Solved Windows 7: Failing to Open programs, suspecting malware/viruses

Alrighty got these last ones done. The only issue coming up now is when coming from my laptop sleeping it sometimes hangs (the screen doesn't light up, and the blue light for the hdd reading blinks in a rhythm) Speedfan checked out my HDD health and said I was fine. I was thinking that might be performance-wise. Thanks so much for the help!

Adw:

# AdwCleaner v2.306 - Logfile created 08/11/2013 at 22:12:13
# Updated 19/07/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Scot Grusian - MAXXIMUS_PRIME
# Boot Mode : Normal
# Running from : C:\Users\Scot Grusian\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\IObit Apps Toolbar
Folder Deleted : C:\Program Files (x86)\Wondershare
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\delta
Folder Deleted : C:\Users\Scot Grusian\AppData\Local\Coupon Companion Plugin
Folder Deleted : C:\Users\Scot Grusian\AppData\Local\OpenCandy
Folder Deleted : C:\Users\Scot Grusian\AppData\Local\Wondershare
Folder Deleted : C:\Users\Scot Grusian\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Scot Grusian\AppData\Roaming\Mozilla\Firefox\Profiles\cfxu0p0u.default\extensions\staged
Folder Deleted : C:\Users\Scot Grusian\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Scot Grusian\AppData\Roaming\SearchYa

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\searchya
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{15F6BCB7-BB0F-4A66-8762-4765B05597EB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1973277F-87B0-4EA3-9ED2-470A91D284CF}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\InstallCore
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{819DC4CA-4FFF-4C2E-800D-F346471D99BC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9A2DCB-F5DB-40D0-8E62-3B47DD476A77}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59B23951-2232-4AFB-81D4-64A8A16D457A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E522F1-9E90-47DD-A2CE-39B0C00274A0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E096DFB-6AB7-45C7-BF64-B313C7096529}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{996A9940-2F2C-4486-A479-439C4A15F278}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B7D44BA-376C-456F-B289-5034270322FD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BD8FF26-2C71-4D35-9FE2-AD8D25AECC36}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCE6E914-AEF0-4FEE-8FC8-06F9B42BF890}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD8D5FFA-4F92-48AD-BFBE-7896916656F5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C92E6D80-EC54-45CC-AC4B-A7CF42F11B52}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D1CB564E-F38A-4F2A-8257-60E3F8BE9F34}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F293BBC0-DA7E-4CF1-9EEA-CE90CFE0DF86}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FEFBC559-C3C7-4287-B05B-49D489B80749}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Registry is clean.

-\\ Mozilla Firefox v23.0 (en-US)

File : C:\Users\Scot Grusian\AppData\Roaming\Mozilla\Firefox\Profiles\cfxu0p0u.default\prefs.js

C:\Users\Scot Grusian\AppData\Roaming\Mozilla\Firefox\Profiles\cfxu0p0u.default\user.js ... Deleted !

Deleted : user_pref("extensions.searchya.aflt", "dnldyho");
Deleted : user_pref("extensions.searchya.appId", "{1973277F-87B0-4EA3-9ED2-470A91D284CF}");
Deleted : user_pref("extensions.searchya.dfltLng", "");
Deleted : user_pref("extensions.searchya.dfltSrch", true);
Deleted : user_pref("extensions.searchya.dnsErr", true);
Deleted : user_pref("extensions.searchya.excTlbr", false);
Deleted : user_pref("extensions.searchya.hmpg", true);
Deleted : user_pref("extensions.searchya.hmpgUrl", "hxxp://www.searchya.com/?f=1&a=dnldyho&cd=2XzuyEtN2Y1L1Qzu[...]
Deleted : user_pref("extensions.searchya.id", "2A7C8F26EB28BC90");
Deleted : user_pref("extensions.searchya.instlDay", "15750");
Deleted : user_pref("extensions.searchya.instlRef", "");
Deleted : user_pref("extensions.searchya.newTabUrl", "hxxp://www.searchya.com/?f=2&a=dnldyho&cd=2XzuyEtN2Y1L1Q[...]
Deleted : user_pref("extensions.searchya.prdct", "searchya");
Deleted : user_pref("extensions.searchya.prtnrId", "searchya");
Deleted : user_pref("extensions.searchya.srchPrvdr", "SearchYa!");
Deleted : user_pref("extensions.searchya.tlbrId", "base");
Deleted : user_pref("extensions.searchya.tlbrSrchUrl", "hxxp://www.searchya.com/?f=3&a=dnldyho&cd=2XzuyEtN2Y1L[...]
Deleted : user_pref("extensions.searchya.vrsn", "1.8.8.0");
Deleted : user_pref("extensions.searchya.vrsni", "1.8.8.0");
Deleted : user_pref("extensions.searchya_i.hmpg", true);
Deleted : user_pref("extensions.searchya_i.newTab", false);
Deleted : user_pref("extensions.searchya_i.smplGrp", "none");
Deleted : user_pref("extensions.searchya_i.vrsnTs", "1.8.8.019:16:27");

-\\ Google Chrome v28.0.1500.95

File : C:\Users\Scot Grusian\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Jscacltrsa\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [6295 octets] - [11/08/2013 22:12:13]


########## EOF - C:\AdwCleaner[S1].txt - [6355 octets] ##########


JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.4.3 (08.11.2013:2)
OS: Windows 7 Home Premium x64
Ran by Scot Grusian on Sun 08/11/2013 at 22:27:06.32
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181104}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211181104}



~~~ Files

Successfully deleted: [File] C:\Windows\syswow64\sho14FC.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho18BE.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho1E35.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho22BF.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho2787.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho2C01.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho3545.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho3EC8.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho41BC.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho4E70.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho4FCB.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho57BA.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho5CC3.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho5E7C.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho7330.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho7762.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho80DA.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho86BC.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoA1DB.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoB461.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoBA1C.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoD147.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoD7EC.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoE41F.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoEFF4.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoF8F1.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoFC21.tmp
Successfully deleted: [File] "C:\Windows\wininit.ini"



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Scot Grusian\AppData\Roaming\mozilla\firefox\profiles\cfxu0p0u.default\minidumps [5 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 08/11/2013 at 22:36:59.14
End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
OTL:

OTL logfile created on: 8/11/2013 10:40:00 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Scot Grusian\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 1.81 Gb Available Physical Memory | 45.18% Memory free
7.99 Gb Paging File | 5.04 Gb Available in Paging File | 63.05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 427.97 Gb Total Space | 38.52 Gb Free Space | 9.00% Space Free | Partition Type: NTFS
Drive D: | 7.93 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 100.00 Mb Total Space | 65.86 Mb Free Space | 65.87% Space Free | Partition Type: NTFS
Drive G: | 7.44 Gb Total Space | 3.44 Gb Free Space | 46.26% Space Free | Partition Type: FAT32

Computer Name: MAXXIMUS_PRIME | User Name: Scot Grusian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/11 22:39:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Scot Grusian\Downloads\OTL (1).exe
PRC - [2013/07/24 17:49:49 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/07/12 22:27:28 | 000,217,992 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
PRC - [2013/07/03 17:33:40 | 001,992,000 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
PRC - [2013/06/05 01:01:52 | 004,489,472 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Scot Grusian\AppData\Local\Akamai\netsession_win.exe
PRC - [2013/05/16 10:56:34 | 001,033,688 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2013/05/16 10:56:30 | 001,817,560 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2013/05/15 13:21:32 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2013/05/11 03:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/05/09 01:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2013/05/09 01:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2012/12/19 15:10:46 | 000,393,216 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
PRC - [2012/08/07 07:34:26 | 000,079,384 | ---- | M] (Google) -- C:\Users\Scot Grusian\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
PRC - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/11/20 05:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010/08/10 18:06:16 | 000,975,952 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010/08/10 18:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010/08/10 18:06:16 | 000,305,744 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010/06/28 15:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2010/06/09 18:54:22 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/01/08 06:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2009/01/26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe


========== Modules (No Company Name) ==========

MOD - [2013/07/24 17:49:46 | 000,396,240 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppgooglenaclpluginchrome.dll
MOD - [2013/07/24 17:49:45 | 013,599,184 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
MOD - [2013/07/24 17:49:44 | 004,052,944 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll
MOD - [2013/07/24 17:48:54 | 000,601,552 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\libglesv2.dll
MOD - [2013/07/24 17:48:53 | 000,123,344 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\libegl.dll
MOD - [2013/07/24 17:48:51 | 001,597,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ffmpegsumo.dll
MOD - [2013/07/03 17:33:26 | 000,048,960 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag 2\NtfsData.dll
MOD - [2010/06/09 18:54:22 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2009/05/20 15:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/05/09 01:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012/12/19 15:32:12 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012/12/19 12:56:00 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/10/21 10:38:38 | 005,790,064 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV:64bit: - [2010/10/21 10:38:38 | 000,487,280 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV:64bit: - [2010/06/11 14:27:26 | 000,868,896 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2010/01/28 16:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Stopped] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2007/02/23 13:28:24 | 000,566,192 | ---- | M] ( ) [Disabled | Stopped] -- C:\Windows\SysNative\lxcfcoms.exe -- (lxcf_device)
SRV - [2013/08/08 15:52:20 | 000,564,136 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/07/29 16:15:16 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/01 17:04:59 | 004,569,856 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll -- (Akamai)
SRV - [2013/06/18 07:21:21 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/11 03:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/12/01 19:00:18 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Running] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/08/10 18:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010/06/28 15:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/06/25 10:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2010/05/26 19:41:06 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/01/08 06:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/02/23 13:27:50 | 000,537,520 | ---- | M] ( ) [Disabled | Stopped] -- C:\Windows\SysWOW64\lxcfcoms.exe -- (lxcf_device)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/07/29 22:08:08 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013/06/27 18:50:40 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/06/27 18:50:40 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013/06/27 18:50:40 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/05/22 18:49:32 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2013/05/09 01:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/05/09 01:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/05/09 01:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013/05/09 01:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/05/09 01:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013/02/11 21:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012/12/19 13:48:48 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/12/19 12:32:54 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/11/06 04:11:52 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/10/19 19:11:06 | 000,088,008 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2012/08/24 15:41:30 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2012/08/24 15:41:16 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2012/08/23 07:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 07:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 02:13:11 | 000,019,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012/04/09 09:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)
DRV:64bit: - [2012/04/09 09:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/11/10 04:03:54 | 000,294,232 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\VMM.sys -- (vmm)
DRV:64bit: - [2011/10/05 09:55:02 | 000,729,152 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2011/10/01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/08/01 15:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011/05/18 08:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2011/05/05 20:23:18 | 000,056,408 | ---- | M] (NCH Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stdriver64.sys -- (stdriver)
DRV:64bit: - [2011/04/13 15:04:38 | 000,023,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 03:49:51 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2010/10/05 14:26:10 | 000,018,288 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV:64bit: - [2010/10/05 14:26:02 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV:64bit: - [2010/10/05 14:26:00 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)
DRV:64bit: - [2010/06/25 10:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2010/06/10 13:57:20 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2010/05/11 19:11:38 | 002,229,608 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/04/28 15:21:38 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2010/04/28 15:21:38 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2010/04/27 17:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010/04/27 17:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010/04/27 15:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010/04/27 15:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2010/04/22 08:22:50 | 000,041,096 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiU0CCB.sys -- (SaiU0CCB)
DRV:64bit: - [2010/04/08 05:12:02 | 000,124,944 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/03/26 21:43:58 | 000,299,568 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2010/02/18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/12/22 02:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/10/16 04:32:22 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2009/08/23 18:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009/08/13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/31 03:40:32 | 000,025,600 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\XENfiltv.sys -- (XENfiltv)
DRV:64bit: - [2009/07/24 09:55:10 | 000,011,264 | ---- | M] (Primax Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NMgamingms.sys -- (NMgamingmsFltr)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/19 19:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E)
DRV:64bit: - [2009/06/10 13:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/02 19:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009/06/02 19:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009/06/02 19:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/05/06 17:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2007/01/29 07:20:34 | 000,079,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2012/02/21 19:50:45 | 000,015,664 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{10FF0ADD-3B0B-5069-66E0-784A144B1C93}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{48681D6E-F95A-C726-370B-6377384C2987}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3810087351-2250998269-117142514-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com?type=800236&fr=spigot-yhp-ie
IE - HKU\S-1-5-21-3810087351-2250998269-117142514-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3810087351-2250998269-117142514-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-3810087351-2250998269-117142514-1000\..\SearchScopes\{8AE2E87F-35B2-42AA-96F4-44020137A0E0}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=800236&p={searchTerms}
IE - HKU\S-1-5-21-3810087351-2250998269-117142514-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-3810087351-2250998269-117142514-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>
IE - HKU\S-1-5-21-3810087351-2250998269-117142514-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:21320

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=800236"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1489
FF - prefs.js..extensions.enabledAddons: personas%40christopher.beard:1.7.2.1
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.15
FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:3.8.8
FF - prefs.js..extensions.enabledAddons: ascsurfingprotection%40iobit.com:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=800236&p="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nullsoft.com/winampDetector;version=1: C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Scot Grusian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101772.dll (Amazon.com, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2013/05/25 19:43:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/06/20 16:48:54 | 000,000,000 | ---D | M]

[2011/01/21 03:50:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Scot Grusian\AppData\Roaming\Mozilla\Extensions
[2011/01/21 03:50:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Scot Grusian\AppData\Roaming\Mozilla\Extensions\songbird@songbirdnest.com
[2013/08/11 22:12:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Scot Grusian\AppData\Roaming\Mozilla\Firefox\Profiles\cfxu0p0u.default\extensions
[2013/06/11 14:55:56 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Scot Grusian\AppData\Roaming\Mozilla\Firefox\Profiles\cfxu0p0u.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013/06/30 16:07:51 | 000,304,556 | ---- | M] () (No name found) -- C:\Users\Scot Grusian\AppData\Roaming\Mozilla\Firefox\Profiles\cfxu0p0u.default\extensions\artur.dubovoy@gmail.com.xpi
[2013/06/11 14:55:56 | 000,346,768 | ---- | M] () (No name found) -- C:\Users\Scot Grusian\AppData\Roaming\Mozilla\Firefox\Profiles\cfxu0p0u.default\extensions\personas@christopher.beard.xpi
[2013/08/11 06:19:08 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\Scot Grusian\AppData\Roaming\Mozilla\Firefox\Profiles\cfxu0p0u.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/08/08 03:21:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/08/08 03:21:07 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/05/25 19:43:06 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:eek:riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Scot Grusian\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Scot Grusian\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: AmazonMP3DownloaderPlugin (Enabled) = C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101772.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U25 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Winamp Detect\npwachk.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Scot Grusian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: YouTube = C:\Users\Scot Grusian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Scot Grusian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.3_0\
CHR - Extension: Add to Amazon Wish List = C:\Users\Scot Grusian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\
CHR - Extension: 4chan Backtracebook = C:\Users\Scot Grusian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjnalefakhffmjkhijpgdhkfeadhaljd\4.4_0\
CHR - Extension: Hide My ***! Web Proxy = C:\Users\Scot Grusian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmgnmcnlncejehjlnhaglpnoolgbflbd\1.2.5_0\
CHR - Extension: Google Search = C:\Users\Scot Grusian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: 4chan Tweak = C:\Users\Scot Grusian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbmphfpcmgmflpmaaehgpembjldgbmjl\1.1.2_0\
CHR - Extension: 4chan Extension = C:\Users\Scot Grusian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbdpfkillcfibeehjheknempdbfboia\1.13_0\
CHR - Extension: AdBlock = C:\Users\Scot Grusian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.4_0\
CHR - Extension: Troll Emoticons = C:\Users\Scot Grusian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hndllphbhpadfpoikpaofkkkpkpnmjik\5.2.4_0\
CHR - Extension: 4chan Lurk = C:\Users\Scot Grusian\AppData\Local\Google\Chrome\User Data\Default\Extensions\iecmhgdndkkgpdiglaidlimicnbdkgkc\1.9.4_0\
CHR - Extension: 4chan post number untrunctuation = C:\Users\Scot Grusian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiagkkaggpgdkhbokbonegaaeekodici\1.0_0\
CHR - Extension: StumbleUpon = C:\Users\Scot Grusian\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcahibnffhnnjcedflmchmokndkjnhpg\5.7.11.1_0\
CHR - Extension: Media file downloader = C:\Users\Scot Grusian\AppData\Local\Google\Chrome\User Data\Default\Extensions\khbkckdkhakengfjmejmiabaakdlhaab\2.0_0\
CHR - Extension: MultiPartTube = C:\Users\Scot Grusian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lafgflilldkcacihcmgjpmadpabgkooe\1.2.2_0\
CHR - Extension: Stop Autoplay for YouTube. = C:\Users\Scot Grusian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgdfnbpkmkkdhgidgcpdkgpdlfjcgnnh\0.11.5.24_0\
CHR - Extension: nope = C:\Users\Scot Grusian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lngcdobeknickdhodpibaaidmbfcbndi\1.1.4.7_0\
CHR - Extension: 4chan Plus = C:\Users\Scot Grusian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinelipedelckihohgdlpcclgocodhjj\3.0.0_0\
CHR - Extension: Gmail = C:\Users\Scot Grusian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Abstract-Blue = C:\Users\Scot Grusian\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnacehkknmafkjgkikclamogikoiaaa\1.0_0\
 
Part 2:

O1 HOSTS File: ([2013/08/11 00:59:54 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [LXCFCATS] rundll32 \3\LXCFtime.dll,RunDLLEntry File not found
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-3810087351-2250998269-117142514-1000..\Run: [Akamai NetSession Interface] C:\Users\Scot Grusian\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-3810087351-2250998269-117142514-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-3810087351-2250998269-117142514-1000..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKU\S-1-5-21-3810087351-2250998269-117142514-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Jscacltrsa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Scot Grusian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Scot Grusian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk = C:\Program Files (x86)\Trillian\trillian.exe (Cerulean Studios)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3810087351-2250998269-117142514-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3810087351-2250998269-117142514-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3810087351-2250998269-117142514-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3810087351-2250998269-117142514-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-3810087351-2250998269-117142514-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Java Plug-in 10.25.2)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Java Plug-in 1.7.0_17)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Java Plug-in 10.25.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{10D8A60C-CCAA-4A1F-A375-63025B5C4F5A}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9294BEFA-2C25-4ABF-8988-E5A83ABBA9DF}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (SmartDefragBootTime.exe)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/08/11 22:27:00 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/08/11 01:00:06 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/08/11 00:33:20 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/08/11 00:33:20 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/08/11 00:33:20 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/08/11 00:30:54 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/08/11 00:30:22 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/08/09 19:44:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2013/08/09 19:41:49 | 000,000,000 | ---D | C] -- C:\Users\Scot Grusian\Desktop\MBAM
[2013/08/09 19:04:41 | 000,000,000 | ---D | C] -- C:\Users\Scot Grusian\Desktop\RK_Quarantine
[2013/08/08 22:40:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013/08/08 22:39:56 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2013/08/08 22:39:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013/08/08 22:39:06 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2013/08/08 22:39:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/08/08 22:39:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013/08/08 02:57:06 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2013/08/07 01:36:58 | 000,000,000 | ---D | C] -- C:\Users\Scot Grusian\Documents\ARES
[2013/08/05 18:08:37 | 000,000,000 | ---D | C] -- C:\Users\Scot Grusian\AppData\Roaming\MinMaxGames
[2013/08/03 22:54:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
[2013/08/03 22:53:45 | 000,000,000 | ---D | C] -- C:\Users\Scot Grusian\AppData\Roaming\Foxit Software
[2013/08/03 22:53:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
[2013/08/03 22:50:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SumatraPDF
[2013/08/03 22:40:10 | 000,000,000 | ---D | C] -- C:\Users\Scot Grusian\Documents\Anima
[2013/08/03 01:19:22 | 000,658,944 | ---- | C] (Coder for Life) -- C:\Users\Scot Grusian\Documents\Win7BootUpdater.exe
[2013/08/01 21:59:23 | 000,000,000 | ---D | C] -- C:\Users\Scot Grusian\AppData\Roaming\com.fc2.blog21.irafyou.Brobdingnag2
[2013/08/01 21:56:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Brobdingnag2
[2013/08/01 21:36:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/08/01 21:34:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
[2013/08/01 21:34:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Auslogics
[2013/07/29 22:09:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2013/07/29 22:08:08 | 000,283,064 | ---- | C] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013/07/29 22:08:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2013/07/28 01:34:06 | 000,000,000 | ---D | C] -- C:\Users\Scot Grusian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Detector Plug-in
[2013/07/28 01:34:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2013/07/28 01:34:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp Detect
[2013/07/28 01:32:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2013/07/28 01:32:21 | 000,000,000 | ---D | C] -- C:\Users\Scot Grusian\AppData\Roaming\Winamp
[2013/07/28 01:32:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2013/07/26 00:34:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013/07/23 22:51:29 | 000,000,000 | ---D | C] -- C:\Users\Scot Grusian\AppData\Local\dxhr
[2013/07/23 22:45:48 | 000,000,000 | ---D | C] -- C:\Users\Scot Grusian\AppData\Local\28050
[2013/07/13 01:33:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/08/11 22:32:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/11 22:32:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/11 22:27:48 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/08/11 22:27:48 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/08/11 22:23:27 | 000,780,156 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/08/11 22:23:27 | 000,662,684 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/08/11 22:23:27 | 000,122,362 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/08/11 22:23:13 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/08/11 22:16:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/08/11 00:59:54 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/08/09 00:50:40 | 000,000,642 | ---- | M] () -- C:\Windows\fmp.ini
[2013/08/08 22:42:56 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013/08/08 22:40:05 | 000,001,343 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/08/08 22:39:06 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/08/08 22:22:05 | 000,000,000 | ---- | M] () -- C:\asc_rdflag
[2013/08/08 03:04:41 | 000,001,937 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/08/08 02:51:28 | 000,001,097 | ---- | M] () -- C:\Users\Scot Grusian\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2013/08/08 01:18:10 | 000,450,636 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20130809-001146.backup
[2013/08/08 00:25:53 | 000,002,114 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Content Manager Assistant for PlayStation(R).lnk
[2013/08/06 22:39:45 | 523,561,770 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/08/05 18:07:52 | 000,004,096 | ---- | M] () -- C:\Windows\d3dx.dat
[2013/08/03 22:54:04 | 000,002,038 | ---- | M] () -- C:\Users\Scot Grusian\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
[2013/08/03 22:54:04 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2013/08/03 22:50:46 | 000,001,893 | ---- | M] () -- C:\Users\Public\Desktop\SumatraPDF.lnk
[2013/08/01 21:36:26 | 000,001,030 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/08/01 21:34:20 | 000,001,133 | ---- | M] () -- C:\Users\Scot Grusian\Desktop\Auslogics DiskDefrag.lnk
[2013/07/31 21:37:42 | 000,002,147 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/07/29 22:09:55 | 000,001,914 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2013/07/29 22:08:08 | 000,283,064 | ---- | M] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013/07/29 16:16:55 | 000,000,962 | ---- | M] () -- C:\Users\Public\Desktop\IrfanView.lnk
[2013/07/29 16:16:46 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/07/26 00:34:18 | 000,002,176 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013/07/20 15:02:16 | 000,007,385 | ---- | M] () -- C:\Windows\SysNative\[Great Canyon (Deep Valley)] Maou-sama no Tawawa na Daniku Body ni Kimo Debu Otoko ga Noshikakari Koshifuri Daigassen! Yuusha ga Inu Ma ni Sukebe Kodane wo Zonbun (Maoyuu Maou Yuusha) [English].lnk
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/08/11 00:33:20 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/08/11 00:33:20 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/08/11 00:33:20 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/08/11 00:33:20 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/08/11 00:33:20 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/08/08 22:40:05 | 000,001,355 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013/08/08 22:40:05 | 000,001,343 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/08/08 22:39:06 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/08/08 22:22:05 | 000,000,000 | ---- | C] () -- C:\asc_rdflag
[2013/08/08 03:04:41 | 000,001,937 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/08/08 02:51:28 | 000,001,097 | ---- | C] () -- C:\Users\Scot Grusian\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2013/08/06 22:39:45 | 523,561,770 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013/08/05 18:07:52 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2013/08/03 22:54:04 | 000,002,038 | ---- | C] () -- C:\Users\Scot Grusian\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
[2013/08/03 22:54:04 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2013/08/03 22:54:02 | 000,216,064 | ---- | C] () -- C:\Windows\SysWow64\gcapi_dll.dll
[2013/08/03 22:50:46 | 000,001,893 | ---- | C] () -- C:\Users\Public\Desktop\SumatraPDF.lnk
[2013/08/03 22:50:46 | 000,001,893 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
[2013/08/03 01:19:01 | 068,996,136 | ---- | C] () -- C:\Users\Scot Grusian\Documents\Foxcraft_R1.zip
[2013/08/01 21:58:54 | 000,000,887 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brobdingnag2.lnk
[2013/08/01 21:36:26 | 000,001,030 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/08/01 21:34:20 | 000,001,133 | ---- | C] () -- C:\Users\Scot Grusian\Desktop\Auslogics DiskDefrag.lnk
[2013/07/29 22:09:55 | 000,001,914 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2013/07/29 16:16:55 | 000,000,962 | ---- | C] () -- C:\Users\Public\Desktop\IrfanView.lnk
[2013/07/26 00:34:18 | 000,002,176 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013/05/08 21:07:36 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2013/02/23 05:47:16 | 000,022,756 | ---- | C] () -- C:\Users\Scot Grusian\linux stuff.odt
[2013/01/21 23:12:20 | 351,148,317 | ---- | C] () -- C:\Users\Scot Grusian\Alice2.2.zip
[2013/01/14 17:01:10 | 000,002,918 | ---- | C] () -- C:\Windows\SysWow64\x360ce.ini
[2012/12/10 01:30:32 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcfpmui.dll
[2012/12/10 01:30:32 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcfinpa.dll
[2012/12/10 01:30:32 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcfiesc.dll
[2012/12/10 01:30:32 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\lxcfcomx.dll
[2012/12/10 01:30:32 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\lxcfinst.dll
[2012/12/10 01:30:31 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcfserv.dll
[2012/12/10 01:30:31 | 000,991,232 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcfusb1.dll
[2012/12/10 01:30:31 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcflmpm.dll
[2012/12/10 01:30:31 | 000,181,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcfppls.exe
[2012/12/10 01:30:31 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcfprox.dll
[2012/12/10 01:30:31 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcfpplc.dll
[2012/12/10 01:30:30 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcfhbn3.dll
[2012/12/10 01:30:30 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcfcomc.dll
[2012/12/10 01:30:30 | 000,537,520 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcfcoms.exe
[2012/12/10 01:30:30 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcfcomm.dll
[2012/12/10 01:30:30 | 000,385,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcfih.exe
[2012/12/10 01:30:30 | 000,381,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcfcfg.exe
[2012/09/24 12:27:17 | 000,007,603 | ---- | C] () -- C:\Users\Scot Grusian\AppData\Local\Resmon.ResmonCfg
[2012/06/24 08:31:24 | 178,370,935 | ---- | C] () -- C:\Users\Scot Grusian\[Amatarou] Flower [English].rar
[2012/06/24 08:08:16 | 000,037,855 | ---- | C] () -- C:\Users\Scot Grusian\1340548499686.jpg
[2012/06/24 07:03:55 | 001,334,027 | ---- | C] () -- C:\Users\Scot Grusian\Cupboard Room Escape.swf
[2012/06/24 06:58:19 | 001,362,745 | ---- | C] () -- C:\Users\Scot Grusian\slink.swf
[2012/06/24 05:18:12 | 000,606,382 | ---- | C] () -- C:\Users\Scot Grusian\1318621598327.gif
[2012/06/24 04:35:19 | 000,871,738 | ---- | C] () -- C:\Users\Scot Grusian\1338611074128.jpg
[2012/06/24 04:03:41 | 000,220,486 | ---- | C] () -- C:\Users\Scot Grusian\butter.swf
[2012/06/24 04:03:21 | 006,468,422 | ---- | C] () -- C:\Users\Scot Grusian\raze.swf
[2012/06/24 03:43:31 | 007,849,309 | ---- | C] () -- C:\Users\Scot Grusian\Draw_With_Me_finished.swf
[2012/06/11 09:50:16 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/06/11 09:50:16 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/05/02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011/12/10 19:20:20 | 000,065,536 | ---- | C] () -- C:\Users\Scot Grusian\Zelda - a Link to the Past # GBA.sa1
[2011/12/10 19:18:47 | 008,388,608 | ---- | C] () -- C:\Users\Scot Grusian\Zelda - a Link to the Past # GBA.GBA
[2011/12/07 20:42:08 | 000,000,295 | ---- | C] () -- C:\Windows\EReg072.dat
[2011/11/26 13:27:57 | 000,049,911 | ---- | C] () -- C:\Users\Scot Grusian\tumblr_lv1dawaW8Z1r44mpeo1_500.jpg
[2011/10/27 16:05:21 | 000,000,642 | ---- | C] () -- C:\Windows\fmp.ini
[2011/10/20 20:45:08 | 000,049,432 | ---- | C] () -- C:\Users\Scot Grusian\rrdTl.jpg
[2011/10/20 20:15:10 | 000,326,128 | ---- | C] () -- C:\Users\Scot Grusian\yeTOF.jpg
[2011/10/20 16:32:03 | 000,002,623 | ---- | C] () -- C:\Users\Scot Grusian\periodic table.png
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/09/19 14:24:03 | 000,007,628 | ---- | C] () -- C:\Users\Scot Grusian\AppData\Roaming\.freeciv-client-rc-2.3
[2011/09/12 15:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/09/11 18:17:06 | 000,000,632 | RHS- | C] () -- C:\Users\Scot Grusian\ntuser.pol
[2011/08/15 22:42:49 | 000,021,980 | ---- | C] () -- C:\Users\Scot Grusian\DEADMAU5.ndf
[2011/06/23 16:28:35 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011/05/19 01:29:24 | 000,264,856 | ---- | C] () -- C:\Users\Scot Grusian\1305792981416.gif
[2011/05/02 20:12:33 | 000,561,739 | ---- | C] () -- C:\Users\Scot Grusian\test test test.wma
[2011/04/28 19:35:36 | 000,024,068 | ---- | C] () -- C:\Users\Scot Grusian\Assignment_1_F10.rtf
[2011/04/21 01:52:47 | 000,009,762 | ---- | C] () -- C:\Users\Scot Grusian\Portal ARG Fun Stuffz Text.htm
[2011/04/15 16:56:50 | 006,656,913 | ---- | C] () -- C:\Users\Scot Grusian\Super_Meat_Boy_Power_of_the_Meat_OC_ReMix.mp3
[2011/04/11 12:57:49 | 000,000,008 | ---- | C] () -- C:\Users\Scot Grusian\AppData\Roaming\DofusAppId0_1
[2011/04/10 21:52:52 | 000,000,181 | ---- | C] () -- C:\Users\Scot Grusian\AppData\Roaming\D2Info0
[2011/04/10 21:52:52 | 000,000,008 | ---- | C] () -- C:\Users\Scot Grusian\AppData\Roaming\DofusAppId0_2
[2011/04/04 19:32:06 | 002,244,754 | ---- | C] () -- C:\Users\Scot Grusian\japanese awesome negima song.mp3
[2011/03/31 20:52:50 | 000,000,218 | ---- | C] () -- C:\Users\Scot Grusian\.recently-used.xbel
[2011/03/27 00:48:56 | 000,471,003 | ---- | C] () -- C:\Users\Scot Grusian\SAP APPEAL (signed).pdf
[2011/03/27 00:43:25 | 000,471,003 | ---- | C] () -- C:\Users\Scot Grusian\SAP APPEAL.pdf
[2011/03/20 07:25:18 | 000,004,608 | ---- | C] () -- C:\Users\Scot Grusian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/14 17:28:36 | 000,001,849 | ---- | C] () -- C:\Users\Scot Grusian\quiz.rtf
[2011/02/23 20:46:38 | 000,567,192 | ---- | C] () -- C:\Users\Scot Grusian\Steampunk_Atlantis_by_leyna55.jpg
[2011/02/23 18:18:43 | 000,118,301 | ---- | C] () -- C:\Users\Scot Grusian\2010-01-04-a8c783a (1).png
[2011/02/23 18:17:41 | 000,118,301 | ---- | C] () -- C:\Users\Scot Grusian\2010-01-04-a8c783a.png

========== ZeroAccess Check ==========

[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/26 22:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/26 21:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/03/08 09:05:01 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\IObit
[2013/03/08 09:05:01 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\IObit
[2011/12/01 16:47:15 | 000,000,000 | ---D | M] -- C:\Users\Jscacltrsa\AppData\Roaming\.minecraft
[2012/10/23 13:02:08 | 000,000,000 | ---D | M] -- C:\Users\Jscacltrsa\AppData\Roaming\DAEMON Tools Lite
[2011/11/04 16:42:56 | 000,000,000 | ---D | M] -- C:\Users\Jscacltrsa\AppData\Roaming\OpenOffice.org
[2011/11/09 14:50:41 | 000,000,000 | ---D | M] -- C:\Users\Jscacltrsa\AppData\Roaming\uTorrent
[2011/11/04 10:41:19 | 000,000,000 | ---D | M] -- C:\Users\Jscacltrsa\AppData\Roaming\Voxatron
[2011/09/19 19:39:10 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\.freeciv
[2013/08/08 01:24:28 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\.minecraft
[2011/03/22 01:52:25 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\acccore
[2013/01/21 22:51:13 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Amazon
[2011/08/06 02:47:38 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\AtomZombieData
[2013/02/20 22:08:22 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Auslogics
[2012/07/04 15:51:21 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Awesomium
[2011/12/21 19:41:29 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\BACS.exe
[2011/10/03 22:41:03 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Beat Hazard
[2013/01/29 14:00:51 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Bioshock
[2013/06/24 14:21:25 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Bioshock2
[2011/07/13 15:00:52 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Braid
[2011/07/30 19:10:12 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Broken Rules
[2011/11/05 21:42:15 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Chessmaster Challenge
[2012/05/06 03:31:33 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Chime
[2012/02/28 17:09:10 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\com.cipherprime.auditorium
[2013/08/01 21:59:29 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\com.fc2.blog21.irafyou.Brobdingnag2
[2013/08/07 05:29:45 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\DAEMON Tools Lite
[2012/02/08 21:08:00 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\DarksporeData
[2011/04/15 21:18:46 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Dofus 2
[2011/04/10 21:52:52 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011/04/11 12:57:49 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2013/02/27 20:51:01 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Doublefine
[2013/05/03 21:27:23 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Downloaded Installations
[2012/09/18 00:57:13 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Dropbox
[2012/08/09 14:16:58 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Empty Clip Studios
[2011/02/16 20:31:31 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\EVEMon
[2013/08/11 21:23:57 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Foxit Software
[2013/04/28 14:18:43 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\ftblauncher
[2011/07/30 19:22:34 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\GlarySoft
[2011/03/31 20:38:59 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\gtk-2.0
[2011/05/05 20:50:41 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\HandBrake
[2011/02/01 22:20:00 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Hi-Rez Studios
[2011/10/21 16:52:08 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Ice-pick Lodge
[2013/05/02 11:38:29 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\IObit
[2011/06/09 02:21:07 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\IrfanView
[2011/07/26 15:55:46 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Lazy 8 Studios
[2013/07/11 13:48:43 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Leadertech
[2011/10/06 18:42:21 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Lionhead Studios
[2013/05/29 15:47:33 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Little Inferno
[2012/06/25 12:21:11 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\LoneSurvivor
[2012/03/01 17:44:32 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\MediaMonkey
[2011/10/20 17:39:33 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Meebo
[2013/08/05 18:08:37 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\MinMaxGames
[2011/05/03 11:57:26 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\MotioninJoy
[2012/05/13 01:02:00 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\offspringfling
[2011/01/24 19:11:39 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\OpenOffice.org
[2011/07/08 11:38:00 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Polynomial
[2012/09/25 13:09:33 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Rainmeter
[2012/06/29 13:10:30 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Recordpad
[2011/04/10 21:52:54 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2013/02/17 00:31:49 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\RenPy
[2011/11/13 19:32:06 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\River Past G5
[2012/06/06 11:03:42 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\RotMG.Production
[2011/01/27 05:31:43 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\runic games
[2011/11/09 21:28:13 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\ScummVM
[2011/04/24 14:00:03 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Smart Screen Recorder
[2012/11/02 16:03:08 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\SoftGrid Client
[2011/01/21 03:50:11 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Songbird2
[2011/11/26 01:38:27 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\System
[2013/03/25 22:03:22 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\SystemRequirementsLab
[2013/02/21 10:07:47 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\TeraCopy
[2012/08/15 00:08:40 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\TP
[2013/02/20 20:51:28 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Trillian
[2012/03/03 18:14:51 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Unity
[2013/08/06 15:29:54 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\uTorrent
[2011/10/31 20:10:19 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Voxatron
[2012/11/04 12:05:29 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Windows Live Writer
[2011/03/31 20:36:56 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Wireshark
[2012/09/30 23:16:45 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\Wondershare Video Converter Free
[2011/12/31 01:11:51 | 000,000,000 | -HSD | M] -- C:\Users\Scot Grusian\AppData\Roaming\wyUpdate AU
[2011/06/12 04:40:31 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\XnView
[2011/11/10 12:46:30 | 000,000,000 | ---D | M] -- C:\Users\Scot Grusian\AppData\Roaming\ZOO Digital Publishing

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 178 bytes -> C:\ProgramData\Temp:8CE646EE
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:F4CA4D70

< End of report >

Extras:

OTL Extras logfile created on: 8/11/2013 10:40:00 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Scot Grusian\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 1.81 Gb Available Physical Memory | 45.18% Memory free
7.99 Gb Paging File | 5.04 Gb Available in Paging File | 63.05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 427.97 Gb Total Space | 38.52 Gb Free Space | 9.00% Space Free | Partition Type: NTFS
Drive D: | 7.93 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 100.00 Mb Total Space | 65.86 Mb Free Space | 65.87% Space Free | Partition Type: NTFS
Drive G: | 7.44 Gb Total Space | 3.44 Gb Free Space | 46.26% Space Free | Partition Type: FAT32

Computer Name: MAXXIMUS_PRIME | User Name: Scot Grusian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-3810087351-2250998269-117142514-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
Part 3:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0012A2C1-46C7-449A-BFDD-7A72340A5D30}" = rport=445 | protocol=6 | dir=out | app=system |
"{06DF88E6-4D06-44CD-A54A-E8755CF15BFC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0FB50E74-BC20-4231-A457-01105D123D6D}" = lport=139 | protocol=6 | dir=in | app=system |
"{1306D56F-DD5E-4218-9FB7-809842AA9120}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2161E9F5-7F1B-43C8-AD6B-18446CF644C0}" = rport=10243 | protocol=6 | dir=out | app=system |
"{27754C1A-E262-4746-8103-F752702C1B63}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2B2CF1AC-52A9-4E64-BD32-AF81863E9F05}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{2BD2A980-54B5-407C-8B24-2A6A2409A6E6}" = rport=138 | protocol=17 | dir=out | app=system |
"{2C3E30DB-BEEC-4246-B5F2-92B536EEEEB0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{3AD9F251-569C-434F-BE2B-9C3F99F4B231}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{47340039-D6A1-4A7A-B583-BAC1DC51B276}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4DBABE4D-5A29-45EE-AA9E-6F16BBB9FA23}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{51AC6FE0-FC52-4883-ADEA-98DE47F4BE1A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{53914504-0085-43E7-A4F9-37992060E81E}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{549DAC92-982D-4EF8-B7D2-E361D96DAEC3}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{5CC978DC-FE84-444A-9D1D-A5207791CDBE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{65A7A39A-EDE1-41FF-98DB-E2F35D57690C}" = lport=49167 | protocol=6 | dir=in | name=akamai netsession interface |
"{6E0FC5EF-8444-4139-8760-02AA3DBAFFC9}" = lport=137 | protocol=17 | dir=in | app=system |
"{728C1A88-8F41-4DAD-AD57-20C3FD0A7968}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7B71F7C2-1676-4926-8107-2B0D66883027}" = lport=10243 | protocol=6 | dir=in | app=system |
"{7F596EE4-6BE5-4A4E-992E-9480977FEB8E}" = rport=139 | protocol=6 | dir=out | app=system |
"{8B2073CD-E542-4170-A755-D35EDDD6A8EB}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{8EFF8B81-7C19-436C-B1F0-A76FE3850E6B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9375EB7E-2029-416B-A845-35D8CC20E779}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9691F7FE-6390-4133-A9D5-0433B2C3341C}" = lport=138 | protocol=17 | dir=in | app=system |
"{9980C45B-76C3-4D0D-8E3F-6518D6B88055}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A2B4DE02-AD3D-49A5-811D-A3CC2180421A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AEB29066-4420-486E-A738-8705E967478C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B66D07AE-D135-4A18-8918-A2894D03DCBD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BC35B474-3C74-4A9E-B2AC-69A546F26CC3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C19DE73E-10BF-4D1E-99FB-5355CB0DFB6C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C935F7BA-4458-49AF-B25A-6CDE3E13748B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{CA327E88-7907-4AC2-AE45-3B07BD98AD40}" = lport=445 | protocol=6 | dir=in | app=system |
"{CBDC6AA7-50F5-4810-944B-9BC3A9FF70E8}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{D27A9178-4F56-411E-9213-1E5951E0EE18}" = rport=137 | protocol=17 | dir=out | app=system |
"{D5CEDF3B-3D6D-4F8D-B7A3-5DE3F4DD6449}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F2D1738A-DB58-43BF-8FC1-868B1B90B980}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FDA41CCB-6B3F-4804-81C5-2152CAEB9195}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00E332CB-3239-472A-90E4-D6DC966840F7}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{00E449C8-E3D7-4A78-B1F4-207FC3957814}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cogs\cogs.exe |
"{0222A1D6-375F-42F4-819B-70027054912F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{030AB5B8-0F97-48A8-9BAD-782E1A2332D3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\swarm arena\swarm.exe |
"{03D1A5CD-8266-4B62-AA9A-0E3894CD2D0D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\blocks that matter\btm_launcher_win.exe |
"{04CE09CC-6F3E-4A96-9AA9-82E5804C0625}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{05685BAB-4AB9-4B04-BA2D-EF0076701F10}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{07F84FE2-9EF8-412C-BE5F-D437C1197313}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\strikesuitzero\pc\main\binary\ssz.exe |
"{0804CA13-FE16-4890-AC77-36A60936F14C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock\builds\release\bioshock.exe |
"{0929AB4D-215E-45EC-A92C-2E33AA556DAD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0A0FFE1A-3D37-41BC-A19E-4767AB0CFD1F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\revenge of the titans\revengeofthetitans.exe |
"{0B1ED272-A77B-4FD8-9AB0-955F07FABFBF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the binding of isaac\isaac.exe |
"{0B34B15F-68A1-48DF-8CAA-5BB3CEA57EAD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\defcon\defcon.exe |
"{0B385CBA-F8AC-4481-9A02-9AE99BBC0362}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\uplink\uplink.exe |
"{0C533FFB-9803-491F-9439-1F7AFF042D1B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\runme.exe |
"{0E0970EF-D0F4-4B3E-8FC0-D68BFC5E8FFA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\noitu love 2 devolution\config.exe |
"{0E56893D-D28E-4015-9045-C1AC39754DD2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\blocks that matter\btm_launcher_win.exe |
"{10957C6B-33FF-4D17-82E5-53D68ED7D7AF}" = protocol=17 | dir=in | app=c:\program files (x86)\trillian\trillian.exe |
"{10CA6ED5-B38D-4BB9-89A2-4D794EF321EA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\symphony\symphony.exe |
"{111F9B41-54C1-468F-8903-A68F3A633199}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien zombie megadeath\alienzombiemegadeath.exe |
"{115CA0C4-53F7-46CC-A70A-0CC8AF586625}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\beathazard.exe |
"{1420D089-CCBE-4BD2-A1FC-AE97BDEB1F61}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shatter\shatter.exe |
"{168D6D2C-712F-4906-B934-90BDC03826B3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{16B217AF-85AA-48E8-AD8D-6249F7645609}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sonic cd\soniccd.exe |
"{16C030A2-A009-40A6-8DD5-BAC4D3A2A65A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chime\chime.exe |
"{1797E4B8-AD11-4C97-A338-47F941AD27A5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brutallegend\brutallegend.exe |
"{17CAA9A5-D9A0-4EE9-8E19-4402CD7B75E2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magicka\magicka.exe |
"{1A883279-DB82-46EF-8021-746A6D3B144A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\whitelab\thewhitelaboratory.exe |
"{1B4E7F6B-3443-46A8-930A-0A55413DFE02}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\game_launcher.exe |
"{1BC40EFA-A57B-4F67-8887-6644BDFC1168}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{1D5D5E13-ED58-4669-8FBF-100E8A55B3DC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\machinarium\machinarium.exe |
"{1D636728-47C9-45A1-AB76-0037F2F8168C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\closure\closure.exe |
"{1E96A6CF-A9AB-44FA-8021-C188AA7BFB28}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\defcon\defcon.exe |
"{21ACB67B-A91C-4850-BBE4-060ABE7CE6E7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{22037192-82C2-4E1A-88B6-8C70F4DF58FF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\qube\binaries\win32\qube.exe |
"{2373EFEF-C6C7-4574-9891-811BDA56A2D7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bit.trip runner\runner.exe |
"{238062C6-43F1-422F-9660-526537C36DA1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2 e3 demo (suction)\smp.exe |
"{24FB357F-6576-4190-B107-CF9119AB9B4E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bit.trip beat\beat.exe |
"{25D5FEFC-A54D-408D-B597-417EEF023C2E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\offspring fling!\offspring fling.exe |
"{26DCEF02-FE03-4E44-9013-106C4B973BD8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brutallegend\brutallegend.exe |
"{27467E29-FF52-491E-971E-57DFAD6924B1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\kfed.exe |
"{276A3A15-1E50-4082-9665-AAEEFA36BC29}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\game_launcher.exe |
"{2789C31C-1E01-45CC-898D-ECBA31AD82A3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\spirits\spirits.exe |
"{29FAF17E-15D0-46BA-861A-7F071D7DA871}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{2A63BCC0-2050-4C12-9EF1-9B2B36D21D99}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cave story+\cavestory+.exe |
"{2A82F84D-D745-4F45-BAED-4DF36CD74BAF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\poker night 2\pokernight2.exe |
"{2C1E5231-B7B2-4B1C-A889-DE2343F955D2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\castlecrashers\castle.exe |
"{2CF7FB1A-B38F-4673-A927-3A1B5E3269DF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\toki tori\tokitori.exe |
"{2D795C7E-559A-49C1-A00F-BA5B9E238994}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2launcher.exe |
"{2DD6FDC0-4122-416F-9D39-E5ED8325350C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tinyandbig\tinyandbig.exe |
"{2E8CFD05-C607-495B-8C27-0D0443A6A55B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\jscacltrsa\garrysmod\hl2.exe |
"{2FA616BB-7AD7-4CAE-8F03-B5DEC60E4969}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{307B3305-C755-4212-BCAA-E9602B4E599A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{30812292-A028-4CDC-9FF5-8D16848417BE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien zombie megadeath\alienzombiemegadeath.exe |
"{30DEEA33-8277-4D1E-B7D6-3B0FF74BA315}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{31A1B029-30A7-431A-9370-C9700571F636}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\myst masterpiece\myst.exe |
"{31E2AD63-CBC6-4552-A3DF-3099A1391EB1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{32554670-1B70-418B-ACE0-8F5622F07C37}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{34DC30F4-197E-4DA8-9A2A-03DC8B370BFF}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxcfcoms.exe |
"{34EAB7AA-1491-476D-B97A-9EDB7FFC1CA3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\eufloria\eufloria.exe |
"{351B9800-98AD-476F-AE85-B7897CE27643}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{353E2CFE-0F22-4837-A0C2-5D0A1FE3F534}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rbs\really big sky.exe |
"{35BF96FB-81B9-443D-9B79-AA951E77D367}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{35F12EE6-C32A-4591-AC02-F666AD199D57}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cubemen\cubemen.exe |
"{3600C909-792F-417C-A354-696378E47C23}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hell yeah\hellyeah.exe |
"{3620DD34-D206-4014-BBD5-26E1041F5E93}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\valvetestapp206500\airmech.exe |
"{36D5B1A0-92DA-4597-95F7-2D1CE70DE781}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\blocks that matter\btm_launcher_win.exe |
"{3964F5BE-74EF-43C9-A3D7-E338A34D5E44}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe |
"{398CBB6B-B942-4401-AAEC-45215A53794C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shatter\shattersettingseditor.exe |
"{3A48CC25-9657-4AAA-A7AA-C8BD30A6B22A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the binding of isaac\binding_of_isaac.exe |
"{3A745AE0-709A-4355-98FE-210DEA930423}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{3B571277-B6CA-4038-9E5D-5734721EDF06}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\plants vs zombies\plantsvszombies.exe |
"{3BC91942-4E54-4A19-B890-DE80BFD993FC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hell yeah\hellyeah.exe |
"{3D820FA9-DCB0-4D46-84FD-26B7234542DD}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{3E291017-215A-42BE-A050-74D1DBF6432D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien zombie megadeath\alienzombiemegadeath.exe |
"{3E870B7F-0565-4143-A0B5-5EA4C08A918A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{3FB3BEDC-6F86-4129-8D61-60D72CC530CD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\toki tori\tokitori.exe |
"{3FEA7EB7-9170-4FFF-A8B3-5E9CBA461715}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\valvetestapp206500\airmech.exe |
"{4020C3E4-6080-4811-BF84-D1D1EBFC2FB2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fractal\fractal.exe |
"{41A9CCCE-2067-4F15-AA33-C83E34D65F13}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\jscacltrsa\garrysmod\hl2.exe |
"{421D1766-65A3-4ACD-833C-2C379841FACC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cubemen\cubemen.exe |
"{4241B4D6-8382-4C4E-8F18-1EE71AB25E13}" = protocol=17 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"{429AFFC9-567E-4168-A3FA-A295219B1568}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\thecave\cave.exe |
"{434322A6-7102-41FC-9A61-80325DE35580}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\realm of the mad god\realm of the mad god.exe |
"{435BE758-9D7E-4923-A6B5-A434B78E9D11}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\solar 2\solar2.exe |
"{43C7D869-07B6-4C2B-BD5B-671B3E8C3197}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxcfpswx.exe |
"{463EF7D3-E6EB-4924-BFC6-08A156B7CF86}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4662FEA7-42A2-4346-8386-C04B70E0C1E3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\jamestown\jamestown.exe |
"{46A1D013-C876-4A9B-BACD-870CE378830C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bastion\bastion.exe |
"{47007091-02A7-4BA6-A99B-5A0084960621}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bastion\bastion.exe |
"{48E1BDE6-A325-40C7-82F7-D66A42EC12A8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{492D4E1A-AB5D-470B-8FB6-122A4532ACBE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\quantum conundrum\binaries\win32\trygame-win32-shipping.exe |
"{494789D2-CE5B-4D9A-8AE8-B34B758B19B7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\poker night 2\pokernight2.exe |
"{4B409CA5-17C0-4FE8-A3DE-2EEB09B40D91}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\darwinia\darwinia.exe |
"{4E3F8B7B-4997-45C2-B3DC-35EEA5BC6721}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chessmaster\chess.exe |
"{4F398DDA-CDDE-402B-9763-778C829AEF52}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\symphony\symphony.exe |
"{502F760E-AA52-4A07-BB71-8BEDDCBA4968}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe |
"{50834324-CA06-4EBB-AA44-60BA8BFB291E}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxcfpswx.exe |
"{50B509E7-937A-47D9-B284-1DDE2D4BD8F5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magicka\magicka.exe |
"{511BF4F7-DDDD-4914-9713-AA2D137B9FA4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\modlauncher.exe |
"{51244E96-7052-4502-BDB5-B58800880B5E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe |
"{517DD8AA-F7D3-4019-98D7-BEEB5C3BF5E0}" = protocol=17 | dir=in | app=c:\program files (x86)\ccp\eve\bin\exefile.exe |
"{521ECF6A-943E-42FD-9BC8-F56E8823E91D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\darkspore english trailer\smp.exe |
"{52B9A2D2-8F4D-451E-B3DD-C16850806BDA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{52EDF2EA-6B8C-4598-A5AD-6CE78D24349D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{530D7A66-28A4-4DD6-A1FC-F9EAE7D1E536}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the binding of isaac\isaac.exe |
"{53696922-749E-451C-AF5F-5BE6E449B3C1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\revenge of the titans\revengeofthetitans.exe |
"{5373E32E-5190-4A3B-9DBE-AAB7400F9CC9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\solar 2\solar2.exe |
"{54096FF7-4CB2-4F4A-9918-DCE694990EC7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock 2\mp\builds\binaries\bioshock2launcher.exe |
"{54B08EC4-CC18-47AF-89E2-90C35D2534A6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\symphony\symphony.exe |
"{550DFE6A-37E9-4B54-A22D-3911F413A8F0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\snapshot\snapshot.exe |
"{56F0D66B-E174-44B8-95A0-2D3A86706158}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half minute hero\hmh.exe |
"{5715EADF-640D-4A73-B438-9CC4D5473CFA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\super hexagon\superhexagon.exe |
"{5950170D-9224-4AD5-94A6-D8A7400A0835}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\darkspore english trailer\smp.exe |
"{5AEF478D-BC98-445E-8C7B-010760F07284}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\uplink\uplink.exe |
"{5C70BE41-83FB-473C-B328-493635507465}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{5CA8CB99-94E5-49F2-A7DD-FC3EBC717309}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\kfed.exe |
"{5CE1B415-F555-44C3-ABA4-B719E4C6D13C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2launcher.exe |
"{5D1295E0-23BF-46A4-B43F-B333030986D1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5E8EC13D-F2FE-44AB-AA22-2478B89D167F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tinyandbig\tinyandbig.exe |
"{5FDDB00E-8DD5-42F7-A657-0B1CB77DC518}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\noitu love 2 devolution\nl2.exe |
"{6138D85E-AB32-43B9-A398-6DC2813D749C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat |
"{613925F4-C8B7-41E6-8F34-1766789029BC}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{623F4553-52A5-48A5-B896-1D4D3BA6883E}" = protocol=6 | dir=in | app=c:\program files (x86)\trillian\trillian.exe |
"{62408460-52EB-4B43-994A-D800AE36A889}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lugaru hd\lugaru.exe |
"{62A5D3FB-05E8-448B-A294-14EF4D83A458}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{63E3E687-40CD-43E1-8ECD-8420AE088606}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{64603154-7409-4883-BA26-F82C2CB33842}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6545C5AF-65A0-4F51-8AA3-65E3137CC886}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{678D345F-DF16-4484-A705-693F10D623D2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\vvvvvv\vvvvvv.exe |
"{67AE12D6-A11F-4843-BF3D-4F1E845817A2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{67B1FCE2-819A-4C46-B7E7-4F9EEE65D63C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\revenge of the titans\revengeofthetitans.exe |
"{6944590D-6D96-419D-B1A8-03505EFE70C3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{699C7800-FCFD-4D1C-90E2-167DDAFF63DB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\defcon\defcon.exe |
"{6A34BC22-DFB1-490E-8D84-7C763CEDA608}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the final hours of portal 2\thefinalhoursofportal2.exe |
"{6B2592F9-6684-42DA-A3E3-AFE869FF2593}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{6C762932-C167-4A66-B556-9E3CD6098A8B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\offspring fling!\offspring fling.exe |
"{6CA83BCA-EF94-4710-913A-A16FEE8A5161}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\toki tori\tokitori.exe |
"{6D27B55E-424E-448E-821A-C7C5148021E8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird.exe |
"{6D7003D8-1A48-4E74-B3D2-A06B76720C99}" = protocol=6 | dir=in | app=c:\windows\system32\lxcfcoms.exe |
"{6D9F3E78-03EC-4930-A01A-FEA46C684F90}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\yosumin\yosumin.exe |
"{6DE361A8-6ACC-40C0-B7E9-F7AB5B5B5F3F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cave story+\cavestory+.exe |
"{6DE5C07F-C80B-4465-AA0B-9144C8EB2DEE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe |
"{700A2932-B296-4774-99AE-1B0F724ABFF9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"{70E42ACB-D6FF-45BC-A726-BCE5F883A0A0}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{71299665-DB19-4FCE-8FBC-F99313FEC42D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\thecave\cave.exe |
"{712A9523-49D2-4C2D-9A52-63AD071C8D87}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sonic adventure 2\launcher.exe |
"{7151BEEC-194D-4685-AD14-DA203A303EFB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shatter\shattersettingseditor.exe |
"{71725159-CB26-4338-9CAD-B2BB60A761BE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{72997553-B00C-4816-B144-9B6FBC01C85D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{733BA2F6-7B5E-47A5-B4A2-9C53C5157546}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\vvvvvv\vvvvvv.exe |
"{738BA53F-6867-4E08-A545-6626A55F2310}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sonic cd\setup.exe |
"{74589005-9F01-46BA-BAF6-9B859AF1E9FB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe |
"{74D71CA6-F0F7-4269-9BF8-5BFD42316550}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\defcon\defcon.exe |
"{750C7150-A600-4E5D-B524-36E104A2F7D3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\realm of the mad god\realm of the mad god.exe |
"{762120AC-D7C9-4084-A5F8-60FDCC96CC5B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe |
"{76BAB912-488C-4ACE-9D04-AD831D3A54BE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bastion\bastion.exe |
"{7732C987-0E4B-4985-8A3A-454ADA2A5A07}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\plants vs zombies\plantsvszombies.exe |
"{778DB91A-9AD6-45DE-8906-262DC70A6EFE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\osmos\osmos.exe |
"{7815E800-EC0E-4880-8FD0-AB4C33A91F20}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{78672F24-7834-4EBF-9A51-A97C5A79DF20}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cubemen\cubemen.exe |
"{78C83CE3-2153-49A4-8B64-D6F0CFCB5A04}" = protocol=6 | dir=in | app=c:\program files (x86)\ccp\eve\bin\exefile.exe |
"{790FA519-C307-4A7D-B9EC-7D3413B48A91}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock\builds\release\bioshock.exe |
"{79F41AF1-DB55-43F7-9F74-7575060D487F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe |
"{7A63572F-77F8-40A6-AC58-424B52F572D7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat |
"{7ADD6A0E-1B3E-460D-A760-0F006327D1A5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\runme.exe |
"{7B6D3ABC-454B-4B01-BF79-52EF8047383C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\world of goo\worldofgoo.exe |
"{7D9F3FC3-4C9C-4DAE-8B17-37E050D52DBE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sonic cd\setup.exe |
"{7DEF16D2-D8D2-4830-80D8-C82F2BDEC729}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chessmaster\chess.exe |
"{7E4DD60D-BB36-4B28-BAA2-5520B9BB09A9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chime\chime.exe |
"{7EA31831-8A37-4B41-993D-03C73293D6E6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\plants vs zombies\plantsvszombies.exe |
"{7F6FFE2F-D695-47AD-9EAD-D82F8FE9CF05}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\limbo\limbo.exe |
"{80E6D582-5860-4470-8FAC-C39C254BB93C}" = protocol=6 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"{82A1D883-BF2C-4F08-9EF3-586E5B7BCCD5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{832BD84B-C327-487F-A0A8-C1AD4BB36897}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\beathazard.exe |
"{8434BA49-D18E-4E1D-8F12-B7CAF1E865F6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hammerfight\hammerfight.exe |
"{84D6CE26-C25F-4B09-8BC0-2835BFE6863C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{85792D37-C27F-445D-94BC-2431EDAB2C3E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sega classics\segagenesisclassics.exe |
"{860F601C-4330-40E5-9AFC-4F7371F8579C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\osmos\osmos.exe |
"{86133987-39D5-4C6E-8865-E1855CAEDE8B}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{86B02364-EDBF-46DA-86F7-B0C95D52FF22}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{884A2817-7CCC-42B2-8738-A0EF694B1C38}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\noitu love 2 devolution\config.exe |
"{88FDB2DB-E7B8-401F-A6C6-2381AD290FC1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"{899885D3-F313-4D14-A908-02298130E5EC}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{89A0043A-0897-45D6-AE5B-0D8D57D70993}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\swarm arena\swarm.exe |
"{8B115B95-34DA-4535-B759-908F044776D8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sanctum\binaries\win32\sanctumgame-win32-shipping.exe |
"{8CCAEE22-4F65-4C32-9CFA-2548AAED9E15}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\auditorium\auditorium.exe |
"{8CDFBFD1-DED4-44EA-966E-DCB2BC238F03}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\universe sandbox\universe sandbox.exe |
"{8D6C5586-6D29-4F5F-8527-37C474D74987}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8D7A77C6-D25B-440E-AB71-D86BFFDA5572}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rbs\really big sky.exe |
"{8DCDB56E-B61B-4EB3-8AFC-C5678107F2F8}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{8F4B4067-A9EA-4694-B567-99EEF9296D9E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\world of goo\worldofgoo.exe |
"{91865549-B4C5-4304-8F2A-BED5BD85A121}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{92EE4526-F792-4803-92FE-C773A75E5F50}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization iv\civilization4.exe |
"{932BBD04-CA61-447C-964F-2DED9A497AF7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\space pirates and zombies\spazgame.exe |
"{960FD780-39E6-4F7B-B242-21EDE3A3FA4E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9612954F-6A40-4ED9-A57F-877F97859F3A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat |
"{9757B4FC-AECF-4DA2-A822-C484AA09D47B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\poker night at the inventory\celebritypoker.exe |
"{97756011-44ED-40BD-B265-CEFF2B65C3AB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life 2\hl2.exe |
"{97FEB11B-452D-4A91-BF9E-9C05488F0416}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sonic adventure 2\launcher.exe |
"{9894AA2B-E0F8-4DD1-B386-90F3F9FF244F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\poker night at the inventory\celebritypoker.exe |
"{9899A319-EF36-4E6E-A7CE-73CA579F9006}" = protocol=6 | dir=out | app=system |
"{9926676B-204B-47E7-9893-4A4AC913D39B}" = dir=in | app=c:\users\scot grusian\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{99AF09A4-0DFA-4EDF-8838-5BB147236902}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\runme.exe |
"{99FC05C0-EADA-489C-86BA-68D0026EB933}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe |
"{9CC09CEC-EAC9-4656-8C91-BC32562B7F18}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe |
"{9CC415DC-779A-46CA-85C6-E745BD84EE9D}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{9D07AEC0-C4A9-40A3-9C23-8CBB2198C298}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9D74FDAB-B437-4ADE-BD79-0F4857A6F32B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight\torchlight.exe |
"{9E2F6DAC-25C0-49E7-B23A-EF3055B0E162}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\thepolynomial\polynomial.exe |
"{9FCB75ED-E4D7-43B1-84B5-002BD614A1BB}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{A15D746D-CD5D-4A7A-805B-AA7DFB655B45}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dustforce\dustforce.exe |
"{A1F207DA-01D9-4C28-B5D2-10460B0BB868}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{A259CF9D-A60E-461C-B4E1-7F45EC1B5797}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{A2A0D656-BC76-43E3-B5E8-A0E0D367624E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\strikesuitzero\pc\main\binary\ssz.exe |
"{A2B1528B-8793-480A-AD68-C95B099AC1BD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cogs\cogs.exe |
"{A3F88097-67E1-4D77-A447-ED89F84E2DD2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A510262F-6DC6-4566-A39A-AA68DB58AF10}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the binding of isaac\isaac.exe |
"{A599F64C-A0CC-4C28-B97A-C4FF6C720B26}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lone survivor\lonesurvivor\lonesurvivor.exe |
"{A5E2CB64-CD69-4700-8090-A805785F3CDC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{A6DD11F6-12F0-4E7D-B57F-52D361E64CE2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat |
"{A6F80FF4-6646-4F82-B491-E35BBBB37E50}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bit.trip beat\beat.exe |
"{A72C689E-1C2C-4E04-B7C7-681576D8B61D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lugaru hd\lugaru.exe |
"{A7C17F81-7B01-45D2-956F-3EFC5AE3666A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row the third\saintsrowthethird.exe |
"{AA12E7A3-4175-4E99-B810-0074ECCD8015}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ares\ares.exe |
"{AAA07CE3-3673-4724-B397-55A032AFE1A4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rbs\really big sky.exe |
"{AB1C3965-E8CA-4982-968A-89440AB1C293}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\little inferno beta\little inferno.exe |
"{AC860AA6-251E-4524-8458-347698E7B6A8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\myst masterpiece\myst.exe |
"{AC9A299C-0E19-4020-8C3A-C4E860996CC2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\blocks that matter\btm_launcher_win.exe |
"{ADA82770-5252-4DFA-A1DA-2EF8A651F673}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AE4ABB2C-CAA2-468D-B461-774054DB7841}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{AE5CA19A-3D3B-4A89-87CE-A139336DD791}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bastion\bastion.exe |
"{AEAB6B63-CFFF-46AC-992E-8E6DF22F3F4E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{AECDA7FD-E521-4E06-91AB-2E62595B5ACD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\edge\edge.exe |
"{AF1403B9-5D6A-4ADE-97F2-F0BD457B79D0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\thepolynomial\polynomial.exe |
"{B15812F5-E1C8-48DC-BC09-93A2ABB83CA5}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{B1844DCF-F153-4979-8214-AC92243044D7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cubemen\cubemen.exe |
"{B212B718-D7A3-4225-8270-3C29B6680445}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bit.trip runner\runner.exe |
"{B225F34F-FBD8-4DA2-8724-AC79CE79B4FC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\pc gamer digital edition\freakshow.exe |
"{B2A8DF5C-F486-4969-A7C8-557B3D4FFDF1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B2C60B41-FA9B-47D8-B527-89F8C733B23C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life 2\hl2.exe |
 
Part 4:

"{B2F83078-B7C5-4C5A-BF13-DE632AEEA253}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B3818355-8722-4591-A3BE-96E67FAFC130}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\splice\splice.exe |
"{B4658619-CBF3-4EEA-B1BC-348373C60207}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxcfpswx.exe |
"{B54BAC87-CF6F-4F22-A8FD-D07EE7B4DB2F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock 2\mp\builds\binaries\bioshock2launcher.exe |
"{B5FA9D28-452F-4476-8515-88904F3241DD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\revenge of the titans\revengeofthetitans.exe |
"{B63E1280-A075-4F8D-8DB8-A0AB29CF6ED0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\limbo\limbo.exe |
"{B7B479FB-4D29-4779-9605-67D29B5853D2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\plants vs zombies\plantsvszombies.exe |
"{B7F75AFA-3CF0-4762-A3E9-455820729681}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\eufloria\eufloria.exe |
"{B89DEBA3-EB65-4544-AA49-22577DBCA00B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\antichamber\binaries\win32\udk.exe |
"{B94DE3A7-7454-4366-8BB4-3417C531270F}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxcfcoms.exe |
"{BAA3A47E-788A-4C7E-8564-A4194E059E3F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\valvetestapp206500\airmech.exe |
"{BB303618-7567-4B78-AC87-786D00CFC2ED}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"{BBB9984E-308D-46EA-8B8F-9FC25E01A770}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\qube\binaries\win32\qube.exe |
"{BD0B6EB5-0D59-492A-AC7C-BA4FD747C132}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alien zombie megadeath\alienzombiemegadeath.exe |
"{BD1B751B-02DD-498C-BD97-91B9F4D8E839}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\toki tori\tokitori.exe |
"{BFAB7D77-5F0B-485D-B591-813E9CECF3B5}" = protocol=17 | dir=in | app=c:\windows\system32\lxcfcoms.exe |
"{C03D1D6B-0A35-4046-AF82-C75855EB9214}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{C0DAEF0B-C4C1-4AA8-9495-687E90886319}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\quantum conundrum\binaries\win32\trygame-win32-shipping.exe |
"{C15CBC05-E77F-4F5E-B3CD-C11157B25621}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trauma\trauma.exe |
"{C1CD841B-E2BB-4834-A827-A1E6581154CA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\jamestown\jamestown.exe |
"{C27F6896-FFCB-441C-BC60-C2E1D60B226C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\beathazard.exe |
"{C291AA07-4F33-4E19-BC9F-F52A1C082FBE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half minute hero\hmh.exe |
"{C2A9DB63-69F3-4957-BCB8-E1DF83F486C8}" = protocol=17 | dir=in | app=c:\users\scot grusian\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{C2BE8854-59E8-4789-A1B3-C4C4D0EEA496}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{C37391B3-8A22-400E-A686-B6119279CFA7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C38A2FF0-7F8D-43B2-AE66-D46EB9B2E7A4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\antichamber\binaries\win32\udk.exe |
"{C3CE7AFE-DD7D-4EE0-803C-C8AA9CBF4223}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{C3D9E6F5-07ED-4D13-9253-B4A3492225ED}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\auditorium\auditorium.exe |
"{C5B911BB-CEA6-4D8E-B385-890368FB30A9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fractal\fractal.exe |
"{C5F1A71B-972A-4BBF-AF8B-4EC66528D25D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\snapshot\snapshot.exe |
"{C6424DD9-088D-4277-89F1-FD2E500CBDD5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2 e3 demo (suction)\smp.exe |
"{C6FFAE7F-AC18-462F-9CB2-00ED03050C16}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\whitelab\thewhitelaboratory.exe |
"{C7A06C9A-62FA-45B4-BA84-FE9594A4D360}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\offspring fling!\offspring fling.exe |
"{C8F69470-8B72-4703-9E83-A7FCC8FF89F2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\castlecrashers\castle.exe |
"{CA14C3E2-7FBC-4FF1-B1F2-D7271D03ECDE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\yosumin\yosumin.exe |
"{CA99E1AA-7344-4BB6-94DD-4E11D2DBBAF7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lone survivor\lonesurvivor\lonesurvivor.exe |
"{CAE22CE3-C2B3-4A55-A890-A3878C208A13}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shatter\shatter.exe |
"{CB1B5C20-4274-4D7A-984C-CB224A9A322E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization iv\civilization4.exe |
"{CB944876-B657-45EC-B15C-63F24FBBED44}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the final hours of portal 2\thefinalhoursofportal2.exe |
"{CBB1E3B7-10B7-416B-BC20-94B6D1A25344}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{CC8CCA34-4919-4F9F-BA16-E97BA21D9950}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ares\ares.exe |
"{CE28366D-5C35-4140-9D9D-60ADB696FDC1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{CE2A0F25-CDF6-4714-A47C-19FDB9C10B8D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\noitu love 2 devolution\nl2.exe |
"{CE6A7BC5-29C8-4302-A0F3-1DAC46C14DBC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\splice\splice.exe |
"{CE8CF949-4383-4A0A-BFAA-184A8A80C0FF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\space pirates and zombies\spazgame.exe |
"{CF4B0940-24CD-4FCE-89A8-59042C7EDA35}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{D2225CF3-26C2-41EA-B178-75BA28F48733}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\edge\edge.exe |
"{D3557915-DA1C-43B5-8E6B-EFE5B6D4ED1B}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"{D4D4F000-3C11-41E0-840D-D9FA4DCA654E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\machinarium\machinarium.exe |
"{D51FB877-C838-438F-B9F2-FE2605A1AD38}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\auditorium\auditorium.exe |
"{D54ADDA9-7E2C-4317-9E93-3A514CB5CC4E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sega classics\segagenesisclassics.exe |
"{D5B28C8F-5922-44DA-B1A9-6F6DCD3EEB90}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\edge\edge.exe |
"{D63A1AFF-8934-4F4D-8207-0B16C232667F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\modlauncher.exe |
"{D7AE25E2-BC94-4BE6-8694-3C3B5055C2A6}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxcfpswx.exe |
"{D806B896-98F7-40B2-A3A8-B66B0CFDD849}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\driver fusion\driverfusion.exe |
"{D95A2701-6BF1-4AB5-B033-B6ACDFC1E892}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{D9761431-1C40-4730-AB7E-3992A15BF5A1}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DB004ED6-E06D-49DF-8CD0-1B891623C1A4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\darwinia\darwinia.exe |
"{DCA0430F-F53E-418F-A57B-C012A7AA42B2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the binding of isaac\binding_of_isaac.exe |
"{DCD3A749-C876-43F5-946B-579012CDBCF3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trauma\trauma.exe |
"{DCEF14AE-7363-4398-B59D-73AA5A9998E5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\snapshot\snapshot.exe |
"{DEECB811-0A46-4355-8744-DF6E40B96020}" = protocol=6 | dir=in | app=c:\users\scot grusian\appdata\roaming\dropbox\bin\dropbox.exe |
"{E3A79925-16E7-4A07-B9C9-BD7E9F1C3892}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\closure\closure.exe |
"{E51F2751-9C4D-493A-9ACC-06D986855AA0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\edge\edge.exe |
"{E6E0500D-9648-487D-B909-923756FA2DA6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\universe sandbox\universe sandbox.exe |
"{E8DAA60D-068F-493F-A68B-3D5466DC6278}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cthulhu saves the world\cstw.exe |
"{E9669A9B-F6C8-4868-8ACC-0307DD2A560A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\symphony\symphony.exe |
"{EA371ED0-4E84-44F9-B32E-8B2D3EDD7075}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\super hexagon\superhexagon.exe |
"{EA6801E3-56D5-45FE-A206-418110F5F358}" = protocol=6 | dir=in | app=c:\users\scot grusian\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{EA8405DA-A8F1-450B-B7CE-A8C736A12422}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight\torchlight.exe |
"{EB212941-46EC-4E98-860F-134B87977D2E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\auditorium\auditorium.exe |
"{EB426449-1B86-4B4F-A3DC-77958E85B712}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\pc gamer digital edition\freakshow.exe |
"{EC351262-AC2B-4892-85C1-FEA25296EEFB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{ECD81A54-FAF8-4CC7-9D2E-E0735F46C13A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{EE60018E-859D-4462-AE44-3BAFFF1052DD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\little inferno beta\little inferno.exe |
"{EEE5F0EF-5CCA-497F-878B-80EC50C05D9F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\strikesuitzero\pc\main\binary\ssz.exe |
"{EF5E3CC7-219C-4A4C-A791-B919D67F8E03}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{EFFE1AAE-2B30-4BF5-8BC4-9BFC71C80C56}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hammerfight\hammerfight.exe |
"{F09412E3-BE2D-46D0-BD5C-128F3400DC85}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dustforce\dustforce.exe |
"{F239482B-7C9A-4176-8745-676C668008F6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sanctum\binaries\win32\sanctumgame-win32-shipping.exe |
"{F26B12C2-09B8-4A34-940E-039597EB2D7B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cogs\cogs.exe |
"{F4506806-7E64-48D8-8C07-F9B5AD667778}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F48D50D4-7A65-477B-8766-7E79736FBF22}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{F4C8ACB9-87C4-4B97-9EC0-2BBBA6559B8A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{F4FB1D18-4B0A-4EDB-9713-9C22391D4281}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cave story+\cavestory+.exe |
"{F57C3BBA-58F0-4833-A813-A81CE764000B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\valvetestapp206500\airmech.exe |
"{F6112FB3-FF4D-40FB-BDE3-96BBAA1E2C68}" = protocol=17 | dir=in | app=c:\users\scot grusian\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{F75D9518-1D8B-4A20-BF41-7EC2F353A8D5}" = protocol=17 | dir=in | app=c:\users\scot grusian\appdata\roaming\dropbox\bin\dropbox.exe |
"{F77B1A41-DBAE-44F0-BF7E-A8661BCE77B2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the binding of isaac\isaac.exe |
"{F7C4B6B0-8D50-46D2-B31B-CAA4B338618B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\offspring fling!\offspring fling.exe |
"{F7CFBCD7-EA76-4D64-AE4D-C91AA1990EF3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\spirits\spirits.exe |
"{F7EC4C56-B2FD-4FF0-94A9-89518A0515C5}" = protocol=6 | dir=in | app=c:\users\scot grusian\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{F85069DC-AEEB-4A99-8D1D-BB840BAFC60E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\driver fusion\driverfusion.exe |
"{F861F2B7-3B6E-443E-AA11-CB5154CB1268}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\beathazard.exe |
"{F969A3A4-842C-4173-842C-B66DC02E6A46}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cogs\cogs.exe |
"{FA93B22F-972E-4000-9949-C7B4AA310BAF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rbs\really big sky.exe |
"{FABF4321-0EBB-487F-B0C5-234C5D8E4D95}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\snapshot\snapshot.exe |
"{FB4F456A-BCF6-4911-A404-AD8A7A556CAE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\strikesuitzero\pc\main\binary\ssz.exe |
"{FB54A0DE-0E3B-4606-8579-ED2EC7E6A18A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe |
"{FCD732CF-34FE-409D-8792-9E4486A6C698}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sonic cd\soniccd.exe |
"{FD3CFFF3-2310-470D-BFF9-AFA73F8AA117}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FE661222-46CC-4200-BC7F-05FADF3F5C28}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cave story+\cavestory+.exe |
"{FECBAC1B-23DD-48E6-82E1-F3B6CC813111}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{FF4FA523-D8BA-4C96-8CAE-EBA34046C752}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\runme.exe |
"{FFEA19E7-B30C-4083-923B-AACA2E8AA1D0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\cthulhu saves the world\cstw.exe |
"TCP Query User{041056EF-B906-4C51-82BB-C6DA9BA02A9B}C:\users\scot grusian\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\scot grusian\appdata\local\akamai\netsession_win.exe |
"TCP Query User{0A3E52C3-8C54-44B9-A29E-8B5BF153121D}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{0FF0AA11-FE2F-49DA-BAC3-51A1C507D599}C:\program files (x86)\steam\steamapps\common\antichamber\binaries\win32\udk.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\antichamber\binaries\win32\udk.exe |
"TCP Query User{41F73CAB-818A-4285-88BF-CAA8E45AA2FC}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{438C8F04-A704-432D-AE0F-D54AADCBDFB5}C:\program files (x86)\ccp\eve\bin\exefile.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ccp\eve\bin\exefile.exe |
"TCP Query User{4D265F0E-5F0B-4EF6-9815-CC50C4CFA802}C:\program files (x86)\trillian\trillian.exe" = protocol=6 | dir=in | app=c:\program files (x86)\trillian\trillian.exe |
"TCP Query User{5E7D8E0F-E7BE-4C46-8D0B-427BC2637769}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"TCP Query User{6B5A93D7-47A0-4743-B526-921C72701F10}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{77A52A78-A5EA-4AE9-A0A3-347F507A8B81}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"TCP Query User{7C6495C2-9E1F-4C0D-B602-A9F72AA6D151}C:\program files (x86)\softnyx\gunbound\gunbound.exe" = protocol=6 | dir=in | app=c:\program files (x86)\softnyx\gunbound\gunbound.exe |
"TCP Query User{7D6FFE23-C324-4595-AF10-983ED0D79420}C:\program files (x86)\trillian\plugins\skypekit.exe" = protocol=6 | dir=in | app=c:\program files (x86)\trillian\plugins\skypekit.exe |
"TCP Query User{855E1E17-098D-4E18-B875-AD5E2BC7A7CE}C:\program files (x86)\pfportchecker\pfportchecker.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pfportchecker\pfportchecker.exe |
"TCP Query User{864D818A-C84D-4166-940A-4D5A00125C58}C:\program files (x86)\steam\steamapps\maxximus_prime\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\maxximus_prime\team fortress 2\hl2.exe |
"TCP Query User{8CEC53BC-33B7-4267-B3B9-02EB740E4001}C:\program files (x86)\steam\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe |
"TCP Query User{8D101878-BFED-49EE-8C46-518909A0C5A0}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{944DC7DF-081A-4517-BC65-14E8678FEF51}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{9B5964EA-0ECA-42D1-9CA2-A35A13641023}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"TCP Query User{BC963A79-B77E-44DA-A9C5-6FBE7C009951}C:\program files (x86)\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe |
"TCP Query User{C877D760-5F87-4597-965A-B762EB2072A9}C:\users\scot grusian\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\scot grusian\appdata\local\akamai\netsession_win.exe |
"TCP Query User{C9283FBE-FCBE-4392-8750-5A0FF24BEFDC}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{D7307196-58CB-4F62-8352-03AC18C67C61}C:\program files (x86)\softnyx\gunbound\gunbound.gme" = protocol=6 | dir=in | app=c:\program files (x86)\softnyx\gunbound\gunbound.gme |
"TCP Query User{D8639649-0796-4F3A-9584-324B0B0E2908}C:\program files (x86)\sony\content manager assistant\cma.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sony\content manager assistant\cma.exe |
"TCP Query User{DFDA615F-8891-4589-BD44-56BBF3DCE378}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{E1E1BD22-DAD6-421D-BA20-30422E207A71}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{EA018278-2A02-4989-A73F-57DF6F76A7C8}C:\program files (x86)\steam\steamapps\jscacltrsa\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\jscacltrsa\team fortress 2\hl2.exe |
"TCP Query User{F8933C46-E738-4D89-8292-87FAB80BE721}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{03984B96-0310-4E56-8514-9638A4485C24}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{081DC3AB-E2D0-4A5D-AE89-F4D57FF15A97}C:\program files (x86)\steam\steamapps\maxximus_prime\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\maxximus_prime\team fortress 2\hl2.exe |
"UDP Query User{0AAAFC97-4C47-4FF7-BC2D-09665811D31D}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{127DF845-C753-414E-88E4-94CFE5239619}C:\program files (x86)\steam\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe |
"UDP Query User{2D6898D1-0510-456D-9D81-45FB89AB9D59}C:\program files (x86)\steam\steamapps\common\antichamber\binaries\win32\udk.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\antichamber\binaries\win32\udk.exe |
"UDP Query User{37300972-AA71-436A-A6A3-BA71E20C40BC}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{3A09A7C4-5B14-460A-A1E9-E2B197CA2A56}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{3BEFD182-51C4-4D48-8727-AA02AAA84B72}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"UDP Query User{3EBDB88C-5D23-4E19-97CB-F5EC3737A77C}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{42D8BD23-AFC4-4A88-A6ED-393A82848273}C:\program files (x86)\softnyx\gunbound\gunbound.gme" = protocol=17 | dir=in | app=c:\program files (x86)\softnyx\gunbound\gunbound.gme |
"UDP Query User{6254D185-2B42-42A3-9F49-B204E212DF30}C:\program files (x86)\trillian\plugins\skypekit.exe" = protocol=17 | dir=in | app=c:\program files (x86)\trillian\plugins\skypekit.exe |
"UDP Query User{64F84D21-D402-482C-9B3B-062BF41DAAD1}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{659AB201-C9B0-4C45-910E-176206E0EE05}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{74740594-5E46-484A-8FF7-F24A7D2E5848}C:\users\scot grusian\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\scot grusian\appdata\local\akamai\netsession_win.exe |
"UDP Query User{8125DE33-5A0C-49A0-A7AB-CEE02507A0BC}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"UDP Query User{90F63664-5C25-4337-ABAE-145CDA5839C1}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"UDP Query User{ACE70403-4C97-4B38-B880-DB00F03892D3}C:\program files (x86)\trillian\trillian.exe" = protocol=17 | dir=in | app=c:\program files (x86)\trillian\trillian.exe |
"UDP Query User{B07DD491-6340-4C60-B558-6C99EDC01D21}C:\program files (x86)\sony\content manager assistant\cma.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sony\content manager assistant\cma.exe |
"UDP Query User{C74732DD-5AF0-4857-BF06-7D9856D23E42}C:\program files (x86)\steam\steamapps\jscacltrsa\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\jscacltrsa\team fortress 2\hl2.exe |
"UDP Query User{D9C08664-5C70-4557-BFF2-08CD0A24AC07}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{E74E3ABF-EC71-486F-B7A5-508DFE494BE4}C:\program files (x86)\pfportchecker\pfportchecker.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pfportchecker\pfportchecker.exe |
"UDP Query User{E8F8B813-4D16-460F-BFC7-240835AF1C33}C:\program files (x86)\softnyx\gunbound\gunbound.exe" = protocol=17 | dir=in | app=c:\program files (x86)\softnyx\gunbound\gunbound.exe |
"UDP Query User{F209F73C-7EA2-4EB4-8D3C-6C59ABF10821}C:\program files (x86)\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2.exe |
"UDP Query User{FBA8B356-D61A-49D4-87A4-F42420BD21A2}C:\users\scot grusian\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\scot grusian\appdata\local\akamai\netsession_win.exe |
"UDP Query User{FDFE7C0E-474C-4AF7-B2C4-0DED7A038BAA}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{FFBB284D-C61B-4BF5-ADC5-CAAAA48F488B}C:\program files (x86)\ccp\eve\bin\exefile.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ccp\eve\bin\exefile.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1444D2EE-C7AD-44A8-844F-2634B49353D1}" = Logitech Gaming Software 5.10
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{2029C99D-3DF5-1AE1-ECE6-C512AA2EDA04}" = AMD Fuel
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417025FF}" = Java 7 Update 25 (64-bit)
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy ds3 driver version 0.6.0003
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{3C28BFD4-90C7-3138-87EF-418DC16E9598}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
"{45CB0703-D49C-31B2-0DBD-FDD98D7DEF7A}" = AMD Drag and Drop Transcoding
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A7CAA24-7B23-410B-A7C3-F994B0944160}" = Microsoft Virtual PC 2007
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8E7D00D0-255E-F084-28A3-400DCD5EF8A7}" = ccc-utility64
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F37A899E-1745-52F5-658F-9A4DA4D46BB7}" = AMD Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"{F800CF18-6470-D909-B460-73F2F41030B4}" = AMD Accelerated Video Transcoding
"{F9434B34-EDCA-DF34-FD55-8D66DF8DBECF}" = AMD Media Foundation Decoders
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.61.5
"Defraggler" = Defraggler
"KLiteCodecPack64_is1" = K-Lite Codec Pack 9.9.5 (64-bit)
"Lexmark 730 Series" = Lexmark 730 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Pen Tablet Driver" = Bamboo
"REAPER" = REAPER (x64)
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"TeraCopy_is1" = TeraCopy 2.27
"UDK-902d183a-3156-4e31-96ee-13a307c0ef06" = My Game Long Name

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0332D177-BFD1-24B8-17A1-9C1F5F37A65F}" = Brobdingnag 2
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A5B39D2-7ED6-4779-BCC9-37F381139DB3}" = Adobe AIR
"{0C91919D-0386-C260-0822-7A01C5BCD58A}" = CCC Help Greek
"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"{0DCD0704-E2AB-4e97-96A7-90F146BD8243}" = Content Manager Assistant for PlayStation(R)
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{143593DA-4632-50AE-A6D9-7676695B33C8}" = CCC Help Finnish
"{1645D26D-73CA-3DED-8238-3635DB07F437}" = Google Chrome
"{16584456-9AD2-3FA4-C8B5-B2EE2D856E6C}" = Catalyst Control Center Localization All
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{1845470B-EB14-4ABC-835B-E36C693DC07D}" = Skype™ 6.7
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1EA7C505-E6DA-4B85-9432-EBD3C70D510D}" = Windows Live Messenger
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23A3E560-069F-4CFC-8F6C-1B526EC735FC}" = Windows Live Writer Resources
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{33365E1D-B501-AA04-F802-88BF0A4DB9F7}" = CCC Help French
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Command
"{3D69628B-4DE8-43C7-9A22-F90F5B870C08}" = ArcSoft TotalMedia Backup
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{43C5AF90-0558-590E-30A3-7A8FEEA4B45B}" = Catalyst Control Center Graphics Previews Common
"{441B922B-E0AC-F7BB-E577-095E3E3B8D03}" = CCC Help Turkish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{5454085C-129F-416C-9C0B-8B1000058301}" = BioShock 2
"{5454085C-129F-416C-9C0B-8B1000058302}" = BioShock 2
"{5454085C-129F-416C-9C0B-8B1000058303}" = BioShock 2
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{5C03C49F-662A-B4EF-E5EC-1C1FFFDD6578}" = CCC Help Norwegian
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{69ABD76E-52E6-E809-9E6B-B6E194DF6E30}" = CCC Help Portuguese
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6C84C3D8-F2E1-EF85-34E2-EFD8C583A414}" = CCC Help Swedish
"{6e8f74e0-43bd-4dce-8477-6ff6828acc07}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"{76423878-BF55-4C2F-AC25-2A82CE9AFB7A}" = Windows 7 Logon Background Changer
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7DA5255C-EE35-848E-4482-407BB876BD15}" = CCC Help Russian
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{831C840A-8331-E269-24EE-52A3EDEC8830}" = CCC Help Chinese Traditional
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86C40513-B5A4-476E-9EAB-EC118DCF4502}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8AE2B7D4-2BAA-4B9D-A4F4-282D3D30F1D0}" = IObit Apps Toolbar v7.2
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AF92104-2955-867B-E374-63FA2AB55CC4}" = CCC Help Korean
"{9BC10B90-1592-3C5A-BBA7-BACDA0B52405}" = CCC Help Japanese
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}" = OpenOffice.org 3.4.1
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A407FC22-36BF-4C82-A516-59D94BC505A9}" = System Requirements Lab Detection
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A4D77A09-10EA-4574-8C09-9B6E1A21C95F}" = Virus Guard - powered by BitDefender
"{A71AF1EF-6C46-DC9A-84C0-0DADE7F3BEEE}" = CCC Help Hungarian
"{A7527D8A-4C50-9D56-CB37-922E1EC96B82}" = CCC Help Thai
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{AD77BAEE-4E6B-3EDB-DBB9-A8CA263C02C1}" = HydraVision
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B7416D0F-8282-468A-5C3D-CA5713B6F4C0}" = AMD VISION Engine Control Center
"{B80D3EA9-A252-4AE5-AC51-81729F5C586F}" = Windows Live Mail
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C3592426-531E-4110-911D-BFECE2CE284C}" = osu!
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CA311B78-954E-44BC-913F-B5B8B74A786B}" = CCC Help German
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1725D54-279A-40C5-A70D-23C1785DB920}_is1" = AoA Audio Extractor
"{D2883AB6-09B4-4981-AAF8-E695411EEC9A}" = Sculptris Alpha 6
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}" = Microsoft XNA Framework Redistributable 4.0 Refresh
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{DD89CE29-BC88-40C6-A845-E2548682C5D6}" = Alcor Micro USB Card Reader
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics DiskDefrag
"{E0184F33-58CA-A249-0D1B-F23F9206410D}" = CCC Help English
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E28884AE-E40E-2F71-9511-8CC8C071147F}" = CCC Help Chinese Standard
"{E3DB1759-C652-E0E3-5B88-76286BF9B6D0}" = CCC Help Dutch
"{E4F26D72-E0BA-33B5-E5A4-542C545EFAAA}" = CCC Help Polish
"{E72F1051-B87E-4EF4-AE9F-8FDD229CC438}" = Catalyst Control Center - Branding
"{E77DA909-3532-4C95-AFEB-06310E88462A}" = System Requirements Lab CYRI
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{E9820957-CB43-3BD1-3A00-25C7CB37EE1D}" = CCC Help Danish
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{ECC9BBF1-5735-F27B-E25A-5522D8B3F044}" = CCC Help Italian
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EEC3A4C1-2B49-00CF-DA00-B27DC267236E}" = CCC Help Spanish
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F47662E5-C972-89F6-0416-5BAC56E835F9}" = CCC Help Czech
"{F8A10A25-D8DD-4661-9A1E-7F6DBAAA3C5E}" = inSSIDer
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.20
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Akamai" = Akamai NetSession Interface Service
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.17
"ASIO4ALL" = ASIO4ALL
"Audacity_is1" = Audacity 1.2.6
"avast" = avast! Free Antivirus
"com.fc2.blog21.irafyou.Brobdingnag2" = Brobdingnag 2
"DAEMON Tools Lite" = DAEMON Tools Lite
"Debut" = Debut Video Capture Software
"D-Fend Reloaded" = D-Fend Reloaded 1.2.1 (deinstall)
"DVD Decrypter" = DVD Decrypter (Remove Only)
"FastStone Image Viewer" = FastStone Image Viewer 4.8
"Finale NotePad 2008" = Finale NotePad 2008
"FL Studio 10" = FL Studio 10
"Flash Decompiler Trillix_is1" = Flash Decompiler Trillix
"Flash Movie Player" = Flash Movie Player 1.5
"Foldit" = Foldit
"Foxit Reader_is1" = Foxit Reader
"Fraps" = Fraps (remove only)
"HandBrake" = HandBrake 0.9.5
"Identity Card" = Identity Card
"IL Download Manager" = IL Download Manager
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"InstallShield_{D2883AB6-09B4-4981-AAF8-E695411EEC9A}" = Sculptris Alpha 6
"InstallShield_{DD89CE29-BC88-40C6-A845-E2548682C5D6}" = Alcor Micro USB Card Reader
"IrfanView" = IrfanView (remove only)
"Jack Claw_is1" = Jack Claw
"JDownloader" = JDownloader
"Katawa Shoujo" = Katawa Shoujo
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.9.5 (Full)
"LAME_is1" = LAME v3.99.3 (for Windows)
"LinuxLive USB Creator" = LinuxLive USB Creator
"LManager" = Launch Manager
"Magic ISO Maker v5.5 (build 0261)" = Magic ISO Maker v5.5 (build 0261)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Firefox 23.0 (x86 en-US)" = Mozilla Firefox 23.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"OpenAL" = OpenAL
"PC Wizard 2012_is1" = PC Wizard 2012.2.11
"pcsx2-r5350" = PCSX2 - Playstation 2 Emulator
"Pidgin" = Pidgin
"Prism" = Prism Video File Converter
"Rainmeter" = Rainmeter
"Recordpad" = RecordPad Sound Recorder
"Smart Defrag 2 Pro_is1" = Smart Defrag 2
"Smart Defrag 2_is1" = Smart Defrag 2
"Songbird-release-1800" = Songbird 1.8.0 (Build 1800)
"SpeedFan" = SpeedFan (remove only)
"Steam App 104600" = Portal 2 - The Final Hours
"Steam App 105600" = Terraria
"Steam App 107100" = Bastion
"Steam App 107310" = Cthulhu Saves the World
"Steam App 110610" = Alien Zombie Megadeath
"Steam App 111800" = Blocks That Matter
"Steam App 113200" = The Binding Of Isaac
"Steam App 12900" = Audiosurf
"Steam App 1500" = Darwinia
"Steam App 1510" = Uplink
"Steam App 1520" = DEFCON
"Steam App 17520" = Synergy
"Steam App 200210" = Realm of the Mad God
"Steam App 200710" = Torchlight II
"Steam App 200900" = Cave Story+
"Steam App 200940" = Sonic CD
"Steam App 201570" = Really Big Sky
"Steam App 204220" = Snapshot
"Steam App 204360" = Castle Crashers
"Steam App 205230" = Hell Yeah!
"Steam App 205870" = Auditorium
"Steam App 207250" = Cubemen
"Steam App 207530" = Noitu Love 2 Devolution
"Steam App 207750" = Symphony
"Steam App 20820" = Shatter
"Steam App 209790" = Splice
"Steam App 209830" = Lone Survivor
"Steam App 210170" = Spirits
"Steam App 211360" = Offspring Fling!
"Steam App 213530" = The White Laboratory
"Steam App 214830" = Half Minute Hero: Super Mega Neo Climax Ultimate Boy
"Steam App 219890" = Antichamber
"Steam App 221260" = Little Inferno
"Steam App 221640" = Super Hexagon
"Steam App 23300" = Yosumin!
"Steam App 233570" = Driver Fusion
"Steam App 234710" = Poker Night 2
"Steam App 26500" = Cogs
"Steam App 28050" = Deus Ex: Human Revolution
"Steam App 29180" = Osmos
"Steam App 31280" = Poker Night at the Inventory
"Steam App 34270" = SEGA Genesis & Mega Drive Classics
"Steam App 3590" = Plants vs. Zombies: Game of the Year
"Steam App 37200" = Chessmaster
"Steam App 38700" = Toki Tori
"Steam App 38740" = EDGE
"Steam App 4000" = Garry's Mod
"Steam App 40800" = Super Meat Boy
"Steam App 41100" = Hammerfight
"Steam App 41210" = Eufloria
"Steam App 41500" = Torchlight
"Steam App 42910" = Magicka
"Steam App 440" = Team Fortress 2
"Steam App 46600" = Swarm Arena
"Steam App 48000" = LIMBO
"Steam App 49600" = Beat Hazard
"Steam App 55230" = Saints Row: The Third
"Steam App 61310" = Fractal: Make Blooms Not War
"Steam App 620" = Portal 2
"Steam App 62100" = Chime
"Steam App 63660" = Myst: Masterpiece Edition
"Steam App 63700" = BIT.TRIP BEAT
"Steam App 63710" = BIT.TRIP RUNNER
"Steam App 65300" = Dustforce
"Steam App 67000" = The Polynomial
"Steam App 70300" = VVVVVV
"Steam App 72000" = Closure
"Steam App 72200" = Universe Sandbox
"Steam App 8870" = BioShock Infinite
"Steam App 8930" = Sid Meier's Civilization V
"Steam App 92300" = A.R.E.S.
"Steam App 92500" = PC Gamer
"Steam App 94200" = Jamestown
"Steam App 97000" = Solar 2
"Steam App 98100" = TRAUMA
"StepMania" = StepMania 3.9b (remove only)
"SumatraPDF" = SumatraPDF
"The Incredible Machine Series_is1" = The Incredible Machine Series
"Trillian" = Trillian
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.8
"Voxatron" = Voxatron 0.1.3
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinMerge_is1" = WinMerge 2.14.0
"Wireshark" = Wireshark 1.4.3
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"Wubi" = Ubuntu
"XnView_is1" = XnView 1.98
"Yahoo! Messenger" = Yahoo! Messenger
"ZMBV" = Zip Motion Block Video codec (Remove Only)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3810087351-2250998269-117142514-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"Advanced Archive Password Recovery" = Advanced Archive Password Recovery
"Akamai" = Akamai NetSession Interface
"Dropbox" = Dropbox
"I-Doser v4" = I-Doser v4
"Meebo Notifier" = Meebo Notifier
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Detector Plug-in
"WinDirStat" = WinDirStat 1.1.2

< End of report >
 
when coming from my laptop sleeping it sometimes hangs
This would be a subject to a different forum.

redtarget.gif
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
Code:
:OTL
IE - HKU\S-1-5-21-3810087351-2250998269-117142514-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-3810087351-2250998269-117142514-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>
IE - HKU\S-1-5-21-3810087351-2250998269-117142514-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:21320
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: File not found
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [LXCFCATS] rundll32 \3\LXCFtime.dll,RunDLLEntry File not found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
@Alternate Data Stream - 178 bytes -> C:\ProgramData\Temp:8CE646EE
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:F4CA4D70

:Services

:Reg

:Files
C:\FRST

:Commands
[purity]
[emptytemp]
[emptyjava]
[emptyflash]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • You will get a log that shows the results of the fix. Please post it.

NOTE. If for any reason OTL stalls (most likely at "killing processes..." step) run the fix from safe mode.
Last scans....

redtarget.gif
Download Security Check from here or here and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.


redtarget.gif
Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

redtarget.gif
Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.

redtarget.gif
Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • NOTE. If Eset won't find any threats, it won't produce any log.
 
Just now (when trying to come back and fulfill the last steps) My computer connected to my friend's internet, but would not connect to any sites on chrome. It told me it was trying to go through a proxy (according to a setting) and could not contact the proxy. I was able to resolve it (?) by opening chrome, it just suddenly worked, but I'm kind of concerned. I'll go ahead and do these really fast and hopefully that will help.
 
Well, OTL stalled (the logging out/shutting down portion of Windows 7 rebooting stalled for 5 minutes or more, and I hard rebooted back into safe mode. When trying to redo the fix, OTL would not launch, after trying again, I got a .txt of the log. I'll post that and go ahead with the other fixes, hopefully it completed correctly.
 
OTL log:

All processes killed
========== OTL ==========
HKU\S-1-5-21-3810087351-2250998269-117142514-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-21-3810087351-2250998269-117142514-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
HKU\S-1-5-21-3810087351-2250998269-117142514-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\LXCFCATS deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
ADS C:\ProgramData\Temp:8CE646EE deleted successfully.
ADS C:\ProgramData\Temp:F4CA4D70 deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
File\Folder C:\FRST not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 57472 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Jscacltrsa
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1704111 bytes
->Java cache emptied: 1 bytes
->Google Chrome cache emptied: 282862537 bytes
->Flash cache emptied: 59685 bytes

User: matt
->Temp folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Scot Grusian
->Temp folder emptied: 10627888 bytes
->Temporary Internet Files folder emptied: 1573598 bytes
->Java cache emptied: 6095610 bytes
->FireFox cache emptied: 96877226 bytes
->Google Chrome cache emptied: 12384731 bytes
->Flash cache emptied: 59129 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 557056 bytes
%systemroot%\System32 .tmp files removed: 782 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 534918 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50528 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 644 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 394.00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Jscacltrsa
->Java cache emptied: 0 bytes

User: matt

User: Public

User: Scot Grusian
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0.00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Jscacltrsa
->Flash cache emptied: 0 bytes

User: matt

User: Public

User: Scot Grusian
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 08132013_033215

Files\Folders moved on Reboot...
File move failed. C:\Users\Scot Grusian\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.
File move failed. C:\Users\Scot Grusian\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
C:\Windows\temp\_avast_\Webshlock.txt moved successfully.
C:\Windows\temp\dsiwmis.log moved successfully.
File move failed. C:\Windows\temp\mavcperf-setup.log scheduled to be moved on reboot.

PendingFileRenameOperations files...


Registry entries deleted on Reboot...
 
Security Check:

Results of screen317's Security Check version 0.99.72
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
Malwarebytes Anti-Malware version 1.75.0.1300
Java 7 Update 25
Adobe Flash Player 11.8.800.94
Adobe Reader XI
Mozilla Firefox (23.0)
Google Chrome 28.0.1500.72
Google Chrome 28.0.1500.95
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````

FSS:

Farbar Service Scanner Version: 04-08-2013
Ran by Scot Grusian (administrator) on 13-08-2013 at 04:12:34
Running from "C:\Users\Scot Grusian\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Network
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Action Center:
============

wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
 
Please re-run FSS from normal mode.
MY instructions didn't say anything about running it from safe mode.
 
Redid the FSS scan, I'll get to the virus scan tonight.

FSS:

Farbar Service Scanner Version: 04-08-2013
Ran by Scot Grusian (administrator) on 14-08-2013 at 19:10:22
Running from "C:\Users\Scot Grusian\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit



**** End of log ****
 
Sorry that I haven't gotten back to you with the online virus scan. I was dealing with finals and I was behind in work.
I'm going to start the virus scan tomorrow most likely. (Since I'll have more time to dedicate to that)
A friend of mine got a blue screen for the first time and wanted to know of some software to use for scanning. Which of the software you've listed in total would be good for him to use? (without risk of damage)
 
One BSOD shouldn't be a reason for a concern.
If it happens 3-4 times in a short period of time I suggest our BSOD forum.
 
That's what I told him. He's got a good track record so far of only 1 BSOD for a couple years. I'll get to the scan, and thank you for the advice.
 
Sorry for the late reply! I had no access to internet this weekend and could not get that log to you. I'll be doing the log as we speak and posting when it's done. (last time it was taking over an hour and was not half way done. I have access while at school, so I'll get that done now.) Thank you for your patience.
 
Hrm, The scan has been going on for 4.5 hours at school and it's scanned about 266000 files (out of an approx 8.8-9.5K files) Anything I should have done to speed this up? I kept the normal checked box and checked the "scan archives" button as you said.
 
Depending on number of files it may take a while.
I've seen it running overnight.
 
Back