Hi I started my computer up today, noticed it was running very slow, I opened task manager and noticed Disk was running at 100% for no particular reason. I looked into it and noticed there was a process called "semaphore-threads.exe" using alot.
Anyway here's my results from OTL.
OTL.Txt:
OTL logfile created on: 17/12/2013 7:54:53 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\radiorentals\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16736)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
7.89 Gb Total Physical Memory | 6.05 Gb Available Physical Memory | 76.75% Memory free
9.82 Gb Paging File | 7.11 Gb Available in Paging File | 72.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 454.95 Gb Total Space | 131.93 Gb Free Space | 29.00% Space Free | Partition Type: NTFS
Drive D: | 455.63 Gb Total Space | 455.48 Gb Free Space | 99.97% Space Free | Partition Type: NTFS
Computer Name: RR | User Name: radiorentals | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\radiorentals\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\lucky leap\bin\utilluckyleap.exe ()
PRC - C:\Program Files (x86)\lucky leap\updateluckyleap.exe ()
PRC - C:\Program Files\News.net\NewsNetService.exe (International News Network Limited)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe (Wajam)
PRC - C:\ClassicShell\ClassicShellService.exe (IvoSoft)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ITE\ITE Infrared Transceiver\CIRAP.exe (ITE Tech. Inc.)
PRC - C:\Program Files (x86)\Common Files\AVerMedia\AVerHIDReceiver\AVerHIDReceiver.exe ()
PRC - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe ()
PRC - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe (AVerMedia)
PRC - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe (Atheros)
PRC - C:\Program Files\acerIR\IRListenApp.exe (Corp)
PRC - C:\Program Files\acerIR\IRSrv.exe ()
PRC - C:\Windows\SysWOW64\CtrlPanel.exe (Wistron)
PRC - C:\Windows\SysWOW64\WWAHost.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (CyberLink)
PRC - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\updateui.exe ()
PRC - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ismagent.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Steam\bin\chromehtml.dll ()
MOD - C:\Program Files (x86)\Steam\bin\audio.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()
MOD - C:\Program Files (x86)\Steam\SDL2.dll ()
MOD - C:\Program Files (x86)\Steam\bin\mssvoice.asi ()
MOD - C:\Program Files (x86)\Steam\bin\mssmp3.asi ()
MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll ()
MOD - C:\Program Files (x86)\Common Files\AVerMedia\AVerHIDReceiver\AVerHIDReceiver.exe ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\updateui.exe ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\plugin\PServerPlugin.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\featureController.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\DeviceProfile.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\eventsSender.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\log4cplus.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\libgsoap.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\sqlite3.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtGui4.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtXml4.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtCore4.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\zlib1.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtWebKit4.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\phonon4.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (.Net Main) -- C:\Windows\SysNative\idle-Threads.exe ()
SRV:64bit: - (.Net Crypt) -- C:\Windows\SysNative\mutex-Threads.exe ()
SRV:64bit: - (.Net Semaphore) -- C:\Windows\SysNative\semaphore-Threads.exe ()
SRV:64bit: - (.Net Security) -- C:\Windows\SysNative\latch-Threads.exe ()
SRV:64bit: - (NewsNetService) -- C:\Program Files\News.net\NewsNetService.exe (International News Network Limited)
SRV:64bit: - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe (McAfee, Inc.)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (IRSrv) -- C:\Program Files\acerIR\IRSrv.exe ()
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (ePowerSvc) -- C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Acer Incorporated)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (Intel® -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel® Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Util lucky leap) -- C:\Program Files (x86)\lucky leap\bin\utilluckyleap.exe ()
SRV - (Update lucky leap) -- C:\Program Files (x86)\lucky leap\updateluckyleap.exe ()
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (BEService) -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe ()
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (WajamUpdater) -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe (Wajam)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (RzMaelstromVADStreamingService) -- C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe (A-Volute)
SRV - (ClassicShellService) -- C:\ClassicShell\ClassicShellService.exe (IvoSoft)
SRV - (Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (AVerScheduleService) -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe ()
SRV - (AVerRemote) -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe (AVerMedia)
SRV - (ZAtheros Wlan Agent) -- C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe (Atheros)
SRV - (CtrlPanel) -- C:\Windows\SysWOW64\CtrlPanel.exe (Wistron)
SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (CCDMonitorService) -- C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (Acer Incorporated)
SRV - (PGService) -- C:\Program Files (x86)\PointGrab\Hand Gesture Control\PGService.exe (PointGrab LTD)
SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Qualcomm Atheros Commnucations)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (EgisTec Ticket Service) -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe (Egis Technology Inc. )
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
========== Driver Services (SafeList) ==========
DRV:64bit: - (scssifilter) -- C:\Windows\SysNative\Drivers\scssifilter64.sys (Microsoft Corporation)
DRV:64bit: - (usbmp3) -- C:\Windows\SysNative\Drivers\usbmp364.sys ()
DRV:64bit: - (usbwav) -- C:\Windows\SysNative\Drivers\usbwav64.sys ()
DRV:64bit: - (usbvox) -- C:\Windows\SysNative\Drivers\usbvox64.sys ()
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (Netaapl) -- C:\Windows\SysNative\Drivers\netaapl64.sys (Apple Inc.)
DRV:64bit: - (VClone) -- C:\Windows\SysNative\Drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (rzudd) -- C:\Windows\SysNative\Drivers\rzudd.sys (Razer Inc)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (RZMAELSTROMVADService) -- C:\Windows\SysNative\Drivers\RzMaelstromVAD.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\Drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (ccSet_NARA) -- C:\Windows\SysNative\Drivers\NARAx64\0401000.00E\ccSetx64.sys (Symantec Corporation)
DRV:64bit: - (itecir) -- C:\Windows\SysNative\Drivers\itecir.sys (ITE Tech. Inc. )
DRV:64bit: - (ITECIRfilter) -- C:\Windows\SysNative\Drivers\ITECIRfilter.sys (ITE Tech. Inc. )
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\Drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (AVerIT13x) -- C:\Windows\SysNative\Drivers\AVerIT13x_x64.sys (AVerMedia TECHNOLOGIES, Inc.)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\Drivers\btath_hcrp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\Drivers\btath_rcp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\Drivers\btath_lwflt.sys (Qualcomm Atheros)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\Drivers\btfilter.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\Drivers\btath_a2dp.sys (Qualcomm Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\Drivers\btath_avdt.sys (Qualcomm Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\Drivers\btath_flt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\Drivers\btath_bus.sys (Qualcomm Atheros)
DRV:64bit: - (athr) -- C:\Windows\SysNative\Drivers\athw8x.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\Drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (PQAWRwa) -- C:\Program Files\acerIR\PQAWDrv.sys ()
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\Drivers\Rt630x64.sys (Realtek )
DRV:64bit: - (RtkIOAC60) -- C:\Windows\SysNative\Drivers\RtkIOAC60.sys (Windows ® Codename Longhorn DDK provider)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\Drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\Drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\Drivers\mwlPSDFilter.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\Drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\Drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\Drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\Drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV - (WinRing0_1_2_0) -- C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys (OpenLibSys.org)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {7354125F-295B-4F01-AE6E-7AFE5F70E668}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {7354125F-295B-4F01-AE6E-7AFE5F70E668}
IE - HKCU\..\SearchScopes,DefaultScope = {7354125F-295B-4F01-AE6E-7AFE5F70E668}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B4DC70064-89E2-4a55-8FC6-E8CDEAE3618C%7D:0.7.7
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@news.net/npapi: C:\Program Files\News.net\npapi.dll (International News Network Limited)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}: C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [2013/07/11 05:28:16 | 000,037,909 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2013/07/19 13:06:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\radiorentals\AppData\Roaming\mozilla\Extensions
[2013/12/17 19:25:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\radiorentals\AppData\Roaming\mozilla\Firefox\Profiles\lhbi91kq.default\extensions
[2013/10/06 13:05:27 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Users\radiorentals\AppData\Roaming\mozilla\Firefox\Profiles\lhbi91kq.default\extensions\ffxtlbr@delta.com
[2013/10/06 13:05:38 | 000,000,000 | ---D | M] (news.net) -- C:\Users\radiorentals\AppData\Roaming\mozilla\Firefox\Profiles\lhbi91kq.default\extensions\news@news.net
[2013/12/17 19:25:42 | 000,007,310 | ---- | M] () (No name found) -- C:\Users\radiorentals\AppData\Roaming\mozilla\firefox\profiles\lhbi91kq.default\extensions\{3b232d24-d5de-4194-b4d7-d53b41a09748}.xpi
[2013/07/19 16:02:57 | 000,013,345 | ---- | M] () (No name found) -- C:\Users\radiorentals\AppData\Roaming\mozilla\firefox\profiles\lhbi91kq.default\extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi
[2013/09/12 00:50:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/09/12 00:51:04 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: McAfee Security Scanner + (Enabled) = C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: WildTangent Games App V2 Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - Extension: Google Drive = C:\Users\radiorentals\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\radiorentals\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\radiorentals\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\radiorentals\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0\
CHR - Extension: Google Wallet = C:\Users\radiorentals\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Gmail = C:\Users\radiorentals\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012/07/27 09:26:52 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2:64bit: - BHO: (news.net) - {BA3E58F7-60C6-485E-A775-0C1FD9C0E55E} - C:\Program Files\News.net\IE\ScriptHost64.dll ()
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
O2 - BHO: (news.net) - {BA3E58F7-60C6-485E-A775-0C1FD9C0E55E} - C:\Program Files\News.net\IE\ScriptHost.dll ()
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.24.6\bh\delta.dll (Delta-search.com)
O2 - BHO: (lucky leap) - {d77aa852-def3-43cb-a3f5-bd679de72f32} - C:\Program Files (x86)\lucky leap\luckyleapBHO.dll (luckyleap)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.24.6\deltaTlbr.dll (Delta-search.com)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [BtPreLoad] C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CIRAP] C:\Program Files (x86)\ITE\ITE Infrared Transceiver\CIRAP.exe (ITE Tech. Inc.)
O4 - HKLM..\Run: [IRApp] C:\Program Files\acerIR\IRListenApp.exe (Corp)
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
O4 - HKLM..\Run: [WCtrlPanel] C:\Windows\SysWOW64\CtrlPanel.exe (Wistron)
O4 - HKCU..\Run: [News.net] C:\Program Files\News.net\BreakingNews\DesktopContainer.exe (International News Network Limited)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\radiorentals\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [uTorrent] C:\Users\radiorentals\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 61.9.211.1 61.9.211.33
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0112580E-9F5A-4194-AB87-28B45D9B8CC4}: DhcpNameServer = 61.9.211.1 61.9.211.33
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{648DDE01-6E41-4669-9DC1-A1EC269CF7CA}: DhcpNameServer = 61.9.211.1 61.9.211.33
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A98D331D-F5B2-4564-83EA-A938F3F32B6F}: DhcpNameServer = 172.20.10.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/12/17 19:08:11 | 000,005,208 | ---- | M] () - C:\autoupdate.log -- [ NTFS ]
O33 - MountPoints2\{9e33be85-2813-11e3-be8c-2016d83c21d2}\Shell - "" = AutoRun
O33 - MountPoints2\{9e33be85-2813-11e3-be8c-2016d83c21d2}\Shell\AutoRun\command - "" = "E:\setup.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:64bit: SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2013/12/14 09:49:59 | 000,000,000 | ---D | C] -- C:\Users\radiorentals\Desktop\Childish Gambino -
[2013/12/10 11:51:19 | 000,000,000 | ---D | C] -- C:\Users\radiorentals\Desktop\Kendrick Lamar - Found Myself (MonsterMixtapes.net)
[2013/12/05 11:25:03 | 000,000,000 | R--D | C] -- C:\Users\radiorentals\Documents\Documents
[2013/12/05 11:25:00 | 000,000,000 | R--D | C] -- C:\Users\Public\Documents\Documents
[2013/12/03 20:12:56 | 001,300,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2013/12/03 20:12:55 | 000,096,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wfplwfs.sys
[2013/12/03 20:12:49 | 013,661,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Xaml.dll
[2013/12/03 20:12:47 | 010,799,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Xaml.dll
[2013/12/03 20:12:46 | 001,173,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAutomationCore.dll
[2013/12/03 20:12:46 | 000,914,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAutomationCore.dll
[2013/12/03 20:12:45 | 000,773,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2013/12/03 20:12:44 | 001,622,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2013/12/03 20:12:44 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2013/12/03 20:12:44 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ubpm.dll
[2013/12/03 20:12:44 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll
[2013/12/03 20:12:44 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ubpm.dll
[2013/12/03 20:12:44 | 000,151,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tpm.sys
[2013/12/03 20:12:44 | 000,061,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys
[2013/12/03 20:12:43 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2013/12/03 20:12:43 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2013/12/03 20:12:43 | 000,059,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2013/12/03 20:12:42 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\storewuauth.dll
[2013/12/03 20:12:42 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2013/12/03 20:12:42 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2013/12/03 20:12:42 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2013/12/03 20:12:42 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2013/12/03 20:12:21 | 001,890,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/12/03 20:12:01 | 003,959,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/12/03 20:11:59 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/12/03 20:11:59 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/12/03 20:11:59 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/12/03 20:11:59 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/12/03 20:03:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2013/11/25 11:02:04 | 000,000,000 | ---D | C] -- C:\Users\radiorentals\Desktop\The Walking Dead
[2013/11/25 11:00:57 | 000,000,000 | ---D | C] -- C:\Users\radiorentals\Desktop\Workaholics
[2013/11/25 10:56:24 | 000,000,000 | ---D | C] -- C:\Users\radiorentals\Desktop\Lil Wayne - I Am Not A Human Being II [Deluxe Edition] [2013]-CR
[2013/11/25 10:56:19 | 000,000,000 | ---D | C] -- C:\Users\radiorentals\Desktop\Kanye West - Yeezus (Final Release)(320Kbps)(2013)
[2013/11/25 10:56:13 | 000,000,000 | ---D | C] -- C:\Users\radiorentals\Desktop\Ghostpoet - Some Say I So I Say Light (2013) MP3
[2013/11/25 10:56:02 | 000,000,000 | ---D | C] -- C:\Users\radiorentals\Desktop\Eminem - The Marshall Mathers LP 2 [Deluxe Edition] [2013] [2CD] [Mp3-320]-V3nom [GLT]
[2013/11/25 10:55:57 | 000,000,000 | ---D | C] -- C:\Users\radiorentals\Desktop\Chance The Rapper - Acidrap
[2013/11/25 10:55:49 | 000,000,000 | ---D | C] -- C:\Users\radiorentals\Desktop\Tyga - Hotel California (Deluxe Version)
[2013/11/25 10:55:38 | 000,000,000 | ---D | C] -- C:\Users\radiorentals\Desktop\The Walking Dead S04E06 HDTV x264-2HD[ettv]
[2013/11/25 10:55:19 | 000,000,000 | ---D | C] -- C:\Users\radiorentals\Desktop\The Walking Dead S04E05 HDTV x264-2HD[ettv]
[2013/11/25 10:54:21 | 000,000,000 | ---D | C] -- C:\Users\radiorentals\Desktop\The Help DVDRip XviD-DiAMOND
[2013/11/25 10:53:52 | 000,000,000 | ---D | C] -- C:\Users\radiorentals\Desktop\The Conjuring 2013 R6 WEBRiP XviD-Acesan8s
[2013/11/25 10:53:46 | 000,000,000 | ---D | C] -- C:\Users\radiorentals\Desktop\Lloyd - King of Hearts (Deluxe iTunes Version)
========== Files - Modified Within 30 Days ==========
[2013/12/17 19:54:59 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/12/17 19:54:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/12/17 19:40:40 | 000,007,660 | ---- | M] () -- C:\Users\radiorentals\AppData\Local\Resmon.ResmonCfg
[2013/12/17 19:19:18 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/12/17 19:12:56 | 000,248,650 | RHS- | M] () -- C:\Windows\SysNative\masteraclini.enu
[2013/12/17 19:12:56 | 000,000,116 | R--- | M] () -- C:\Windows\SysNative\masteraclbini.enu
[2013/12/17 19:06:56 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2013/12/17 19:06:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/12/14 18:18:03 | 000,000,870 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2013/12/11 17:08:20 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/12/11 17:08:17 | 2479,013,887 | -HS- | M] () -- C:\hiberfil.sys
[2013/12/09 19:24:14 | 000,358,792 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/12/07 11:39:07 | 000,597,104 | RH-- | M] () -- C:\Windows\SysNative\ProgramlicenseRequired.exe
[2013/12/05 18:46:55 | 000,002,217 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/12/03 20:03:48 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\reAgentc.Off
[2013/12/03 20:03:31 | 008,007,680 | R--- | M] ( ) -- C:\Windows\SysNative\Microsoft.mshtml.dll
[2013/12/03 20:03:31 | 001,892,464 | RH-- | M] () -- C:\Windows\SysNative\wLins.exe
[2013/12/03 20:03:31 | 001,422,336 | RH-- | M] () -- C:\Windows\SysNative\7z.dll
[2013/12/03 20:03:31 | 000,200,704 | R--- | M] () -- C:\Windows\SysNative\ICSharpCode.SharpZipLib.dll
[2013/12/03 20:03:31 | 000,151,040 | RH-- | M] () -- C:\Windows\SysNative\SevenZipSharp.dll
[2013/12/03 20:03:31 | 000,126,976 | R--- | M] ( ) -- C:\Windows\SysNative\Interop.SHDocVw.dll
[2013/12/03 20:03:31 | 000,096,880 | RHS- | M] () -- C:\Windows\SysNative\bcdboots.exe
[2013/12/03 20:03:31 | 000,061,552 | RH-- | M] () -- C:\Windows\SysNative\msgPop.exe
[2013/12/03 20:03:30 | 001,892,464 | RH-- | M] () -- C:\Windows\SysNative\wLin.exe
[2013/12/03 20:03:29 | 000,001,754 | RHS- | M] () -- C:\Windows\SysNative\masterlock.enu
[2013/12/03 20:03:23 | 000,001,965 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2013/12/03 20:03:23 | 000,001,965 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013/12/03 20:02:35 | 000,350,832 | RH-- | M] () -- C:\Windows\SysNative\HardwareInfo.exe
[2013/12/03 20:02:35 | 000,004,959 | RHS- | M] () -- C:\Windows\SysNative\{master}(1a)avga.enu
[2013/12/03 20:02:35 | 000,004,821 | RHS- | M] () -- C:\Windows\SysNative\{master}(99)misc.enu
[2013/12/03 20:02:35 | 000,004,688 | RHS- | M] () -- C:\Windows\SysNative\{master}(12)kasp.enu
[2013/12/03 20:02:35 | 000,004,682 | RHS- | M] () -- C:\Windows\SysNative\{master}(2)cas.enu
[2013/12/03 20:02:35 | 000,004,676 | RHS- | M] () -- C:\Windows\SysNative\{master}(9)com.enu
[2013/12/03 20:02:35 | 000,004,674 | RHS- | M] () -- C:\Windows\SysNative\{master}(8)pro.enu
[2013/12/03 20:02:35 | 000,004,625 | RHS- | M] () -- C:\Windows\SysNative\{master}(3)pan.enu
[2013/12/03 20:02:35 | 000,004,607 | RHS- | M] () -- C:\Windows\SysNative\{master}(4)zilla.enu
[2013/12/03 20:02:34 | 000,007,971 | RHS- | M] () -- C:\Windows\SysNative\{master}(00)Msg.enu
[2013/12/03 20:02:34 | 000,005,957 | RHS- | M] () -- C:\Windows\SysNative\{master}(0)nrt.enu
[2013/12/03 20:02:34 | 000,004,502 | RHS- | M] () -- C:\Windows\SysNative\{master}(1)avg.enu
[2013/12/03 20:02:34 | 000,004,403 | RHS- | M] () -- C:\Windows\SysNative\{master}(zz)Template.enu
[2013/12/03 20:02:34 | 000,004,396 | RHS- | M] () -- C:\Windows\SysNative\{master}(1a)avgi.enu
[2013/12/03 20:02:34 | 000,001,406 | RHS- | M] () -- C:\Windows\SysNative\{master}(0}Process.enu
[2013/12/03 20:02:26 | 009,361,520 | RH-- | M] () -- C:\Windows\SysNative\idle-Threads.exe
[2013/12/03 20:02:23 | 009,539,184 | RHS- | M] () -- C:\Windows\SysNative\mutex-Threads.exe
[2013/12/03 20:02:23 | 000,480,880 | -HS- | M] () -- C:\Windows\SysNative\semaphore-Threads.exe
[2013/12/03 20:02:21 | 009,544,304 | RHS- | M] () -- C:\Windows\SysNative\latch-Threads.exe
[2013/12/03 20:02:07 | 000,018,928 | R--- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scssifilter64.sys
[2013/12/03 20:02:07 | 000,018,928 | R--- | M] () -- C:\Windows\SysNative\drivers\usbmp364.sys
[2013/12/03 20:02:07 | 000,015,856 | R--- | M] () -- C:\Windows\SysNative\drivers\usbwav64.sys
[2013/12/03 20:02:06 | 000,020,464 | R--- | M] () -- C:\Windows\SysNative\drivers\usbvox64.sys
[2013/11/24 16:23:04 | 007,679,724 | ---- | M] () -- C:\Users\radiorentals\Desktop\01 Life Round Here (feat. Chance The Rapper).mp3
[2013/11/24 16:22:36 | 009,427,996 | ---- | M] () -- C:\Users\radiorentals\Desktop\My Nigga Explicit (ft. Jeezy, Rich Homie Quan).mp3
========== Files Created - No Company Name ==========
[2013/12/17 19:27:01 | 000,007,660 | ---- | C] () -- C:\Users\radiorentals\AppData\Local\Resmon.ResmonCfg
[2013/12/09 19:24:04 | 000,358,792 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/12/07 11:39:06 | 000,597,104 | RH-- | C] () -- C:\Windows\SysNative\ProgramlicenseRequired.exe
[2013/12/03 20:03:30 | 001,892,464 | RH-- | C] () -- C:\Windows\SysNative\wLins.exe
[2013/12/03 20:03:30 | 001,892,464 | RH-- | C] () -- C:\Windows\SysNative\wLin.exe
[2013/11/25 11:02:04 | 006,706,793 | ---- | C] () -- C:\Users\radiorentals\Desktop\Bliss N Eso - 09 - Coastal Kids.mp3
[2013/11/24 23:54:02 | 007,679,724 | ---- | C] () -- C:\Users\radiorentals\Desktop\01 Life Round Here (feat. Chance The Rapper).mp3
[2013/11/24 23:53:59 | 009,427,996 | ---- | C] () -- C:\Users\radiorentals\Desktop\My Nigga Explicit (ft. Jeezy, Rich Homie Quan).mp3
[2013/09/17 07:19:08 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/08/23 00:20:56 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/08/23 00:20:54 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/09/21 08:34:16 | 000,049,152 | ---- | C] () -- C:\Windows\SysWow64\AVerIO.dll
[2012/09/21 08:34:16 | 000,003,456 | ---- | C] () -- C:\Windows\SysWow64\AVerIO.sys
[2012/09/21 08:34:12 | 000,618,496 | ---- | C] () -- C:\Windows\SysWow64\sptlib21.dll
[2012/09/21 08:34:12 | 000,421,888 | ---- | C] () -- C:\Windows\SysWow64\sptlib02.dll
[2012/09/21 08:34:12 | 000,311,296 | ---- | C] () -- C:\Windows\SysWow64\sptlib01.dll
[2012/09/21 08:34:12 | 000,307,200 | ---- | C] () -- C:\Windows\SysWow64\sptlib22.dll
[2012/09/21 08:34:12 | 000,307,200 | ---- | C] () -- C:\Windows\SysWow64\sptlib03.dll
[2012/09/21 08:34:12 | 000,294,912 | ---- | C] () -- C:\Windows\SysWow64\sptlib11.dll
[2012/09/21 08:34:12 | 000,135,168 | ---- | C] () -- C:\Windows\SysWow64\sptlib12.dll
[2012/09/21 08:25:14 | 000,012,384 | ---- | C] () -- C:\Windows\SysWow64\PQAWDrv.sys
[2012/09/21 08:25:14 | 000,000,065 | ---- | C] () -- C:\Windows\SysWow64\CtrlBri.ini
[2012/09/01 04:10:08 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012/09/01 04:10:04 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012/09/01 04:10:04 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/07/27 12:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012/07/27 12:13:08 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012/07/27 11:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012/07/27 05:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012/07/27 00:37:28 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012/07/27 00:28:30 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012/06/03 18:31:18 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2012/04/21 07:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
========== ZeroAccess Check ==========
[2013/07/19 22:20:27 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/08/02 16:28:20 | 019,758,080 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/08/02 15:08:10 | 017,561,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/27 03:57:36 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/27 03:58:04 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/27 03:53:50 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/10/06 13:05:23 | 000,000,000 | ---D | M] -- C:\Users\radiorentals\AppData\Roaming\BabSolution
[2013/10/06 13:05:26 | 000,000,000 | ---D | M] -- C:\Users\radiorentals\AppData\Roaming\Delta
[2013/10/06 13:12:17 | 000,000,000 | ---D | M] -- C:\Users\radiorentals\AppData\Roaming\Free Sound Recorder
[2013/07/19 13:04:15 | 000,000,000 | ---D | M] -- C:\Users\radiorentals\AppData\Roaming\LibreOffice
[2013/07/19 15:55:49 | 000,000,000 | ---D | M] -- C:\Users\radiorentals\AppData\Roaming\LolClient
[2013/10/05 14:37:38 | 000,000,000 | ---D | M] -- C:\Users\radiorentals\AppData\Roaming\SanDisk SecureAccess
[2013/10/06 12:28:31 | 000,000,000 | ---D | M] -- C:\Users\radiorentals\AppData\Roaming\Spotify
[2013/12/17 19:13:49 | 000,000,000 | ---D | M] -- C:\Users\radiorentals\AppData\Roaming\uTorrent
[2013/07/19 13:08:56 | 000,000,000 | ---D | M] -- C:\Users\radiorentals\AppData\Roaming\WildTangent
========== Purity Check ==========
========== Custom Scans ==========
< %USERPROFILE%\..|smtmp;true;true;true /FP >
< %temp%\smtmp\*.* /s > >
< MD5 for: EXPLORER.ADML >
[2012/07/27 11:49:04 | 000,003,671 | ---- | M] () MD5=007B16AEF3E958080573CDB80648167D -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.2.9200.16384_en-us_7bca26f6f419a854\Explorer.adml
[2012/07/27 11:49:04 | 000,003,671 | ---- | M] () MD5=007B16AEF3E958080573CDB80648167D -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.2.9200.16433_en-us_7bff382ef3f2006f\Explorer.adml
[2012/07/27 11:49:04 | 000,003,671 | ---- | M] () MD5=007B16AEF3E958080573CDB80648167D -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.2.9200.16726_en-us_7c0d0eaaf3e727f8\Explorer.adml
[2012/07/27 11:49:04 | 000,003,671 | ---- | M] () MD5=007B16AEF3E958080573CDB80648167D -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.2.9200.20534_en-us_7c89d5440d0eb990\Explorer.adml
[2012/07/27 11:49:04 | 000,003,671 | ---- | M] () MD5=007B16AEF3E958080573CDB80648167D -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.2.9200.20837_en-us_7c8cdbd40d0bfd0a\Explorer.adml
< MD5 for: EXPLORER.ADMX >
[2012/07/27 00:21:50 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\WinSxS\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.2.9200.16384_none_6e8451187a9a1607\Explorer.admx
[2012/07/27 00:21:50 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\WinSxS\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.2.9200.16420_none_6ec1315e7a6d062c\Explorer.admx
[2012/07/27 00:21:50 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\WinSxS\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.2.9200.16433_none_6eb962507a726e22\Explorer.admx
[2012/07/27 00:21:50 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\WinSxS\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.2.9200.20521_none_6f4bce739389bf4d\Explorer.admx
[2012/07/27 00:21:50 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\WinSxS\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.2.9200.20534_none_6f43ff65938f2743\Explorer.admx
< MD5 for: EXPLORER.EXE >
[2013/06/01 21:34:21 | 002,391,280 | ---- | M] (Microsoft Corporation) MD5=0E8E6463F81C80AFBED533E0F1F8895D -- C:\Windows\explorer.exe
[2013/06/01 21:34:21 | 002,391,280 | ---- | M] (Microsoft Corporation) MD5=0E8E6463F81C80AFBED533E0F1F8895D -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16628_none_aac334d9034c59e1\explorer.exe
[2013/08/03 10:12:37 | 000,191,929 | ---- | M] () MD5=1727143EC434BC6ED2C8433C9A7C7CF5 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_b592a71650d677ed\explorer.exe
[2013/08/03 10:12:50 | 000,190,101 | ---- | M] () MD5=1CEF1546DCBB255E79A68D0214E7AA6A -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20733_none_b591aa9850d758e4\explorer.exe
[2013/08/02 08:49:21 | 000,220,310 | ---- | M] () MD5=2103B41B1878A36D44ED886AE09EFA73 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_aab35faf0358fcd1\explorer.exe
[2013/08/02 08:49:26 | 000,217,360 | ---- | M] () MD5=5929EC2D3DF02827BCF08A88AB5F6C18 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20733_none_ab3d00461c7696e9\explorer.exe
[2013/08/02 08:49:18 | 000,221,955 | ---- | M] () MD5=90F515C3CFFA8F2799B68C73987E1262 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_aa7e4e770380a4b6\explorer.exe
[2013/08/02 08:49:23 | 000,220,321 | ---- | M] () MD5=B8F2498A377EB2B6BCAC1D7389493113 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_ab3dfcc41c75b5f2\explorer.exe
[2013/08/03 10:12:26 | 000,193,351 | ---- | M] () MD5=CC4023167AB8903336F5E0A3BDDF28E2 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_b4d2f8c937e166b1\explorer.exe
[2013/08/03 10:12:31 | 000,191,911 | ---- | M] () MD5=DC2879EFC84E1911998268EB59F7B436 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_b5080a0137b9becc\explorer.exe
[2013/06/01 20:24:46 | 002,106,176 | ---- | M] (Microsoft Corporation) MD5=EAFE46B0292D2BD2467835E2ACF717CC -- C:\Windows\SysWOW64\explorer.exe
[2013/06/01 20:24:46 | 002,106,176 | ---- | M] (Microsoft Corporation) MD5=EAFE46B0292D2BD2467835E2ACF717CC -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16628_none_b517df2b37ad1bdc\explorer.exe
< MD5 for: EXPLORER.EXE.MUI >
[2012/07/27 11:48:56 | 000,020,480 | ---- | M] (Microsoft Corporation) MD5=C25D32FEDB5AA6FF87B5A29D56D35FFA -- C:\Windows\en-US\explorer.exe.mui
[2012/07/27 11:48:56 | 000,020,480 | ---- | M] (Microsoft Corporation) MD5=C25D32FEDB5AA6FF87B5A29D56D35FFA -- C:\Windows\SysWOW64\en-US\explorer.exe.mui
[2012/07/27 11:48:56 | 000,020,480 | ---- | M] (Microsoft Corporation) MD5=C25D32FEDB5AA6FF87B5A29D56D35FFA -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.2.9200.16384_en-us_5ebc2e81fd6600eb\explorer.exe.mui
[2012/07/27 11:48:56 | 000,020,480 | ---- | M] (Microsoft Corporation) MD5=C25D32FEDB5AA6FF87B5A29D56D35FFA -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.2.9200.16384_en-us_6910d8d431c6c2e6\explorer.exe.mui
< MD5 for: EXPLORER.EXE-03C49D11.PF >
[2013/12/14 09:40:05 | 000,309,222 | ---- | M] () MD5=0BAD2255AAAC2CBD2044BB0E82B0375C -- C:\Windows\Prefetch\EXPLORER.EXE-03C49D11.pf
< MD5 for: IEXPLORE.EXE >
[2013/02/21 21:11:26 | 000,770,624 | ---- | M] (Microsoft Corporation) MD5=0A1FC149D1F01AEE5D66D42953CDD751 -- C:\Windows\SoftwareDistribution\Download\e7d7359e163197c3bb6b9f64b7f5f2b4\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20861_none_2b57ad3f3a4a8d28\iexplore.exe
[2013/12/09 21:59:41 | 000,000,383 | ---- | M] () MD5=0BBBFC77692B6FDFFADA960CED87E88A -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16721_none_37d7784cec3dea2b\iexplore.exe
[2013/12/09 22:13:41 | 000,005,022 | ---- | M] () MD5=15285DA4D8C5994C1B41C0564E1683DF -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20544_none_2b75d8173a34538a\iexplore.exe
[2013/12/09 22:13:39 | 000,005,080 | ---- | M] () MD5=35A907451398D52B68F195740E3CFF34 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16442_none_424e7c2f2084a4a2\iexplore.exe
[2013/12/09 22:13:40 | 000,005,024 | ---- | M] () MD5=3756BBC053446775A3B1E617A95BD474 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20534_none_2b74d7cd3a353a33\iexplore.exe
[2013/12/09 21:59:41 | 000,005,635 | ---- | M] () MD5=5902A61FFA2DD774411669DF82C64C8A -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16442_none_37f9d1dcec23e2a7\iexplore.exe
[2013/02/21 22:59:57 | 000,775,216 | ---- | M] (Microsoft Corporation) MD5=6554208814632C25C77EE02355EB8E95 -- C:\Program Files\Internet Explorer\iexplore.exe
[2013/02/21 22:59:57 | 000,775,216 | ---- | M] (Microsoft Corporation) MD5=6554208814632C25C77EE02355EB8E95 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16736_none_37d806aeec3d83a7\iexplore.exe
[2013/02/21 22:59:57 | 000,775,216 | ---- | M] (Microsoft Corporation) MD5=6554208814632C25C77EE02355EB8E95 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16750_none_37da8ff2ec3b1c8f\iexplore.exe
[2013/10/19 09:17:02 | 000,003,063 | ---- | M] () MD5=69EBD0D48B8A75FA3E1C02EFEA7ED3F6 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20831_none_2100020f05ec7f28\iexplore.exe
[2013/12/09 21:59:43 | 000,003,063 | ---- | M] () MD5=797E1B68F4792C1730FA9348F8E3A084 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20848_none_210062e105ec4be6\iexplore.exe
[2013/12/09 21:59:42 | 000,006,230 | ---- | M] () MD5=7B7AC19EAF543CA6A144ACF3EA32FA35 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20534_none_21202d7b05d47838\iexplore.exe
[2013/12/09 22:13:38 | 000,005,019 | ---- | M] () MD5=85DE852750B7E18FF94E96B8F901915E -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16433_none_424d651d2085a4ec\iexplore.exe
[2013/12/09 21:59:42 | 000,005,624 | ---- | M] () MD5=B6D2CC70828E39EEBD6C0024551CD8AD -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20544_none_21212dc505d3918f\iexplore.exe
[2013/12/09 22:13:37 | 000,006,706 | ---- | M] () MD5=C432913671052DFB35E7314E8AB7B401 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16384_none_425d1fb32079214f\iexplore.exe
[2013/10/19 09:22:34 | 000,005,039 | ---- | M] () MD5=C519CF38DBB1446DABD8088D7551A04C -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20831_none_2b54ac613a4d4123\iexplore.exe
[2013/12/09 22:13:42 | 000,005,039 | ---- | M] () MD5=C7598F3C041C9774998703BDA9E917F7 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20848_none_2b550d333a4d0de1\iexplore.exe
[2013/12/09 21:59:40 | 000,006,281 | ---- | M] () MD5=CB385845643B4915019458641A5D4218 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16433_none_37f8bacaec24e2f1\iexplore.exe
[2013/02/21 21:28:11 | 000,770,608 | ---- | M] (Microsoft Corporation) MD5=E4F6125ED5185F8FA37CC4F449B85526 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
[2013/02/21 21:28:11 | 000,770,608 | ---- | M] (Microsoft Corporation) MD5=E4F6125ED5185F8FA37CC4F449B85526 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16736_none_422cb101209e45a2\iexplore.exe
[2013/02/21 21:28:11 | 000,770,608 | ---- | M] (Microsoft Corporation) MD5=E4F6125ED5185F8FA37CC4F449B85526 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16750_none_422f3a45209bde8a\iexplore.exe
[2013/02/21 23:13:16 | 000,775,216 | ---- | M] (Microsoft Corporation) MD5=E61732C1203A6BCA2FFB91022CA48AC6 -- C:\Windows\SoftwareDistribution\Download\e7d7359e163197c3bb6b9f64b7f5f2b4\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20861_none_210302ed05e9cb2d\iexplore.exe
[2013/12/09 21:59:40 | 000,006,786 | ---- | M] () MD5=EBFA172A97D1F456A5A3ABAA432A5110 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16384_none_38087560ec185f54\iexplore.exe
[2013/12/09 22:13:39 | 000,000,400 | ---- | M] () MD5=F878D938F23804AA5BBA8C8502CD7A70 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16721_none_422c229f209eac26\iexplore.exe
< MD5 for: IEXPLORE.EXE.MUI >
[2012/07/27 11:49:06 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C724BBF739D40D8AA3023943F3450A7 -- C:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui
[2012/07/27 11:49:06 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C724BBF739D40D8AA3023943F3450A7 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2012/07/27 11:49:06 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C724BBF739D40D8AA3023943F3450A7 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_10.0.9200.16384_en-us_31b50ad823c5a03b\iexplore.exe.mui
[2012/07/27 11:49:06 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C724BBF739D40D8AA3023943F3450A7 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_10.0.9200.16384_en-us_3c09b52a58266236\iexplore.exe.mui
< MD5 for: IEXPLORE.EXE-7A9337F2.PF >
[2013/12/11 23:36:40 | 000,080,538 | ---- | M] () MD5=5A4092B1F1D6D6185B97CD326CCFFAAF -- C:\Windows\Prefetch\IEXPLORE.EXE-7A9337F2.pf
< MD5 for: IEXPLORE.EXE-F4FB5D2F.PF >
[2013/12/11 23:36:40 | 000,077,260 | ---- | M] () MD5=C412DD7C11AF97D328AF2B69843CA24B -- C:\Windows\Prefetch\IEXPLORE.EXE-F4FB5D2F.pf
< MD5 for: SERVICES >
[2012/07/27 09:26:46 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\WinSxS\amd64_microsoft-windows-w..ucture-other-minwin_31bf3856ad364e35_6.2.9200.16384_none_8e0944daeed62829\services
< MD5 for: SERVICES.EXE >
[2013/08/02 09:11:53 | 000,001,252 | ---- | M] () MD5=883B95BC5994BA69B5F35948D0F836AE -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.2.9200.20521_none_98a9ea2e9f571eb2\services.exe
[2012/09/20 16:33:46 | 000,410,624 | ---- | M] (Microsoft Corporation) MD5=8F226143046435C75C033B0C52E90FFE -- C:\Windows\SysNative\services.exe
[2012/09/20 16:33:46 | 000,410,624 | ---- | M] (Microsoft Corporation) MD5=8F226143046435C75C033B0C52E90FFE -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.2.9200.16420_none_981f4d19863a6591\services.exe
[2013/08/02 09:11:53 | 000,038,189 | ---- | M] () MD5=A6D165BBE1549EED8931DB274463B220 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.2.9200.16384_none_97e26cd38667756c\services.exe
< MD5 for: SERVICES.EXE.MUI >
[2012/07/27 11:48:32 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=8BCB19134E995FA62587DCE26E13B36C -- C:\Windows\SysNative\en-US\services.exe.mui
[2012/07/27 11:48:32 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=8BCB19134E995FA62587DCE26E13B36C -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.2.9200.16384_en-us_c2c6ee7bafb963b8\services.exe.mui
< MD5 for: SERVICES.JS >
[2013/07/19 14:25:27 | 000,052,388 | ---- | M] () MD5=170AC4B9F3DC60E0D38D7CC307CEFD12 -- C:\Program Files\WindowsApps\Microsoft.BingSports_2.0.0.310_x64__8wekyb3d8bbwe\common\js\services.js
[2012/07/27 11:55:34 | 000,056,775 | ---- | M] () MD5=33C1E65B760A9589F6DE37F64941E449 -- C:\Program Files\WindowsApps\Microsoft.BingFinance_1.2.0.135_x64__8wekyb3d8bbwe\platform\js\services.js
[2012/07/27 11:56:28 | 000,056,775 | ---- | M] () MD5=33C1E65B760A9589F6DE37F64941E449 -- C:\Program Files\WindowsApps\Microsoft.BingNews_1.2.0.135_x64__8wekyb3d8bbwe\platform\js\services.js
[2012/07/27 11:57:06 | 000,056,775 | ---- | M] () MD5=33C1E65B760A9589F6DE37F64941E449 -- C:\Program Files\WindowsApps\Microsoft.BingSports_1.2.0.135_x64__8wekyb3d8bbwe\platform\js\services.js
[2012/07/27 11:57:28 | 000,056,775 | ---- | M] () MD5=33C1E65B760A9589F6DE37F64941E449 -- C:\Program Files\WindowsApps\Microsoft.BingTravel_1.2.0.145_x64__8wekyb3d8bbwe\platform\js\services.js
[2012/07/27 11:57:56 | 000,056,775 | ---- | M] () MD5=33C1E65B760A9589F6DE37F64941E449 -- C:\Program Files\WindowsApps\Microsoft.BingWeather_1.2.0.135_x64__8wekyb3d8bbwe\platform\js\services.js
[2012/09/21 08:48:20 | 000,004,761 | ---- | M] () MD5=9D136FCA750DBB05B52AB77A35D536D6 -- C:\Program Files\WindowsApps\ChaChaSearch.ChaChaPushNotification_1.0.0.32_neutral__62vv7yjt7tgyp\js\services.js
< MD5 for: SERVICES.LNK >
[2012/07/27 00:19:36 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2012/07/27 00:19:36 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2012/07/27 00:19:36 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.2.9200.16384_none_282d8a08cf7f1ada\services.lnk
< MD5 for: SERVICES.MOF >
[2012/06/03 18:35:04 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2012/06/03 18:35:04 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.2.9200.16384_none_282967cc570d3701\services.mof
< MD5 for: SERVICES.MSC >
[2012/07/27 11:48:56 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\SysNative\en-US\services.msc
[2012/07/27 02:56:28 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\SysNative\services.msc
[2012/07/27 11:48:56 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\SysWOW64\en-US\services.msc
[2012/07/27 02:53:16 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\SysWOW64\services.msc
[2012/07/27 11:48:56 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.2.9200.16384_en-us_fd08be678622fdab\services.msc
[2012/07/27 02:56:28 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.2.9200.16384_none_282d8a08cf7f1ada\services.msc
[2012/07/27 02:53:16 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\wow64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.2.9200.16384_none_3282345b03dfdcd5\services.msc
[2012/07/27 11:48:56 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.2.9200.16384_en-us_a0ea22e3cdc58c75\services.msc
< MD5 for: SERVICES.PTXML >
[2012/07/27 00:30:54 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2012/07/27 00:30:54 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.2.9200.16384_none_282967cc570d3701\Services.ptxml
< MD5 for: SERVICES.RDB >
[2013/02/01 08:43:26 | 000,181,106 | ---- | M] () MD5=25969B6B8B4649BB92377EE96E90F857 -- C:\Program Files (x86)\LibreOffice 4.0\program\services\services.rdb
[2013/01/31 19:02:04 | 000,008,380 | ---- | M] () MD5=9476D2201F375E09198A790D322F9A68 -- C:\Program Files (x86)\LibreOffice 4.0\URE\misc\services.rdb
< MD5 for: WINLOGON.ADML >
[2012/07/27 11:49:04 | 000,008,017 | ---- | M] () MD5=C270056255498A723E7331EFF1AA162F -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.2.9200.16384_en-us_edcdb8ec66a62fc0\WinLogon.adml
< MD5 for: WINLOGON.ADMX >
[2012/07/27 00:21:02 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-adm_31bf3856ad364e35_6.2.9200.16384_none_d3d704270306719d\WinLogon.admx
< MD5 for: WINLOGON.EXE >
[2013/08/03 09:40:34 | 000,053,889 | ---- | M] () MD5=8DA453BB1CD8AD4FB4179F71BBD85504 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16384_none_c88ca87b5eb5b1ec\winlogon.exe
[2013/08/03 09:40:36 | 000,001,620 | ---- | M] () MD5=B9DE996C016AC10F82E143AEC5451212 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20534_none_c94c56c877aac328\winlogon.exe
[2012/10/11 15:46:58 | 000,517,120 | ---- | M] (Microsoft Corporation) MD5=BCF2036A0DD579E47C008C133550283E -- C:\Windows\SysNative\winlogon.exe
[2012/10/11 15:46:58 | 000,517,120 | ---- | M] (Microsoft Corporation) MD5=BCF2036A0DD579E47C008C133550283E -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16433_none_c8c1b9b35e8e0a07\winlogon.exe
[2013/08/03 09:40:35 | 000,053,876 | ---- | M] () MD5=C66B22CE54CCDB994A42A7FA7EC61CFD -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16420_none_c8c988c15e88a211\winlogon.exe
[2013/08/03 09:40:35 | 000,053,884 | ---- | M] () MD5=E9CA2039AF876323D7C0BA270F922D70 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20521_none_c95425d677a55b32\winlogon.exe
< MD5 for: WINLOGON.EXE.MUI >
[2012/07/27 11:48:50 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=B9094B7088CD579E5AED57A693F9BFBD -- C:\Windows\SysNative\en-US\winlogon.exe.mui
[2012/07/27 11:48:50 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=B9094B7088CD579E5AED57A693F9BFBD -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.2.9200.16384_en-us_23c238ef8ddaa831\winlogon.exe.mui
< MD5 for: WINLOGON.EXE-0D9AB72B.PF >
[2013/12/14 21:31:34 | 000,027,140 | ---- | M] () MD5=7134357FA18E6BDFF0C962794E8C6884 -- C:\Windows\Prefetch\WINLOGON.EXE-0D9AB72B.pf
< MD5 for: WINLOGON.MFL >
[2012/07/27 11:48:52 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\SysNative\wbem\en-US\winlogon.mfl
[2012/07/27 11:48:52 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.2.9200.16384_en-us_81848abaa91301c6\winlogon.mfl
< MD5 for: WINLOGON.MOF >
[2012/07/27 00:30:22 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\SysNative\wbem\winlogon.mof
[2012/07/27 00:30:22 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.2.9200.16384_none_d9027134ffac135f\winlogon.mof
< %SYSTEMDRIVE%\*.* >
[2013/12/17 19:08:11 | 000,005,208 | ---- | M] () -- C:\autoupdate.log
[2013/06/22 06:56:50 | 000,008,755 | -H-- | M] () -- C:\BackupSys.log
[2012/07/27 12:18:42 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT
[2013/10/17 22:52:04 | 000,000,000 | ---- | M] () -- C:\end
[2013/12/11 17:08:17 | 2479,013,887 | -HS- | M] () -- C:\hiberfil.sys
[2013/12/11 17:08:18 | 2080,374,784 | -HS- | M] () -- C:\pagefile.sys
[2013/05/31 12:58:56 | 295,226,697 | RHS- | M] () -- C:\pcRestore.sys
[2012/09/28 08:34:36 | 000,000,000 | ---- | M] () -- C:\Recovery.txt
[2013/12/11 17:08:20 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
< %systemroot%\Fonts\*.com >
[2012/09/01 08:33:36 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2012/09/01 08:33:36 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2012/09/01 08:33:36 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2012/09/01 08:33:36 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2012/07/27 12:13:02 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
[2012/07/27 12:13:00 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C is Acer
Volume Serial Number is 180A-BD8D
Directory of C:\
22/06/2013 06:55 AM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
22/06/2013 06:55 AM <JUNCTION> Application Data [C:\ProgramData]
22/06/2013 06:55 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
22/06/2013 06:55 AM <JUNCTION> Documents [C:\Users\Public\Documents]
22/06/2013 06:55 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
22/06/2013 06:55 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
22/06/2013 06:55 AM <SYMLINKD> All Users [C:\ProgramData]
22/06/2013 06:55 AM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
22/06/2013 06:55 AM <JUNCTION> Application Data [C:\ProgramData]
22/06/2013 06:55 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
22/06/2013 06:55 AM <JUNCTION> Documents [C:\Users\Public\Documents]
22/06/2013 06:55 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
22/06/2013 06:55 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default
22/06/2013 06:55 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
22/06/2013 06:55 AM <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
22/06/2013 06:55 AM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
22/06/2013 06:55 AM <JUNCTION> My Documents [C:\Users\Default\Documents]
22/06/2013 06:55 AM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
22/06/2013 06:55 AM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
22/06/2013 06:55 AM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
22/06/2013 06:55 AM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
22/06/2013 06:55 AM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
22/06/2013 06:55 AM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
22/06/2013 06:55 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
22/06/2013 06:55 AM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
22/06/2013 06:55 AM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
22/06/2013 06:55 AM <JUNCTION> My Music [C:\Users\Default\Music]
22/06/2013 06:55 AM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
22/06/2013 06:55 AM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
22/06/2013 06:55 AM <JUNCTION> My Music [C:\Users\Public\Music]
22/06/2013 06:55 AM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
22/06/2013 06:55 AM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\radiorentals
22/06/2013 06:55 AM <JUNCTION> Application Data [C:\Users\radiorentals\AppData\Roaming]
22/06/2013 06:55 AM <JUNCTION> Cookies [C:\Users\radiorentals\AppData\Roaming\Microsoft\Windows\Cookies]
22/06/2013 06:55 AM <JUNCTION> Local Settings [C:\Users\radiorentals\AppData\Local]
22/06/2013 06:55 AM <JUNCTION> My Documents [C:\Users\radiorentals\Documents]
22/06/2013 06:55 AM <JUNCTION> NetHood [C:\Users\radiorentals\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
22/06/2013 06:55 AM <JUNCTION> PrintHood [C:\Users\radiorentals\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
22/06/2013 06:55 AM <JUNCTION> Recent [C:\Users\radiorentals\AppData\Roaming\Microsoft\Windows\Recent]
22/06/2013 06:55 AM <JUNCTION> SendTo [C:\Users\radiorentals\AppData\Roaming\Microsoft\Windows\SendTo]
22/06/2013 06:55 AM <JUNCTION> Start Menu [C:\Users\radiorentals\AppData\Roaming\Microsoft\Windows\Start Menu]
22/06/2013 06:55 AM <JUNCTION> Templates [C:\Users\radiorentals\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\radiorentals\AppData\Local
22/06/2013 06:55 AM <JUNCTION> Application Data [C:\Users\radiorentals\AppData\Local]
22/06/2013 06:55 AM <JUNCTION> History [C:\Users\radiorentals\AppData\Local\Microsoft\Windows\History]
22/06/2013 06:55 AM <JUNCTION> Temporary Internet Files [C:\Users\radiorentals\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\radiorentals\Documents
22/06/2013 06:55 AM <JUNCTION> My Music [C:\Users\radiorentals\Music]
22/06/2013 06:55 AM <JUNCTION> My Pictures [C:\Users\radiorentals\Pictures]
22/06/2013 06:55 AM <JUNCTION> My Videos [C:\Users\radiorentals\Videos]
0 File(s) 0 bytes
Directory of C:\Users\UpdatusUser
22/06/2013 06:55 AM <JUNCTION> Application Data [C:\Users\UpdatusUser\AppData\Roaming]
22/06/2013 06:55 AM <JUNCTION> Cookies [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Cookies]
22/06/2013 06:55 AM <JUNCTION> Local Settings [C:\Users\UpdatusUser\AppData\Local]
22/06/2013 06:55 AM <JUNCTION> My Documents [C:\Users\UpdatusUser\Documents]
22/06/2013 06:55 AM <JUNCTION> NetHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
22/06/2013 06:55 AM <JUNCTION> PrintHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
22/06/2013 06:55 AM <JUNCTION> Recent [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Recent]
22/06/2013 06:55 AM <JUNCTION> SendTo [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\SendTo]
22/06/2013 06:55 AM <JUNCTION> Start Menu [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu]
22/06/2013 06:55 AM <JUNCTION> Templates [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\UpdatusUser\AppData\Local
22/06/2013 06:55 AM <JUNCTION> Application Data [C:\Users\UpdatusUser\AppData\Local]
22/06/2013 06:55 AM <JUNCTION> History [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\History]
22/06/2013 06:55 AM <JUNCTION> Temporary Internet Files [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\UpdatusUser\Documents
22/06/2013 06:55 AM <JUNCTION> My Music [C:\Users\UpdatusUser\Music]
22/06/2013 06:55 AM <JUNCTION> My Pictures [C:\Users\UpdatusUser\Pictures]
22/06/2013 06:55 AM <JUNCTION> My Videos [C:\Users\UpdatusUser\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
64 Dir(s) 141,024,362,496 bytes free
< %systemroot%\System32\config\*.sav >
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2013/05/30 04:04:56 | 000,000,223 | -HS- | M] () -- C:\Users\radiorentals\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
< %USERPROFILE%\Desktop\*.exe >
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< End of report >
Extras.Txt:
OTL Extras logfile created on: 17/12/2013 7:54:53 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\radiorentals\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16736)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
7.89 Gb Total Physical Memory | 6.05 Gb Available Physical Memory | 76.75% Memory free
9.82 Gb Paging File | 7.11 Gb Available in Paging File | 72.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 454.95 Gb Total Space | 131.93 Gb Free Space | 29.00% Space Free | Partition Type: NTFS
Drive D: | 455.63 Gb Total Space | 455.48 Gb Free Space | 99.97% Space Free | Partition Type: NTFS
Computer Name: RR | User Name: radiorentals | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{092AAE9C-8DCD-4572-B579-2FC05C5D8787}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0BFFE5D6-0A52-4E0F-B51A-A32F316013A9}" = lport=445 | protocol=6 | dir=in | app=system |
"{1B8FCF44-BC61-4AD6-A6C4-C2FA0EE2D00B}" = lport=138 | protocol=17 | dir=in | app=system |
"{1CE97ED8-BE0F-4498-AE34-2CC405B2BD4A}" = rport=139 | protocol=6 | dir=out | app=system |
"{1D7FB720-219B-46CD-A65A-4BAB313783A4}" = rport=445 | protocol=6 | dir=out | app=system |
"{37EBA3E0-EC8F-476C-B90B-603DA98F9C47}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4534038C-F99C-4CC9-9839-AC81DE0B3C7A}" = rport=2869 | protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{473616AB-13CA-40B7-AB75-E32A5F9F54F3}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{4F122EA2-B7B7-467C-8094-AC3262C4750A}" = rport=137 | protocol=17 | dir=out | app=system |
"{568ACEEC-9ECD-489D-BB38-4F11CAF5414C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{58DB42D8-E1C4-477E-A425-04CC5BE87AE1}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{75DEA031-E1F8-4AED-90D1-97800506E277}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B31EC707-00F9-4FD1-A23C-02B59E6E0567}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B97BE606-2560-46D9-9C01-200495991912}" = rport=138 | protocol=17 | dir=out | app=system |
"{C392A2C5-E111-4A68-A576-7745D00B02CC}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{C8E6B86A-9BC6-4A98-BC59-1F5E1A6ED434}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D7287703-4A56-422C-BA48-2FDC17DAE1E5}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\dashost.exe |
"{DEC68C17-A065-48F4-95B2-A89B5C4B76C7}" = lport=137 | protocol=17 | dir=in | app=system |
"{E2DDFAFD-31F5-4398-ABC1-C20298A63268}" = lport=139 | protocol=6 | dir=in | app=system |
"{E89C5F06-A8C2-484C-B28A-ACCA66456254}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{EB24FB8A-A03B-4C30-8F19-543475422F76}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{EB2DC6C7-A14F-48C3-B1E0-64DAA5146E7E}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{FC9C19E1-443A-4898-8CAB-7361E402F330}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{031C6EDF-5718-4912-9E40-0988B7172A49}" = protocol=17 | dir=in | app=c:\users\radiorentals\appdata\roaming\utorrent\utorrent.exe |
"{0469CAD7-187B-4F4F-B45F-9429377FCB4A}" = dir=out | name=chacha |
"{06830D49-1863-4CAB-9E94-F39F002A6876}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe |
"{09854C07-E3C1-4C6D-BAE9-3F4DC468264C}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe |
"{0C53692A-F96E-433F-869B-A0066926F22F}" = dir=out | name=ebay |
"{0E1C4B55-A8F1-4FD7-A06C-4702F23B8397}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer cloud\ccd.exe |
"{11C5734D-E0C5-486D-9CC3-D232345FCE16}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{12767F6B-C670-4852-B03F-BC37D91CEDD9}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk21\movie\playmovie.exe |
"{129F5899-1898-42E0-8880-5EBCEA4BE596}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{17CCFA90-D870-418F-AE06-5ABDBEE381DB}" = dir=out | name=acer explorer |
"{1B81D413-8152-4A0C-A667-50E5F4418FCC}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{1C7C01DB-D8B9-4C96-8352-D0A2681C2B47}" = dir=in | name=kindle |
"{1D8F55C0-6250-4A09-97B4-15B9B6605BD4}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{23AC80E4-67DA-4BA9-924B-A67A167F9F2C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe |
"{287D1487-4DB8-4793-A8A0-400A3CFB8FBA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{28A8673B-3DFB-41CF-BDAB-CA21BDE6C5D3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead island\deadislandgame.exe |
"{2C3233CD-CFAD-458F-BB90-970AE6D47249}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3_d3d11.exe |
"{2D2186C1-5AE6-468C-8DDE-61B69E7EFDF0}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{3217FA65-50A0-4E9C-BE47-A6B6D4B55544}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{388D9511-8844-44C4-93BA-098089137B1B}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe |
"{3EF1B6D2-3CF3-4356-A666-3AD08F3913AB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\godmode\bin\godmode.exe |
"{3F3F99AB-47F0-4B4A-B0C8-4F968A28CBA9}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{489167B9-4654-4C88-B474-113C0D45B5BD}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{48F21782-2950-4D69-B43C-B1EB12EAEB9C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stalker call of pripyat\stalker-cop.exe |
"{4A6EE324-ED3A-4A42-B769-5BF003889E74}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{4C25B2E5-5430-4BDD-870C-98AF81F72E58}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4D1A0A1E-1CDA-4D51-A30A-F002A77822E3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\godmode\bin\godmode.exe |
"{4E8D657A-C313-4602-8442-F15D044E2648}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{50E37391-0560-4429-B2F2-0F25F93E0E27}" = dir=out | name=icookbook se |
"{5F414391-3807-4FA3-B77C-5026905AA3BC}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{6025482B-0764-4339-9E8F-B10FAA8B2685}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe |
"{6114FE27-7636-425F-8064-46D903F8F934}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\fc3updatersteam.exe |
"{6182D285-51D0-410B-8B6A-382C8C8F8FF4}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{624E9E2F-310D-467C-A61F-4A44F7284D19}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"{65A994A2-BDCA-4312-A311-A39A64EEB233}" = dir=out | name=newsxpresso metro |
"{68E0867D-C893-4D0F-9A03-120E9FF63E28}" = dir=out | name=skitch |
"{68FA3151-0B78-4403-84FB-D95C16E3BD9F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{6B514138-9316-4199-82B7-4F6D9642A281}" = dir=out | name=encyclopaedia britannica |
"{6BBFB87F-BF92-4BF4-810A-C8FD21933E70}" = dir=in | name=amazon for windows |
"{6D49D253-980A-400C-9FDE-3454C0E5C527}" = dir=out | name=microsoft mahjong |
"{6F4D2484-E18A-46B1-9C8B-2167342CFB6F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6F52FAD1-3720-4E29-9C87-022BC3B42DA1}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{73CB82DC-E698-4200-99F6-0460BB2BCA0A}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer cloud\ccd.exe |
"{781CDAEC-555B-48C2-9606-E38C430C4121}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe |
"{790305B0-63A5-41CB-A915-90ABF9F37906}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magicka\magicka.exe |
"{7FA0BA77-0A75-46E9-99F6-9B8332AE525F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{7FDC2DC5-D1F0-4477-BE07-16FA59CCB740}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{826964F0-0758-40EC-9D1D-3ED43056F462}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{838EF8F6-A62B-4833-A2CF-1CD435D9A773}" = dir=out | name=taptiles |
"{8857F330-1D45-4633-BA3B-B2DFD91AF838}" = dir=out | name=kindle |
"{8D285CAB-760E-435B-A122-3580DAA237C8}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{8F3FFAAB-99B8-4B52-8613-3ED4A5F45AE1}" = dir=in | name=skype |
"{9027C0EB-264A-42CB-8C84-D550868ACA26}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{91D2B542-EFCD-47AA-9FB9-101FF0AD2693}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{94984112-B8D6-4E3C-8818-11C3371C9085}" = dir=out | name=amazon for windows |
"{9AF985B7-EEE5-468A-8B07-1F49FF8D04DA}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{9FAB56B5-AB73-4B60-A125-0DA1B9F7171F}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{A0C3D60C-F1D8-49D1-B049-6BBA6D98D7C9}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{A228C2B6-7F82-4D70-AC67-41D98D6EAC2C}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk21\video\musicplayer.exe |
"{A3678D5E-B880-480F-BB66-7EE6CE56D495}" = dir=in | name=evernote |
"{A431D5C5-C966-44ED-8288-5E5C6EE94CE1}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{ADE2C9E6-011D-4070-A1D9-FABE3E33A5ED}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3.exe |
"{AEB9CD6F-DBCD-43D2-A1EB-475E011575C6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\farcry3.exe |
"{AF961704-6EAC-43E2-8A78-23E4E09FD577}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{B21E2DDF-68CE-4B96-8C2D-3452DFE4BE11}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{B37C4411-B211-456A-AECA-2CF6CF6FCA10}" = dir=out | name=skype |
"{B3C3283A-268A-46A1-A4C7-D1BA634FFAD5}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{B8756CCC-33D6-4A21-9B2C-2BB20BF82BAC}" = dir=out | name=evernote |
"{B8E5A620-2A2D-448F-B344-BA3AF972EFCE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{BAF8ABD4-D837-47EB-953A-1666C2E90644}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\far cry 3\bin\fc3updatersteam.exe |
"{BBA26386-88A4-4330-9DE2-AE2F56A80B0F}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe |
"{BBB18081-6EE6-48C0-9018-2CB7CE8EBF5D}" = dir=out | name=stumbleupon |
"{BC89A05F-74A7-4C62-B9BA-EE7E35155D0F}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{BD5E1335-449C-4E81-8785-B8C3F14FAB0F}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe |
"{BDCA1E58-BD32-48CC-B591-15BCBB1FD955}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{BDFB1380-BB3F-4214-B7A6-B07CCC4A687A}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk21\video\videoplayer.exe |
"{C01848ED-BF64-483B-9DB3-D791F3451C13}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{C1CCD1C2-E8D2-4E66-91B5-D7058F7D444A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead island\deadislandgame.exe |
"{C35CD997-5AE9-47DC-B035-BF08FF7C434A}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{C4A2885E-867F-4F35-BC67-156620AF6EDA}" = dir=in | name=ebay |
"{C51BC4BF-BACB-42B6-A989-1252C1CA1F48}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{C86925EB-B769-4E30-9093-4B87A72339BC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe |
"{CA3783B5-435F-4202-AA91-3BC50C402DEF}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"{D1A11C0D-CD0C-420F-B9AB-E7A8AF1D90C0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stalker call of pripyat\stalker-cop.exe |
"{D60E133E-6355-429A-9365-695BFC8B92AB}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{D71A462E-D422-4216-8363-C262AF2C1BCE}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{D7E794FD-420D-4B05-8C90-AF7D5FE0FB69}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{D81923FF-8F77-4EB3-A475-1A3C4855D438}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{DA4D6209-8A01-4834-9BA3-D8808042AA86}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{DA8AA6CA-871A-4F7A-AF7F-8C99C70AA8A7}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DAAD4191-73C7-4336-8C9B-731742D1DDF7}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{DE8EC374-F381-4385-AC90-B3CA4C29C2DC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{DED2A2EA-BA93-4136-91BC-E58EC510FA64}" = dir=out | name=weatherbug |
"{E6457560-378C-48C4-BA52-4EE7B48B8703}" = protocol=6 | dir=in | app=c:\users\radiorentals\appdata\roaming\utorrent\utorrent.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E854B449-4E04-4282-8492-90489986E868}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{E868050A-3E2E-455D-8B1F-7357606F1438}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magicka\magicka.exe |
"{E8A3C85D-D885-42B8-951F-00641A34CC18}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{F0EF1C8D-9027-4B92-B51D-096B5ACF63FD}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe |
"{F22C5610-E746-4A94-816B-E3D1558B67CA}" = dir=out | name=tunein radio |
"{F3E6744B-5AD4-4379-9A3E-80C3F6663E27}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{F56ABFB1-76F6-467A-9577-401DEAC1B851}" = dir=out | name=7digital music store |
"{F63FCF2E-620E-41E1-A9C4-0D6B5CCF6C5D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{F7BB4CE1-A529-4BC9-96AD-9A9E8491E659}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{FA95115A-CA6F-414A-A99E-7F53C7BC31F2}" = dir=out | name=windows_ie_ac_001 |
"TCP Query User{2A7C0266-F588-4822-9B86-8E9EBA054CE4}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{56A40565-4138-4951-B96C-7A23FE7BA64D}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"TCP Query User{829C7202-8ADD-424B-B2BB-C569444AE509}C:\users\radiorentals\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\radiorentals\appdata\roaming\spotify\spotify.exe |
"TCP Query User{A097E0C9-946A-4AA7-A40B-698A9C69DE4E}C:\programdata\battle.net\agent\agent.524\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"TCP Query User{A9CEB0FC-5D4C-4CC4-AA02-1CFFF351BB3B}C:\program files (x86)\diablo iii\diablo iii.exe" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"TCP Query User{CD5D0DD0-9017-4525-8BCF-98EA50500ADD}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"TCP Query User{EC10AE13-5303-4019-8452-C7D0D43FCDF6}C:\program files (x86)\saints row iv\saintsrowiv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\saints row iv\saintsrowiv.exe |
"UDP Query User{376081E0-1AC9-4AA8-A4C8-436E0326030E}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"UDP Query User{3FF069DE-DF16-411F-BC4D-3173F04B7B99}C:\programdata\battle.net\agent\agent.524\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"UDP Query User{8F1FA73A-03D7-4704-A2B8-6C31A630CBFA}C:\program files (x86)\diablo iii\diablo iii.exe" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"UDP Query User{94C36BCE-723E-4028-9208-1DCA1F410EE5}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"UDP Query User{9DFEA123-07A8-40CC-99A0-31FE068C57D7}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{CAC101AC-EE18-42CF-B57A-5FB3556F2220}C:\users\radiorentals\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\radiorentals\appdata\roaming\spotify\spotify.exe |
"UDP Query User{CB517EA2-EEB9-4ACB-83D3-FC4D3054EAF5}C:\program files (x86)\saints row iv\saintsrowiv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\saints row iv\saintsrowiv.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}" = Acer Recovery Management
"{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}" = MyWinLocker
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{91F52DE4-B789-42B0-9311-A349F10E5479}" = Acer Power Management
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 305.46
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 305.46
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{CB00799C-0E4F-4FD1-A046-BD24321BCDFF}" = Classic Shell
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240D7}" = WinZip 17.0
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"{F73A118B-8271-47E2-8790-0C636B2539C5}" = iTunes
"CCleaner" = CCleaner
"lucky leap" = lucky leap 1.0.0
"McAfee Security Scan" = McAfee Security Scan Plus
"WinRAR archiver" = WinRAR 5.00 beta 8 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0708FF30-78C0-47B0-81F0-C84604DC769C}" = Nero Express Help (CHM)
"{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse 2.0
"{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}" = Nero Launcher
"{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java 6 Update 29
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros WiFi Driver Installation
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{35DA427D-BB23-49B8-9AFD-CFFCFE3B708D}" = clear.fi SDK- Movie 2
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{39F15B50-A977-4CA6-B1C3-6A8724CDA025}" = MyWinLocker 4
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{3D9CB654-99AD-4301-89C6-0D12A790767C}" = Identity Card
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{40580068-9B10-40B5-9548-536CE88AB23C}" = ITE Infrared Transceiver
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B145183-E986-4585-ADDF-0C73DB575112}" = PointGrab Hand Gesture Control
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{699D0EFA-5AC2-4DAB-846E-E4EFDA00ACAC}" = IR App
"{6D2BBE1D-E600-4695-BA37-0B0E605542CC}" = Office Addin
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}" = Nero Express
"{85DDD163-47A4-4751-A9F7-61CC86F8EE9C}" = CtrlPanel
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8EA569F1-97AF-4C3E-A0CB-4846C2D35A81}" = LibreOffice 4.0.0.3
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{92586A21-3E08-4055-B413-8ACCAAB50A42}" = PointGrab Hand Gesture Control Tutorial
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{99C28455-E285-4639-B4C6-9F747C0C3D4C}" = DayZ Commander
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9BF0D9FE-9893-4647-81B9-17B7BEA4E6FD}" = Nero 12 Essentials OEM.a01
"{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}" = AcerCloud
"{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel® Manageability Engine Firmware Recovery Agent
"{A6DC88AD-501A-44BC-884D-57435F972E2C}" = Hotkey Utility
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{B5AD89F2-03D3-4206-8487-018298007DD0}" = clear.fi Photo
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}" = AcerCloud Docs
"{DFD1F64D-2AF0-4CE2-9752-D701E80F8D1C}" = AVerMedia TV Player
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso 6.5
"{E9AF1707-3F3A-49E2-8345-4F2D629D0876}" = clear.fi Media
"{EBA33CAD-E071-48d5-A168-FBA4EEB42E93}" = clear.fi SDK - Video 2
"{EE26E302-876A-48D9-9058-3129E5B99999}" = Live Updater
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® SDK for OpenCL - CPU Only Runtime Package
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AVerMedia A373 MiniCard Dual DVB-T" = AVerMedia A373 MiniCard Dual DVB-T 2.3.64.23
"BattlEye for OA" = BattlEye for OA Uninstall
"delta" = Delta toolbar
"Delta Chrome Toolbar" = Delta Chrome Toolbar
"Google Chrome" = Google Chrome
"InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"InstallShield_{4B145183-E986-4585-ADDF-0C73DB575112}" = PointGrab Hand Gesture Control
"InstallShield_{92586A21-3E08-4055-B413-8ACCAAB50A42}" = PointGrab Hand Gesture Control Tutorial
"InstallShield_{DFD1F64D-2AF0-4CE2-9752-D701E80F8D1C}" = AVerMedia TV Player
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso 6.5
"LOLReplay" = LOLReplay
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"Mozilla Firefox 23.0.1 (x86 en-US)" = Mozilla Firefox 23.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NARA" = Norton Online Backup ARA
"News.net" = News.net
"PunkBusterSvc" = PunkBuster Services
"Razer Game Booster_is1" = Razer Game Booster
"Razer Surround" = Razer Surround
"Spotify" = Spotify
"Steam App 218620" = PAYDAY 2
"Steam App 220240" = Far Cry® 3
"Steam App 22380" = Fallout: New Vegas
"Steam App 227480" = God Mode
"Steam App 33910" = Arma 2
"Steam App 33930" = Arma 2: Operation Arrowhead
"Steam App 41700" = S.T.A.L.K.E.R.: Call of Pripyat
"Steam App 42910" = Magicka
"Steam App 730" = Counter-Strike: Global Offensive
"Steam App 91310" = Dead Island
"U2FpbnRzUm93SVY=_is1" = Saints Row IV
"Uplay" = Uplay
"VirtualCloneDrive" = VirtualCloneDrive
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"VLC media player" = VLC media player 2.0.7
"Wajam" = Wajam
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WTA-0684cde1-b228-4522-b2df-7ac0ce1ad347" = Plants vs. Zombies - Game of the Year
"WTA-10c7a8c5-17d3-42e9-97fc-ec237fcd179b" = Delicious: Emily's True Love Premium Edition
"WTA-380d4b1a-49b1-4964-baec-411bca7c41f2" = Zuma's Revenge
"WTA-8898e2b7-7e0d-465d-9fa4-6f8aa37e0620" = Agatha Christie - Death on the Nile
"WTA-96d6d974-189b-4255-a915-96624f514165" = Aloha TriPeaks
"WTA-9ad1694b-a366-4fba-8d30-05d37b88a7a9" = Penguins!
"WTA-a5eb0a21-4adc-43de-b70a-614649dca5ac" = Jewel Match 3
"WTA-b213a91b-e8cd-4ebc-ab9d-ef7185a38e88" = John Deere Drive Green
"WTA-c59479fb-475f-4f08-85e5-aeed1b8884ff" = Polar Bowler
"WTA-e1e82c43-e8bf-4f32-9059-f467c8f2cb18" = Governor of Poker 2 Premium Edition
"WTA-ef15111c-01d2-4dbf-9294-529b7d5e9fd3" = Magic Academy
"WTA-f07811f7-037e-4d69-8298-46cf1c9e3303" = Tales of Lagoona
"WTA-fac4bfbf-37ee-4463-a08e-9397d70a076a" = Final Drive: Nitro
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 5/12/2013 3:36:41 AM | Computer Name = rr | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1250
Error - 6/12/2013 2:50:36 AM | Computer Name = rr | Source = Application Error | ID = 1000
Description = Faulting application name: AUDIODG.EXE, version: 6.2.9200.16579, time
stamp: 0x516361b1 Faulting module name: libfftw3-3.dll, version: 0.0.0.0, time stamp:
0x4a5b30dc Exception code: 0xc0000005 Fault offset: 0x000000000000327c Faulting process
id: 0x498 Faulting application start time: 0x01cef1a1dd18ecd7 Faulting application
path: C:\Windows\system32\AUDIODG.EXE Faulting module path: C:\Windows\system32\libfftw3-3.dll
Report
Id: b54db0d8-5e42-11e3-be95-2016d83c21d2 Faulting package full name: Faulting package-relative
application ID:
Error - 7/12/2013 1:08:44 AM | Computer Name = rr | Source = System Restore | ID = 8193
Description =
Error - 9/12/2013 7:47:30 AM | Computer Name = rr | Source = SideBySide | ID = 16842761
Description = Activation context generation failed for "c:\program files\WinZip\adxloader.dll.Manifest".Error
in manifest or policy file "c:\program files\WinZip\adxloader.dll.Manifest" on
line 2. The manifest file root element must be assembly.
Error - 9/12/2013 7:49:16 AM | Computer Name = rr | Source = SideBySide | ID = 16842761
Description = Activation context generation failed for "c:\program files\WinZip\adxloader.dll.Manifest".Error
in manifest or policy file "c:\program files\WinZip\adxloader.dll.Manifest" on
line 2. The manifest file root element must be assembly.
Error - 9/12/2013 1:10:31 PM | Computer Name = rr | Source = System Restore | ID = 8193
Description =
Error - 11/12/2013 1:04:17 PM | Computer Name = rr | Source = SideBySide | ID = 16842761
Description = Activation context generation failed for "c:\program files\WinZip\adxloader.dll.Manifest".Error
in manifest or policy file "c:\program files\WinZip\adxloader.dll.Manifest" on
line 2. The manifest file root element must be assembly.
Error - 12/12/2013 1:01:03 PM | Computer Name = rr | Source = SideBySide | ID = 16842761
Description = Activation context generation failed for "c:\program files\WinZip\adxloader.dll.Manifest".Error
in manifest or policy file "c:\program files\WinZip\adxloader.dll.Manifest" on
line 2. The manifest file root element must be assembly.
Error - 12/12/2013 1:01:49 PM | Computer Name = rr | Source = SideBySide | ID = 16842761
Description = Activation context generation failed for "c:\program files\WinZip\adxloader.dll.Manifest".Error
in manifest or policy file "c:\program files\WinZip\adxloader.dll.Manifest" on
line 2. The manifest file root element must be assembly.
Error - 13/12/2013 11:32:34 AM | Computer Name = rr | Source = System Restore | ID = 8193
Description =
[ PG Log Events ]
Error - 5/10/2013 2:43:45 PM | Computer Name = rr | Source = Hand Gesture Control | ID = 0
Description = PGPanel (timerPGProcLauncher_Tick): [radiorentals] System.InvalidOperationException:
Couldn't get process information from performance counter. ---> System.ComponentModel.Win32Exception:
Unknown error (0xc0000017) --- End of inner exception stack trace --- at System.Diagnostics.NtProcessInfoHelper.GetProcessInfos()
at System.Diagnostics.ProcessManager.GetProcessInfos(String machineName) at
System.Diagnostics.Process.GetProcesses(String machineName) at System.Diagnostics.Process.GetProcessesByName(String
processName, String machineName) at System.Diagnostics.Process.GetProcessesByName(String
processName) at PGSetup.PGSetupForm.timerPGProcLauncher_Tick(Object sender, EventArgs
e)
Error - 5/10/2013 4:01:21 PM | Computer Name = rr | Source = Hand Gesture Control | ID = 0
Description = PGPanel (timerPGProcLauncher_Tick): [radiorentals] System.InvalidOperationException:
Couldn't get process information from performance counter. ---> System.ComponentModel.Win32Exception:
Unknown error (0xc0000017) --- End of inner exception stack trace --- at System.Diagnostics.NtProcessInfoHelper.GetProcessInfos()
at System.Diagnostics.ProcessManager.GetProcessInfos(String machineName) at
System.Diagnostics.Process.GetProcesses(String machineName) at System.Diagnostics.Process.GetProcessesByName(String
processName, String machineName) at System.Diagnostics.Process.GetProcessesByName(String
processName) at PGSetup.PGSetupForm.timerPGProcLauncher_Tick(Object sender, EventArgs
e)
Error - 5/10/2013 5:10:24 PM | Computer Name = rr | Source = Hand Gesture Control | ID = 0
Description = PGPanel (timerPGProcLauncher_Tick): [radiorentals] System.InvalidOperationException:
Couldn't get process information from performance counter. ---> System.ComponentModel.Win32Exception:
Unknown error (0xc0000017) --- End of inner exception stack trace --- at System.Diagnostics.NtProcessInfoHelper.GetProcessInfos()
at System.Diagnostics.ProcessManager.GetProcessInfos(String machineName) at
System.Diagnostics.Process.GetProcesses(String machineName) at System.Diagnostics.Process.GetProcessesByName(String
processName, String machineName) at System.Diagnostics.Process.GetProcessesByName(String
processName) at PGSetup.PGSetupForm.timerPGProcLauncher_Tick(Object sender, EventArgs
e)
Error - 5/10/2013 7:00:22 PM | Computer Name = rr | Source = Hand Gesture Control | ID = 0
Description = PGPanel (timerPGProcLauncher_Tick): [radiorentals] System.InvalidOperationException:
Couldn't get process information from performance counter. ---> System.ComponentModel.Win32Exception:
Unknown error (0xc0000017) --- End of inner exception stack trace --- at System.Diagnostics.NtProcessInfoHelper.GetProcessInfos()
at System.Diagnostics.ProcessManager.GetProcessInfos(String machineName) at
System.Diagnostics.Process.GetProcesses(String machineName) at System.Diagnostics.Process.GetProcessesByName(String
processName, String machineName) at System.Diagnostics.Process.GetProcessesByName(String
processName) at PGSetup.PGSetupForm.timerPGProcLauncher_Tick(Object sender, EventArgs
e)
Error - 5/10/2013 7:28:25 PM | Computer Name = rr | Source = Hand Gesture Control | ID = 0
Description = PGPanel (timerPGProcLauncher_Tick): [radiorentals] System.InvalidOperationException:
Couldn't get process information from performance counter. ---> System.ComponentModel.Win32Exception:
Unknown error (0xc0000017) --- End of inner exception stack trace --- at System.Diagnostics.NtProcessInfoHelper.GetProcessInfos()
at System.Diagnostics.ProcessManager.GetProcessInfos(String machineName) at
System.Diagnostics.Process.GetProcesses(String machineName) at System.Diagnostics.Process.GetProcessesByName(String
processName, String machineName) at System.Diagnostics.Process.GetProcessesByName(String
processName) at PGSetup.PGSetupForm.timerPGProcLauncher_Tick(Object sender, EventArgs
e)
Error - 5/10/2013 8:09:08 PM | Computer Name = rr | Source = Hand Gesture Control | ID = 0
Description = PGPanel (timerPGProcLauncher_Tick): [radiorentals] System.InvalidOperationException:
Couldn't get process information from performance counter. ---> System.ComponentModel.Win32Exception:
Unknown error (0xc0000017) --- End of inner exception stack trace --- at System.Diagnostics.NtProcessInfoHelper.GetProcessInfos()
at System.Diagnostics.ProcessManager.GetProcessInfos(String machineName) at
System.Diagnostics.Process.GetProcesses(String machineName) at System.Diagnostics.Process.GetProcessesByName(String
processName, String machineName) at System.Diagnostics.Process.GetProcessesByName(String
processName) at PGSetup.PGSetupForm.timerPGProcLauncher_Tick(Object sender, EventArgs
e)
Error - 5/10/2013 9:18:41 PM | Computer Name = rr | Source = Hand Gesture Control | ID = 0
Description = PGPanel (timerPGProcLauncher_Tick): [radiorentals] System.InvalidOperationException:
Couldn't get process information from performance counter. ---> System.ComponentModel.Win32Exception:
Unknown error (0xc0000017) --- End of inner exception stack trace --- at System.Diagnostics.NtProcessInfoHelper.GetProcessInfos()
at System.Diagnostics.ProcessManager.GetProcessInfos(String machineName) at
System.Diagnostics.Process.GetProcesses(String machineName) at System.Diagnostics.Process.GetProcessesByName(String
processName, String machineName) at System.Diagnostics.Process.GetProcessesByName(String
processName) at PGSetup.PGSetupForm.timerPGProcLauncher_Tick(Object sender, EventArgs
e)
[ System Events ]
Error - 6/12/2013 2:55:03 AM | Computer Name = rr | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the RzMaelstromVADStreamingService service.
Error - 6/12/2013 9:41:07 PM | Computer Name = rr | Source = Service Control Manager | ID = 7041
Description = The nvUpdatusService service was unable to log on as .\UpdatusUser
with the currently configured password due to the following error: Logon failure:
the user has not been granted the requested logon type at this computer. Service:
nvUpdatusService Domain and account: .\UpdatusUser This service account does not
have the required user right "Log on as a service." User Action Assign "Log on
as a service" to the service account on this computer. You can use Local Security
Settings (Secpol.msc) to do this. If this computer is a node in a cluster, check
that this user right is assigned to the Cluster service account on all nodes in
the cluster. If you have already assigned this user right to the service account,
and the user right appears to be removed, check with your domain administrator
to find out if a Group Policy object associated with this node might be removing
the right.
Error - 6/12/2013 9:41:07 PM | Computer Name = rr | Source = Service Control Manager | ID = 7000
Description = The NVIDIA Update Service Daemon service failed to start due to the
following error: %%1069
Error - 9/12/2013 5:26:33 AM | Computer Name = rr | Source = Service Control Manager | ID = 7041
Description = The nvUpdatusService service was unable to log on as .\UpdatusUser
with the currently configured password due to the following error: Logon failure:
the user has not been granted the requested logon type at this computer. Service:
nvUpdatusService Domain and account: .\UpdatusUser This service account does not
have the required user right "Log on as a service." User Action Assign "Log on
as a service" to the service account on this computer. You can use Local Security
Settings (Secpol.msc) to do this. If this computer is a node in a cluster, check
that this user right is assigned to the Cluster service account on all nodes in
the cluster. If you have already assigned this user right to the service account,
and the user right appears to be removed, check with your domain administrator
to find out if a Group Policy object associated with this node might be removing
the right.
Error - 9/12/2013 5:26:33 AM | Computer Name = rr | Source = Service Control Manager | ID = 7000
Description = The NVIDIA Update Service Daemon service failed to start due to the
following error: %%1069
Error - 11/12/2013 3:10:33 AM | Computer Name = rr | Source = Service Control Manager | ID = 7041
Description = The nvUpdatusService service was unable to log on as .\UpdatusUser
with the currently configured password due to the following error: Logon failure:
the user has not been granted the requested logon type at this computer. Service:
nvUpdatusService Domain and account: .\UpdatusUser This service account does not
have the required user right "Log on as a service." User Action Assign "Log on
as a service" to the service account on this computer. You can use Local Security
Settings (Secpol.msc) to do this. If this computer is a node in a cluster, check
that this user right is assigned to the Cluster service account on all nodes in
the cluster. If you have already assigned this user right to the service account,
and the user right appears to be removed, check with your domain administrator
to find out if a Group Policy object associated with this node might be removing
the right.
Error - 11/12/2013 3:10:33 AM | Computer Name = rr | Source = Service Control Manager | ID = 7000
Description = The NVIDIA Update Service Daemon service failed to start due to the
following error: %%1069
Error - 13/12/2013 4:34:10 PM | Computer Name = rr | Source = DCOM | ID = 10010
Description =
Error - 17/12/2013 5:20:27 AM | Computer Name = rr | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Steam
Client Service service to connect.
Error - 17/12/2013 5:20:27 AM | Computer Name = rr | Source = Service Control Manager | ID = 7000
Description = The Steam Client Service service failed to start due to the following
error: %%1053
< End of report >