binding_of_isaac.exe |
"{E7DCF2F1-9C33-424E-96DA-D745565FA817}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\saints row the third\game_launcher.exe |
"{E85FD912-B212-492D-8A11-49B2B97B7333}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\saints row the third\game_launcher.exe |
"{E93242B5-27D2-4AA5-A5D6-A7176095F89F}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{E9EB5E03-4477-4E51-B4A3-C95CEDC95494}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\shoot many robots\shootmanyrobots\binaries\shootmanyrobots.exe |
"{EC1442E7-7C9E-490D-BE27-4E476FFDCEC3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EED20315-7118-451F-8EE5-4EEE04E08F9F}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\mountblade warband\mb_warband.exe |
"{EEDA1972-99D3-45CC-9A7F-88B56A0E5A80}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\flatout2\flatout2.exe |
"{F2E7B9BA-D6AA-4B6C-BF38-DF3BA0CEC75B}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{F3B676C5-CA27-4799-A44E-C5DE5C19BC67}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\magic the gathering dotp 2012\magic_2012.exe |
"{F4F59CFB-0474-4014-A376-EC7F60D1DD24}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\dino d-day\srcds.exe |
"{F6016DD1-F245-49EE-9455-3CC7839404EC}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\the scourge project ep 1 - 2\binaries\win32\scourgegame.exe |
"{F693C27A-F408-4C82-AF65-EF92ABEE8653}" = protocol=17 | dir=in | app=d:\origin\spel\kingdoms of amalur reckoning\reckoning.exe |
"{F96D75A5-1863-4AD0-B42C-4A1F2AC4FDF9}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\mountblade warband\mb_warband.exe |
"{F9F9A76B-4033-4134-AB92-9DB1ECA58E1A}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\might and magic heroes vi\might & magic heroes vi.exe |
"{FB74F4AA-0CCA-4657-99CB-1D438C5ABC40}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\cubemen\cubemen.exe |
"{FBE09E16-CA88-4CBF-A27F-DF72850911BB}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\apb reloaded\binaries\apb.exe |
"{FC334274-CDF5-4F64-AA03-482E8C24FBCA}" = protocol=6 | dir=in | app=d:\origin\spel\kingdoms of amalur reckoning\reckoning.exe |
"{FDE5379D-FBE1-4CE9-B0E3-FB7CD58491F7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{268741E5-3FA1-48F1-87DF-5B4CF31D8F1C}E:\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe" = protocol=6 | dir=in | app=e:\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe |
"TCP Query User{3ED25244-BEB2-4397-A4F9-E42FF836F5AC}D:\world of tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\world of tanks\worldoftanks.exe |
"TCP Query User{7DAAD81B-836E-4230-A211-B7D2D73EA074}E:\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe" = protocol=6 | dir=in | app=e:\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe |
"TCP Query User{94DF804C-E5CA-455A-AA95-AD9B30296763}E:\steam\steamapps\common\terraria\terrariaserver.exe" = protocol=6 | dir=in | app=e:\steam\steamapps\common\terraria\terrariaserver.exe |
"TCP Query User{C4FBED4B-ADD0-4959-9D01-E30DDE8B46AD}D:\ioquake3\ioquake3.x86.exe" = protocol=6 | dir=in | app=d:\ioquake3\ioquake3.x86.exe |
"TCP Query User{D90D695B-6D27-4EE4-8965-FDA853DA4C8B}C:\users\dicey\desktop\spel\mw2\mw2sa.exe" = protocol=6 | dir=in | app=c:\users\dicey\desktop\spel\mw2\mw2sa.exe |
"UDP Query User{842F046E-5C49-4F3B-A32B-30D117694947}C:\users\dicey\desktop\spel\mw2\mw2sa.exe" = protocol=17 | dir=in | app=c:\users\dicey\desktop\spel\mw2\mw2sa.exe |
"UDP Query User{95ACDA82-201B-4BCE-85E6-9D64D3A0368C}E:\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe" = protocol=17 | dir=in | app=e:\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe |
"UDP Query User{C62ED3D1-B5FE-4E20-8090-76A8FFB4E6A9}D:\world of tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\world of tanks\worldoftanks.exe |
"UDP Query User{EC2A9C0E-5D41-4FE9-AF69-8A5E04D18FD9}E:\steam\steamapps\common\terraria\terrariaserver.exe" = protocol=17 | dir=in | app=e:\steam\steamapps\common\terraria\terrariaserver.exe |
"UDP Query User{F4E7CD2C-C219-4867-8BA0-4D2D9DB62E3F}D:\ioquake3\ioquake3.x86.exe" = protocol=17 | dir=in | app=d:\ioquake3\ioquake3.x86.exe |
"UDP Query User{FFA7F4DB-FE77-4A6E-9915-DA84316CA4A9}E:\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe" = protocol=17 | dir=in | app=e:\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416030FF}" = Java(TM) 6 Update 30 (64-bit)
"{302A1E2E-DD58-4673-BC99-9CC10EC2637A}" = WinPatrol
"{34280DB1-8558-4709-AB7E-62A572C03355}" = Saitek Cyborg Keyboard Volume 6.2.1.3
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5B1FBB92-6C47-4B2A-8778-67128C6788FF}" = TortoiseSVN 1.7.2.22327 (64 bit)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C9608300-11F5-11E0-A64B-0013D3D69929}" = MSVCRT Redists
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{D9C50188-12D5-4D3E-8F00-682346C2AA5F}" = Microsoft Xbox 360 Accessories 1.2
"{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb" = Microsoft Windows Application Compatibility Database
"{E1D2B72F-4A18-45C9-8A96-0DF8A20926C1}" = Smart Technology Programming Software 7.0.13.22
"{E4490157-303F-F06F-FB6E-D2053A43A182}" = AMD Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"Bulk Rename Utility_is1" = Bulk Rename Utility 2.7.1.2
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.58
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"SteelSeries Engine" = SteelSeries Engine
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"ZoneAlarm LTD Toolbar" = ZoneAlarm LTD Toolbar
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05696DBC-59F4-C274-F175-1E7546F05995}" = Application Profiles
"{05B2AAA8-F30A-163D-76E4-9E618DBDAFB1}" = Catalyst Control Center InstallProxy
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"{10EBB586-D21E-60CA-0856-AA753EBE1F16}" = Application Profiles
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1C9F128C-F465-488E-AC97-B42DCF90C9C1}" = Mumble 1.2.3
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks: update 0.7.1.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21F3F7EC-CD32-D678-63AD-305F556D7BC9}" = Application Profiles
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D.com FurMark 1.9.0
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations 1.02
"{385DD1DD-65AA-408D-8E70-74601C2DB7E6}" = Ad-Aware
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{41785C66-90F2-40CE-8CB5-1C94BFC97280}" = Microsoft Chart Controls for Microsoft .NET Framework 3.5
"{4442AB48-DEC4-4B39-B067-1F75BF8017E7}" = Creative Centrale
"{45410935-B52C-468A-A836-0D1000018201}" = BulletStorm
"{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}" = NVIDIA PhysX
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D53090A-CE35-42BD-B377-831000028301}" = Fable III
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{6A9D1594-7791-48f5-9CAA-DE9BCB968320}" = Mass Effect™ 3
"{6B99E90E-2AC4-4D72-8D88-39030783172B}" = e-kort
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75E01CA7-EB20-4CAC-8386-D9297450AF06}" = ZoneAlarm Firewall
"{75E9A522-65D2-4200-A95F-C3EF89703263}" = Lyrics Plugin for Winamp
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{801EFC7D-AA66-F889-030D-C96E99F884A4}" = Catalyst Control Center InstallProxy
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85262A06-2D8C-4BC1-B6ED-5A705D09CFFC}" = Apache HTTP Server 2.2.22
"{86604C06-DA30-425E-AECE-47304FE81C45}" = Creative Software Update
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8C007AE6-3F7D-41CC-AB7C-75C08C276EC8}_is1" = Grabber version 3.1.3
"{909E265A-037A-9177-248B-CF1B04D9DBB6}" = Application Profiles
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B44212D2-C9B1-062F-A5C4-6057FBC9FDD8}" = Application Profiles
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{BA688606-4B20-4982-995E-EDADC6A6817E}" = League of Legends
"{BA9632CB-2B93-4FD6-905C-BB325CE1C4DD}" = e-kort
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{C496ED25-F3EC-0CBC-37DB-B31C6E6592C9}" = Application Profiles
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.26 Game
"{DCA75ECE-39A9-0648-CB77-F6D759364CF9}" = Application Profiles
"{DEAD48E5-E36C-431E-B83C-E61CE71AA13F}" = Livestream Procaster
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2F51864-7C2A-4524-AEA4-B40A4068459A}" = ZoneAlarm Antivirus
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and ConquerTM Generals Zero Hour
"{F57FD7AF-DC0A-2E99-B850-9047DAB3F24C}" = Application Profiles
"{FA0964BB-FC33-4023-B8B2-CFC4CC8EAFCC}" = ZoneAlarm Security
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Afterburner" = MSI Afterburner 2.1.0
"Age of Empires" = Microsoft Age of Empires
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires Expansion 1.0" = Microsoft Age of Empires Expansion
"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion
"Age of Wonders 2_is1" = Age of Wonders 2
"AMIP" = AMIP (remove only)
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"Battle for Wesnoth 1.10.1" = Battle for Wesnoth 1.10.1
"CraftBukkit" = CraftBukkit
"Creative Centrale" = Creative Centrale
"Creative Removable Disk Manager" = Creative Removable Disk Manager
"DAEMON Tools Lite" = DAEMON Tools Lite
"Fraps" = Fraps (remove only)
"Furcadia" = Furcadia
"Half-Life Dedicated Server Update Tool" = Half-Life Dedicated Server Update Tool
"ImgBurn" = ImgBurn
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and ConquerTM Generals Zero Hour
"IrfanView" = IrfanView (remove only)
"Knights and Merchants - The Peasants Rebellion_is1" = Knights and Merchants - The Peasants Rebellion
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"LastFM_is1" = Last.fm 1.5.4.27091
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"ManiaPlanet_is1" = ManiaPlanet
"NoIPDUC" = No-IP DUC
"Notepad++" = Notepad++
"NOX_is1" = NOX
"One Unit Whole Blood_is1" = One Unit Whole Blood
"OpenAL" = OpenAL
"Origin" = Origin
"Original War_is1" = Original War
"PunkBusterSvc" = PunkBuster Services
"RV House_is1" = RV House 0.93.4
"Sid Meier's Alpha Centauri_is1" = Sid Meier's Alpha Centauri
"StarCraft II" = StarCraft II
"Steam App 102600" = Orcs Must Die!
"Steam App 104900" = ORION: Dino Beatdown
"Steam App 105600" = Terraria
"Steam App 113400" = APB Reloaded
"Steam App 1250" = Killing Floor
"Steam App 200210" = Realm of the Mad God
"Steam App 207250" = Cubemen
"Steam App 23310" = The Last Remnant
"Steam App 24240" = PAYDAY: The Heist
"Steam App 24740" = Burnout Paradise: The Ultimate Box
"Steam App 2990" = FlatOut 2
"Steam App 4000" = Garry's Mod
"Steam App 4010" = Garry's Mod 13
"Steam App 42680" = Call of Duty: Modern Warfare 3
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 42890" = Sword of the Stars Complete Collection
"Steam App 48700" = Mount & Blade: Warband
"Steam App 49470" = Magic: The Gathering — Duels of the Planeswalkers 2012
"Steam App 55230" = Saints Row: The Third
"Steam App 61700" = Might and Magic: Clash of Heroes
"Steam App 620" = Portal 2
"Steam App 65800" = Dungeon Defenders
"Steam App 70400" = Recettear: An Item Shop's Tale
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 96400" = Shoot Many Robots
"Steam App 98200" = Frozen Synapse
"Steam App 98800" = Dungeons of Dredmor
"Sword of the Stars Demo" = Sword of the Stars Demo
"Total Annihilation - Commander Pack_is1" = Total Annihilation - Commander Pack
"Westwood Online_is1" = Westwood Online
"Winamp" = Winamp
"Vindictus EU" = Vindictus EU
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"VLC media player" = VLC media player 1.1.11
"Yahoo! Messenger" = Yahoo! Messenger
"ZENMozaicUG" = Creative ZEN Mozaic User's Guide
"ZoneAlarm Free Antivirus + Firewall" = ZoneAlarm Free Antivirus + Firewall
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-844620092-437053476-3928910320-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US)
"Mozilla Thunderbird 12.0 (x86 en-US)" = Mozilla Thunderbird 12.0 (x86 en-US)
"ShockWave 1.1" = ShockWave 1.1
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 2012-05-13 15:57:01 | Computer Name = Dicetas | Source = Application Error | ID = 1000
Description = Faulting application name: hl2.exe, version: 0.0.0.0, time stamp:
0x4f6cfb24 Faulting module name: client.dll_unloaded, version: 0.0.0.0, time stamp:
0x4fad6c49 Exception code: 0xc0000005 Fault offset: 0x61e0c1b3 Faulting process id:
0x1588 Faulting application start time: 0x01cd3141fdc4af7f Faulting application path:
e:\steam\steamapps\asaguda\garry's mod beta\hl2.exe Faulting module path: client.dll
Report
Id: cd6e2f53-9d35-11e1-9cd4-6cf049e42fa1
Error - 2012-05-14 02:29:16 | Computer Name = Dicetas | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 009
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 2012-05-14 02:29:16 | Computer Name = Dicetas | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 011
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 2012-05-14 02:29:16 | Computer Name = Dicetas | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 009
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 2012-05-14 02:29:16 | Computer Name = Dicetas | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 011
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 2012-05-14 10:18:06 | Computer Name = Dicetas | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "f:\Program\Spybot\DelZip179.dll".Error
in manifest or policy file "f:\Program\Spybot\DelZip179.dll" on line 8. The value
"*" of attribute "language" in element "assemblyIdentity" is invalid.
Error - 2012-05-15 01:35:24 | Computer Name = Dicetas | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 009
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 2012-05-15 01:35:24 | Computer Name = Dicetas | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 011
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 2012-05-15 01:35:24 | Computer Name = Dicetas | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 009
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 2012-05-15 01:35:24 | Computer Name = Dicetas | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 011
language ID. The first DWORD in the Data section contains the Win32 error code.
[ System Events ]
Error - 2012-05-12 09:46:30 | Computer Name = Dicetas | Source = Service Control Manager | ID = 7024
Description = The Apache2.2 service terminated with service-specific error %%1.
Error - 2012-05-12 09:46:32 | Computer Name = Dicetas | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Lbd
Error - 2012-05-12 23:30:11 | Computer Name = Dicetas | Source = Service Control Manager | ID = 7000
Description = The Lavasoft Ad-Aware Service service failed to start due to the following
error: %%2
Error - 2012-05-12 23:30:18 | Computer Name = Dicetas | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Lbd
Error - 2012-05-13 14:26:27 | Computer Name = Dicetas | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
Error - 2012-05-14 02:23:17 | Computer Name = Dicetas | Source = Service Control Manager | ID = 7000
Description = The Lavasoft Ad-Aware Service service failed to start due to the following
error: %%2
Error - 2012-05-14 02:23:23 | Computer Name = Dicetas | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Lbd
Error - 2012-05-14 12:32:44 | Computer Name = Dicetas | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
Error - 2012-05-15 01:29:27 | Computer Name = Dicetas | Source = Service Control Manager | ID = 7000
Description = The Lavasoft Ad-Aware Service service failed to start due to the following
error: %%2
Error - 2012-05-15 01:29:31 | Computer Name = Dicetas | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Lbd
< End of report >
I run game servers from time to time, hosting gaming nights for a gaming community I'm part of. The DNS client helps keep my redirect name up to date with my otherwise dynamic IP, making it easier for people to join the server, and the webserver acts as my fileserver for hosting the custom files the server uses, so as to bypass trickle downloading, so clients download at the full speed my connection can offer.
Regarding the Spybot log that were asked, the particular log in question isn't there because I must of gotten it deleted one way or another when I was trying to fix things before coming here. Can't remember any threat names in specifics, all of them sounded relatively generic to me. I pointed it out because most of the time, all my scans show up green.
As for the problematic behavior, it's been fine since I moved from AVG to ZoneAlarm's antivirus/firewall combo. Something I did before I got the first reply to this thread. If the logs look clean I'd assume AVG caused the behavior for whatever reason.