Solved Infected svchost.exe

[Ryan O'Brien]

[2012/07/02 12:09:22 | 000,000,216 | ---- | M] () -- C:\Users\Nub\Desktop\Euro Truck Simulator Frankfurt Berne Acid.m2t.sfl
[2012/07/01 22:38:51 | 000,000,984 | ---- | M] () -- C:\Users\Nub\Desktop\NeO IRC.lnk
[2012/07/01 14:57:33 | 000,001,965 | ---- | M] () -- C:\Users\Nub\Desktop\Paltalk Messenger.lnk
[2012/07/01 14:57:33 | 000,001,120 | ---- | M] () -- C:\Users\Nub\Desktop\Upgrade to Paltalk Extreme.lnk
[2012/07/01 14:56:02 | 000,001,247 | ---- | M] () -- C:\Users\Nub\Desktop\DVDVideoSoft Free Studio.lnk
[2012/07/01 14:56:01 | 000,001,320 | ---- | M] () -- C:\Users\Nub\Desktop\Free YouTube Uploader.lnk
[2012/07/01 14:47:36 | 000,005,568 | ---- | M] () -- C:\Users\Nub\Desktop\Truckin with AgentBacon.m2t.sfk
[2012/07/01 14:43:46 | 000,000,212 | ---- | M] () -- C:\Users\Nub\Desktop\Euro Truck Simulator Rome Munich Toys.m2t.sfl
[2012/07/01 12:33:38 | 088,486,148 | ---- | M] () -- C:\Users\Nub\Desktop\An1maL.m2t
[2012/07/01 12:33:38 | 000,000,180 | ---- | M] () -- C:\Users\Nub\Desktop\An1maL.m2t.sfl
[2012/06/30 20:32:45 | 009,465,236 | ---- | M] () -- C:\Users\Nub\Desktop\Truckin with AgentBacon.m2t
[2012/06/30 20:32:45 | 000,000,196 | ---- | M] () -- C:\Users\Nub\Desktop\Truckin with AgentBacon.m2t.sfl
[2012/06/30 17:03:51 | 035,149,984 | ---- | M] () -- C:\Users\Nub\Desktop\u2bviews promo.m2t
[2012/06/30 17:03:51 | 000,000,188 | ---- | M] () -- C:\Users\Nub\Desktop\u2bviews promo.m2t.sfl
[2012/06/30 16:13:58 | 002,787,328 | ---- | M] () -- C:\Users\Nub\Desktop\artict2.txd
[2012/06/30 15:57:53 | 000,480,505 | ---- | M] () -- C:\Users\Nub\Desktop\Fliegl_Auflieger.png
[2012/06/30 15:57:44 | 003,034,505 | ---- | M] () -- C:\Users\Nub\Desktop\Fliegl_Auflieger.psd
[2012/06/30 14:20:07 | 000,000,218 | ---- | M] () -- C:\Users\Nub\Desktop\Euro Truck Simulator Brussels Rome Yoghurt.m2t.sfl
[2012/06/29 18:56:44 | 003,550,536 | ---- | M] () -- C:\Users\Nub\Desktop\trailer and truck mod.rar
[2012/06/29 11:31:49 | 003,145,782 | ---- | M] () -- C:\Users\Nub\Desktop\Fliegl_Auflieger.bmp
[2012/06/28 21:21:52 | 000,000,091 | ---- | M] () -- C:\Users\Nub\AppData\Local\fusioncache.dat
[2012/06/28 17:50:27 | 000,001,407 | ---- | M] () -- C:\Users\Public\Desktop\18 WoS Extreme Trucker 2.lnk
[2012/06/28 00:05:41 | 000,001,247 | ---- | M] () -- C:\Users\Public\Desktop\Bus Driver.lnk
[2012/06/25 14:24:02 | 000,000,216 | ---- | M] () -- C:\Users\Nub\Desktop\Euro Truck Simulator Vienna Milan Yoghurt.m2t.sfl
[2012/06/22 17:00:49 | 000,134,672 | ---- | M] () -- C:\Windows\RegBootClean64.exe

========== Files Created - No Company Name ==========

[2012/07/21 21:17:12 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/07/21 21:17:12 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/07/21 21:17:12 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/07/21 21:17:12 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/07/21 21:17:12 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/07/21 14:34:22 | 000,000,512 | ---- | C] () -- C:\Users\Nub\Documents\MBR.dat
[2012/07/19 19:15:17 | 355,892,192 | ---- | C] () -- C:\Users\Nub\Desktop\Open this.zip
[2012/07/19 19:15:09 | 000,000,022 | ---- | C] () -- C:\Users\Nub\Desktop\New WinRAR ZIP archive (2).zip
[2012/07/19 18:17:14 | 000,000,132 | ---- | C] () -- C:\Users\Nub\AppData\Roaming\Adobe BMP Format CS6 Prefs
[2012/07/19 18:17:13 | 000,006,776 | ---- | C] () -- C:\Users\Nub\Desktop\austrian edition logo.bmp
[2012/07/19 17:59:40 | 000,176,640 | ---- | C] ( ) -- C:\Users\Nub\Documents\Setup.exe
[2012/07/19 17:45:40 | 000,001,127 | ---- | C] () -- C:\Users\Public\Desktop\Smart Install Maker.lnk
[2012/07/19 17:42:36 | 358,310,691 | ---- | C] () -- C:\Users\Nub\Desktop\GTS_1.32_8.0 (2).scs
[2012/07/19 17:41:44 | 890,125,729 | ---- | C] () -- C:\Users\Nub\Desktop\GTS_1.32_8.0.scs
[2012/07/19 15:55:43 | 000,136,030 | ---- | C] () -- C:\Users\Nub\Desktop\YouTube Logo.jpg
[2012/07/19 15:45:30 | 000,000,214 | ---- | C] () -- C:\Users\Nub\Desktop\German Truck Simulator Austrian edition.m2t.sfl
[2012/07/19 15:32:28 | 717,645,444 | ---- | C] () -- C:\Users\Nub\Desktop\German Truck Simulator Austrian edition.m2t
[2012/07/19 15:31:48 | 000,000,206 | ---- | C] () -- C:\Users\Nub\Desktop\Austrian edition end.m2t.sfl
[2012/07/19 15:31:38 | 009,754,568 | ---- | C] () -- C:\Users\Nub\Desktop\Austrian edition end.m2t
[2012/07/19 15:30:04 | 000,006,216 | ---- | C] () -- C:\Users\Nub\Desktop\Austrian edition.m2t.sfk
[2012/07/19 13:36:54 | 000,000,190 | ---- | C] () -- C:\Users\Nub\Desktop\Austrian edition.m2t.sfl
[2012/07/19 13:36:49 | 010,564,472 | ---- | C] () -- C:\Users\Nub\Desktop\Austrian edition.m2t
[2012/07/19 13:33:17 | 000,006,776 | ---- | C] () -- C:\Users\Nub\Desktop\cgqzfx8b.bmp
[2012/07/19 13:13:28 | 002,208,747 | ---- | C] () -- C:\Users\Nub\Desktop\main_video.ogg
[2012/07/17 23:25:59 | 000,001,117 | ---- | C] () -- C:\Users\Nub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Malwarebytes Anti-Malware.lnk
[2012/07/17 18:06:09 | 1576,871,159 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/07/16 22:37:55 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/07/16 22:28:44 | 000,001,098 | ---- | C] () -- C:\Users\Public\Desktop\RegistryNuke 2012.lnk
[2012/07/16 21:39:01 | 000,154,368 | ---- | C] () -- C:\Users\Nub\Desktop\sampvlog.veg.bak
[2012/07/16 21:39:01 | 000,111,296 | ---- | C] () -- C:\Users\Nub\Desktop\sampvlog.veg
[2012/07/15 22:36:34 | 000,001,117 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/15 20:37:25 | 000,767,960 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2012/07/15 20:37:24 | 000,003,488 | ---- | C] () -- C:\Windows\UDB.zip
[2012/07/15 20:37:24 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2012/07/15 20:37:24 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2012/07/15 20:37:24 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2012/07/15 20:36:26 | 000,002,279 | ---- | C] () -- C:\Users\Public\Desktop\PC Tools Spyware Doctor with AntiVirus.lnk
[2012/07/15 20:33:59 | 001,666,808 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2012/07/15 18:19:03 | 000,000,216 | ---- | C] () -- C:\Users\Nub\Desktop\LIVE - KILLING NEO_RAMEN OBAMA! EXECLUSIVE.m2t.sfl
[2012/07/15 18:17:42 | 087,155,672 | ---- | C] () -- C:\Users\Nub\Desktop\LIVE - KILLING NEO_RAMEN OBAMA! EXECLUSIVE.m2t
[2012/07/15 16:55:41 | 000,160,488 | ---- | C] () -- C:\Users\Nub\Desktop\Must Persevere (Full version).mp3.sfk
[2012/07/15 16:55:31 | 004,677,678 | ---- | C] () -- C:\Users\Nub\Desktop\Must Persevere (Full version).mp3
[2012/07/15 16:41:32 | 000,296,544 | ---- | C] () -- C:\Users\Nub\Desktop\Untitled.mp3
[2012/07/15 16:39:09 | 000,000,190 | ---- | C] () -- C:\Users\Nub\Desktop\Untitled.m2t.sfl
[2012/07/15 16:39:02 | 032,084,080 | ---- | C] () -- C:\Users\Nub\Desktop\Untitled.m2t
[2012/07/15 10:57:11 | 000,001,383 | ---- | C] () -- C:\Users\Nub\Desktop\German Truck Simulator.lnk
[2012/07/15 10:54:08 | 000,001,379 | ---- | C] () -- C:\Users\Public\Desktop\German Truck Simulator.lnk
[2012/07/15 00:09:27 | 171,498,097 | ---- | C] () -- C:\Users\Nub\Desktop\POLSKAOpen.scs
[2012/07/15 00:09:27 | 169,472,222 | ---- | C] () -- C:\Users\Nub\Desktop\POLSKAOpen.zip
[2012/07/15 00:08:52 | 000,000,020 | ---- | C] () -- C:\Users\Nub\Desktop\POLSKA.rar
[2012/07/15 00:08:31 | 430,231,361 | ---- | C] () -- C:\Users\Nub\Desktop\POLSKA.scs
[2012/07/14 20:22:45 | 001,076,480 | R--- | C] () -- C:\Users\Nub\Desktop\Trial_Reset_3.3.rar
[2012/07/14 16:15:29 | 678,168,446 | ---- | C] () -- C:\Users\Nub\Desktop\ETS_1.3_Mega-Mix-Map-5 (2).zip
[2012/07/14 16:14:21 | 000,000,020 | ---- | C] () -- C:\Users\Nub\Desktop\New WinRAR archive.rar
[2012/07/14 16:06:22 | 680,293,139 | ---- | C] () -- C:\Users\Nub\Desktop\ETS_1.3_Mega-Mix-Map-5 (2).scs
[2012/07/14 16:05:47 | 1725,281,403 | ---- | C] () -- C:\Users\Nub\Desktop\ETS_1.3_Mega-Mix-Map-5.scs
[2012/07/14 16:04:55 | 000,000,022 | ---- | C] () -- C:\Users\Nub\Desktop\MMM1.zip
[2012/07/14 16:04:33 | 000,026,749 | ---- | C] () -- C:\Users\Nub\Desktop\MMM.rar
[2012/07/13 13:10:21 | 000,090,838 | ---- | C] () -- C:\Users\Nub\Desktop\before and after to color.jpg
[2012/07/13 12:06:09 | 000,000,220 | ---- | C] () -- C:\Users\Nub\Desktop\Euro Truck Simulator London Manchester Cheese.m2t.sfl
[2012/07/13 11:52:27 | 1601,221,944 | ---- | C] () -- C:\Users\Nub\Desktop\Euro Truck Simulator London Manchester Cheese.m2t
[2012/07/13 10:57:46 | 000,090,838 | ---- | C] () -- C:\Users\Nub\Desktop\before and after color.jpg
[2012/07/13 10:55:35 | 000,369,216 | ---- | C] () -- C:\Users\Nub\Desktop\colored portrait 2.jpg
[2012/07/12 18:08:03 | 000,892,433 | ---- | C] () -- C:\Users\Nub\Desktop\color fixed.jpg
[2012/07/12 17:25:32 | 000,886,121 | ---- | C] () -- C:\Users\Nub\Desktop\colored portrait.jpg
[2012/07/12 17:25:12 | 000,468,121 | ---- | C] () -- C:\Users\Nub\Desktop\restored guy.jpg
[2012/07/12 11:54:34 | 000,112,059 | ---- | C] () -- C:\Users\Nub\Desktop\before and after portrait.jpg
[2012/07/12 11:43:48 | 000,686,055 | ---- | C] () -- C:\Users\Nub\Desktop\restored portrait 1.jpg
[2012/07/12 11:07:38 | 000,001,172 | ---- | C] () -- C:\Users\Public\Desktop\Camtasia Studio 8.lnk
[2012/07/11 22:37:38 | 000,098,953 | ---- | C] () -- C:\Users\Nub\Desktop\slide0023_image204.jpg
[2012/07/11 20:40:54 | 000,090,029 | ---- | C] () -- C:\Users\Nub\Desktop\before and after.jpg
[2012/07/11 20:36:45 | 000,360,094 | ---- | C] () -- C:\Users\Nub\Desktop\restored portrait.jpg
[2012/07/11 19:44:56 | 003,340,268 | ---- | C] () -- C:\Users\Nub\Desktop\Till Tomorrow Underscore.mp3
[2012/07/11 15:35:38 | 000,126,573 | ---- | C] () -- C:\Users\Nub\Desktop\beforeman.jpg
[2012/07/11 14:35:16 | 000,150,351 | ---- | C] () -- C:\Users\Nub\Desktop\Portrait restoration.jpg
[2012/07/11 14:28:49 | 001,124,275 | ---- | C] () -- C:\Users\Nub\Desktop\before.png
[2012/07/11 14:28:29 | 002,057,427 | ---- | C] () -- C:\Users\Nub\Desktop\after.png
[2012/07/11 14:16:35 | 000,000,216 | ---- | C] () -- C:\Users\Nub\Desktop\Euro Truck Simulator Berne London Yoghurt.m2t.sfl
[2012/07/11 13:50:44 | 3955,478,264 | ---- | C] () -- C:\Users\Nub\Desktop\Euro Truck Simulator Berne London Yoghurt.m2t
[2012/07/11 12:42:50 | 000,020,500 | ---- | C] () -- C:\Users\Nub\Desktop\Portrait-French.jpg
[2012/07/11 12:42:45 | 000,060,589 | ---- | C] () -- C:\Users\Nub\Desktop\Portrait color.jpg
[2012/07/11 12:06:27 | 000,272,586 | ---- | C] () -- C:\Users\Nub\Desktop\retouch_project4_4_10+004.jpg
[2012/07/11 12:06:19 | 000,721,276 | ---- | C] () -- C:\Users\Nub\Desktop\Family - restored.jpg
[2012/07/10 23:30:42 | 000,001,646 | ---- | C] () -- C:\Users\Nub\Desktop\volvo_fh16_a.sii
[2012/07/10 22:01:22 | 000,078,365 | ---- | C] () -- C:\Users\Nub\Desktop\After.jpg
[2012/07/10 22:01:04 | 000,070,151 | ---- | C] () -- C:\Users\Nub\Desktop\Before.jpg
[2012/07/10 19:38:15 | 000,229,470 | ---- | C] () -- C:\Users\Nub\Desktop\CincinnatiMen.jpg
[2012/07/10 19:37:43 | 000,938,104 | ---- | C] () -- C:\Users\Nub\Desktop\Restored.jpg
[2012/07/10 17:06:12 | 001,324,916 | ---- | C] () -- C:\Users\Nub\Desktop\rocky beach after.jpg
[2012/07/10 17:05:16 | 000,981,264 | ---- | C] () -- C:\Users\Nub\Desktop\rocky beach before.jpg
[2012/07/10 17:05:12 | 002,237,967 | ---- | C] () -- C:\Users\Nub\Desktop\colored.png
[2012/07/10 15:32:14 | 000,002,030 | ---- | C] () -- C:\Users\Nub\Desktop\mercedes_actros_interior_std.sii
[2012/07/10 15:10:24 | 002,170,584 | ---- | C] () -- C:\Users\Nub\Desktop\Color.jpg
[2012/07/10 14:22:42 | 000,350,455 | ---- | C] () -- C:\Users\Nub\Desktop\OldMotorCar.jpg
[2012/07/10 13:57:39 | 000,417,171 | ---- | C] () -- C:\Users\Nub\Desktop\sar1.png
[2012/07/10 13:57:30 | 001,954,670 | ---- | C] () -- C:\Users\Nub\Desktop\sar1.psd
[2012/07/10 13:50:30 | 000,064,657 | ---- | C] () -- C:\Users\Nub\Desktop\sar6.jpg
[2012/07/10 12:53:24 | 000,790,990 | ---- | C] () -- C:\Users\Nub\Desktop\do this later.psd
[2012/07/10 12:51:30 | 000,000,132 | ---- | C] () -- C:\Users\Nub\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012/07/10 12:51:28 | 000,244,919 | ---- | C] () -- C:\Users\Nub\Desktop\gang.png
[2012/07/09 19:50:34 | 000,000,220 | ---- | C] () -- C:\Users\Nub\Desktop\FlatOut 2.url
[2012/07/09 17:27:01 | 000,807,246 | ---- | C] () -- C:\Users\Nub\Desktop\BLUE CAT.jpg
[2012/07/08 22:15:45 | 002,318,860 | ---- | C] () -- C:\Users\Nub\Desktop\Singapura Cat.psd
[2012/07/08 18:10:44 | 000,160,627 | ---- | C] () -- C:\Users\Nub\Desktop\Singapura Cat.jpg
[2012/07/08 18:09:12 | 000,000,112 | -H-- | C] () -- C:\39BD22373E07
[2012/07/08 18:09:12 | 000,000,040 | -H-- | C] () -- C:\BDAB4FE99C75
[2012/07/08 17:32:56 | 000,878,095 | ---- | C] () -- C:\Users\Nub\Desktop\142853951AP125_The_Raven_Ne.jpg
[2012/07/08 17:29:07 | 001,019,697 | ---- | C] () -- C:\Users\Nub\Desktop\President_Official_Portrait_HiRes.jpg
[2012/07/08 15:15:37 | 000,000,218 | ---- | C] () -- C:\Users\Nub\Desktop\Euro Truck Simulator Barcelona Lyon Apples.m2t.sfl
[2012/07/08 15:03:23 | 2165,417,276 | ---- | C] () -- C:\Users\Nub\Desktop\Euro Truck Simulator Barcelona Lyon Apples.m2t
[2012/07/07 12:08:20 | 000,151,552 | ---- | C] ( ) -- C:\Users\Nub\Desktop\Interop.SHDocVw.dll
[2012/07/06 18:19:27 | 000,000,224 | ---- | C] () -- C:\Users\Nub\Desktop\Euro Truck Simulator Bordeaux Barcelona Tommatoes.m2t.sfl
[2012/07/06 18:02:23 | 000,000,198 | ---- | C] () -- C:\Users\Nub\Desktop\First person driving mod.m2t.sfl
[2012/07/06 17:55:40 | 2719,026,516 | ---- | C] () -- C:\Users\Nub\Desktop\Euro Truck Simulator Bordeaux Barcelona Tommatoes.m2t
[2012/07/06 10:55:32 | 000,013,230 | ---- | C] () -- C:\Users\Nub\Desktop\Shady.PNG
[2012/07/06 10:55:15 | 000,012,726 | ---- | C] () -- C:\Users\Nub\Desktop\Scar.PNG
[2012/07/05 20:54:06 | 000,000,022 | ---- | C] () -- C:\Users\Nub\Desktop\New WinRAR ZIP archive.zip
[2012/07/05 20:46:54 | 000,349,680 | ---- | C] () -- C:\Users\Nub\Desktop\details_excl.dds
[2012/07/05 18:46:34 | 000,172,098 | ---- | C] () -- C:\torrent.exe
[2012/07/05 17:54:43 | 001,043,253 | ---- | C] () -- C:\Users\Nub\Desktop\Done.png
[2012/07/05 17:54:37 | 004,191,177 | ---- | C] () -- C:\Users\Nub\Desktop\Done.psd
[2012/07/05 17:11:26 | 003,970,129 | ---- | C] () -- C:\Users\Nub\Desktop\ALmost done.psd
[2012/07/05 14:47:11 | 000,453,502 | ---- | C] () -- C:\Users\Nub\Desktop\EFOQKC.psd
[2012/07/04 22:04:19 | 000,039,654 | ---- | C] () -- C:\Users\Nub\Desktop\truck up2.png
[2012/07/04 22:02:40 | 000,037,145 | ---- | C] () -- C:\Users\Nub\Desktop\truck up1.png
[2012/07/04 21:33:21 | 001,572,918 | ---- | C] () -- C:\Users\Nub\Desktop\eurogoodies.bmp
[2012/07/04 15:14:54 | 000,137,822 | ---- | C] () -- C:\Users\Nub\Desktop\agbacon acres trailer mod.scs
[2012/07/04 15:12:26 | 000,257,769 | ---- | C] () -- C:\Users\Nub\Desktop\euroacres.png
[2012/07/04 15:08:09 | 000,013,539 | ---- | C] () -- C:\Users\Nub\Desktop\road-splits-sign-hi.png
[2012/07/04 14:58:46 | 000,012,218 | ---- | C] () -- C:\Users\Nub\Desktop\greentractor.jpg
[2012/07/04 14:39:20 | 000,027,596 | ---- | C] () -- C:\Users\Nub\Desktop\star.jpg
[2012/07/04 14:33:55 | 001,572,918 | ---- | C] () -- C:\Users\Nub\Desktop\euroacres.bmp
[2012/07/04 14:32:09 | 000,699,216 | ---- | C] () -- C:\Users\Nub\Desktop\euroacres.dds
[2012/07/04 14:32:09 | 000,000,088 | ---- | C] () -- C:\Users\Nub\Desktop\euroacres.tobj
[2012/07/03 15:43:31 | 000,000,212 | ---- | C] () -- C:\Users\Nub\Desktop\Euro Truck Simulator Lyon Vienna Acid.m2t.sfl
[2012/07/03 15:15:58 | 491,792,447 | ---- | C] () -- C:\Users\Nub\Desktop\Euro Truck Simulator Lyon Vienna Acid.m2t
[2012/07/03 15:13:48 | 000,006,168 | ---- | C] () -- C:\Users\Nub\Desktop\Trucking with AgentBacon Intro .m2t.sfk
[2012/07/03 13:35:40 | 000,008,933 | ---- | C] () -- C:\Users\Nub\Desktop\ping.PNG
[2012/07/02 22:40:49 | 000,001,992 | ---- | C] () -- C:\Users\Public\Desktop\Enemy Territory - QUAKE Wars(TM).lnk
[2012/07/02 22:40:43 | 000,000,328 | ---- | C] () -- C:\Windows\game.ini
[2012/07/02 20:20:07 | 000,000,204 | ---- | C] () -- C:\Users\Nub\Desktop\Trucking with AgentBacon Intro .m2t.sfl
[2012/07/02 20:20:03 | 010,448,664 | ---- | C] () -- C:\Users\Nub\Desktop\Trucking with AgentBacon Intro .m2t
[2012/07/02 20:10:22 | 000,033,005 | ---- | C] () -- C:\Users\Nub\Desktop\twab.png
[2012/07/02 19:53:39 | 000,071,959 | ---- | C] () -- C:\Users\Nub\Desktop\truckjpd.jpg
[2012/07/02 19:36:12 | 000,036,264 | ---- | C] () -- C:\Users\Nub\Desktop\truck up.png
[2012/07/02 19:30:52 | 000,035,752 | ---- | C] () -- C:\Users\Nub\Desktop\1254446789518345489tow-truck.svg.hi.png
[2012/07/02 19:27:56 | 000,046,005 | ---- | C] () -- C:\Users\Nub\Desktop\clipart_transport_552.jpg
[2012/07/02 12:38:30 | 000,000,740 | ---- | C] () -- C:\Users\Public\Desktop\iLivid.lnk
[2012/07/02 12:09:22 | 000,000,216 | ---- | C] () -- C:\Users\Nub\Desktop\Euro Truck Simulator Frankfurt Berne Acid.m2t.sfl
[2012/07/01 22:39:16 | 005,987,567 | ---- | C] () -- C:\Users\Nub\Desktop\intV_by_mina&he.scs
[2012/07/01 22:30:09 | 001,587,304 | ---- | C] () -- C:\Users\Nub\Desktop\ets_00209.png
[2012/07/01 14:57:33 | 000,001,965 | ---- | C] () -- C:\Users\Nub\Desktop\Paltalk Messenger.lnk
[2012/07/01 14:57:33 | 000,001,120 | ---- | C] () -- C:\Users\Nub\Desktop\Upgrade to Paltalk Extreme.lnk
[2012/07/01 14:56:02 | 000,001,247 | ---- | C] () -- C:\Users\Nub\Desktop\DVDVideoSoft Free Studio.lnk
[2012/07/01 14:56:01 | 000,001,320 | ---- | C] () -- C:\Users\Nub\Desktop\Free YouTube Uploader.lnk
[2012/07/01 14:43:46 | 000,000,212 | ---- | C] () -- C:\Users\Nub\Desktop\Euro Truck Simulator Rome Munich Toys.m2t.sfl
[2012/07/01 14:18:42 | 000,005,568 | ---- | C] () -- C:\Users\Nub\Desktop\Truckin with AgentBacon.m2t.sfk
[2012/07/01 12:33:38 | 000,000,180 | ---- | C] () -- C:\Users\Nub\Desktop\An1maL.m2t.sfl
[2012/07/01 12:33:13 | 088,486,148 | ---- | C] () -- C:\Users\Nub\Desktop\An1maL.m2t
[2012/06/30 20:32:45 | 000,000,196 | ---- | C] () -- C:\Users\Nub\Desktop\Truckin with AgentBacon.m2t.sfl
[2012/06/30 20:32:37 | 009,465,236 | ---- | C] () -- C:\Users\Nub\Desktop\Truckin with AgentBacon.m2t
[2012/06/30 17:03:51 | 000,000,188 | ---- | C] () -- C:\Users\Nub\Desktop\u2bviews promo.m2t.sfl
[2012/06/30 17:02:38 | 035,149,984 | ---- | C] () -- C:\Users\Nub\Desktop\u2bviews promo.m2t
[2012/06/30 14:20:07 | 000,000,218 | ---- | C] () -- C:\Users\Nub\Desktop\Euro Truck Simulator Brussels Rome Yoghurt.m2t.sfl
[2012/06/29 23:30:56 | 003,034,505 | ---- | C] () -- C:\Users\Nub\Desktop\Fliegl_Auflieger.psd
[2012/06/29 18:55:18 | 003,550,536 | ---- | C] () -- C:\Users\Nub\Desktop\trailer and truck mod.rar
[2012/06/29 12:23:18 | 002,787,328 | ---- | C] () -- C:\Users\Nub\Desktop\artict2.txd
[2012/06/29 12:22:39 | 000,480,505 | ---- | C] () -- C:\Users\Nub\Desktop\Fliegl_Auflieger.png
[2012/06/29 11:31:49 | 003,145,782 | ---- | C] () -- C:\Users\Nub\Desktop\Fliegl_Auflieger.bmp
[2012/06/28 21:21:52 | 000,000,091 | ---- | C] () -- C:\Users\Nub\AppData\Local\fusioncache.dat
[2012/06/28 17:50:27 | 000,001,407 | ---- | C] () -- C:\Users\Public\Desktop\18 WoS Extreme Trucker 2.lnk
[2012/06/28 00:05:41 | 000,001,247 | ---- | C] () -- C:\Users\Public\Desktop\Bus Driver.lnk
[2012/06/25 19:41:09 | 000,000,244 | ---- | C] () -- C:\Users\Nub\Desktop\interior_volvo_fh16.sii
[2012/06/25 14:24:02 | 000,000,216 | ---- | C] () -- C:\Users\Nub\Desktop\Euro Truck Simulator Vienna Milan Yoghurt.m2t.sfl
[2012/06/19 16:23:02 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\nvRegDev.dll
[2012/06/19 16:22:55 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\nvPhotoshopUtil.dll
[2012/06/19 16:22:55 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\nvISWOW64.dll
[2012/06/11 12:50:16 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/06/11 12:50:16 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/05/30 15:45:14 | 000,000,132 | ---- | C] () -- C:\Users\Nub\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2012/05/12 20:55:32 | 000,001,456 | ---- | C] () -- C:\Users\Nub\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012/05/12 20:47:37 | 000,000,132 | ---- | C] () -- C:\Users\Nub\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2012/05/12 20:24:16 | 000,758,018 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012/05/12 20:24:16 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012/05/10 16:35:16 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/04/27 04:14:59 | 000,119,432 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/04/11 22:47:10 | 000,006,144 | ---- | C] () -- C:\Users\Nub\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/10 00:14:04 | 000,119,296 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll
[2012/04/10 00:14:04 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ADsSecurity.dll
[2012/04/10 00:14:02 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\dxinputdll.dll
[2012/03/27 18:57:06 | 000,000,132 | ---- | C] () -- C:\Users\Nub\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/03/14 22:36:59 | 000,000,291 | ---- | C] () -- C:\Windows\cod2demo.ini
[2012/02/22 18:06:18 | 000,134,672 | ---- | C] () -- C:\Windows\RegBootClean64.exe
[2012/02/19 18:55:01 | 000,057,904 | ---- | C] () -- C:\Windows\SysWow64\wbload.dll
[2012/01/25 14:56:27 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2012/01/23 16:23:11 | 000,803,720 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/01/22 22:20:10 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/01/22 22:20:08 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/09/28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/09/12 18:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/08/10 21:24:47 | 000,014,464 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys
[2011/08/10 21:24:00 | 000,013,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2011/08/10 21:23:54 | 000,221,184 | ---- | C] () -- C:\Windows\SysWow64\drivers\ServiceHelp.dll
[2011/08/10 21:23:54 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2011/08/10 21:23:54 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2011/08/10 21:19:29 | 000,003,543 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2011/08/10 21:19:23 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011/08/10 21:19:22 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2011/08/10 21:19:22 | 000,002,649 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2011/08/10 21:16:58 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/11/28 16:34:00 | 000,145,288 | ---- | C] () -- C:\Windows\SysWow64\WinMsgBalloonClient.exe
[2010/11/28 16:34:00 | 000,128,904 | ---- | C] () -- C:\Windows\SysWow64\WinMsgBalloonServer.exe

========== LOP Check ==========

[2012/06/14 19:10:21 | 000,000,000 | ---D | M] -- C:\Users\Nub\AppData\Roaming\.minecraft
[2012/04/05 15:07:11 | 000,000,000 | ---D | M] -- C:\Users\Nub\AppData\Roaming\.techniclauncher
[2012/06/20 10:39:35 | 000,000,000 | ---D | M] -- C:\Users\Nub\AppData\Roaming\Audacity
[2012/03/29 15:00:51 | 000,000,000 | ---D | M] -- C:\Users\Nub\AppData\Roaming\avidemux
[2012/05/12 20:12:16 | 000,000,000 | ---D | M] -- C:\Users\Nub\AppData\Roaming\Bitsoft
[2012/05/12 20:12:16 | 000,000,000 | ---D | M] -- C:\Users\Nub\AppData\Roaming\cidialog32
[2012/05/30 15:25:18 | 000,000,000 | ---D | M] -- C:\Users\Nub\AppData\Roaming\Clickteam
[2012/06/12 21:50:20 | 000,000,000 | ---D | M] -- C:\Users\Nub\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/07/16 22:04:50 | 000,000,000 | ---D | M] -- C:\Users\Nub\AppData\Roaming\Dropbox
[2012/07/01 14:56:10 | 000,000,000 | ---D | M] -- C:\Users\Nub\AppData\Roaming\DVDVideoSoft
[2012/05/12 20:24:30 | 000,000,000 | ---D | M] -- C:\Users\Nub\AppData\Roaming\GeoVid
[2012/06/03 15:17:09 | 000,000,000 | ---D | M] -- C:\Users\Nub\AppData\Roaming\Marine Aquarium 3
[2012/06/14 19:07:15 | 000,000,000 | ---D | M] -- C:\Users\Nub\AppData\Roaming\Mirillis
[2012/03/31 21:03:49 | 000,000,000 | ---D | M] -- C:\Users\Nub\AppData\Roaming\Notepad++
[2012/07/01 14:56:10 | 000,000,000 | ---D | M] -- C:\Users\Nub\AppData\Roaming\OpenCandy
[2012/03/27 15:08:34 | 000,000,000 | ---D | M] -- C:\Users\Nub\AppData\Roaming\Opera
[2012/07/01 14:57:31 | 000,000,000 | ---D | M] -- C:\Users\Nub\AppData\Roaming\Paltalk
[2012/04/10 00:18:39 | 000,000,000 | ---D | M] -- C:\Users\Nub\AppData\Roaming\PowerUp Software
[2012/04/02 15:20:23 | 000,000,000 | ---D | M] -- C:\Users\Nub\AppData\Roaming\Publish Providers
[2012/05/16 01:58:45 | 000,000,000 | ---D | M] -- C:\Users\Nub\AppData\Roaming\SoftGrid Client
[2012/05/24 22:11:58 | 000,000,000 | ---D | M] -- C:\Users\Nub\AppData\Roaming\Sony
[2012/06/13 11:12:16 | 000,000,000 | ---D | M] -- C:\Users\Nub\AppData\Roaming\Sony Creative Software Inc
[2012/04/18 19:26:18 | 000,000,000 | ---D | M] -- C:\Users\Nub\AppData\Roaming\SystemRequirementsLab
[2012/07/12 11:08:43 | 000,000,000 | ---D | M] -- C:\Users\Nub\AppData\Roaming\TechSmith
[2012/07/15 20:33:31 | 000,000,000 | ---D | M] -- C:\Users\Nub\AppData\Roaming\TestApp
[2012/07/15 23:24:47 | 000,000,000 | ---D | M] -- C:\Users\Nub\AppData\Roaming\uTorrent
[2012/03/31 19:31:49 | 000,000,000 | ---D | M] -- C:\Users\Nub\AppData\Roaming\wargaming.net
[2012/06/02 19:33:49 | 000,000,000 | ---D | M] -- C:\Users\Nub\AppData\Roaming\WeatherBug
[2012/05/11 17:41:39 | 000,000,000 | ---D | M] -- C:\Users\Nub\AppData\Roaming\what
[2012/05/24 10:49:21 | 000,032,606 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 204 bytes -> C:\ProgramData\TEMP:FB6A21E3
@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:SummaryInformation
@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:DocumentSummaryInformation
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMPFC5A2B2

< End of report >

 

[Ryan O'Brien]

I'm also running in safe mode because it was starting to freeze more.

 

[Ryan O'Brien]

OTL Extras logfile created on: 7/21/2012 10:06:11 PM - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Nub\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.50 Gb Total Physical Memory | 6.20 Gb Available Physical Memory | 82.78% Memory free
14.99 Gb Paging File | 13.72 Gb Available in Paging File | 91.50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 372.60 Gb Total Space | 51.34 Gb Free Space | 13.78% Space Free | Partition Type: NTFS
Drive D: | 544.72 Gb Total Space | 8.23 Gb Free Space | 1.51% Space Free | Partition Type: NTFS
Drive F: | 5.30 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: RYAN-PC | User Name: Nub | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp[@ = WinHelpCustomView.Scenario] -- Reg Error: Key error. File not found
.html[@ = ChromeHTML.Nub] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.hlp [@ = WinHelpCustomView.Scenario] -- Reg Error: Key error. File not found
.html [@ = ChromeHTML.Nub] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08D5BC70-0434-4685-8598-A5FEA50C7B70}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{0C60947F-CE1D-469B-93A1-90272D76191E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{11B8294B-A072-4C9C-88C5-3756032A86FE}" = lport=138 | protocol=17 | dir=in | app=system |
"{16CF6D08-6FD8-478E-9E8A-966456115C20}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{23108FF9-AEC2-4F58-A667-DBA949ED4134}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2D6AC29B-0AAF-4466-AF0D-524962BE93E6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{42F0686A-36A7-4804-BCE6-FDCCFF25AC0B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{43C83BBA-8ECC-4C4D-A83E-28C9B0F5CDC2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4F1AE481-0C15-46DA-ABA9-494050B128EA}" = lport=10243 | protocol=6 | dir=in | app=system |
"{661DE5FC-E4BA-4039-85B4-F4BAECE11280}" = rport=445 | protocol=6 | dir=out | app=system |
"{82C60322-3A4B-4B96-A0D1-0BD0A5200CAA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8DE5337F-E484-4ADA-A1EE-A7C221F29905}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{8E85C818-8A3C-4CFB-92F5-500E5727AC1F}" = rport=137 | protocol=17 | dir=out | app=system |
"{8EAAD81C-88DF-47F4-966A-FED14367B7DC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{97386B97-2B9E-43F4-9DDB-792C2F5EBFBD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A1E169F2-1605-4F6B-8D23-7B5AB59BB053}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AD6D5B8D-6774-4EA6-925B-1EE15D278571}" = rport=138 | protocol=17 | dir=out | app=system |
"{AF589E12-CF1F-47A2-8E5B-E433C898247A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B49918FE-9AC7-49E1-BE62-1637F2CF92CD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B9A11845-B4E1-4D2D-B000-B3409F48C754}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C18E44D2-EFE8-4BFA-AAC8-31CCE0AEA0CD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C2BCF53A-26A0-4196-9C60-1164D7AAC74C}" = lport=445 | protocol=6 | dir=in | app=system |
"{D12E759A-3AA4-463E-B30C-CD34D74D3124}" = lport=139 | protocol=6 | dir=in | app=system |
"{F0CA7B13-8B10-4F30-8312-613459D2A9D9}" = lport=137 | protocol=17 | dir=in | app=system |
"{FD066447-36ED-4CA0-8D1D-43889752DD87}" = rport=139 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{005EB1E1-2B53-4095-9B1E-8525C46902CE}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{00D5DC75-BE2F-4223-99E9-469B496B8A8A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0422F17A-7218-4072-8081-69BFD5F8D498}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0FAE9B46-D5E8-4E10-9FCF-555A6C564C56}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{128E015D-7E1C-40CE-A2A9-D8D34028849C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\red orchestra\system\redorchestra.exe |
"{22F946B2-AEAF-4CAC-845F-6C941EEA937E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect 2 demo\docs\ea help\electronic_arts_technical_support.htm |
"{28197B1F-0E04-4A35-94CF-D71D581258C4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto san andreas\gta-sa.exe |
"{28BA4264-B270-436F-8290-4D54FCE334C4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\serious sam 2\bin\sam2.exe |
"{2A92CB9B-2ED6-4660-8ACC-C089777A9CB2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\launcheflc.exe |
"{2A9CF528-D50E-4345-BC27-95B4E0349AD9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\serious sam 2\bin\sam2.exe |
"{2F47C5D5-9D31-41FE-A334-91BA9FDF1AD7}" = protocol=17 | dir=in | app=c:\users\nub\appdata\roaming\dropbox\bin\dropbox.exe |
"{2FFF909C-8077-4D26-921E-A831E309E0D3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\agentred92\counter-strike\hl.exe |
"{34B767A7-BD84-4E23-9F6C-9186E4CDEFD8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 free\arma2free.exe |
"{3AEF44B2-7A79-4F77-8ADA-47E3BACB3319}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{3EBFC12D-2FBB-4562-8904-BD36FF915C5E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sniper elite v2 demo\bin\sniperelitev2demo.exe |
"{3F4D58EE-C6C2-4130-A782-085963A11A72}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{44E98468-D92E-4E1B-864D-786402A84A61}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\binaries\vivoxvoiceservice.exe |
"{457D90C1-3447-4C68-B70C-B5FFD57D4DA3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{480BF723-82A4-4BC3-8510-CA1CB3084418}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{4C194A7F-BE45-4C72-8948-0C76B22BDA28}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{4DD3ECC6-5063-4114-9155-87D94FD8AA4C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\serious sam 2\bin\dedicatedserver.exe |
"{526D7FFD-8E31-466F-961E-DB0C3316F4D6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\agentred92\counter-strike\hl.exe |
"{53FB58D1-C9B8-4065-9A10-7240EA29A035}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{5BE09615-960F-4C26-963C-60A9C016C78A}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{684BA55A-6FC4-4504-8E17-05AB98843FB1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hitman blood money\hitmanbloodmoney.exe |
"{6887EBA3-E70E-42A0-BFEA-315BE7931A66}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\binaries\apb.exe |
"{6B686BE5-A5CB-4249-A06A-ECF8344E9306}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\flatout2\flatout2.exe |
"{6F68EF10-8339-4E96-ABBF-A87F6769253B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stronghold kingdoms\strongholdkingdoms.exe |
"{6F7823C9-7540-497A-AA21-07D5A442C79F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mafia ii\pc\mafia2.exe |
"{6FC85FAB-F2EE-4682-B0D0-BE069CFB4EBA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{704EFB97-1642-4DAC-9170-0BB2AE9C191D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect 2 demo\masseffect2launcher.exe |
"{72391853-C875-4A09-9BC9-385C08BB2321}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\microsoft flight\flight.exe |
"{751528DA-A125-43EA-AADA-45C99B3B10D8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty 2\cod2mp_s.exe |
"{76044A3A-55CD-4CB3-8E34-E7FF1557F6B4}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7675B8D1-46AC-4B59-AF5A-31331A0F7667}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\test drive unlimited 2\uplauncher.exe |
"{7A23A2CF-7750-47D9-9762-73FB00B5DCD5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mafia ii\pc\mafia2.exe |
"{7B982F15-D696-49EA-A073-E375F2EBC83E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{7BA0C393-F161-4906-92EF-7D135849C485}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7F735C36-550B-49F8-B64D-9E205B30BF15}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8BA33F17-FC8B-4E6E-8C6A-593D48AE1DAC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8D68B189-0EB5-4239-9210-815A278B103E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hitman blood money\configure.exe |
"{8DA2AD27-FA60-4DA6-9AFA-E144EA17C629}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{8DEDAF7D-22D4-4BC2-B2D0-E515B928F815}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\flatout2\flatout2.exe |
"{8FB4911E-F209-429C-BDD1-7318B9B5D442}" = protocol=6 | dir=out | app=system |
"{92A76A93-5960-4F0F-8EDC-79C675256A47}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\launcher\apblauncher.exe |
"{92EF17F8-B8B1-4365-9AED-FB5A5123A901}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\binaries\apb.exe |
"{936E3117-4E94-48DD-B0DE-75C9FDCF4BAD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\test drive unlimited 2\uplauncher.exe |
"{93AD3CAD-6E7A-48AE-8265-F5D62FCD3301}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\red orchestra\system\redorchestra.exe |
"{93AD46F8-D857-436C-B07A-CB578A0F4E02}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crimecraft\steamlauncher.exe |
"{949E9CD5-BD01-4050-822A-01EBBBF88E0C}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"{97F71FE1-9039-4202-8E00-1216C5CE5D12}" = protocol=17 | dir=in | app=c:\program files (x86)\id software\enemy territory - quake wars\etqw.exe |
"{99672FAC-6DC9-4DA7-94C9-08EC2BD69ED8}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{9995497F-82F9-4990-94CC-C4C58832D060}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hitman blood money\hitmanbloodmoney.exe |
"{9C0F4841-219E-46CB-B743-1EA911DEAF1C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\binaries\vivoxvoiceservice.exe |
"{9E761AA9-7597-4274-9B7F-03B8266FFD1E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\apb reloaded\launcher\apblauncher.exe |
"{A4922D1D-7F2C-427E-8514-63CC491ECAB6}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{A58046EF-6316-45A0-96A8-05D499E3AB8C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect 2 demo\docs\ea help\electronic_arts_technical_support.htm |
"{A629FB0B-B2F8-48B5-BEEA-558FB4666A38}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A6591945-97E6-42EA-B80D-BAC306AAC6B4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\flatout demo\flatoutdemo.exe |
"{A705B3B0-3127-49D9-9A74-F0058309E34E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A7386E0D-F968-46ED-A519-BABBB576CA73}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{B0C01979-B0C0-4FDF-BC33-5F17362F8931}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B24715C8-2854-4B69-8AD7-4F97DEAA7156}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stronghold kingdoms\strongholdkingdoms.exe |
"{B43FAF77-1ECE-4435-A10B-08397ABB4D24}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B484D691-D533-4249-9EFD-83AD670E11FA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto san andreas\gta-sa.exe |
"{B5E2F32E-87B4-4E62-A00C-FD832F5077D3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\flatout demo\flatoutdemo.exe |
"{BAABCEC7-82BB-46C6-A098-1ED65CF135FA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{BFE69A5C-BF0F-4AA7-A1E6-F5D5EE9656C2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CAAEF96A-F6FC-4024-98CA-99ED8993E08A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sniper elite v2 demo\bin\sniperelitev2demo.exe |
"{CCF3411D-1B35-4361-A301-91D5CFD50522}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\microsoft flight\flight.exe |
"{D2359D58-7599-4C38-86F7-C35D5113A589}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty 2\cod2mp_s.exe |
"{D6B45564-84AF-4061-A63F-C81A21E9A4BE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D6FBD938-585F-4874-A0C2-E0C2F4A770DF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty 2\cod2sp_s.exe |
"{D9A3113E-A379-48F5-872A-64037458DEB3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DB686681-074E-4B66-9AFD-A11AC59DB9E4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{DBDAD1A8-47BC-4CCF-96CD-2CF1276B4A13}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 free\arma2free.exe |
"{DCEE6BD2-74EF-40D5-9181-D4D1D3051E66}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\serious sam 2\bin\dedicatedserver.exe |
"{E022765D-028F-4608-9630-448139924DBA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crimecraft\steamlauncher.exe |
"{E1311253-879B-4A97-B5A7-06935A1B345D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect 2 demo\masseffect2launcher.exe |
"{E44C6E3C-7698-4ABA-9BBF-48A65FC8EC59}" = protocol=6 | dir=in | app=c:\program files (x86)\id software\enemy territory - quake wars\etqw.exe |
"{E52A6904-E6B2-4AC8-A614-DB3D02D7F8E9}" = protocol=6 | dir=in | app=c:\program files (x86)\id software\enemy territory - quake wars\etqwded.exe |
"{EA3A3A9B-BA42-456B-A792-10B7E84FE425}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EB73CF65-1096-4565-83AD-E955F5457467}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{EF138B25-7794-4FF2-9E35-59F99687A26C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

 

[Ryan O'Brien]

"{EFF47C0C-E960-4286-B074-354575D5CDCD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\launcheflc.exe |
"{F21AE01E-791A-48FD-A42F-324E7B672D13}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hitman blood money\configure.exe |
"{F37307E5-BBB2-456A-8F17-192591827879}" = protocol=17 | dir=in | app=c:\program files (x86)\id software\enemy territory - quake wars\etqwded.exe |
"{F51F1BFF-C6A2-4037-9E8A-8791DDEFE11C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{F7B1109D-3343-469C-A197-E6CAB9103951}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{FA3F523F-05DC-4809-A5CD-FE2D2B41D106}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{FACD3182-3B4E-43B3-9C91-2132A164E69B}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{FC2D03C3-A9E5-4417-93A3-516B9A32FAF5}" = protocol=6 | dir=in | app=c:\users\nub\appdata\roaming\dropbox\bin\dropbox.exe |
"{FD32662E-84E4-4EAB-BABD-40131780B08C}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe |
"{FF17D78F-681F-4B64-892A-2C49FD86DEDF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty 2\cod2sp_s.exe |
"TCP Query User{1BCEB828-77C7-4CB3-8CEA-1E22F6D1EBAA}C:\program files (x86)\global star software\jetfighter 2015\real\jet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\global star software\jetfighter 2015\real\jet.exe |
"TCP Query User{26D65992-D579-4582-A74F-8CA8A23B2653}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=6 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe |
"TCP Query User{2C7DAC5B-9F22-41C4-9D87-1D359956C432}C:\program files\neo irc 1.7\mirc.exe" = protocol=6 | dir=in | app=c:\program files\neo irc 1.7\mirc.exe |
"TCP Query User{2ECECD73-0D7D-4582-BAAA-42E1E0376050}C:\windows\syswow64\dpnsvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dpnsvr.exe |
"TCP Query User{4306B8DA-86FF-47DE-B09B-27DA589DD271}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{518936B9-35BC-4281-9F41-E8C13C623675}C:\program files (x86)\mta san andreas 1.3\server\mta server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mta san andreas 1.3\server\mta server.exe |
"TCP Query User{567BF29C-585D-4613-9055-2A01B611ECA7}C:\program files (x86)\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"TCP Query User{6A38B503-6075-4E23-8FFF-C1A5933BE1EB}C:\program files\neo irc 1.7\mirc.exe" = protocol=6 | dir=in | app=c:\program files\neo irc 1.7\mirc.exe |
"TCP Query User{70FED8DE-32FE-4BDF-9DB3-471753D755BE}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{769BD5C1-00FC-4AE0-B460-8CE067CB051A}C:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe |
"TCP Query User{7B3DE38C-9389-4F84-AAE9-4797E0A3EC8C}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{7DDFC044-9376-4B16-A2C7-D826D612E5F0}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe |
"TCP Query User{91FE8789-DE56-448B-9E13-68B5B93F55DF}C:\windows\desktop\quake2 demo\install\data\quake2.exe" = protocol=6 | dir=in | app=c:\windows\desktop\quake2 demo\install\data\quake2.exe |
"TCP Query User{951D4904-A495-4DFD-8113-3AF0FEDC3896}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{99B232E4-51DC-4159-A831-BF05BACCDB62}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{9CF87264-69FC-4744-BC46-949973BF6FC9}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{A2003CEB-CBC3-4281-9F40-F1A408EEACE1}C:\program files (x86)\city interactive\sniper ghost warrior\sniper_x86.exe" = protocol=6 | dir=in | app=c:\program files (x86)\city interactive\sniper ghost warrior\sniper_x86.exe |
"TCP Query User{B8E5B1B1-FCCF-4C39-8403-6D894A7E1803}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{D3493DC1-837F-4B1B-8B3C-36184EF472F6}C:\program files (x86)\thehunter\launcher\launcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\thehunter\launcher\launcher.exe |
"TCP Query User{D40C6CB8-246E-4144-9C46-373EB997506A}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{F9C33A77-5565-47D0-BEEA-BE94E954C4C8}C:\program files (x86)\steam\steamapps\agentred92\half-life deathmatch source\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\agentred92\half-life deathmatch source\hl2.exe |
"TCP Query User{FF283293-09E7-4D1C-A9D7-621A826A6291}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{028D0C46-1B3B-40C9-8D3B-E3585BBE0441}C:\program files (x86)\city interactive\sniper ghost warrior\sniper_x86.exe" = protocol=17 | dir=in | app=c:\program files (x86)\city interactive\sniper ghost warrior\sniper_x86.exe |
"UDP Query User{08BC41AD-C9FB-4DE2-B68B-9DD21420EF60}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{092E01F6-4D9E-4758-855F-1E3AB7070F1A}C:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe |
"UDP Query User{155B5774-36E7-4537-8102-81B2A74A5931}C:\program files (x86)\global star software\jetfighter 2015\real\jet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\global star software\jetfighter 2015\real\jet.exe |
"UDP Query User{1E54E9CE-1D58-4E6E-A0D4-29F71543B283}C:\windows\desktop\quake2 demo\install\data\quake2.exe" = protocol=17 | dir=in | app=c:\windows\desktop\quake2 demo\install\data\quake2.exe |
"UDP Query User{24A0AFBF-5F6B-40E6-B4DF-42B5B5F5823F}C:\program files (x86)\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"UDP Query User{300D1AEE-EE25-4E3C-ABD9-CD290719B748}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{35832757-560F-4A0D-B474-EABD0B81A2EC}C:\program files (x86)\steam\steamapps\agentred92\half-life deathmatch source\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\agentred92\half-life deathmatch source\hl2.exe |
"UDP Query User{413E384A-1056-46AE-8A63-FA5757E90C54}C:\windows\syswow64\dpnsvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dpnsvr.exe |
"UDP Query User{457AA09C-A535-4176-A8B0-CEE5586B6DCF}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{522104EE-BB74-4B03-AE25-E461B89A6AA4}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{6E1A65A5-FC9B-4C3E-B90E-B4F0C98FB064}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{73400F1C-4D53-4CE9-9771-110949F2C4F6}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{74BB97D4-4A2F-4705-8BBB-5C5AF0C7A3D8}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{9A90A165-AE07-4581-93D1-BECD8503E29E}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{A305DE89-B97A-4095-BE61-5996640F78A9}C:\program files (x86)\thehunter\launcher\launcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\thehunter\launcher\launcher.exe |
"UDP Query User{B1D494D3-CB9F-47FF-BCD0-CA51F03BCD4A}C:\program files (x86)\mta san andreas 1.3\server\mta server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mta san andreas 1.3\server\mta server.exe |
"UDP Query User{BD129BBE-BCE1-4195-983D-B76B5B71E93C}C:\program files\neo irc 1.7\mirc.exe" = protocol=17 | dir=in | app=c:\program files\neo irc 1.7\mirc.exe |
"UDP Query User{D6CA1926-0ECA-4F57-8A5C-C7FBCFBDF530}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=17 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe |
"UDP Query User{EFE3D810-2695-4864-B6E9-657A03EFAC6D}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{F2569717-9E6E-425F-A747-540BB3DCB7E0}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe |
"UDP Query User{F63B25EE-7BC5-4F00-8A95-1784A987AF41}C:\program files\neo irc 1.7\mirc.exe" = protocol=17 | dir=in | app=c:\program files\neo irc 1.7\mirc.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{0CB2E2BC-A312-5821-C5C7-A295A1BEFD08}" = AMD Catalyst Install Manager
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{1444D2EE-C7AD-44A8-844F-2634B49353D1}" = Logitech Gaming Software 5.10
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{2128559D-BBCD-4744-87F0-7C0CD5CFB464}" = Windows Live Family Safety
"{21D0374C-C358-0748-CAF9-7CBE65EB6FFF}" = AMD Fuel
"{26A24AE4-039D-4CA4-87B4-2F86416031FF}" = Java(TM) 6 Update 31 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417004FF}" = Java(TM) 7 Update 4 (64-bit)
"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
"{338CE2A1-7BD6-AC18-0069-4A90F7C3D836}" = AMD Steady Video Plug-In
"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
"{42A2440F-7A5D-6956-3EF0-815814399EAA}" = AMD Accelerated Video Transcoding
"{43EBA222-8DF7-11E1-862B-F04DA23A5C58}" = Vegas Pro 11.0 (64-bit)
"{49F6DFDE-8DF7-11E1-9E5F-F04DA23A5C58}" = MSVCRT Redists
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4E021D2A-16ED-4FFF-87CB-774F4F62A1A1}" = ccc-utility64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{572788F2-0AB7-FA0E-6E91-B98044F4B7E6}" = AMD Media Foundation Decoders
"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.8
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{82EE86D9-60B9-1025-9960-97E9B7C7B4B4}" = AMD Drag and Drop Transcoding
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
"{9301985B-D116-4A93-A93D-94580084FF86}" = 64 Bit HP CIO Components Installer
"{944E73EF-857E-4F71-9DC4-CD059D7ADDEF}" = Windows Live Family Safety
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Titanium
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{BFBE6E95-5724-47EC-85A0-74D436AD938F}" = Windows Live Family Safety
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C61D639C-3A1B-4654-901F-08927C804321}" = Windows Live Family Safety
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{D4761C4F-5ED9-11E1-9202-F04DA23A5C58}" = MSVCRT Redists
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"Blender" = Blender
"CCleaner" = CCleaner
"DriverAgent.exe" = DriverAgent by eSupport.com
"Explorer Suite_is1" = Explorer Suite III
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Zune" = Zune

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{029DE794-21C8-499E-B9E7-B965AAAC2187}_is1" = 123 AVI to GIF Converter 4.0
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0489621E-DE2A-11E0-93EA-F04DA23A5C58}" = DVD Architect Studio 5.0
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{07EF3970-F8E5-4A27-A5A3-230484D35026}" = Microsoft Expression Encoder 4
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0F733E11-408E-11E1-B5FE-F04DA23A5C58}" = MSVCRT Redists
"{124C9BD0-8C52-40AB-8238-0605703B1C28}" = ASUS Backup Wizard
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{14DDF23F-414A-46DB-4762-56569080292C}" = CCC Help Russian
"{15CE06C3-A218-4D72-A873-89E5A03FE0DB}" = BCC 8 OFX 32Bit
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1C997E1C-5CE9-4AF3-AAA9-DC65E6090827}" = Microsoft Expression Blend SDK for Silverlight 4
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{21D6A73A-48E6-2195-C408-2158273A914E}" = Catalyst Control Center Localization All
"{25499E8B-7746-4DDE-BD8B-A8CB3CDF9EE4}" = Minecraft Version Changer
"{256E7DAC-9BE8-494E-8DE7-7857BF96B774}" = Microsoft Expression Blend 3 SDK
"{2596DB11-997F-FC5B-F5C2-737623D9D8B6}" = AMD VISION Engine Control Center
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{28904D9A-13A6-ECA2-48D8-21542759D998}" = CCC Help Polish
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}" = WeatherBug
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2C8BBDA6-79A7-B2DE-3E5B-287E7F667C67}" = CCC Help Danish
"{2E119961-E99B-C147-9AC3-A93683172DC1}" = CCC Help Swedish
"{30ED44CB-7314-4C6E-800C-C4BADDE67D8A}" = 18 Wheels of Steel Extreme Trucker
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34D3688E-A737-44C5-9E2A-FF73618728E1}" = AI Suite II
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{44ED90A1-453B-5C9A-D9ED-80D8AB0258B8}" = CCC Help Thai
"{45E00595-897E-64B6-28F9-5D0927EBA4A5}" = CCC Help Chinese Standard
"{46DE5F4E-BA8B-AC9E-0EED-05B7D93AD215}" = CCC Help Spanish
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{49BF48CC-ABB6-4795-9B35-B5DE005D8612}" = Pinnacle Game Profiler
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AF95DE2-B54D-4C3F-9494-FD3B558E2C2D}" = AI Manager
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D5308D2-DC8E-4658-A37C-351000008100}" = Microsoft Flight
"{50542AEE-76BD-4BCD-A890-E2FF4D4E051A}" = Camtasia Studio 8
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{5492EC47-EADA-41FA-955F-5C0B488F1170}" = Tube Increaser
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5B04E832-4530-B8FF-F742-8BE25ADD43BD}" = CCC Help German
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5D58EACA-0317-4CFF-9E13-53CCD525DE32}" = Catalyst Control Center InstallProxy
"{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}" = NVIDIA Photoshop Plug-ins 64 bit
"{5ED93D68-5EAA-9343-9B74-B1E276217264}" = CCC Help Dutch
"{5EE6E987-1B79-4A93-832B-27472C7D1579}" = WPF Toolkit February 2010 (Version 3.5.50211.1)
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{682ECBA1-5411-11E1-A3FB-F04DA23A5C58}" = Vegas Movie Studio HD 11.0
"{6C3BEF70-5411-11E1-AED6-F04DA23A5C58}" = MSVCRT Redists
"{6D185295-DE89-9C39-18E6-310C148836EB}" = CCC Help Chinese Traditional
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{70CB6C40-8DF1-11E1-BDCF-F04DA23A5C58}" = MSVCRT Redists
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71A8F958-D272-E262-7C9A-7B8F713EE0C3}" = CCC Help French
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7513D3F0-55BC-273C-7A53-488394EDBFCC}" = CCC Help Italian
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{79AA9BFA-F962-A1E9-71CE-D0887A92444C}" = CCC Help Portuguese

 

[Ryan O'Brien]

"{7ACEF1BF-9306-5AD7-5F30-ECE72A81E924}" = CCC Help Finnish
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{801B0DA3-A3FF-46CC-B97F-D76D510AF5AE}" = Microsoft Silverlight 4 SDK
"{81BBE880-5409-11E1-BF7F-F04DA23A5C58}" = Vegas Movie Studio HD Platinum 11.0
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{8B76B8E9-F773-4B75-A08C-120079EB765E}" = RAIDXpert
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3 Platinum
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Ambitions
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{969E11AA-8F3A-F162-1A5A-0965E216B6CE}" = Adobe Download Assistant
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AE850A4-B89D-4875-A159-B1B64D717EFB}" = OMSI - Der Omnibussimulator
"{9B3A1C97-A361-463E-8817-444F9F88CDFE}" = Microsoft Expression Blend SDK for .NET 4
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C1EC871-05B9-03B7-96F6-9BD5C0D8F41D}" = Catalyst Control Center Graphics Previews Common
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{9ED06229-1F1B-4AE2-970D-5F731E8C8C35}" = Hunting Unlimited 2010
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A06FE62B-CEBC-4E94-AED8-92DCC33BC8EA}" = Microsoft Expression Studio 4
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B3026F68-E231-4BE9-BAFB-B9110BA49829}_is1" = Mac Skin version 1.5
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7A585C8-CE4E-4150-84C6-A13C3CB1379F}" = Enemy Territory - QUAKE Wars(TM)
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 World Adventures
"{BF127B80-CFD5-4379-9752-E8AF1A5D0141}" = Microsoft Expression Encoder 4 Screen Capture Codec
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = The Sims™ 3 Pets
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C4129D57-5C83-3BF0-A11A-3798C008C6C7}" = CCC Help Greek
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C9040E9E-D0FA-4E7A-AED0-BB5F9D670375}" = Action!
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D0BC4101-6C30-ECFF-F693-63408134F29B}" = CCC Help Czech
"{D2402DAD-B180-A4A0-261D-4A8933BFBFEE}" = CCC Help Japanese
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{D9DF8D5A-2160-402B-819F-A5A964215528}_is1" = RegistryNuke 2012 version 2.0.0.86
"{DA7E8D81-2B14-415B-8FC5-02CE4CF9F839}" = CCC Help Hungarian
"{DB3FBD3C-A061-34C9-0A2B-6CCDD8C96640}" = CCC Help Turkish
"{DCA75ECE-39A9-0648-CB77-F6D759364CF9}" = Application Profiles
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E085FD28-F22C-4D41-00A1-F0751BF8EFC1}" = Need for Speed™ Most Wanted PC Demo
"{E086E914-2928-48F9-364B-0C715DFF6A45}" = CCC Help Korean
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{E8F30BD6-ABAB-C24E-E9A7-BF67EB96152C}" = CCC Help Norwegian
"{E9A5B6CD-7ABB-F295-2E11-F25BC322FF80}" = CCC Help English
"{EA450D5D-95EA-4FD0-B8B0-6D8E68FBE2C7}" = Impulse®
"{EBAEEE00-5412-11E1-B144-001676AB6D60}" = MSVCRT Redists
"{ED94BE03-E6CC-4268-B03A-92080E3035A6}_is1" = MCSkin3D version 1.3
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F868C16D-75F8-4EE8-BCBF-422D0833415D}_is1" = Open PLS in Windows Media Player 2.3.0
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB686487-C637-4EEF-BCB1-C92463F2CC05}" = Atheros Ethernet Utility
"{FB9CDF41-F0B9-4F31-9230-7DF0D6637270}" = Call of Duty(R) 2 Demo
"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"18 Wheels of Steel: American Long Haul" = 18 Wheels of Steel: American Long Haul
"18 WoS Extreme Trucker 2" = 18 WoS Extreme Trucker 2 (v.1.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Anti-phishing Domain Advisor" = Anti-phishing Domain Advisor
"Asus Vibe2.0" = AsusVibe2.0
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.14 (Unicode)
"Avidemux 2.5 (64-bit)" = Avidemux 2.5
"blekkotb_032" = blekko search bar
"Browser Defender_is1" = Browser Guard 4.0
"Bus Driver" = Bus Driver 1.5
"Cobalt" = Cobalt
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Deer Drive" = Deer Drive 1.51T
"Disney Pirates of the Caribbean Online" = Disney Pirates of the Caribbean Online
"EADM" = EA Download Manager
"Encoder_4.0.1639.0" = Microsoft Expression Encoder 4
"Euro Truck Simulator" = Euro Truck Simulator 1.3
"ExpressionStudio_4.0.20525.0" = Microsoft Expression Studio 4
"Fallout_is1" = Fallout
"FL Studio 10" = FL Studio 10
"Fraps" = Fraps (remove only)
"Free YouTube Uploader_is1" = Free YouTube Uploader version 3.3.33.627
"Game Booster_is1" = Game Booster 3
"German Truck Simulator" = German Truck Simulator 1.00
"GFWL_{4D5308D2-DC8E-4658-A37C-351000008100}" = Microsoft Flight
"Google Chrome" = Google Chrome
"GTA IV - 100% Savegame File (Vista) 1.0" = GTA IV - 100% Savegame File (Vista) 1.0
"GTA IV Vehicle Mod Installer v1.2_is1" = GTA IV Vehicle Mod Installer v1.2
"IL Download Manager" = IL Download Manager
"IL Shared Libraries" = IL Shared Libraries
"ImageToAVI_is1" = ImageToAVI 1.0.0.5
"Impulse®" = Impulse®
"Install Creator" = Install Creator
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{8B76B8E9-F773-4B75-A08C-120079EB765E}" = RAIDXpert
"InstallShield_{B7A585C8-CE4E-4150-84C6-A13C3CB1379F}" = Enemy Territory - QUAKE Wars(TM)
"InstallShield_{FB9CDF41-F0B9-4F31-9230-7DF0D6637270}" = Call of Duty(R) 2 Demo
"iWisoft Free Video Converter_is1" = iWisoft Free Video Converter 1.2
"jet_fighter_2015_usa" = JETFIGHTER 2015
"Jetfighter 2015" = Jetfighter 2015 (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"McAfee Security Scan" = McAfee Security Scan Plus
"mIRC" = mIRC
"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MTA:SA 1.3" = MTA:SA v1.3
"NeO IRC - www.team-neo.com" = NeO IRC - www.team-neo.com
"Notepad++" = Notepad++
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"OpenAL" = OpenAL
"Opera 11.61.1250" = Opera 11.61
"PalTalk8.2" = Paltalk Messenger
"Pivot Stickfigure Animator_is1" = Pivot Stickfigure Animator version 2.2.6
"PunkBusterSvc" = PunkBuster Services
"RocketDock_is1" = RocketDock 1.3.5
"San Andreas Mod Installer1.1" = San Andreas Mod Installer
"SCANIA Truck Driving Simulator" = SCANIA Truck Driving Simulator 1.0.0
"SereneScreen Marine Aquarium 3_is1" = SereneScreen Marine Aquarium 3
"Smart Install Maker 5.04" = Smart Install Maker 5.04
"Sniper Ghost Warrior_is1" = Sniper Ghost Warrior (1.0)
"Spyware Doctor" = PC Tools Spyware Doctor with AntiVirus 9.0
"Steam App 10" = Counter-Strike
"Steam App 107400" = ARMA 2: Free
"Steam App 113400" = APB Reloaded
"Steam App 1200" = Red Orchestra: Ostfront 41-45
"Steam App 12120" = Grand Theft Auto: San Andreas
"Steam App 12220" = Grand Theft Auto: Episodes from Liberty City
"Steam App 1250" = Killing Floor
"Steam App 1280" = Darkest Hour: Europe '44-'45
"Steam App 204340" = Serious Sam 2
"Steam App 210470" = Sniper Elite V2 Demo
"Steam App 240" = Counter-Strike: Source
"Steam App 2630" = Call of Duty 2
"Steam App 2990" = FlatOut 2
"Steam App 35450" = Red Orchestra 2: Heroes of Stalingrad
"Steam App 360" = Half-Life Deathmatch: Source
"Steam App 38830" = CrimeCraft GangWars
"Steam App 4000" = Garry's Mod
"Steam App 410" = Portal: First Slice
"Steam App 47410" = Stronghold Kingdoms
"Steam App 47760" = Mass Effect 2 Demo
"Steam App 50130" = Mafia II
"Steam App 6230" = FlatOut Demo
"Steam App 6860" = Hitman: Blood Money
"Steam App 9930" = Test Drive Unlimited 2
"theHunter" = theHunter (remove only)
"TS3 Install Helper Monkey" = TS3 Install Helper Monkey
"UK Truck Simulator" = UK Truck Simulator 1.32
"Vegas Pro" = Vegas Pro 11.0
"VideoAvatar_is1" = VideoAvatar
"WindowBlinds" = WindowBlinds
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.11 (32-bit)
"World of Warcraft" = World of Warcraft
"YoutubePlus" = YoutubePlus
"ZD Soft Game Recorder" = ZD Soft Game Recorder

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"3a23ab72acc2090b" = EncryptFile
"Dropbox" = Dropbox
"e55b814e55744b76" = Best Buy pc app
"FRAPS" = FRAPS
"Minecontrol for Minecraft" = Minecontrol for Minecraft

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/20/2012 9:28:45 AM | Computer Name = Ryan-PC | Source = CVHSVC | ID = 100
Description = Information only. (Stream product id=0x0066): Streaming Failed

Error - 7/20/2012 9:41:21 AM | Computer Name = Ryan-PC | Source = Application Error | ID = 1000
Description = Faulting application name: AUDIODG.EXE, version: 6.1.7601.17514, time
stamp: 0x4ce7abf9 Faulting module name: VIASysFx.dll, version: 1.0.0.0, time stamp:
0x4d8bf72b Exception code: 0xc0000005 Fault offset: 0x0000000000059f9d Faulting process
id: 0x1098 Faulting application start time: 0x01cd667d12907a2d Faulting application
path: C:\Windows\system32\AUDIODG.EXE Faulting module path: C:\Windows\system32\VIASysFx.dll
Report
Id: 96721031-d270-11e1-81eb-5404a68a5320

Error - 7/20/2012 1:59:15 PM | Computer Name = Ryan-PC | Source = WinMgmt | ID = 10
Description =

Error - 7/20/2012 2:03:07 PM | Computer Name = Ryan-PC | Source = CVHSVC | ID = 100
Description = Information only. Too many failures while downloading ranges: 2

Error - 7/20/2012 2:05:06 PM | Computer Name = Ryan-PC | Source = CVHSVC | ID = 100
Description = Information only. (Stream product id=0x0066): Streaming Failed

Error - 7/20/2012 2:55:54 PM | Computer Name = Ryan-PC | Source = WinMgmt | ID = 10
Description =

Error - 7/20/2012 2:59:10 PM | Computer Name = Ryan-PC | Source = WinMgmt | ID = 10
Description =

Error - 7/20/2012 3:03:10 PM | Computer Name = Ryan-PC | Source = CVHSVC | ID = 100
Description = Information only. Too many failures while downloading ranges: 2

Error - 7/20/2012 3:05:26 PM | Computer Name = Ryan-PC | Source = CVHSVC | ID = 100
Description = Information only. (Stream product id=0x0066): Streaming Failed

Error - 7/20/2012 3:17:39 PM | Computer Name = Ryan-PC | Source = WinMgmt | ID = 10
Description =

Error - 7/20/2012 3:18:35 PM | Computer Name = Ryan-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Fuel.Service.exe, version: 1.0.0.0, time
stamp: 0x4fd626ed Faulting module name: Device.dll, version: 4.1.0.0, time stamp:
0x4f55e10b Exception code: 0xc0000005 Fault offset: 0x00000000000033c1 Faulting process
id: 0x75c Faulting application start time: 0x01cd66ac45a509fc Faulting application
path: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe Faulting module
path: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll Report Id: b362aaa7-d29f-11e1-b0f2-5404a68a5320

[ System Events ]
Error - 7/21/2012 10:03:33 PM | Computer Name = Ryan-PC | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Provider
Host service which failed to start because of the following error: %%1068

Error - 7/21/2012 10:03:34 PM | Computer Name = Ryan-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 7/21/2012 10:03:34 PM | Computer Name = Ryan-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 7/21/2012 10:03:34 PM | Computer Name = Ryan-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 7/21/2012 10:05:32 PM | Computer Name = Ryan-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 7/21/2012 10:05:32 PM | Computer Name = Ryan-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 7/21/2012 10:05:32 PM | Computer Name = Ryan-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 7/21/2012 10:10:32 PM | Computer Name = Ryan-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 7/21/2012 10:10:32 PM | Computer Name = Ryan-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 7/21/2012 10:10:32 PM | Computer Name = Ryan-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068


< End of report >

 

[Broni]

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  

  :OTL
  [2012/07/16 22:28:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegistryNuke 2012
  [2012/07/16 22:28:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RegistryNuke 2012
  [2012/07/16 22:28:44 | 000,001,098 | ---- | M] () -- C:\Users\Public\Desktop\RegistryNuke 2012.lnk
  O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
  SRV - [2012/06/14 12:31:06 | 000,575,448 | ---- | M] (Threat Expert Ltd.) [Auto | Stopped] -- C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
  SRV - [2012/05/11 11:13:38 | 001,118,648 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe -- (sdCoreService)
  SRV - [2012/05/11 10:07:20 | 000,402,336 | ---- | M] (PC Tools) [Auto | Stopped] -- C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
  DRV:64bit: - [2012/06/14 12:31:44 | 000,085,224 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PCTBD64.sys -- (PCTBD)
  DRV:64bit: - [2012/05/11 11:14:26 | 000,251,528 | ---- | M] (PC Tools) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\PCTSD64.sys -- (PCTSD)
  DRV:64bit: - [2012/04/23 12:36:50 | 000,426,616 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PCTCore64.sys -- (PCTCore)
  DRV:64bit: - [2012/02/28 11:43:18 | 001,096,176 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pctEFA64.sys -- (pctEFA)
  DRV:64bit: - [2012/02/28 11:43:12 | 000,453,896 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pctDS64.sys -- (pctDS)
  IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
  FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\ [2012/07/21 18:40:02 | 000,000,000 | ---D | M]
  O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
  O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
  @Alternate Data Stream - 204 bytes -> C:\ProgramData\TEMP:FB6A21E3
  @Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:SummaryInformation
  @Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:DocumentSummaryInformation
  @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
  @Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:DFC5A2B2
  
  :Services
  
  :Reg
  
  :Files
  C:\Program Files (x86)\PC Tools
  
  :Commands
  [purity]
  [emptytemp]
  [emptyjava]
  [emptyflash]
  [Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• You will get a log that shows the results of the fix. Please post it.

========================================

Last scans...

1. Download Security Check from HERE, and save it to your Desktop.

• Double-click SecurityCheck.exe
• Follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.
  
  NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.

2. Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.

• Make sure the following options are checked:
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center
  • Windows Update
  • Windows Defender
• Press "Scan".
• It will create a log (FSS.txt) in the same directory the tool is run.
• Please copy and paste the log to your reply.

3. Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe

• Double click on TFC.exe to run the program.
• Click on Start button to begin cleaning process.
• TFC will close all running programs, and it may ask you to restart computer.

4. Please run a free online scan with the ESET Online Scanner

• Disable your antivirus program
• Tick the box next to YES, I accept the Terms of Use
• Click Start
• Accept any security warnings from your browser.
• Check Scan archives
• Click Start
• ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
• When the scan completes, click on List of found threats
• Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
• NOTE. If Eset won't find any threats, it won't produce any log.

 

[Ryan O'Brien]

Ran OTL in safe mode because it kept saying "Not responding"

========== OTL ==========
Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegistryNuke 2012\ not found.
Folder C:\Program Files (x86)\RegistryNuke 2012\ not found.
File C:\Users\Public\Desktop\RegistryNuke 2012.lnk not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
Error: No service named Browser Defender Update Service was found to stop!
Service\Driver key Browser Defender Update Service not found.
File C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe not found.
Error: No service named sdCoreService was found to stop!
Service\Driver key sdCoreService not found.
File C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe not found.
Error: No service named sdAuxService was found to stop!
Service\Driver key sdAuxService not found.
File C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe not found.
Error: No service named PCTBD was found to stop!
Service\Driver key PCTBD not found.
File C:\Windows\SysNative\drivers\PCTBD64.sys not found.
Error: No service named PCTSD was found to stop!
Service\Driver key PCTSD not found.
File C:\Windows\SysNative\drivers\PCTSD64.sys not found.
Error: Unable to stop service PCTCore!
Unable to delete service\driver key PCTCore.
C:\Windows\SysNative\drivers\PCTCore64.sys moved successfully.
Error: Unable to stop service pctEFA!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\pctEFA deleted successfully.
C:\Windows\SysNative\drivers\pctEFA64.sys moved successfully.
Error: Unable to stop service pctDS!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\pctDS deleted successfully.
C:\Windows\SysNative\drivers\pctDS64.sys moved successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{472734EA-242A-422b-ADF8-83D1E48CC825} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{472734EA-242A-422b-ADF8-83D1E48CC825}\ deleted successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll moved successfully.
File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}\ deleted successfully.
File C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{472734EA-242A-422B-ADF8-83D1E48CC825} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{472734EA-242A-422B-ADF8-83D1E48CC825}\ not found.
File C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll not found.
ADS C:\ProgramData\TEMP:FB6A21E3 deleted successfully.
ADS C:\Windows\SysWow64\zlib.dll:SummaryInformation deleted successfully.
ADS C:\Windows\SysWow64\zlib.dll:DocumentSummaryInformation deleted successfully.
ADS C:\ProgramData\TEMP:430C6D84 deleted successfully.
ADS C:\ProgramData\TEMPFC5A2B2 deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
C:\Program Files (x86)\PC Tools\PC Tools Security\TFEngine\BpDatabase folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\TFEngine folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\SpamMonitor folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\plugins folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\PCTUI folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\NetworkLayer\lang folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\NetworkLayer folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\Lang\sdloader folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\Lang folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\WCID folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\platform\WINNT_x86-msvc\components folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\platform\WINNT_x86-msvc folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\platform\9\WINNT_x86-msvc\components folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\platform\9\WINNT_x86-msvc folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\platform\9 folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\platform\8\WINNT_x86-msvc\components folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\platform\8\WINNT_x86-msvc folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\platform\8 folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\platform\7\WINNT_x86-msvc\components folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\platform\7\WINNT_x86-msvc folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\platform\7 folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\platform\6\WINNT_x86-msvc\components folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\platform\6\WINNT_x86-msvc folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\platform\6 folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\platform\5\WINNT_x86-msvc\components folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\platform\5\WINNT_x86-msvc folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\platform\5 folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\platform\13\WINNT_x86-msvc\components folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\platform\13\WINNT_x86-msvc folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\platform\13 folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\platform\12\WINNT_x86-msvc\components folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\platform\12\WINNT_x86-msvc folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\platform\12 folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\platform\11\WINNT_x86-msvc\components folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\platform\11\WINNT_x86-msvc folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\platform\11 folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\platform\10\WINNT_x86-msvc\components folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\platform\10\WINNT_x86-msvc folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\platform\10 folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\platform folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\data folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\components folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\DRM folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\avengine folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\avdb\201207161143 folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security\avdb folder moved successfully.
C:\Program Files (x86)\PC Tools\PC Tools Security folder moved successfully.
C:\Program Files (x86)\PC Tools folder moved successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.54.0 log created on 07222012_120929

 

[Ryan O'Brien]

Security check checkup.txt (ran in safe mode)

Results of screen317's Security Check version 0.99.24
Windows 7 x64 (UAC is disabled!)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
PC Tools Spyware Doctor with AntiVirus 9.0
McAfee Security Scan Plus
[size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size]
```````````````````````````````
Anti-malware/Other Utilities Check:
PC Tools Spyware Doctor with AntiVirus 9.0
Java(TM) 6 Update 31
Mozilla Firefox (x86 en-US..)
````````````````````````````````
Process Check:
objlist.exe by Laurent
``````````End of Log````````````

 

[Ryan O'Brien]

restarted in safe mode and my cursor won't move? start button, and ctrl+alt+del is non responsive
I can use a key to open up a calculator, so it's not the keyboard that isn't working

 

[Broni]

Why in safe mode?
Restart to normal mode and see how it goes.

 

[Ryan O'Brien]

tried normal mode same thing happens :|

 

[Broni]

I think we're dealing here with something more than just an infection.
At this point your computer should be clean.

Try to use "Last Known Good Configuration".

 

[Ryan O'Brien]

what do u think we're dealing with?
where do I find that?

 

[Broni]

Same as with accessing Safe Mode.
Restart computer and keep tapping F8 key until you see a menu.
One of the options will be "Last Known Good Configuration".

 

[Ryan O'Brien]

I see "SATA SM" (something after that) and "SATA PM" (and something after that)
and enter setup

 

[Broni]

For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

• Restart the computer.
• As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
• Use the arrow keys to select the Repair your computer menu item.
• Select US as the keyboard language settings, and then click Next.
• Select the operating system you want to repair, and then click Next.
• Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:

• Insert the installation disc.
• Restart your computer.
• If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
• Click Repair your computer.
• Select US as the keyboard language settings, and then click Next.
• Select the operating system you want to repair, and then click Next.
• Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

• • 
    Startup Repair
    System Restore
    Windows Complete PC Restore
    Windows Memory Diagnostic Tool
    Command Prompt
• Select Command Prompt
• In the command window type in notepad and press Enter.
• The notepad opens. Under File menu select Open.
• Select "Computer" and find your flash drive letter and close the notepad.
• In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
  Note: Replace letter e with the drive letter of your flash drive.
• The tool will start to run.
• When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

 

[Ryan O'Brien]

I cant even find the repair your computer menu item, I'm using an ASUS pc.
I dont have a flash drive, can I use a disc?

 

[Broni]

It's there.
Re-read my instructions carefully.

 

[Ryan O'Brien]

cant seem to find it, I read them carefully.

 

[Broni]

I think we're dealing here with something more than just an infection.
At this point your computer should be clean.

In this forum, we make sure, your computer is free of malware and your computer is clean
Because the access to malware forum is very limited, your best option is to create new topic about your current issue, at Windows section.
You'll get more attention.

Good luck

 

[Ryan O'Brien]

My computer is now clean. Thanks, and sorry for the late reply.

 

[Broni]

You're very welcome