Please be patient with this.I know you'll find this annoying, but please help me..
So, yesterday accidentally I downloaded and installed something, that later I know as a japanese porn site pop up. I tried to uninstall it, but I cannot find the way to do that.
I cannot find the file at contol panel>>uninstall.. it's hidden somewhere..
Then I googled and find some info that said it could be caused by mshta.exe
I tried to delete mshta.exe but I can't be deleted... the porn site ad keep turn up even i have "end process" the mshta.exe at task manager
So, what can I do to remove this annoying ad? Please help me
OTL logfile created on: 2/7/2013 3:04:28 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kanisius\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.96 Gb Total Physical Memory | 5.99 Gb Available Physical Memory | 75.25% Memory free
15.92 Gb Paging File | 13.77 Gb Available in Paging File | 86.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 514.08 Gb Total Space | 274.39 Gb Free Space | 53.37% Space Free | Partition Type: NTFS
Drive D: | 417.33 Gb Total Space | 220.72 Gb Free Space | 52.89% Space Free | Partition Type: NTFS
Computer Name: KANISIUS-PC | User Name: Kanisius | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Kanisius\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Kanisius\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
PRC - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
PRC - C:\ProgramData\Smartfren Connex EC306-2 UI\OnlineUpdate\ouc.exe ()
PRC - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files\Cyrus MC400\C+WEject.exe ()
PRC - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe (Splashtop Inc.)
PRC - C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\ProgramData\DatacardService\DCSHelper.exe (Huawei Technologies Co., Ltd.)
PRC - C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe (Splashtop Inc.)
PRC - C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe (Splashtop Inc.)
PRC - C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Users\Kanisius\AppData\Local\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll ()
MOD - C:\Users\Kanisius\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.138\pepflashplayer.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\f2ca47be2c008dbe85b94fb1669b55ea\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\23d0886c8df0b8eb4b7bb9e740accabb\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\61a9caccb44df326f10d31346c33d150\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\0cefa2c17df1d033e69ed47b0b660ce5\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\51a269b672f2226acfedb5d35843a5c9\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\d8370a9b1b8173af1ecdcaaa2a71f766\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\25732130189e8f468a7d98647edffe8e\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\d47efad9d2f7f45b45204ae07079a94c\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\e773b94cc3f3fc25509904acb76cfe08\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\a23c39d504467a0024e5f20c0f962f3f\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\307bb964c6b7dbc20676e8905ec99df9\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\947b4fe468a1a03516ee26d9b3f4240a\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\aea623158c3ab3fbf4e406248b2b8d2e\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\5f79b00e1aaeafcc07907aa61fd3599e\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll ()
MOD - C:\Users\Kanisius\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppgooglenaclpluginchrome.dll ()
MOD - C:\Users\Kanisius\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll ()
MOD - C:\Users\Kanisius\AppData\Local\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
MOD - C:\Program Files (x86)\Yahoo!\Messenger\yui.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll ()
MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
========== Services (SafeList) ==========
SRV:64bit: - (CDROM_Eject_W) -- C:\Program Files\Cyrus MC400\C+WEject.exe ()
SRV:64bit: - (VIAKaraokeService) -- C:\Windows\SysNative\ViakaraokeSrv.exe (VIA Technologies, Inc.)
SRV:64bit: - (Intel® -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel® Corporation)
SRV:64bit: - (UDisk Monitor) -- C:\Program Files\Smartfren Connex AC682 UI\bin\MonServiceUDisk.exe ()
SRV:64bit: - (AppleChargerSrv) -- C:\Windows\SysNative\AppleChargerSrv.exe ()
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Smartfren Connex EC306-2 UI. RunOuc) -- C:\Program Files (x86)\Smartfren Connex EC306-2 UI\UpdateDog\ouc.exe ()
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (SSUService) -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe (Splashtop Inc.)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
SRV - (ICCS) -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (HWDeviceService64.exe) -- C:\ProgramData\DatacardService\HWDeviceService64.exe ()
SRV - (SCBackService) -- C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe (Splashtop Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (YahooAUService) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
========== Driver Services (SafeList) ==========
DRV:64bit: - (npkycryp) -- C:\Program Files\RagnarokOnline\npkycryp.sys File not found
DRV:64bit: - (PCTSD) -- C:\Windows\SysNative\drivers\PCTSD64.sys (PC Tools)
DRV:64bit: - (PCTCore) -- C:\Windows\SysNative\drivers\PCTCore64.sys (PC Tools)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (ewusbmbb) -- C:\Windows\SysNative\drivers\ewusbwwan.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ew_usbenumfilter) -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (IDMWFP) -- C:\Windows\SysNative\drivers\idmwfp.sys (Tonec Inc.)
DRV:64bit: - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (pctEFA) -- C:\Windows\SysNative\drivers\pctEFA64.sys (PC Tools)
DRV:64bit: - (pctDS) -- C:\Windows\SysNative\drivers\pctDS64.sys (PC Tools)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Rovi Corporation)
DRV:64bit: - (AppleCharger) -- C:\Windows\SysNative\drivers\AppleCharger.sys ()
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited)
DRV:64bit: - (RimVSerPort) -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys (Research in Motion Ltd)
DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation)
DRV:64bit: - (ssadbus) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation)
DRV:64bit: - (ssadmdfl) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (UsbModemDriver) -- C:\Windows\SysNative\drivers\USB_MODEM_W.sys ()
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (ivusb) -- C:\Windows\SysNative\drivers\ivusb.sys (Initio Corporation)
DRV:64bit: - (npkcrypt) -- C:\Program Files\RagnarokOnline\npkcrypt.sys (INCA Internet Co., Ltd.)
DRV:64bit: - (USB_BusEnum_T) -- C:\Windows\SysNative\drivers\USB_BusEnum_T.sys ()
DRV:64bit: - (USB_BusEnum_W) -- C:\Windows\SysNative\drivers\USB_BusEnum_W.sys ()
DRV:64bit: - (USB_WinMux_T) -- C:\Windows\SysNative\drivers\USB_WinMux_T.sys ()
DRV:64bit: - (USB_WinMux_W) -- C:\Windows\SysNative\drivers\USB_WinMux_W.sys ()
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\drivers\rootmdm.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (USB_ETS_T) -- C:\Windows\SysNative\drivers\USB_ETS_T.sys (Via Telecom, Inc.)
DRV:64bit: - (USB_ETS_W) -- C:\Windows\SysNative\drivers\USB_ETS_W.sys (Via Telecom, Inc.)
DRV - (GVTDrv64) -- C:\Windows\GVTDrv64.sys ()
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows ® Server 2003 DDK provider)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B6 24 7A C7 73 52 CD 01 [binary data]
IE - HKCU\..\URLSearchHook: {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll (Splashtop Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...amp;FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...00050e549eec3ee
IE - HKCU\..\SearchScopes\{57E52D71-EAF7-400e-B405-D5B5C51E03DB}: "URL" = http://search.yahoo....amp;type=IEBDSV
IE - HKCU\..\SearchScopes\{B881AE3F-F23E-4cf4-986C-453D5FD37234}: "URL" = http://www.bing.com/...}...BR1&pc=SPLH
IE - HKCU\..\SearchScopes\{BA99BADD-C9CB-4c69-904E-D00A6AA9B052}: "URL" = http://www.google.co...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "about:home"
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Kanisius\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Kanisius\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}: C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1} [2012/06/06 06:35:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}: C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0} [2012/06/06 06:35:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2012/06/06 07:19:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{55A8EC97-6AF6-442c-877F-11C51DBD162D}: C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YVD_FF.xpi [2012/09/07 23:38:44 | 000,013,126 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/11/05 23:10:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Kanisius\AppData\Roaming\IDM\idmmzcc5 [2012/06/06 19:47:13 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Kanisius\AppData\Roaming\IDM\idmmzcc5 [2012/06/06 19:47:13 | 000,000,000 | ---D | M]
[2012/06/06 23:29:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kanisius\AppData\Roaming\Mozilla\Extensions
[2012/06/06 23:29:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kanisius\AppData\Roaming\Mozilla\Extensions\celtx@celtx.com
[2012/06/07 09:52:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kanisius\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions
[2012/10/24 20:48:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kanisius\AppData\Roaming\Mozilla\Firefox\Profiles\n4bwbc5o.default\extensions
[2012/08/21 23:30:33 | 000,000,000 | ---D | M] (Layouts Express) -- C:\Users\Kanisius\AppData\Roaming\Mozilla\Firefox\Profiles\n4bwbc5o.default\extensions\{97A78363-B868-4B48-AC91-A783A31215AF}
[2012/09/15 17:28:54 | 000,000,000 | ---D | M] (wxDownload) -- C:\Users\Kanisius\AppData\Roaming\Mozilla\Firefox\Profiles\n4bwbc5o.default\extensions\505453fa2b150@505453fa2b189.com
[2012/09/15 17:28:55 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Kanisius\AppData\Roaming\Mozilla\Firefox\Profiles\n4bwbc5o.default\extensions\ffxtlbr@babylon.com
[2012/06/07 09:52:37 | 000,086,818 | ---- | M] () (No name found) -- C:\Users\Kanisius\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\OneClickDownloader@OneClickDownloader.com.xpi
[2012/11/05 23:10:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/11/05 23:10:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com
[2012/11/05 23:10:04 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/09/15 17:07:16 | 000,002,362 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/09/24 12:02:35 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/10/13 02:11:15 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{g
oogle:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Kanisius\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Kanisius\AppData\Local\Google\Chrome\Application\24.0.1312.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Kanisius\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Kanisius\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Java Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Kanisius\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - Extension: Google Drive = C:\Users\Kanisius\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube Video Downloader Extension = C:\Users\Kanisius\AppData\Local\Google\Chrome\User Data\Default\Extensions\igljnkmljjbhcellpnjppojkfdfmkjmp\1.0.2_0\
CHR - Extension: Prambors = C:\Users\Kanisius\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcienkbfcddllnccgbmjfmdidkfliedi\1.0.8_0\
O1 HOSTS File: ([2013/02/07 01:25:10 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (Splashtop Connect VisualBookmark) - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll (Splashtop Inc.)
O2 - BHO: (wxDownload Class) - {4FC012DB-DD59-53D3-D67A-973DB35961D7} - C:\ProgramData\wxDownload\505453fa2b2e0.dll File not found
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (MrFroggy Class) - {856E12B5-22D7-4E22-9ACA-EA9A008DD65B} - C:\Program Files (x86)\Minibar\Froggy.dll File not found
O2 - BHO: (MinibarBHO) - {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files (x86)\Minibar\Kango.dll File not found
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [STCAgent] C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe (Splashtop Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [ZyngaGamesAgent] C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe (Splashtop Inc.)
O4 - HKCU..\Run: [BitTorrent] C:\Program Files (x86)\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\system32\StikyNot.exe File not found
O4 - HKCU..\Run: [webnxmer] "C:\ProgramData\nxmer\20223041" File not found
O4 - Startup: C:\Users\Kanisius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Kanisius\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download video on this page - C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YVD_IE.dll ()
O8:64bit: - Extra context menu item: Download video this links to - C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YVD_IE.dll ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download video on this page - C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YVD_IE.dll ()
O8 - Extra context menu item: Download video this links to - C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YVD_IE.dll ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O9 - Extra Button: Change your facebook look - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - C:\Program Files (x86)\Minibar\MinibarButton.dll File not found
O9 - Extra Button: Download Video - {B4FECE59-6D0A-4EE6-A07F-E6A94F846E55} - C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YVD_IE.dll ()
O9 - Extra 'Tools' menuitem : Download video on this page - {B4FECE59-6D0A-4EE6-A07F-E6A94F846E55} - C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YVD_IE.dll ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{28148D80-4437-4B48-A9F2-2906B7A26A77}: DhcpNameServer = 112.215.71.243 112.215.71.242
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6C31DC70-E101-4A5A-9914-415AF3FE8F47}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.24
7.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{956BC222-5F84-4DC9-A781-03C25F118186}: NameServer = 10.17.3.244 10.17.3.245
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B8446A00-EE65-4A95-86BC-A9F9CFD1627C}: NameServer = 10.17.125.228 10.17.125.229
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EFA211A7-17A3-4AAD-9110-BEDF891B452A}: NameServer = 10.17.125.228 10.17.125.229
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/02/07 00:22:13 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co....hors/VA012897/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2013/02/07 02:24:52 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Kanisius\Desktop\HiJackThis.exe
[2013/02/07 02:23:51 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Kanisius\Desktop\OTL.exe
[2013/02/07 01:48:56 | 001,096,176 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctEFA64.sys
[2013/02/07 01:48:56 | 000,453,896 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctDS64.sys
[2013/02/07 01:48:55 | 000,413,448 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTCore64.sys
[2013/02/07 01:48:54 | 000,253,256 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTSD64.sys
[2013/02/07 01:48:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2013/02/07 01:46:20 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013/02/07 01:46:20 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2013/02/07 01:46:19 | 000,000,000 | ---D | C] -- C:\Users\Kanisius\AppData\Roaming\TestApp
[2013/02/07 01:40:11 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/02/07 01:24:20 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/02/07 00:40:51 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/02/07 00:40:51 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/02/07 00:40:51 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/02/07 00:40:47 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/02/07 00:40:38 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/02/07 00:21:49 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013/02/07 00:21:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013/02/06 23:51:10 | 000,000,000 | ---D | C] -- C:\ProgramData\nxmer
[2013/02/04 02:24:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMLWrench
[2013/02/04 02:24:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\xmlwrench
[2013/01/27 01:09:46 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2013/01/27 01:09:46 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2013/01/26 23:19:45 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2013/01/26 23:19:45 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2013/01/26 02:03:19 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2013/01/26 02:03:19 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2013/01/26 02:03:19 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2013/01/26 02:03:19 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2013/01/26 02:03:19 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2013/01/26 02:03:19 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2013/01/26 02:02:54 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2013/01/26 02:02:54 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2013/01/26 02:02:54 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2013/01/26 02:02:54 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2013/01/26 02:00:51 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013/01/26 02:00:51 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2013/01/26 02:00:51 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2013/01/25 23:31:50 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2013/01/25 23:31:50 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2013/01/25 23:31:50 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2013/01/25 23:18:58 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2013/01/25 23:18:58 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2013/01/25 23:18:58 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2013/01/25 23:18:51 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2013/01/25 23:18:51 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2013/01/25 23:18:51 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2013/01/25 23:18:40 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2013/01/25 23:18:40 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2013/01/24 22:04:23 | 000,000,000 | ---D | C] -- C:\FFOutput
[2013/01/24 22:03:57 | 000,000,000 | ---D | C] -- C:\Users\Kanisius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
[2013/01/24 22:03:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeTime
[2013/01/24 21:30:28 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2013/01/24 18:31:57 | 000,000,000 | ---D | C] -- C:\Users\Kanisius\AppData\Roaming\EVDO_General
[2013/01/24 18:30:58 | 000,021,760 | ---- | C] (Via Telecom, Inc.) -- C:\Windows\SysNative\drivers\USB_ETS_W.sys
[2013/01/24 18:30:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyrus MC400
[2013/01/24 18:30:58 | 000,000,000 | ---D | C] -- C:\Program Files\Cyrus MC400
[2013/01/22 19:48:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Video Downloader
[2013/01/22 19:48:02 | 000,000,000 | ---D | C] -- C:\Users\Kanisius\AppData\Roaming\Tomabo
[2013/01/22 19:48:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tomabo
[2013/01/13 13:06:27 | 000,000,000 | ---D | C] -- C:\Users\Kanisius\Documents\OFX Presets
[2013/01/13 11:58:38 | 000,000,000 | ---D | C] -- C:\Users\Kanisius\AppData\Roaming\Publish Providers
[2013/01/13 11:43:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2013/01/13 11:43:28 | 000,000,000 | ---D | C] -- C:\Users\Kanisius\AppData\Local\Sony
[2013/01/13 11:43:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2013/01/13 11:43:28 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2013/01/13 11:43:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2013/01/13 11:43:06 | 000,000,000 | ---D | C] -- C:\Users\Kanisius\AppData\Roaming\Sony
[2013/01/11 21:16:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Protexis
[2013/01/11 21:08:18 | 000,000,000 | ---D | C] -- C:\ProgramData\eSellerate
[2013/01/11 21:08:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SmartSound Software
[2013/01/11 21:07:59 | 000,000,000 | ---D | C] -- C:\ProgramData\SmartSound Software Inc
[2013/01/11 21:07:04 | 000,000,000 | ---D | C] -- C:\Windows\RegisteredPackages
[2013/01/11 21:07:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media
[2013/01/11 21:02:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Media Components
[2012/09/10 20:36:18 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Kanisius\AppData\Roaming\pcouffin.sys
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/02/07 02:25:45 | 000,625,664 | ---- | M] () -- C:\Users\Kanisius\Desktop\dds.scr
[2013/02/07 02:25:00 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Kanisius\Desktop\HiJackThis.exe
[2013/02/07 02:24:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kanisius\Desktop\OTL.exe
[2013/02/07 02:13:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/02/07 02:11:01 | 000,000,218 | ---- | M] () -- C:\Windows\tasks\AutoKMSDaily.job
[2013/02/07 02:10:48 | 000,151,552 | ---- | M] () -- C:\Windows\KMSEmulator.exe
[2013/02/07 02:09:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/02/07 02:09:41 | 2117,705,727 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/07 01:49:00 | 001,584,659 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2013/02/07 01:43:56 | 000,000,323 | ---- | M] () -- C:\Users\Kanisius\Desktop\exefix.reg
[2013/02/07 01:25:10 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/02/07 00:49:03 | 000,020,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/02/07 00:49:03 | 000,020,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/02/07 00:22:13 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2013/02/06 00:08:33 | 000,000,021 | ---- | M] () -- C:\Windows\SurCode.INI
[2013/02/05 13:01:40 | 000,000,306 | ---- | M] () -- C:\Users\Kanisius\AppData\Roaming\burnaware.ini
[2013/02/04 21:08:06 | 000,730,320 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/02/04 21:08:06 | 000,626,844 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/02/04 21:08:06 | 000,107,160 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/02/04 02:24:14 | 000,001,019 | ---- | M] () -- C:\Users\Kanisius\Desktop\XMLWrench.lnk
[2013/02/01 16:11:53 | 000,002,382 | ---- | M] () -- C:\Users\Kanisius\Desktop\Google Chrome.lnk
[2013/01/26 23:16:07 | 005,029,752 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/01/25 10:42:09 | 000,001,055 | ---- | M] () -- C:\Users\Kanisius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/01/25 10:42:00 | 000,001,029 | ---- | M] () -- C:\Users\Kanisius\Desktop\Dropbox.lnk
[2013/01/24 22:03:57 | 000,001,198 | ---- | M] () -- C:\Users\Kanisius\Desktop\Format Factory.lnk
[2013/01/24 18:30:58 | 000,000,802 | ---- | M] () -- C:\Users\Public\Desktop\Cyrus MC400.lnk
[2013/01/22 19:48:03 | 000,001,194 | ---- | M] () -- C:\Users\Public\Desktop\YouTube Video Downloader.lnk
[2013/01/22 19:48:03 | 000,001,144 | ---- | M] () -- C:\Users\Public\Desktop\MP4 Converter.lnk
[2013/01/22 19:48:03 | 000,001,129 | ---- | M] () -- C:\Users\Public\Desktop\MP4 Player.lnk
[2013/01/13 11:58:18 | 000,002,476 | ---- | M] () -- C:\Users\Kanisius\Documents\Register Vegas Pro.htm
[2013/01/10 22:18:37 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/01/10 22:18:37 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/02/07 02:25:31 | 000,625,664 | ---- | C] () -- C:\Users\Kanisius\Desktop\dds.scr
[2013/02/07 02:11:01 | 000,000,218 | ---- | C] () -- C:\Windows\tasks\AutoKMSDaily.job
[2013/02/07 01:48:57 | 001,584,659 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2013/02/07 01:43:26 | 000,000,323 | ---- | C] () -- C:\Users\Kanisius\Desktop\exefix.reg
[2013/02/07 00:40:51 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/02/07 00:40:51 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/02/07 00:40:51 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/02/07 00:40:51 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/02/07 00:40:51 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/02/07 00:22:13 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2013/02/04 02:24:14 | 000,001,019 | ---- | C] () -- C:\Users\Kanisius\Desktop\XMLWrench.lnk
[2013/01/26 02:02:54 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/01/24 22:03:57 | 000,001,198 | ---- | C] () -- C:\Users\Kanisius\Desktop\Format Factory.lnk
[2013/01/24 18:30:58 | 000,044,544 | ---- | C] () -- C:\Windows\SysNative\drivers\USB_BusEnum_W.sys
[2013/01/24 18:30:58 | 000,037,376 | ---- | C] () -- C:\Windows\SysNative\drivers\USB_WinMux_W.sys
[2013/01/24 18:30:58 | 000,028,160 | ---- | C] () -- C:\Windows\SysNative\drivers\USB_MODEM_W.sys
[2013/01/24 18:30:58 | 000,000,802 | ---- | C] () -- C:\Users\Public\Desktop\Cyrus MC400.lnk
[2013/01/22 19:48:03 | 000,001,194 | ---- | C] () -- C:\Users\Public\Desktop\YouTube Video Downloader.lnk
[2013/01/22 19:48:03 | 000,001,144 | ---- | C] () -- C:\Users\Public\Desktop\MP4 Converter.lnk
[2013/01/22 19:48:03 | 000,001,129 | ---- | C] () -- C:\Users\Public\Desktop\MP4 Player.lnk
[2013/01/13 11:58:18 | 000,002,476 | ---- | C] () -- C:\Users\Kanisius\Documents\Register Vegas Pro.htm
[2012/09/10 20:36:18 | 000,007,859 | ---- | C] () -- C:\Users\Kanisius\AppData\Roaming\pcouffin.cat
[2012/09/10 20:36:18 | 000,001,167 | ---- | C] () -- C:\Users\Kanisius\AppData\Roaming\pcouffin.inf
[2012/08/25 16:32:14 | 000,116,224 | ---- | C] () -- C:\Program Files\LoL_Install_120822.exe
[2012/08/25 10:04:04 | 123,158,196 | ---- | C] () -- C:\Program Files\LoL_Install_120822.2.dat
[2012/08/25 10:02:03 | 2097,152,000 | ---- | C] () -- C:\Program Files\LoL_Install_120822.1.dat
[2012/08/23 16:39:18 | 098,933,681 | ---- | C] () -- C:\Program Files (x86)\MeGUI_2153_x86.zip
[2012/08/22 22:34:42 | 000,002,298 | ---- | C] () -- C:\Users\Kanisius\AppData\Roaming\ASSDraw3.cfg
[2012/08/22 19:09:01 | 000,045,270 | ---- | C] () -- C:\Users\Kanisius\AppData\Roaming\room_v3.dat
[2012/08/20 23:51:50 | 000,743,066 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/08/12 20:49:36 | 000,017,817 | ---- | C] () -- C:\Users\Kanisius\.TransferManager.db
[2012/07/29 07:52:12 | 000,061,980 | ---- | C] () -- C:\Program Files\drajat kapsul.jpg
[2012/07/08 17:34:56 | 000,017,687 | ---- | C] () -- C:\Program Files\251963_453834911307147_1904908514_n.jpg
[2012/06/29 12:33:46 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2012/06/29 12:29:36 | 000,004,608 | ---- | C] () -- C:\Users\Kanisius\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/23 07:52:03 | 000,000,132 | ---- | C] () -- C:\Users\Kanisius\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/06/18 11:45:37 | 000,000,306 | ---- | C] () -- C:\Users\Kanisius\AppData\Roaming\burnaware.ini
[2012/06/06 10:25:26 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/06/06 10:25:25 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/06/06 07:53:02 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2012/06/06 06:59:40 | 000,151,552 | ---- | C] () -- C:\Windows\KMSEmulator.exe
[2012/06/06 06:42:39 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2012/06/06 06:34:27 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2012/05/23 18:49:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012/05/23 18:49:32 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012/05/23 18:49:32 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012/05/23 18:49:32 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012/05/23 18:49:32 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011/12/09 06:14:58 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011/08/03 17:31:54 | 000,311,912 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
========== ZeroAccess Check ==========
[2009/07/14 11:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010/11/21 10:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/11/21 10:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 08:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 10:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 08:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012/06/26 11:45:46 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\4Media
[2012/08/22 23:38:23 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\Aegisub
[2012/11/18 15:11:47 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\Audacity
[2012/07/29 09:45:40 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\Babylon
[2013/02/07 02:10:50 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\BitTorrent
[2012/06/11 04:54:08 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/02/07 02:08:53 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\DMCache
[2013/02/07 02:11:00 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\Dropbox
[2012/09/16 00:24:11 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\eType
[2013/01/24 18:34:16 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\EVDO_General
[2012/09/15 12:38:54 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\ExpressDownloader
[2012/06/06 23:29:51 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\Greyfirst
[2012/09/30 19:58:43 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\IDM
[2013/02/07 00:48:32 | 000,000,000 | RHSD | M] -- C:\Users\Kanisius\AppData\Roaming\install
[2012/08/26 20:05:01 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\LolClient
[2012/12/14 23:52:15 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\MAXON
[2012/09/30 20:07:17 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\OpenCandy
[2012/06/28 19:48:21 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\PACE Anti-Piracy
[2012/10/06 00:41:12 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\pdftoepub
[2013/01/13 11:58:38 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\Publish Providers
[2012/06/06 10:25:22 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\PunkBuster
[2012/10/27 13:11:59 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\Red Giant Link
[2012/12/12 17:18:24 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\Research In Motion
[2012/08/23 01:08:30 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\ResourceCentral.E6E1B28A311BC518DB6C6883EA3757FDE0E90ADC.1
[2012/07/01 23:01:06 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\Samsung
[2013/01/13 12:53:06 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\Sony
[2012/06/06 06:36:12 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\Splashtop
[2012/06/06 07:52:35 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/07/02 16:34:15 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\Temp
[2013/02/07 01:46:20 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\TestApp
[2013/01/22 20:58:48 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\Tomabo
[2012/06/29 12:29:06 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\Video DVD Maker FREE
[2012/09/10 20:36:18 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\Vso
[2012/08/24 02:15:36 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\YourFileDownloader
[2012/12/27 20:36:42 | 000,000,000 | ---D | M] -- C:\Users\Kanisius\AppData\Roaming\ZTEEVDO
========== Purity Check ==========
========== Custom Scans ==========
< %USERPROFILE%\..|smtmp;true;true;true /FP >
< %temp%\smtmp\*.* /s > >
< MD5 for: EXPLORER.ADML >
[2010/11/21 14:06:30 | 000,003,695 | ---- | M] () MD5=7A4C7F3CB156543113596988479CAFCE -- C:\Windows\PolicyDefinitions\en-US\Explorer.adml
[2010/11/21 14:06:30 | 000,003,695 | ---- | M] () MD5=7A4C7F3CB156543113596988479CAFCE -- C:\Windows\winsxs\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.1.7600.16385_en-us_7ef5713984067904\Explorer.adml
< MD5 for: EXPLORER.ADMX >
[2009/06/11 03:53:55 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\PolicyDefinitions\Explorer.admx
[2009/06/11 03:53:55 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\winsxs\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.1.7600.16385_none_71af9b5b0a86e6b7\Explorer.admx
< MD5 for: EXPLORER.EXE >
[2011/02/26 12:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 13:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 13:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 10:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SysWOW64\explorer.exe
[2010/11/21 10:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 12:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 10:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\erdnt\cache86\explorer.exe
[2010/11/21 10:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\explorer.exe
[2010/11/21 10:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: EXPLORER.EXE.MUI >
[2010/11/21 14:06:17 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=4B87EEFDC8E253F846A7DFB49A8E6C70 -- C:\Windows\en-US\explorer.exe.mui
[2010/11/21 14:06:17 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=4B87EEFDC8E253F846A7DFB49A8E6C70 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_en-us_61e778c48d52d19b\explorer.exe.mui
[2010/11/21 14:06:19 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B9F4B1CA23D60775736059D72BA48526 -- C:\Windows\SysWOW64\en-US\explorer.exe.mui
[2010/11/21 14:06:19 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B9F4B1CA23D60775736059D72BA48526 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_en-us_6c3c2316c1b39396\explorer.exe.mui
< MD5 for: EXPLORER.EXE-254441E9.PF >
[2013/02/07 00:42:30 | 000,052,876 | ---- | M] () MD5=975FA2324EEDC641E694D498404EBD89 -- C:\Windows\Prefetch\EXPLORER.EXE-254441E9.pf
< MD5 for: EXPLORER.EXE-A80E4F97.PF >
[2013/02/07 02:15:42 | 000,122,396 | ---- | M] () MD5=C884589402C33702A77FE1841CBFC522 -- C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf
< MD5 for: EXPLORER.ZIP >
[2009/06/04 11:15:06 | 000,020,394 | ---- | M] () MD5=B469409C2B2A33C542190B720E11BD79 -- C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Explorer.zip
< MD5 for: IEXPLORE.EXE >
[2010/11/21 10:24:43 | 000,695,056 | ---- | M] (Microsoft Corporation) MD5=86257731DDB311FBC283534CC0091634 -- C:\Program Files\Internet Explorer\iexplore.exe
[2010/11/21 10:24:43 | 000,695,056 | ---- | M] (Microsoft Corporation) MD5=86257731DDB311FBC283534CC0091634 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1196a9003b674a92\iexplore.exe
[2010/11/21 10:25:08 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
[2010/11/21 10:25:08 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Windows\erdnt\cache86\iexplore.exe
[2010/11/21 10:25:08 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1beb53526fc80c8d\iexplore.exe
< MD5 for: IEXPLORE.EXE.MUI >
[2009/07/14 09:29:20 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=C29BCFB504E33FEADDFA2D0183CEF62F -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2009/07/14 09:29:20 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=C29BCFB504E33FEADDFA2D0183CEF62F -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_en-us_0b433e7773148b79\iexplore.exe.mui
[2009/07/14 09:05:06 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=FBA4CD95930248053A2C3F43CA70B986 -- C:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui
[2009/07/14 09:05:06 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=FBA4CD95930248053A2C3F43CA70B986 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_en-us_1597e8c9a7754d74\iexplore.exe.mui
< MD5 for: IEXPLORE.EXE-4B6C9213.PF >
[2013/02/07 01:01:08 | 000,136,738 | ---- | M] () MD5=2E416C1E7E254C7377BAE9920F70D84A -- C:\Windows\Prefetch\IEXPLORE.EXE-4B6C9213.pf
< MD5 for: SERVICES >
[2009/06/11 04:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services
< MD5 for: SERVICES.AIP >
[2010/04/08 10:47:20 | 000,132,544 | ---- | M] (Adobe Systems Incorporated) MD5=3E69B3D98D1B184EA96CFBC18CE07CA5 -- C:\Program Files (x86)\Adobe\Adobe Illustrator CS5\Plug-ins\Extensions\Services.aip
< MD5 for: SERVICES.CFG >
[2012/12/18 21:28:18 | 000,558,791 | ---- | M] () MD5=A9983CC532F9B3FB1E87918D2313731D -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2011/06/06 12:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\services.cfg
< MD5 for: SERVICES.DLL >
[2010/03/01 12:47:38 | 004,463,896 | ---- | M] (SmartSound Software Inc.) MD5=3BA7FCEA9125BF98CE228551324E3EDA -- C:\Program Files (x86)\SmartSound Software\Quicktracks 5\Services.dll
< MD5 for: SERVICES.EXE >
[2009/07/14 08:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\erdnt\cache64\services.exe
[2009/07/14 08:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/14 08:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: SERVICES.EXE.MUI >
[2010/11/21 14:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\SysNative\en-US\services.exe.mui
[2010/11/21 14:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui
< MD5 for: SERVICES.JS >
[2011/08/11 00:28:30 | 000,003,133 | ---- | M] () MD5=1C7EE133C293DDD51C5BDDAC9EF5E651 -- C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}\components\services.js
< MD5 for: SERVICES.LNK >
[2009/07/14 11:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 11:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
< MD5 for: SERVICES.MOCHIADS.COM.SOL >
[2012/07/28 14:49:18 | 000,000,614 | ---- | M] () MD5=8BC2336DFC376461BC2859B24A5FA0B4 -- C:\Users\Kanisius\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JX8TT6RY\mochiads.com\services.mochiads.com.sol
< MD5 for: SERVICES.MOF >
[2009/06/11 03:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2009/06/11 03:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof
< MD5 for: SERVICES.MSC >
[2010/11/21 14:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2009/06/11 03:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2010/11/21 14:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/11 04:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2010/11/21 14:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/11 03:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2010/11/21 14:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/11 04:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc
< MD5 for: SERVICES.PTXML >
[2009/07/14 03:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/14 03:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml
< MD5 for: WINLOGON.ADML >
[2010/11/21 14:06:30 | 000,008,013 | ---- | M] () MD5=CED0EAD8D152B3D0F114698DE2316C5E -- C:\Windows\PolicyDefinitions\en-US\WinLogon.adml
[2010/11/21 14:06:30 | 000,008,013 | ---- | M] () MD5=CED0EAD8D152B3D0F114698DE2316C5E -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.1.7600.16385_en-us_f0f9032ef6930070\WinLogon.adml
< MD5 for: WINLOGON.ADMX >
[2009/06/11 04:04:41 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\PolicyDefinitions\WinLogon.admx
[2009/06/11 04:04:41 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-adm_31bf3856ad364e35_6.1.7600.16385_none_d7024e6992f3424d\WinLogon.admx
< MD5 for: WINLOGON.EXE >
[2010/11/21 10:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010/11/21 10:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 10:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
< MD5 for: WINLOGON.EXE.MUI >
[2010/11/21 14:06:14 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=34C7D2E30868EDAFB191341D963ABA5F -- C:\Windows\SysNative\en-US\winlogon.exe.mui
[2010/11/21 14:06:14 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=34C7D2E30868EDAFB191341D963ABA5F -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_en-us_291e96fa1ab5fc7b\winlogon.exe.mui
< MD5 for: WINLOGON.MFL >
[2010/11/21 14:06:15 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\SysNative\wbem\en-US\winlogon.mfl
[2010/11/21 14:06:15 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_en-us_84afd4fd38ffd276\winlogon.mfl
< MD5 for: WINLOGON.MOF >
[2009/07/14 03:30:01 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\SysNative\wbem\winlogon.mof
[2009/07/14 03:30:01 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.1.7600.16385_none_dc2dbb778f98e40f\winlogon.mof
< %SYSTEMDRIVE%\*.* >
[2012/12/12 17:19:21 | 000,003,072 | ---- | M] () -- C:\ads_err.adi
[2012/12/12 17:19:21 | 000,004,559 | ---- | M] () -- C:\ads_err.adm
[2012/12/12 17:25:05 | 000,013,785 | ---- | M] () -- C:\ads_err.adt
[2012/04/15 00:01:40 | 000,285,478 | ---- | M] () -- C:\ae_disc.ico
[2013/02/07 00:22:13 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2012/06/06 06:40:43 | 000,000,180 | ---- | M] () -- C:\csb.log
[2013/02/07 02:09:41 | 2117,705,727 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/07 02:09:43 | 4255,264,767 | -HS- | M] () -- C:\pagefile.sys
< %systemroot%\Fonts\*.com >
[2009/07/14 12:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 12:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 12:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 12:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2009/06/11 03:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
[2009/07/14 11:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
[2012/08/23 16:32:27 | 098,933,681 | ---- | M] () -- C:\Program Files (x86)\MeGUI_2153_x86.zip
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< %systemroot%\System32\config\*.sav >
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2012/06/06 06:40:38 | 000,000,221 | -HS- | M] () -- C:\Users\Kanisius\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
< %USERPROFILE%\Desktop\*.exe >
[2013/02/07 02:25:00 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Kanisius\Desktop\HiJackThis.exe
[2013/02/07 02:24:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kanisius\Desktop\OTL.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
========== Alternate Data Streams ==========
@Alternate Data Stream - 948 bytes -> C:\ProgramData\Microsoft:uStNKPWjH6aG2APO2aXD
@Alternate Data Stream - 943 bytes -> C:\ProgramData\Microsoft:SX1hLnbOinPJy5K7s8qvQFuf
@Alternate Data Stream - 1112 bytes -> C:\Program Files\Common Files\System:TaIrqY6oQLhoN6h9jGb6NWQ5N0Xu
@Alternate Data Stream - 1106 bytes -> C:\ProgramData\Microsoft:PS6bWiGdNmDtyKhXNE0KRXdMGl4j
@Alternate Data Stream - 1096 bytes -> C:\Program Files\Common Files\System:75Coog4ZWrzhlzazHRcqQce
@Alternate Data Stream - 1065 bytes -> C:\ProgramData\Microsoft:z47220dvKB8QFyHXCi9Tl
@Alternate Data Stream - 1015 bytes -> C:\Users\Kanisius\AppData\Local\Temp:J2D6ekoudWsnG3vx
@Alternate Data Stream - 1007 bytes -> C:\ProgramData\Microsoft:MDoq9fqGqSYEU5qT3G69
< End of report >
OTL Extras logfile created on: 2/7/2013 3:04:28 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kanisius\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.96 Gb Total Physical Memory | 5.99 Gb Available Physical Memory | 75.25% Memory free
15.92 Gb Paging File | 13.77 Gb Available in Paging File | 86.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 514.08 Gb Total Space | 274.39 Gb Free Space | 53.37% Space Free | Partition Type: NTFS
Drive D: | 417.33 Gb Total Space | 220.72 Gb Free Space | 52.89% Space Free | Partition Type: NTFS
Computer Name: KANISIUS-PC | User Name: Kanisius | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YouTubeVideoDownloader.exe" = C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YouTubeVideoDownloader.exe:*:Enabled:YouTube Video Downloader -- (Tomabo)
"C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YouTubeVideoDownloader.exe" = C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YouTubeVideoDownloader.exe:*:Enabled:YouTube Video Downloader -- (Tomabo)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06B47488-1062-4F7E-A221-FE7BE199D40C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0D77768A-5DE0-4EA0-AFE6-A0F3EA381682}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{10237486-1B35-482A-A713-88DD6784B13E}" = rport=139 | protocol=6 | dir=out | app=system |
"{14FA9351-0EAE-4617-9453-09FE7FA26F63}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{180470DE-8C35-44BC-90A1-1143ACDDB6C7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1AA28EEE-9851-436B-82C7-CDEECDD44515}" = lport=139 | protocol=6 | dir=in | app=system |
"{1B504241-6633-43FC-B782-6AA276E3394A}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{298E08F3-85B6-4306-834B-21B869907C0F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2AE5617E-5369-4A72-BB90-1787B9B76C1B}" = lport=8370 | protocol=6 | dir=in | name=league of legends launcher |
"{2EA4384B-6C7C-48C1-A442-2393527AC336}" = lport=445 | protocol=6 | dir=in | app=system |
"{3A163304-C3DB-49BD-96A0-87C0204E7AC0}" = lport=138 | protocol=17 | dir=in | app=system |
"{3DD46C08-F7B9-4906-BFF9-7091A0747BBE}" = rport=137 | protocol=17 | dir=out | app=system |
"{488F95E2-F829-480B-B61A-2704F66B803B}" = rport=10243 | protocol=6 | dir=out | app=system |
"{54805E46-ADD1-4618-9663-5387E49A1F77}" = lport=8370 | protocol=17 | dir=in | name=league of legends launcher |
"{5C785FC6-9E91-4AAB-88E3-7688138255F3}" = lport=6915 | protocol=6 | dir=in | name=league of legends launcher |
"{7F5DC1A4-9177-47BB-B4B8-7FF81517F1F8}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{8E0147C8-FE6B-414F-87A7-5C922470471C}" = lport=8370 | protocol=6 | dir=in | name=league of legends launcher |
"{95D3022C-0DB3-4773-9230-C35ED7C132AF}" = lport=6915 | protocol=17 | dir=in | name=league of legends launcher |
"{A5AE0E19-ADA8-4302-AF91-6A83125D30DE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A7518AAA-C3BF-4205-AA15-E50791CDC1AA}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{AA919DFC-03F8-40DC-A52C-B847C1EAE23D}" = lport=8370 | protocol=17 | dir=in | name=league of legends launcher |
"{AA91C715-49DA-4105-AA85-3F081623E17A}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{B68C2450-0DC9-45FF-9C7B-1515792A8836}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C64D49B7-7262-4DB1-AE7C-1ACECB98EF1A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C8AB53B3-237C-49FC-8F12-3DF04560B34B}" = rport=445 | protocol=6 | dir=out | app=system |
"{D2E8EDDF-EF93-4B30-924B-5200C3D3A3B8}" = lport=10243 | protocol=6 | dir=in | app=system |
"{DBAAF9C8-DB89-4BB4-ACBC-7C0E5D39DCC2}" = lport=137 | protocol=17 | dir=in | app=system |
"{DC8AB241-6F46-498B-9E1A-3556DF55C3E8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DFCF3AFA-EA03-4CBD-8CC5-C57325476D89}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E78974E3-9175-4A38-8C17-A249C11ED3C5}" = rport=138 | protocol=17 | dir=out | app=system |
"{E8D3DE0A-D772-443C-9B43-5C6AF275BAE0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FD7B0C98-8FC0-4255-93DD-15ABC6C39A1A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0078A450-713D-4A32-99CA-77D23CCA75D0}" = protocol=17 | dir=in | app=c:\program files (x86)\expressdownloader\expressdownloader.exe |
"{0321C282-313A-4FD5-AC63-A5970D757374}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{034E492D-2A06-4920-B44B-EB7F36723B70}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbmp.exe |
"{0370F170-4589-4259-83F0-BBF11C7A4C6B}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe |
"{03BE1C7A-0EA0-4D9F-8B57-C821841E25D9}" = protocol=17 | dir=in | app=c:\users\kanisius\appdata\roaming\dropbox\bin\dropbox.exe |
"{05F93FE2-D9BA-4C18-ADE3-678C20CE53F3}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{0697DBA7-7BDD-4616-B052-5B83C65A6AC7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{08EEB92C-8B0E-4A9B-8853-3754E927DB14}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{0A4B67B4-77F1-4EEA-AEA0-CF4D76AE9B27}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{0C3792A9-CCEB-450C-A46D-C8169A7BE1E5}" = protocol=17 | dir=in | app=c:\program files (x86)\garenalol\gamedata\apps\lol\game\league of legends.exe |
"{0D36B411-15E1-4DCC-BC40-E8F5B4905C97}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0FD8EE79-844D-4FFE-9E81-874205B25FC1}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbmp.exe |
"{15D28C9E-B3D3-4F81-9ABD-50F2A2605C66}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{161787FE-5E3F-405F-82AE-1A4616EBE79B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{17001408-FDAD-433A-AEA7-672F9FB251B6}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{193A1432-AB55-480E-9C0C-F1B5333B24F1}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{1BAAD3C3-D50D-4147-8676-25A53505D496}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{1E09978C-9488-4EB0-BC7A-53EE8B22AA0D}" = protocol=6 | dir=out | app=system |
"{1E4956A2-AE8C-4C04-96C4-0F86B87885AE}" = protocol=6 | dir=in | app=c:\users\kanisius\appdata\local\temp\lolinstaller.exe |
"{2373D4BE-C43A-4DC3-8210-B2D5E2DB2F17}" = protocol=6 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{284C1964-218D-40B9-B789-B75BB5B8644C}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{2887260C-2CAF-4517-9145-FF69B5B265F2}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{29884C0B-7640-42F1-9DB9-C90BF69623B1}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{2A818868-809C-4B63-96DF-F006321BD168}" = protocol=6 | dir=in | app=c:\program files (x86)\garenalol\gamedata\apps\lol\game\league of legends.exe |
"{2B6379DD-7FC4-4D64-8B16-067C40214C12}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{2C8CD145-3C0A-4EFA-8A5A-E19C6DFC472C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{2E048C6E-0528-43E1-8023-F6479527171C}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{2FBD83F4-95A9-4CDF-9C1D-A6E8BD45FFEE}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{2FC19F72-79D0-49AD-A19D-2650DFBBA453}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{3154741F-5B9D-43E5-9C5B-80A7F4E9EA5E}" = protocol=17 | dir=in | app=c:\program files (x86)\garenalol\gamedata\apps\lol\air\lolclient.exe |
"{3810E31E-D3C6-4626-8E0B-B3DC1CE4D37A}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\uplaybrowser.exe |
"{3CEF9EFE-DDDB-4EB9-98C4-9BC226CDE04F}" = protocol=6 | dir=in | app=c:\program files\point blank\pointblank.exe |
"{3D09E055-0C98-404C-8BC3-F01C6E36ADC4}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{3F5F2E36-1A43-4EC3-8F66-56F83720F3B8}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{3FB2B1A5-6570-4732-8BDF-F7850D13EE93}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{46E13A0E-4777-4225-BEDD-F52489F31808}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{4B2D1081-1040-4B3B-B2EA-AE02DCC13C7F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4C227AAD-AA1F-4D41-8E27-7A92EE2622CC}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{4DA03B3C-5873-469E-879B-4FA9E9AEEDBE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4F641575-6DF2-46E2-A2BA-BA3953E4061A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{50E54B5D-46E3-46C9-BB94-40524CD9C83E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{532A5BB9-6856-4EA2-A575-4819F46D861D}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{544EB2BD-744C-4D0A-A96B-AB592FB9BBA8}" = protocol=6 | dir=in | app=c:\program files (x86)\garenalol\gamedata\apps\lol\air\lolclient.exe |
"{59E853B9-78C7-43C4-BF92-93DD4900E580}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{5AD2F1EA-90AE-4A2D-925E-9C0BBDE70B54}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5FF10629-D80E-4478-8FC9-3475798CD4E5}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe |
"{5FFAC38B-86A1-40E8-B879-D9F14BA60FE9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{66A898D0-851A-4802-BA48-B9366B30421D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{66BF43ED-95D1-4915-A7A9-7788D7B418C7}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6E6F4076-96AA-42B1-A9C0-0B3BEECF6DBE}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{74D6072C-1B24-4888-B609-652BA728E0FA}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{75E6D74D-C7C0-407E-B089-E3E420AD839F}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\acbsp.exe |
"{76A86125-29F4-4911-A306-D8720C4B54F7}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{799706CC-0C82-4FB2-A5F5-E22C48189240}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{7BB6D65C-D3A5-4D37-8233-966F693B9BF5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7BF744DC-7A76-4ED2-AEE7-FC8CFAE08311}" = protocol=6 | dir=in | app=c:\program files (x86)\garenalol\gamedata\apps\lol\game\league of legends.exe |
"{7C76CE51-EB33-4ED7-9ADD-716A95BCE38B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{80B9947A-713A-4C71-9002-53B82760F22A}" = protocol=17 | dir=in | app=c:\program files (x86)\garenalol\gamedata\apps\lol\game\league of legends.exe |
"{814AEA72-6856-4831-B578-E22534525C39}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{89846AF9-979B-42D0-84FB-9CC5E50AC58A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{89E2ED82-1A16-4603-85D0-9CAA04F67B69}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8A5DE62D-BF86-41CA-9AE7-94D5CFA15399}" = protocol=6 | dir=in | app=c:\program files\point blank\pointblank.exe |
"{8B6BFFFD-7B7B-4DCB-9997-CDB4F136F826}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{930A62D9-2601-47AF-8872-5F00C35998AC}" = protocol=17 | dir=in | app=c:\users\kanisius\appdata\local\temp\lolinstaller.exe |
"{93883985-EBEC-4AF8-B313-6C12D000A3C5}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{93FA80A7-A4F5-4988-A424-1AE9EBC7A3CA}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{976BFD09-31ED-4B16-87B1-7F068D9AE149}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{98D290F4-9959-4758-AB94-55B881D13E20}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{9C3FA694-5C7A-4D6B-BDD5-275E8E06EAAE}" = protocol=6 | dir=in | app=c:\program files (x86)\garenalol\gamedata\apps\lol\air\lolclient.exe |
"{A333180F-EDBA-428D-971D-8BD7119D8259}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{A371099D-5BB0-4469-8CDA-CF80BCA23999}" = protocol=17 | dir=in | app=c:\program files (x86)\expressdownloader\expressdl.exe |
"{A4AA89A0-B040-4009-87C0-7C4709D400F4}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{A54C17F0-578B-4B76-B68F-171AA3B51CD8}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A7192440-F2F7-4D74-8833-16671040CD5D}" = protocol=6 | dir=in | app=c:\program files (x86)\expressdownloader\expressdl.exe |
"{A7CB640C-B990-4ADC-A6E4-8D5A21182E59}" = protocol=17 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{A8F3877E-A868-4E8E-A54F-78409B0AE711}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{AE9CD2CF-10FA-4D5F-830A-54144FE8C38D}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{B02F7982-2E28-44CE-95D9-EC00462F7AC5}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{B46BD8C3-6355-478C-80C4-29B25186A269}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B76926FA-B4F1-412C-9D4B-1AAFBDDF1A0F}" = protocol=6 | dir=in | app=c:\program files (x86)\expressdownloader\expressdownloader.exe |
"{B948A208-569B-4A15-9FED-2959242231D0}" = protocol=6 | dir=in | app=c:\users\kanisius\appdata\roaming\dropbox\bin\dropbox.exe |
"{BCB817E3-7376-4DBF-ACE1-528A12747D07}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{BD255A2A-64B7-4C36-9702-42C69B433C22}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C12C54D7-A16D-40BB-8D50-434D36F1EDFE}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed brotherhood\uplaybrowser.exe |
"{C27E049C-2654-4C15-9027-583260037C9D}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{CD74374C-475A-485E-8E9B-304FA04299D3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D7BECA00-D7C0-4BAF-B8B7-A83A8348FA9E}" = protocol=17 | dir=in | app=c:\program files (x86)\garenalol\gamedata\apps\lol\air\lolclient.exe |
"{D9628099-76D6-49C7-A68F-7325055EEA16}" = protocol=17 | dir=in | app=c:\program files\point blank\pointblank.exe |
"{DA24C37B-2048-4CE0-A76D-DB593C2D4B1F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{DBDA2D5D-3548-4A86-A57C-0BE8561CDE00}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DE8351CA-8C1A-4CCD-B4AC-9972780F175D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E0E7FEBD-DAA3-45C1-92A8-80DAF8A4E56E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{E3E1F545-0C97-4137-A7C4-3E268AF3C2A6}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{E8C55B8C-9065-471B-B666-C374FA5B38F3}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{F3698206-F711-4703-94F8-9C90D25BC713}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{FC621E14-4A4E-4520-A584-5DF1DA9F8432}" = protocol=17 | dir=in | app=c:\program files\point blank\pointblank.exe |
"{FFF487C6-8AAF-460A-A23A-385A89BEBFE4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{30FEE19A-84D3-4E21-A43B-B5EA4F9BD07B}C:\program files\adobe\adobe media encoder cs5\adobe media encoder.exe" = protocol=6 | dir=in | app=c:\program files\adobe\adobe media encoder cs5\adobe media encoder.exe |
"TCP Query User{56B6CC29-4D20-411C-A97F-B6A18CAB9992}C:\program files\adobe\adobe media encoder cs5\adobe media encoder.exe" = protocol=6 | dir=in | app=c:\program files\adobe\adobe media encoder cs5\adobe media encoder.exe |
"TCP Query User{5ABF08BC-1DD0-43AB-853B-59D1EB6C045A}C:\program files (x86)\1clickdownload\1clickdownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\1clickdownload\1clickdownloader.exe |
"TCP Query User{74530377-6395-4BCC-8089-BA96F8C9777C}C:\program files\adobe\adobe premiere pro cs5\adobe premiere pro.exe" = protocol=6 | dir=in | app=c:\program files\adobe\adobe premiere pro cs5\adobe premiere pro.exe |
"TCP Query User{769382F6-B4C0-4E18-8C2A-7FEB62B971BF}C:\users\kanisius\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\kanisius\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{932F7488-46C9-4D14-8F94-82DF90E1F380}C:\program files\adobe\adobe premiere pro cs5\pproheadless.exe" = protocol=6 | dir=in | app=c:\program files\adobe\adobe premiere pro cs5\pproheadless.exe |
"TCP Query User{9593C2CF-818C-431E-B056-D39B9DE6C938}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{98F8D9B7-1B9B-4A59-8039-9AC89455573F}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{A2F44419-6CAB-440A-9616-0DD9BB2BDE0D}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{BA4B7762-9DFC-46D5-B3C1-6FA545BB58C4}C:\program files\blizzard\diablo iii\diablo iii.exe" = protocol=6 | dir=in | app=c:\program files\blizzard\diablo iii\diablo iii.exe |
"TCP Query User{BBDA5563-9A86-46F0-B33A-003E3FC7FE48}C:\windows\kmsemulator.exe" = protocol=6 | dir=in | app=c:\windows\kmsemulator.exe |
"TCP Query User{D597BE6C-7763-496E-940E-345159E170F6}C:\program files (x86)\garena plus\room\garena_room.exe" = protocol=6 | dir=in | app=c:\program files (x86)\garena plus\room\garena_room.exe |
"TCP Query User{D82B2F61-710D-4619-92D0-EFB8C4D13D95}C:\program files\adobe\adobe premiere pro cs5\adobe premiere pro.exe" = protocol=6 | dir=in | app=c:\program files\adobe\adobe premiere pro cs5\adobe premiere pro.exe |
"TCP Query User{ED128491-4A49-4057-A58C-73AD56D75B1F}C:\program files\blizzard\diablo iii\diablo iii.exe" = protocol=6 | dir=in | app=c:\program files\blizzard\diablo iii\diablo iii.exe |
"TCP Query User{FA37B148-CCDE-4D5D-8027-F9B57B14FD84}C:\program files\adobe\adobe after effects cs5\support files\afterfx.exe" = protocol=6 | dir=in | app=c:\program files\adobe\adobe after effects cs5\support files\afterfx.exe |
"UDP Query User{1B1C67CA-B86E-4B6B-BC0A-027FDCCF80EB}C:\program files\blizzard\diablo iii\diablo iii.exe" = protocol=17 | dir=in | app=c:\program files\blizzard\diablo iii\diablo iii.exe |
"UDP Query User{265BC918-FA84-4D02-8766-F90BA049B4D0}C:\program files\adobe\adobe premiere pro cs5\adobe premiere pro.exe" = protocol=17 | dir=in | app=c:\program files\adobe\adobe premiere pro cs5\adobe premiere pro.exe |
"UDP Query User{2A94EB27-B123-493E-AF9A-EBC81C275DB0}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{3A03F8E0-AD5F-4517-B7F3-029CBD2B8137}C:\program files\adobe\adobe premiere pro cs5\adobe premiere pro.exe" = protocol=17 | dir=in | app=c:\program files\adobe\adobe premiere pro cs5\adobe premiere pro.exe |
"UDP Query User{3F09666C-E163-4154-82C3-A5522F5E3F81}C:\windows\kmsemulator.exe" = protocol=17 | dir=in | app=c:\windows\kmsemulator.exe |
"UDP Query User{4CBAB933-1233-4A05-81E1-054CA79A1DDF}C:\users\kanisius\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\kanisius\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{50645D69-03EF-4899-A8A0-7BFBC731E409}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{59D99CA3-E185-4F0A-B345-7B0730FE491A}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{84B9988C-FAD7-40CA-B4AA-CBEDB341471A}C:\program files\adobe\adobe media encoder cs5\adobe media encoder.exe" = protocol=17 | dir=in | app=c:\program files\adobe\adobe media encoder cs5\adobe media encoder.exe |
"UDP Query User{A9AC57B5-9478-4F50-AE03-FB3137B6F8FD}C:\program files\blizzard\diablo iii\diablo iii.exe" = protocol=17 | dir=in | app=c:\program files\blizzard\diablo iii\diablo iii.exe |
"UDP Query User{B8F6A52A-92F2-454A-A9C4-4AE246EEDA7F}C:\program files\adobe\adobe premiere pro cs5\pproheadless.exe" = protocol=17 | dir=in | app=c:\program files\adobe\adobe premiere pro cs5\pproheadless.exe |
"UDP Query User{D302C77E-A586-4A4D-B514-F0119885A977}C:\program files\adobe\adobe after effects cs5\support files\afterfx.exe" = protocol=17 | dir=in | app=c:\program files\adobe\adobe after effects cs5\support files\afterfx.exe |
"UDP Query User{D8A44FDE-5633-41F0-995F-D128AE7487B1}C:\program files\adobe\adobe media encoder cs5\adobe media encoder.exe" = protocol=17 | dir=in | app=c:\program files\adobe\adobe media encoder cs5\adobe media encoder.exe |
"UDP Query User{E46E2B35-9C3A-45D3-A437-986BA39754CC}C:\program files (x86)\1clickdownload\1clickdownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\1clickdownload\1clickdownloader.exe |
"UDP Query User{F74434D5-438A-4CBC-A0B4-D1520C3BA2BD}C:\program files (x86)\garena plus\room\garena_room.exe" = protocol=17 | dir=in | app=c:\program files (x86)\garena plus\room\garena_room.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{3C09DE13-867C-4289-9F95-4510BB3A5F57}" = Magic Bullet Suite 64-bit
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{6199B534-A1B6-46ED-873B-97B0ECF8F81E}" = Intel® Trusted Connect Service Client
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A7500970-FE98-11E1-B560-F04DA23A5C58}" = Vegas Pro 12.0 (64-bit)
"{AB085680-FE98-11E1-A232-F04DA23A5C58}" = MSVCRT Redists
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 280.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.23.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Cyrus MC400_is1" = Cyrus MC400
"EPSON T13 T22E Series" = EPSON T13 T22E Series Printer Uninstall
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"WinRAR archiver" = WinRAR 4.01 (64-bit)
"ZTEWireless-101_is1" = Smartfren Connex AC682 UI
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0E3C6C75-872D-4B0D-B0B2-31C717250691}" = Adobe Encore CS5 Third Party Royalty Content
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{201906DC-8846-4D7E-85EE-E96B1CD63589}" = BlackBerry Device Software v7.1.0 for the BlackBerry 9810 smartphone
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver
"{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1" = Aegisub 2.1.9
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{288DB08D-0708-4A94-B055-55B99E39EB62}" = Adobe Creative Suite 5 Master Collection
"{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{39F58DDB-B2B8-4B86-AF20-4706A80EB30D}" = Epson Easy Photo Print 2
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.1102.1
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B12.0210.2
"{4817D846-700B-474E-A31B-80892B3E92E3}" = Adobe After Effects CS6
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{565DE707-5798-4FC3-8DF6-0F58A348A9B0}" = Adobe Premiere Pro CS5 Third Party Royalty Content
"{5DDABB74-A879-4BE7-A4C6-FD41793942DB}" = Adobe Media Encoder CS5 Dolby X64
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{9064317A-39C7-40D5-8CF5-04A254747B88}" = BlackBerry Device Software Updater
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.5)
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{C0AA232E-BD1B-40B5-A176-A2BEB67FFAE1}" = Adobe After Effects CS5 Third Party Content
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CD29B5CA-4727-4114-9AD9-25CCCE6E4014}" = Adobe After Effects CS5 Third Party Royalty Content
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DE5DE662-2ECB-4D93-967B-221FBCC8A736}" = Adobe Soundbooth CS5 Codecs
"{E13249D4-C0D1-42E8-AF82-A117AA008A75}_is1" = XML:Wrench
"{E2B086BD-75A9-45D1-A675-151624B259A1}" = Splashtop Connect for IE
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E44096DC-9389-47DE-9515-C7CA51EE05D7}" = BlackBerry Desktop Software 7.1
"{EF25F71D-F3E8-42A3-8B5A-DBF83C4B942F}" = Splashtop Connect for Firefox
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F319804F-E3A4-4C02-8AEC-CB39A4F6447E}" = Adobe Soundbooth CS5 Royalty Codecs
"{F9C71630-0EE3-475C-9E2B-ED95AE197DBD}" = Adobe Media Encoder CS5 PCI X64
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"4Media Video Converter Ultimate 6" = 4Media Video Converter Ultimate 6
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"ASIO4ALL" = ASIO4ALL
"Audacity_is1" = Audacity 2.0
"AVIcodec" = AVIcodec (remove only)
"BitTorrent" = BitTorrent
"BlackBerry_Desktop" = BlackBerry Desktop Software 7.1
"BurnAware Free_is1" = BurnAware Free 4.9
"Celtx (2.9.1)" = Celtx (2.9.1)
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DVDStyler_is1" = DVDStyler v2.3 rc 1
"EPSON T13 T22E Series Manual" = EPSON T13 T22E Series Manual
"FL Studio 9" = FL Studio 9
"FormatFactory" = FormatFactory 3.0.1
"Hardcore" = Hardcore
"IL Download Manager" = IL Download Manager
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{3C09DE13-867C-4289-9F95-4510BB3A5F57}" = Magic Bullet Suite 64-bit
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B12.0210.2
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"Internet Download Manager" = Internet Download Manager
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.2.0 (Full)
"LayoutsExpress" = LayoutsExpress
"Mozilla Firefox 16.0.2 (x86 en-US)" = Mozilla Firefox 16.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"particleIllusion 3.0.4 demo version_is1" = particleIllusion 3.0.4 demo
"PoiZone" = PoiZone
"PunkBusterSvc" = PunkBuster Services
"Sawer" = Sawer
"Smartfren Connex EC306-2 UI" = Smartfren Connex EC306-2 UI
"SubtitleWorkshop" = Subtitle Workshop 2.51
"The KMPlayer" = The KMPlayer (remove only)
"Toxic Biohazard" = Toxic Biohazard
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinRAR 4.01" = WinRAR 4.01
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"YouTube Video Downloader_is1" = YouTube Video Downloader 3
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 2/6/2013 2:04:26 PM | Computer Name = Kanisius-PC | Source = Winlogon | ID = 4103
Description = Windows license activation failed. Error 0x80070005.
Error - 2/6/2013 2:04:33 PM | Computer Name = Kanisius-PC | Source = WinMgmt | ID = 10
Description =
Error - 2/6/2013 2:17:28 PM | Computer Name = Kanisius-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Users\Kanisius\Downloads\Programs\SoftonicDownloader_for_blackshot.exe".Error
in manifest or policy file "" on line . A component version required by the application
conflicts with another component version already active. Conflicting components
are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 2/6/2013 2:17:28 PM | Computer Name = Kanisius-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Users\Kanisius\Downloads\Programs\SoftonicDownloader_for_need-for-speed-underground-2.exe".Error
in manifest or policy file "" on line . A component version required by the application
conflicts with another component version already active. Conflicting components
are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 2/6/2013 2:17:28 PM | Computer Name = Kanisius-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Users\Kanisius\Downloads\Programs\SoftonicDownloader_for_need-for-speed-underground-2_2.exe".Error
in manifest or policy file "" on line . A component version required by the application
conflicts with another component version already active. Conflicting components
are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 2/6/2013 2:25:06 PM | Computer Name = Kanisius-PC | Source = Winlogon | ID = 4103
Description = Windows license activation failed. Error 0x80070005.
Error - 2/6/2013 2:26:18 PM | Computer Name = Kanisius-PC | Source = WinMgmt | ID = 10
Description =
Error - 2/6/2013 3:08:47 PM | Computer Name = Kanisius-PC | Source = Application Hang | ID = 1002
Description = The program PCTools_Safe_Install_SD.exe version 1.3.0.24 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 109c Start
Time: 01ce049a408820e0 Termination Time: 2 Application Path: C:\Users\Kanisius\Downloads\PCTools_Safe_Install_SD.exe
Report
Id: a0d091c3-7090-11e2-b082-50e549eec3ee
Error - 2/6/2013 3:10:01 PM | Computer Name = Kanisius-PC | Source = Winlogon | ID = 4103
Description = Windows license activation failed. Error 0x80070005.
Error - 2/6/2013 3:10:38 PM | Computer Name = Kanisius-PC | Source = WinMgmt | ID = 10
Description =
[ Media Center Events ]
Error - 1/17/2013 5:51:37 PM | Computer Name = Kanisius-PC | Source = MCUpdate | ID = 0
Description = 4:51:37 AM - Error connecting to the internet. 4:51:37 AM - Unable
to contact server..
Error - 1/17/2013 5:52:11 PM | Computer Name = Kanisius-PC | Source = MCUpdate | ID = 0
Description = 4:52:06 AM - Error connecting to the internet. 4:52:06 AM - Unable
to contact server..
Error - 1/17/2013 6:52:56 PM | Computer Name = Kanisius-PC | Source = MCUpdate | ID = 0
Description = 5:52:56 AM - Error connecting to the internet. 5:52:56 AM - Unable
to contact server..
Error - 1/17/2013 6:53:26 PM | Computer Name = Kanisius-PC | Source = MCUpdate | ID = 0
Description = 5:53:25 AM - Error connecting to the internet. 5:53:25 AM - Unable
to contact server..
Error - 1/18/2013 5:04:35 AM | Computer Name = Kanisius-PC | Source = MCUpdate | ID = 0
Description = 4:04:34 PM - Failed to retrieve Directory (Error: The underlying connection
was closed: An unexpected error occurred on a receive.)
Error - 1/20/2013 4:37:12 PM | Computer Name = Kanisius-PC | Source = MCUpdate | ID = 0
Description = 3:37:12 AM - Error connecting to the internet. 3:37:12 AM - Unable
to contact server..
Error - 1/20/2013 5:37:19 PM | Computer Name = Kanisius-PC | Source = MCUpdate | ID = 0
Description = 4:37:18 AM - Error connecting to the internet. 4:37:19 AM - Unable
to contact server..
Error - 1/20/2013 6:37:28 PM | Computer Name = Kanisius-PC | Source = MCUpdate | ID = 0
Description = 5:37:26 AM - Error connecting to the internet. 5:37:27 AM - Unable
to contact server..
Error - 1/20/2013 7:37:43 PM | Computer Name = Kanisius-PC | Source = MCUpdate | ID = 0
Description = 6:37:42 AM - Error connecting to the internet. 6:37:43 AM - Unable
to contact server..
Error - 1/31/2013 10:48:14 PM | Computer Name = Kanisius-PC | Source = MCUpdate | ID = 0
Description = 9:48:13 AM - Error connecting to the internet. 9:48:13 AM - Unable
to contact server..
[ System Events ]
Error - 2/6/2013 2:04:20 PM | Computer Name = Kanisius-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Smartfren
Connex EC306-2 UI. OUC service to connect.
Error - 2/6/2013 2:04:20 PM | Computer Name = Kanisius-PC | Source = Service Control Manager | ID = 7000
Description = The Smartfren Connex EC306-2 UI. OUC service failed to start due to
the following error: %%1053
Error - 2/6/2013 2:19:56 PM | Computer Name = Kanisius-PC | Source = Service Control Manager | ID = 7034
Description = The CDROM_Eject_W service terminated unexpectedly. It has done this
1 time(s).
Error - 2/6/2013 2:22:45 PM | Computer Name = Kanisius-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.
Error - 2/6/2013 2:24:03 PM | Computer Name = Kanisius-PC | Source = Application Popup | ID = 1060
Description = \??\C:\username123\catchme.sys has been blocked from loading due to
incompatibility with this system. Please contact your software vendor for a compatible
version of the driver.
Error - 2/6/2013 2:24:22 PM | Computer Name = Kanisius-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.
Error - 2/6/2013 2:25:13 PM | Computer Name = Kanisius-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Smartfren
Connex EC306-2 UI. OUC service to connect.
Error - 2/6/2013 2:25:13 PM | Computer Name = Kanisius-PC | Source = Service Control Manager | ID = 7000
Description = The Smartfren Connex EC306-2 UI. OUC service failed to start due to
the following error: %%1053
Error - 2/6/2013 3:10:00 PM | Computer Name = Kanisius-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Smartfren
Connex EC306-2 UI. OUC service to connect.
Error - 2/6/2013 3:10:00 PM | Computer Name = Kanisius-PC | Source = Service Control Manager | ID = 7000
Description = The Smartfren Connex EC306-2 UI. OUC service failed to start due to
the following error: %%1053
< End of report >
Edited by bgirl8fasolla, 06 February 2013 - 02:39 PM.