Argentum Skrevet 12. mai 2013 Del Skrevet 12. mai 2013 Ser et par tråder om dataproblemer som har oppstått 10.05.13. Samme her og jeg vet om en til som har det samme. Har gjort litt feilsøking og har kommet fram til et par teorier om ikke en løsning. Det begynte fredag, så det er endringer som har skjedd de siste dagene som har gjort det. De programmene som jeg husker har kjørt oppdateringer er: Windows update Spotify Google Chrome Java Jeg holder en knapp på enten Chrome eller Java. Bruk av chrome på visse forumer jeg er medlem i nå resulterer i en crash. Vennen som jeg snakket om opplever det på facebook, men med samme resultat. Går greit et par minutter, så i løpet av et par sekunder så kjører det plutselig sirup. Jeg har gjort følgende endringer nå: Fjernet alt fra startup som ikke trenger være der, kjørt slimcleaner og en kjapp virusscan. Dette løste ingenting. Installert og kjørt Opera som nettleser. Merker at det kanskje henger litt innimellom, uten at jeg rekker å reagere noe spes på det, men det kjører betraktelig mer stabilt. Enn så lenge. Venn har prøvd iexplore og firefox med kræsj som resultat. Hennes problemer startet og fredag. Lenke til kommentar
mobile999 Skrevet 12. mai 2013 Del Skrevet 12. mai 2013 Har du/dere installert sikkerhetsoppdatering 2823324 (som kan kverke Windows 7)? Lenke til kommentar
Argentum Skrevet 12. mai 2013 Forfatter Del Skrevet 12. mai 2013 Det sier meg absolutt ingenting. Hvordan finner jeg ut av det? Kan forøvrig nevne at systemet kjører stabilt med Opera. Ikke hatt en kræsj på flere timer nå. Lenke til kommentar
mobile999 Skrevet 12. mai 2013 Del Skrevet 12. mai 2013 Du kan se installerte oppdateringer her: Start -> Kontrollpanel -> System og sikkerhet -> Se installerte oppdateringer. Lokaliser KB2823324 og sjekk datoen for installering. Du trenger ikke se lenger tilbake i tid enn t.o.m April måned. Lenke til kommentar
Argentum Skrevet 12. mai 2013 Forfatter Del Skrevet 12. mai 2013 (endret) Du kan se installerte oppdateringer her: Start -> Kontrollpanel -> System og sikkerhet -> Se installerte oppdateringer. Lokaliser KB2823324 og sjekk datoen for installering. Du trenger ikke se lenger tilbake i tid enn t.o.m April måned. Den er ikke installert. Så både etter nr og dato. Kjørt opera stabilt i flere timer nå. Forsøkte Google Chrome igjen etter å ha avinstallert den, og så reinstallert den. Virker som problemet ligger i noe den bruker eller i selve programmet. For fikk nesten insta-krasj når jeg forsøkte å starte den opp, men har en app-snarvei for netflix og den kjører fint. Funky. Endret 12. mai 2013 av Argentum Lenke til kommentar
mobile999 Skrevet 12. mai 2013 Del Skrevet 12. mai 2013 Last ned og kjør OTL. Klikk Quick Scan. Når den er ferdig poster du de to tekstfilene den lager (OTL.txt og Extras.txt). Det er dette forumets policy at logger postes i spoilertekst. Lenke til kommentar
Argentum Skrevet 12. mai 2013 Forfatter Del Skrevet 12. mai 2013 Last ned og kjør OTL. Klikk Quick Scan. Når den er ferdig poster du de to tekstfilene den lager (OTL.txt og Extras.txt). Det er dette forumets policy at logger postes i spoilertekst. Godt tips på program. Kjørte forresten full scan. Logg følger. OTL logfile created on: 12.05.2013 21:35:59 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Main\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000414 | Country: Norge | Language: NOR | Date Format: dd.MM.yyyy 15,99 Gb Total Physical Memory | 12,82 Gb Available Physical Memory | 80,18% Memory free 31,98 Gb Paging File | 28,79 Gb Available in Paging File | 90,01% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 931,51 Gb Total Space | 725,85 Gb Free Space | 77,92% Space Free | Partition Type: NTFS Drive D: | 1397,26 Gb Total Space | 899,10 Gb Free Space | 64,35% Space Free | Partition Type: NTFS Drive E: | 465,76 Gb Total Space | 66,60 Gb Free Space | 14,30% Space Free | Partition Type: NTFS Unable to calculate disk information. Computer Name: MAIN-PC | User Name: Main | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.05.12 21:15:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Main\Desktop\OTL.exe PRC - [2013.05.12 11:59:23 | 000,879,456 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe PRC - [2013.05.05 11:59:22 | 004,573,184 | ---- | M] (Spotify Ltd) -- C:\Program Files (x86)\Spotify\spotify.exe PRC - [2013.05.05 11:59:16 | 001,105,408 | ---- | M] (Spotify Ltd) -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe PRC - [2013.05.04 01:35:30 | 001,635,752 | ---- | M] (Valve Corporation) -- D:\Steam\Steam.exe PRC - [2013.04.09 10:47:58 | 000,320,000 | ---- | M] (Photobucket) -- C:\Program Files (x86)\Photobucket Backup\Photobucket.App.exe PRC - [2013.04.05 00:41:44 | 025,863,280 | ---- | M] (Dropbox, Inc.) -- C:\Users\Main\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2013.03.24 10:46:24 | 000,976,672 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe PRC - [2013.03.14 22:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2013.03.07 22:32:38 | 000,248,240 | ---- | M] (Facebook) -- C:\Users\Main\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe PRC - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.12.07 18:22:22 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2011.06.19 14:40:04 | 000,034,728 | ---- | M] (Arainia Solutions) -- C:\Program Files (x86)\Gizmo\gservice.exe PRC - [2010.09.16 14:06:22 | 000,080,896 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe PRC - [2009.04.07 09:13:10 | 000,673,616 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe PRC - [2006.12.19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe ========== Modules (No Company Name) ========== MOD - [2013.05.05 11:59:16 | 024,985,600 | ---- | M] () -- C:\Program Files (x86)\Spotify\Data\libcef.dll MOD - [2013.05.04 01:35:30 | 001,114,536 | ---- | M] () -- D:\Steam\bin\chromehtml.dll MOD - [2013.04.24 04:30:08 | 000,652,800 | ---- | M] () -- D:\Steam\SDL2.dll MOD - [2013.03.31 16:12:42 | 000,121,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inte#\1c0f43f162489dc2021aa09db8dfabda\System.Windows.Interactivity.ni.dll MOD - [2013.03.31 16:12:41 | 000,766,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\log4net\14d83eecd50cfd510718262afd2fca79\log4net.ni.dll MOD - [2013.03.27 02:16:40 | 020,341,672 | ---- | M] () -- D:\Steam\bin\libcef.dll MOD - [2013.03.13 22:48:52 | 024,978,944 | ---- | M] () -- C:\Users\Main\AppData\Roaming\Dropbox\bin\libcef.dll MOD - [2013.03.07 22:32:40 | 021,014,960 | ---- | M] () -- C:\Users\Main\AppData\Local\Facebook\Messenger\2.1.4814.0\libcef.dll MOD - [2013.03.07 22:32:38 | 000,292,272 | ---- | M] () -- C:\Users\Main\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.dll MOD - [2013.03.07 22:32:38 | 000,179,632 | ---- | M] () -- C:\Users\Main\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.WinForms.dll MOD - [2013.02.15 05:28:34 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll MOD - [2013.02.15 04:08:21 | 001,880,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\75b362975753a31559874bea5609e59c\System.Deployment.ni.dll MOD - [2013.01.10 08:23:33 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\5f1ed9259488bd5e34e4ff4bf2f01687\System.Data.ni.dll MOD - [2013.01.10 08:23:13 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll MOD - [2013.01.10 08:23:01 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll MOD - [2013.01.10 08:22:59 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll MOD - [2013.01.10 08:22:59 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll MOD - [2013.01.10 08:22:54 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll MOD - [2013.01.09 21:40:04 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\ac9e3eca6c148504588e7c6d09fe83e3\System.Management.ni.dll MOD - [2013.01.09 21:39:47 | 013,345,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\52588e18078ea592ce9cc2399b624a15\System.Data.Entity.ni.dll MOD - [2013.01.09 21:39:05 | 000,194,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\47479aabdb346a716ba90335ebd0c25f\System.ComponentModel.DataAnnotations.ni.dll MOD - [2013.01.09 21:38:55 | 000,096,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\a1b65a602c75409c0c1ce7fa1f2a0983\UIAutomationProvider.ni.dll MOD - [2013.01.09 21:38:54 | 001,189,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.OracleC#\aad0fd94c3d1be97f53ce20c138490de\System.Data.OracleClient.ni.dll MOD - [2013.01.09 21:38:48 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\5ea93652e4752c75bc6fbb195b4eb864\System.Runtime.Remoting.ni.dll MOD - [2013.01.09 21:38:47 | 000,787,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\1d254fbc811d0de6c54a9d9c428c4497\System.EnterpriseServices.ni.dll MOD - [2013.01.09 21:38:46 | 000,649,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\dcb0e7d56ffca14d7c483103235b11ad\System.Transactions.ni.dll MOD - [2013.01.09 21:38:46 | 000,236,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\1d254fbc811d0de6c54a9d9c428c4497\System.EnterpriseServices.Wrapper.dll MOD - [2013.01.09 21:38:45 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\910fe53ec2122cf3a2ad11c2b2f5cbfd\System.Runtime.Serialization.ni.dll MOD - [2013.01.09 21:38:43 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\d01a925ecd339eae8ea1da8488eb2283\System.Xml.Linq.ni.dll MOD - [2013.01.09 21:38:28 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dll MOD - [2013.01.09 21:38:26 | 000,044,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Accessibility\e290208a6d4ea4451ac118f1e0c3b488\Accessibility.ni.dll MOD - [2013.01.09 21:30:16 | 018,002,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\14f511c47523f19ca591eb207e9e2084\PresentationFramework.ni.dll MOD - [2013.01.09 21:30:07 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e10fd15441d278c04a03302880a3e231\PresentationCore.ni.dll MOD - [2013.01.09 21:30:06 | 006,815,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\9071f089ab65d518d1bd7e8fa857a95f\System.Data.ni.dll MOD - [2013.01.09 21:30:06 | 001,616,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\e6f1669a51fbf73520ae79dca19f005e\Microsoft.CSharp.ni.dll MOD - [2013.01.09 21:30:03 | 000,377,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\ebd8e7de507b634d15b3e16614270f06\System.Dynamic.ni.dll MOD - [2013.01.09 21:30:02 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\27dcf04ed7a3506045597c02a5a1fc31\System.Core.ni.dll MOD - [2013.01.09 21:30:00 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll MOD - [2013.01.09 21:30:00 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\7a9ff5ce3a909d075179a2ac70d8f388\WindowsBase.ni.dll MOD - [2013.01.09 21:29:59 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\dfeff31ab1e7cd3480c8942290c92f5d\PresentationFramework.Aero.ni.dll MOD - [2013.01.09 21:29:58 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll MOD - [2013.01.09 21:29:58 | 000,745,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Security\581e9ba9c81e2840a917fbd3d9661f85\System.Security.ni.dll MOD - [2013.01.09 21:29:57 | 009,094,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll MOD - [2013.01.09 21:29:57 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5de5d8c1c02e33789e3cf7e3f54c0ec9\System.Configuration.ni.dll MOD - [2013.01.09 21:29:53 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll MOD - [2013.01.09 21:29:53 | 000,145,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\c300c8ca0910bbffb16a244b56be6d05\System.Numerics.ni.dll MOD - [2012.12.11 19:51:10 | 001,100,800 | ---- | M] () -- D:\Steam\bin\avcodec-53.dll MOD - [2012.12.11 19:51:10 | 000,192,000 | ---- | M] () -- D:\Steam\bin\avformat-53.dll MOD - [2012.12.11 19:51:10 | 000,124,416 | ---- | M] () -- D:\Steam\bin\avutil-51.dll MOD - [2012.11.14 01:32:50 | 003,558,400 | ---- | M] () -- C:\Users\Main\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll MOD - [2012.05.30 20:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2012.05.30 20:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2010.11.13 03:41:38 | 000,290,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_no_b77a5c561934e089\mscorlib.resources.dll MOD - [2010.11.05 03:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2009.03.12 15:45:32 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll MOD - [2008.11.21 13:58:42 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll ========== Services (SafeList) ========== SRV - [2013.04.19 12:37:24 | 000,935,192 | ---- | M] (BitRaider, LLC) [On_Demand | Stopped] -- C:\ProgramData\bitraider\BRSptSvc.exe -- (BRSptSvc) SRV - [2013.03.24 10:41:08 | 001,927,968 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2013.03.14 22:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2013.03.12 22:20:28 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.01.27 12:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Programfiler\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV - [2013.01.27 12:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programfiler\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2013.01.08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.12.07 18:22:22 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012.08.15 18:44:42 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Paused] -- D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService) SRV - [2011.09.22 10:46:18 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011.06.19 14:40:04 | 000,034,728 | ---- | M] (Arainia Solutions) [Auto | Running] -- C:\Program Files (x86)\Gizmo\gservice.exe -- (Gizmo Central) SRV - [2010.09.16 14:06:22 | 000,080,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007.12.17 13:00:00 | 000,163,840 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE -- (EPSON_EB_RPCV4_01) SRV - [2007.01.11 13:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01) SRV - [2006.12.19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.03.22 10:52:16 | 000,186,880 | ---- | M] (HID Global Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cxbu0x64.sys -- (cxbu0x64) DRV:64bit: - [2013.02.12 06:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx) DRV:64bit: - [2013.01.20 16:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2012.12.19 07:41:52 | 000,194,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2012.11.15 03:38:20 | 000,040,712 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6) DRV:64bit: - [2012.11.15 03:33:20 | 000,042,248 | ---- | M] (AnchorFree Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\hssdrv6.sys -- (HssDRV6) DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012.08.01 20:13:40 | 000,038,632 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss) DRV:64bit: - [2012.06.26 21:38:30 | 000,046,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64) DRV:64bit: - [2012.05.11 07:34:14 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) DRV:64bit: - [2012.05.11 07:34:12 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:64bit: - [2012.04.25 12:11:36 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.11.05 19:36:30 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:64bit: - [2011.11.05 19:36:29 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:64bit: - [2011.06.19 14:40:07 | 000,034,704 | ---- | M] (Arainia Solutions LLC) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gizmodrv.sys -- (GizmoDrv) DRV:64bit: - [2011.06.10 07:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.06.25 16:08:10 | 000,036,928 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot) DRV:64bit: - [2010.05.15 13:11:48 | 001,327,520 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV:64bit: - [2009.11.01 19:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64) DRV:64bit: - [2009.08.13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:64bit: - [2009.07.16 05:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 02:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2013.04.19 13:46:55 | 000,074,024 | ---- | M] (BitRaider) [File_System | On_Demand | Stopped] -- C:\ProgramData\bitraider\BRDriver64.sys -- (BRDriver64) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://no.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nb-NO IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CE B4 2C 29 F3 4E CE 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "https://accounts.google.com/ServiceLoginAuth|https://www.facebook.com/|http://www.blogger.com/home|http://forum.kvinneguiden.no/|https://www.diskusjon.no/" FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.4 FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.172 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Users\Main\AppData\LocalLow\Sony Online Entertainment\npsoe.dll () FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Main\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Main\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Main\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Main\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.) [2012.06.26 19:12:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Main\AppData\Roaming\mozilla\Extensions [2012.06.29 10:57:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Main\AppData\Roaming\mozilla\Firefox\Profiles\ejff5n0q.default\extensions [2012.06.26 19:17:28 | 000,109,964 | ---- | M] () (No name found) -- C:\Users\Main\AppData\Roaming\mozilla\firefox\profiles\ejff5n0q.default\extensions\[email protected] [2012.06.29 10:57:44 | 000,743,305 | ---- | M] () (No name found) -- C:\Users\Main\AppData\Roaming\mozilla\firefox\profiles\ejff5n0q.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi File not found (No name found) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5 ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: http://www.google.com/ig CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll CHR - plugin: Java Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: SOE Web Installer (Enabled) = C:\Users\Main\AppData\LocalLow\Sony Online Entertainment\npsoe.dll CHR - plugin: Facebook Desktop (Enabled) = C:\Users\Main\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - Extension: Google Docs = C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Google Drive = C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: QR-Code Tag Extension = C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcfddoencoiedfjgepnlhcpfikgaogdg\0.7.9_0\ CHR - Extension: YouTube = C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Adblock Plus = C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\ CHR - Extension: Google Search = C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: MaskMe = C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpkiidbpeijnaaacjlfnijncdlkicejg\1.15.200_0\ CHR - Extension: Mail Checker Plus for Google Mail™ = C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\gffjhibehnempbkeheiccaincokdjbfe\1.3.19_0\ CHR - Extension: Google Calendar (by Google) = C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich\1.3.1_0\ CHR - Extension: FlashBlock = C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl\0.9.31_0\ CHR - Extension: SearchPreview = C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo\2.9_0\ CHR - Extension: Codec-V = C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.23.75_0\crossrider CHR - Extension: Codec-V = C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.23.75_0\ CHR - Extension: Google Dictionary (by Google) = C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.17_0\ CHR - Extension: Media Hint = C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbogbchcdigifagelnlmhlenmofdgbao\0.1.12_0\ CHR - Extension: Gmail = C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2011.06.19 14:57:11 | 000,000,867 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com #Adobe Block O2:64bit: - BHO: (ExplorerWatcher Class) - {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} - C:\Program Files (x86)\Clover\TabHelper64.dll (EJIE Soft Studio) O2:64bit: - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No CLSID value found. O2 - BHO: (Premiumplay Codec-C) - {11111111-1111-1111-1111-110011041135} - C:\Program Files (x86)\Premiumplay Codec-C\Premiumplay Codec-C.dll (WebPicks) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:64bit: - HKLM..\Run: [intelliPoint] c:\Program Files\Microsoft Device Center\ipoint.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [intelliType Pro] c:\Program Files\Microsoft Device Center\itype.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation) O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [Photobucket Backup] C:\Program Files (x86)\Photobucket Backup\Photobucket.App.exe (Photobucket) O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [Epson Stylus Photo PX710W(Nettverk)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFSE.EXE /FU "C:\Windows\TEMP\E_S53D5.tmp" /EF "HKCU" File not found O4 - HKCU..\Run: [Facebook Update] C:\Users\Main\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKCU..\Run: [GizmoDriveDelegate] C:\Program Files (x86)\Gizmo\gizmo.exe (Arainia Solutions) O4 - HKCU..\Run: [spotify] C:\Program Files (x86)\Spotify\Spotify.exe (Spotify Ltd) O4 - HKCU..\Run: [spotify Web Helper] C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O4 - HKCU..\Run: [steam] D:\Steam\steam.exe (Valve Corporation) O4 - Startup: C:\Users\Main\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Main\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\Main\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\Main\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programfiler\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.21.2) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.21.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.100 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{13EB4956-F91B-4204-9C36-EC90B28DA9DE}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4201C03D-6E10-4A37-B41E-CDEBDED03893}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7542E423-DB7C-4452-867D-CFDB8FFEC3EB}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FCBB6F98-4A89-4844-B094-E0139E0F6950}: DhcpNameServer = 192.168.0.100 O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.05.12 21:15:03 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Main\Desktop\OTL.exe [2013.05.12 18:57:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2013.05.11 22:40:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2013.05.10 11:13:47 | 000,000,000 | ---D | C] -- C:\Users\Main\AppData\Roaming\Opera [2013.05.10 11:13:47 | 000,000,000 | ---D | C] -- C:\Users\Main\AppData\Local\Opera [2013.05.10 11:13:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera [2013.05.02 20:17:54 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2013.05.01 17:44:40 | 000,000,000 | ---D | C] -- C:\wordpress [2013.04.30 00:14:20 | 000,000,000 | ---D | C] -- C:\Users\Main\AppData\Roaming\Photobucket [2013.04.30 00:14:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photobucket Backup [2013.04.30 00:14:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Photobucket Backup [2013.04.29 17:32:24 | 000,000,000 | ---D | C] -- C:\Users\Main\AppData\Roaming\Epson [2013.04.29 17:10:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive [2013.04.29 17:10:08 | 000,000,000 | R--D | C] -- C:\Users\Main\SkyDrive [2013.04.29 17:10:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive [2013.04.29 17:09:29 | 000,000,000 | ---D | C] -- C:\Users\Main\AppData\Local\Windows Live [2013.04.29 17:01:19 | 000,000,000 | ---D | C] -- C:\Users\Main\AppData\Roaming\Windows Live Writer [2013.04.29 17:01:19 | 000,000,000 | ---D | C] -- C:\Users\Main\AppData\Local\Windows Live Writer [2013.04.29 17:01:19 | 000,000,000 | ---D | C] -- C:\Users\Main\Documents\My Weblog Posts [2013.04.29 16:50:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live [2013.04.29 16:46:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live [2013.04.27 22:10:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software [2013.04.27 22:10:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Epson Software [2013.04.27 22:09:56 | 000,000,000 | ---D | C] -- C:\Program Files\EpsonNet [2013.04.27 22:08:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\EPSON [2013.04.27 22:08:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EpsonNet [2013.04.27 19:44:13 | 000,000,000 | ---D | C] -- C:\Users\Main\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2013.04.27 19:44:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2013.04.22 20:46:50 | 000,000,000 | ---D | C] -- C:\Users\Main\Desktop\spec snarveier [2013.04.21 00:23:54 | 000,000,000 | ---D | C] -- C:\Users\Main\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Quick Memory Editor [2013.04.20 22:58:49 | 000,000,000 | ---D | C] -- C:\hhs1 [2013.04.20 21:30:37 | 000,000,000 | ---D | C] -- C:\ft [2013.04.19 18:26:00 | 000,000,000 | ---D | C] -- C:\Users\Main\AppData\Roaming\Adobe Mini Bridge CS5 [2013.04.19 18:25:59 | 000,000,000 | ---D | C] -- C:\Users\Main\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2013.04.19 13:46:58 | 000,000,000 | ---D | C] -- C:\Users\Main\AppData\Roaming\Awesomium [2013.04.19 12:39:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Marvel Heroes Beta [2013.04.19 12:37:17 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\BitRaider [2013.04.19 12:37:14 | 000,000,000 | ---D | C] -- C:\ProgramData\bitraider [2013.04.13 17:05:13 | 000,000,000 | ---D | C] -- C:\Users\Main\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.05.12 21:20:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.05.12 21:15:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Main\Desktop\OTL.exe [2013.05.12 21:01:00 | 000,000,988 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.05.12 20:56:07 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.05.12 20:56:07 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.05.12 20:53:00 | 000,000,998 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4093237729-1801006139-1280472821-1001UA.job [2013.05.12 19:32:03 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4093237729-1801006139-1280472821-1001UA.job [2013.05.12 19:32:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4093237729-1801006139-1280472821-1001Core.job [2013.05.12 19:08:09 | 001,355,550 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.05.12 19:08:09 | 000,652,166 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.05.12 19:08:09 | 000,492,510 | ---- | M] () -- C:\Windows\SysNative\perfh014.dat [2013.05.12 19:08:09 | 000,121,098 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.05.12 19:08:09 | 000,094,300 | ---- | M] () -- C:\Windows\SysNative\perfc014.dat [2013.05.12 19:07:04 | 000,000,053 | ---- | M] () -- C:\Users\Main\Desktop\Netflix - Watch TV Shows Online, Watch Movies Online.url [2013.05.12 19:03:00 | 000,000,984 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.05.12 19:02:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.05.12 19:02:27 | 4287,930,366 | -HS- | M] () -- C:\hiberfil.sys [2013.05.12 11:59:25 | 000,001,793 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk [2013.05.12 02:53:00 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4093237729-1801006139-1280472821-1001Core.job [2013.05.11 16:09:14 | 000,001,456 | ---- | M] () -- C:\Users\Main\AppData\Local\Adobe Save for Web 12.0 Prefs [2013.05.10 13:09:05 | 000,000,000 | ---- | M] () -- C:\END [2013.05.06 19:14:20 | 000,000,000 | ---- | M] () -- C:\Windows\EEventManager.INI [2013.05.05 01:21:14 | 000,001,318 | ---- | M] () -- C:\Users\Main\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk [2013.04.30 00:14:20 | 000,000,104 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc [2013.04.29 17:22:51 | 000,001,138 | ---- | M] () -- C:\Users\Main\Desktop\Windows Update Troubleshooting Info.lnk [2013.04.29 17:01:15 | 000,002,175 | ---- | M] () -- C:\Users\Main\Desktop\Windows Live Writer.lnk [2013.04.28 22:55:32 | 000,413,396 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat [2013.04.28 17:00:39 | 000,001,047 | ---- | M] () -- C:\Users\Main\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013.04.27 21:57:50 | 000,000,934 | ---- | M] () -- C:\Users\Public\Desktop\EPSON Scan.lnk [2013.04.25 03:20:32 | 019,575,816 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.04.22 14:14:56 | 000,000,624 | ---- | M] () -- C:\Users\Main\Desktop\Tombraider.lnk [2013.04.21 00:23:54 | 000,000,522 | ---- | M] () -- C:\Users\Main\Desktop\Quick Memory Editor.lnk [2013.04.20 15:21:20 | 000,000,202 | ---- | M] () -- C:\Users\Main\Desktop\CH2.url [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.05.12 19:07:04 | 000,000,053 | ---- | C] () -- C:\Users\Main\Desktop\Netflix - Watch TV Shows Online, Watch Movies Online.url [2013.05.12 18:56:53 | 000,000,988 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.05.12 18:56:52 | 000,000,984 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.05.12 11:59:25 | 000,001,805 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk [2013.05.12 11:59:25 | 000,001,793 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk [2013.05.06 19:14:20 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI [2013.04.30 00:14:20 | 000,000,104 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc [2013.04.29 17:22:51 | 000,001,138 | ---- | C] () -- C:\Users\Main\Desktop\Windows Update Troubleshooting Info.lnk [2013.04.29 17:10:08 | 000,002,162 | ---- | C] () -- C:\Users\Main\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk [2013.04.29 17:01:15 | 000,002,175 | ---- | C] () -- C:\Users\Main\Desktop\Windows Live Writer.lnk [2013.04.28 17:00:39 | 000,001,047 | ---- | C] () -- C:\Users\Main\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013.04.27 21:58:00 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat [2013.04.27 21:58:00 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat [2013.04.27 21:58:00 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat [2013.04.27 21:58:00 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat [2013.04.27 21:58:00 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat [2013.04.27 21:58:00 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat [2013.04.27 21:58:00 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat [2013.04.27 21:58:00 | 000,013,732 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_EN.cfg [2013.04.27 21:58:00 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat [2013.04.27 21:58:00 | 000,006,442 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_IT.cfg [2013.04.27 21:58:00 | 000,006,347 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_PT.cfg [2013.04.27 21:58:00 | 000,006,347 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_BP.cfg [2013.04.27 21:58:00 | 000,006,335 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_GE.cfg [2013.04.27 21:58:00 | 000,006,195 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_FR.cfg [2013.04.27 21:58:00 | 000,006,195 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_CF.cfg [2013.04.27 21:58:00 | 000,006,122 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_DU.cfg [2013.04.27 21:58:00 | 000,006,103 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_ES.cfg [2013.04.27 21:58:00 | 000,005,817 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_KO.cfg [2013.04.27 21:58:00 | 000,005,436 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_SC.cfg [2013.04.27 21:58:00 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat [2013.04.27 21:58:00 | 000,002,889 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_RU.cfg [2013.04.27 21:58:00 | 000,002,426 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_TC.cfg [2013.04.27 21:58:00 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat [2013.04.27 21:58:00 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat [2013.04.27 21:58:00 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat [2013.04.27 21:58:00 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat [2013.04.27 21:58:00 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat [2013.04.27 21:58:00 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat [2013.04.27 21:58:00 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat [2013.04.27 21:58:00 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat [2013.04.27 21:58:00 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat [2013.04.27 21:58:00 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini [2013.04.27 21:57:50 | 000,000,934 | ---- | C] () -- C:\Users\Public\Desktop\EPSON Scan.lnk [2013.04.22 14:14:56 | 000,000,624 | ---- | C] () -- C:\Users\Main\Desktop\Tombraider.lnk [2013.04.21 00:23:54 | 000,000,522 | ---- | C] () -- C:\Users\Main\Desktop\Quick Memory Editor.lnk [2013.04.20 15:21:20 | 000,000,202 | ---- | C] () -- C:\Users\Main\Desktop\CH2.url [2012.08.22 00:48:10 | 000,000,017 | ---- | C] () -- C:\Users\Main\AppData\Local\resmon.resmoncfg [2012.07.06 17:11:17 | 000,000,132 | ---- | C] () -- C:\Users\Main\AppData\Roaming\Adobe PNG Format CS5 Prefs [2012.07.04 23:38:41 | 000,413,396 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2011.10.27 20:10:13 | 002,580,552 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2011.09.12 21:20:01 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011.09.12 21:19:57 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011.06.19 17:47:09 | 000,001,456 | ---- | C] () -- C:\Users\Main\AppData\Local\Adobe Save for Web 12.0 Prefs [2011.06.18 01:20:08 | 000,034,754 | ---- | C] () -- C:\Windows\Ascd_log.ini [2011.06.18 01:19:23 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2011.06.18 01:19:21 | 000,026,966 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2011.06.18 01:04:00 | 001,334,386 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.06.10 18:15:58 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\.minecraft [2011.06.23 11:40:58 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Acoustica [2011.07.06 10:43:00 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\AIMP [2013.04.19 13:48:26 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Awesomium [2013.05.12 11:00:55 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Azureus [2012.03.02 05:47:32 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\bc [2013.04.13 17:05:13 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2012.03.22 17:13:31 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Command and Conquer 4 [2013.04.06 01:20:01 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Curse Advertising [2012.02.23 03:21:02 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\DarknessII [2011.09.24 23:07:43 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Day 1 Studios [2013.05.12 19:04:55 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Dropbox [2013.04.29 17:32:39 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Epson [2012.03.24 19:02:53 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\GameFly [2011.06.19 14:40:09 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Gizmo [2013.01.22 15:34:51 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\HandBrake [2013.01.14 20:26:39 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\IDM [2011.08.31 23:23:47 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Kalypso Media [2011.10.22 17:02:21 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Might & Magic Heroes VI [2013.02.17 01:07:42 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Omerta [2011.06.28 14:02:15 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\OpenOffice.org [2013.05.12 11:59:28 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Opera [2013.02.27 17:49:57 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Origin [2013.04.30 00:15:30 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Photobucket [2011.09.12 21:19:53 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\PunkBuster [2011.06.27 21:07:40 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Renoise [2011.06.27 19:42:54 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Rift [2013.05.12 21:38:00 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Spotify [2013.03.19 22:39:26 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\spotimote [2013.04.19 18:25:59 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2011.06.23 13:19:48 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\SynthMaker [2012.04.22 20:26:28 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\The Creative Assembly [2012.11.25 19:45:21 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Theta [2012.09.30 14:16:34 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\TS3Client [2012.04.04 22:34:41 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Ubisoft [2013.04.11 14:54:11 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Unified Remote [2012.12.21 13:25:24 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Wargaming.net [2013.04.29 17:46:31 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Windows Live Writer [2012.12.27 19:06:54 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\ytplayer ========== Purity Check ========== < End of report > OTL Extras logfile created on: 12.05.2013 21:35:59 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Main\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000414 | Country: Norge | Language: NOR | Date Format: dd.MM.yyyy 15,99 Gb Total Physical Memory | 12,82 Gb Available Physical Memory | 80,18% Memory free 31,98 Gb Paging File | 28,79 Gb Available in Paging File | 90,01% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 931,51 Gb Total Space | 725,85 Gb Free Space | 77,92% Space Free | Partition Type: NTFS Drive D: | 1397,26 Gb Total Space | 899,10 Gb Free Space | 64,35% Space Free | Partition Type: NTFS Drive E: | 465,76 Gb Total Space | 66,60 Gb Free Space | 14,30% Space Free | Partition Type: NTFS Unable to calculate disk information. Computer Name: MAIN-PC | User Name: Main | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01256D61-9992-4C26-BAE0-4B0E46A6AA70}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{027EAC0F-05F3-4B22-ADCD-D1CA4E7C5561}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{1B2C3612-D443-413A-8890-FD4DBB6EA403}" = lport=445 | protocol=6 | dir=in | app=system | "{21CD48C7-E9F3-4B03-8471-EAA06C75C8C2}" = lport=10243 | protocol=6 | dir=in | app=system | "{3FE18369-DF21-47D0-B968-64B4C6CD7E3D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{49DF3AF0-422B-47AE-BE19-4EEAB6F72F02}" = lport=137 | protocol=17 | dir=in | app=system | "{5201FB9E-07EC-4556-9BD4-035EFD0A2233}" = rport=445 | protocol=6 | dir=out | app=system | "{54ED2EE7-94E3-4F1C-8B44-244A9A7B3DF2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{5FE4F95C-FFD4-44F4-9D4D-BE0FC021234C}" = rport=10243 | protocol=6 | dir=out | app=system | "{7B39BDD8-4AEC-412C-AACE-25AE40300DF5}" = rport=137 | protocol=17 | dir=out | app=system | "{7F0A074F-F1F5-4D8D-9770-C62377A1367B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | "{856D1C25-D630-41C4-88C4-A3D8CC9F0316}" = rport=139 | protocol=6 | dir=out | app=system | "{85B82B92-CEF3-4DDF-9C31-2C1AB5082377}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{A38BA49A-F3C4-4D10-A69B-A6081285CF81}" = lport=138 | protocol=17 | dir=in | app=system | "{AD07D1E5-E665-41E1-9F12-FF7D27454BB3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{B06EB788-68A9-4B63-8555-265CB11F8BDA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{B15ACF79-C552-4087-AEBB-D16119AACD22}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{BE175D04-970A-4FD9-A38B-9D5760D3EEBB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{C86F3BB3-4682-4188-9369-96F8A2DBA874}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{D496DC9D-0B32-4E8D-985F-DBCC6F7DE65F}" = lport=2869 | protocol=6 | dir=in | app=system | "{D5D7AD22-5FFE-4FCF-96D4-508440669C22}" = lport=139 | protocol=6 | dir=in | app=system | "{E53E9E90-F1B0-47D8-96F9-5577C57A570A}" = rport=138 | protocol=17 | dir=out | app=system | "{F05550BA-7271-42C0-9EE8-A8958309C62A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00D0EB52-6475-476F-97E7-2D8F3D0206BA}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\company of heroes 2 - test build\reliccoh2.exe | "{021FDC50-144D-42EB-8C1B-B7A04AB129DB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{02879BDA-E319-4D87-B3D3-F8AD46B24BF7}" = protocol=17 | dir=in | app=e:\acr\acrmp.exe | "{031CBB2F-026F-4785-A526-F3BF7945BE41}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dragon age ii\dragonage2launcher.exe | "{04E3E4DE-1959-4E03-8440-4E1D4F984E43}" = protocol=17 | dir=in | app=c:\users\main\appdata\local\apps\2.0\1pjx01qq.mhe\h4mzyccx.4m2\curs..tion_9e9e83ddf3ed3ead_0005.0001_f98d05d4713e76ec\curseclient.exe | "{050CC4AB-EBCC-4BD5-B9A6-5C0CEB971C4C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\total war shogun 2\shogun2.exe | "{0830BE43-A303-44DD-8C9C-40C36FC1AC6F}" = protocol=17 | dir=in | app=e:\swtorbeta\launcher.exe | "{0B52EFD9-17EF-4F6A-839F-D8BEB3C97201}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\sid meier's civilization v\launcher.exe | "{0D3ADB26-EBDA-4403-AD37-73E2B18747A0}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe | "{0D4035D2-6A34-42FB-8D8F-0E7E1DE38758}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{1189DA3E-9264-449C-9FC1-968DFD0CC5AD}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dragon age origins\docs\ea help\electronic_arts_technical_support.htm | "{142E5730-4773-4948-9FED-A4FDAB4B5689}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{15120630-4087-4796-8E7A-5AF5B2B40E32}" = protocol=6 | dir=in | app=e:\acr\acrsp.exe | "{1548B3BC-7345-456A-836C-92380B732F88}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe | "{1554BE7C-C2C5-40EE-B4DD-772C63E2A766}" = protocol=17 | dir=in | app=c:\users\main\appdata\local\apps\2.0\1pjx01qq.mhe\h4mzyccx.4m2\curs..tion_9e9e83ddf3ed3ead_0005.0001_35ab96b41397406c\curseclient.exe | "{158F883A-D194-4CB0-8C49-2C2920C627BE}" = protocol=6 | dir=in | app=e:\mmhvi\might & magic heroes vi.exe | "{16382B42-B640-474D-B087-AB9FB9A036BE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{1654723B-E7A0-4A63-822E-97DD92C23C77}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\company of heroes\reliccoh.exe | "{16B4DC12-A5B5-456D-914F-79AA11E81B22}" = protocol=6 | dir=in | app=e:\starcraft ii\starcraft ii.exe | "{16E4B088-61F0-4411-A977-9F6FAA6B1C31}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dragon age origins\docs\ea help\electronic_arts_technical_support.htm | "{17507680-4F6F-4BB0-BF22-3E0BB9CF6C49}" = protocol=6 | dir=in | app=e:\swtorbeta\launcher.exe | "{1877CBC6-C056-4596-A998-F6141671616E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{193DB394-EC4A-452C-9578-EE077FAFBA3B}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dawn of war 2\dow2.exe | "{194BC738-900F-4504-B7A1-AB6877CF8F01}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe | "{197E1E97-1137-41CE-BAE3-394E6FA70D42}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{197F0CD8-A7BE-445B-8888-521751E2E95D}" = protocol=17 | dir=in | app=e:\2070\anno5.exe | "{19C00F23-28B1-4250-9953-1704D4D01B5C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\assassin's creed 2\assassinscreediigame.exe | "{1B622930-3355-45CC-9A76-126B59FAE233}" = protocol=17 | dir=in | app=e:\acb\assassinscreedbrotherhood.exe | "{1B9679B6-A03E-4287-9AE6-98B3DD4518C9}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe | "{1BCD4E9A-6399-4D25-84CF-9AAEC543C67D}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\company of heroes 2 - test build\reliccoh2.exe | "{1C202370-1A42-43B3-9D11-A5A678AC7394}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{1C2918C0-755D-4484-B9FF-6AF93EDD703A}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\mass effect 2\docs\ea help\electronic_arts_technical_support.htm | "{1E518B0C-9CCA-4C30-B545-7F929F6B9538}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\toy soldiers\game.exe | "{21D48F19-6128-4206-AE48-683F7ABCCB31}" = protocol=1 | dir=in | [email protected],-28543 | "{2217CC60-F54C-480E-A8AE-DA46D5BAB6F2}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\napoleon total war\napoleon.exe | "{2249748C-7CE0-4696-8325-A143F7CC31BF}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dragon age ii\dragonage2launcher.exe | "{22E211AE-41E7-4C25-ADAF-B034582C0CF1}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\mass effect 2\binaries\masseffect2.exe | "{2632B261-F766-4948-953A-6EC286908130}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\skyrim\skyrimlauncher.exe | "{27D3091A-D183-415C-83F6-F02869178816}" = protocol=17 | dir=in | app=e:\acb\uplaybrowser.exe | "{2B1F3FF9-8EDD-4F75-9822-712972BDC5B6}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\assassin's creed 2\assassinscreediigame.exe | "{2C864004-2520-4512-9426-0BC784C77709}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\simcity\simcity\simcity.exe | "{2D9D8353-0A16-4072-B384-68198C5A2F4F}" = protocol=58 | dir=out | [email protected],-28546 | "{30A6CC0B-154C-4389-B21D-E4C11EB02D0A}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\empire total war\empire.exe | "{314C4660-D2F3-431F-9EE5-8A3A27186F32}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe | "{362F0629-8A00-4A1D-9B71-5EB330A56092}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\eve online\eve.exe | "{384250A1-D5DE-4BFB-A9FA-BA8E6C434778}" = protocol=17 | dir=in | app=c:\program files (x86)\epsonnet\epsonnet setup\tool09\eneasyapp.exe | "{38C97DF1-D57C-4B5F-B677-A80EB502BD50}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{399E2BA1-ADF7-40C3-969F-78667CF64BB0}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{3A695FD7-4690-4AF2-92B9-7F2491C0F22C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\toy soldiers\gamesw.exe | "{3AAB0186-618B-4094-AE4A-14BD382AAF81}" = protocol=6 | dir=in | app=c:\users\main\appdata\local\google\google talk plugin\googletalkplugin.exe | "{3B22755A-1C80-4CBD-BE8B-05644E0FABB7}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{3D77CCB6-D186-4E6D-A74D-2C3ABE7A8EB2}" = protocol=6 | dir=in | app=e:\fc3\bin\farcry3_d3d11.exe | "{3DA0CD22-D6C2-457D-A23A-AB30E1C2CEFB}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | "{3FA657FC-5089-4547-BE75-76DAA2790ED0}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{400B15F8-2FFA-49EF-B7D0-4C517FEC170A}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dragon age origins\bin_ship\daorigins.exe | "{4066906F-BB0A-4147-8B00-7C865055B572}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe | "{434D2C16-76DB-4343-ADE0-153F9DE01375}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{4513E432-97F7-4534-A9A0-3A36EA80074A}" = protocol=17 | dir=in | app=e:\fc3\bin\farcry3.exe | "{48CA6B94-6178-493D-B6E2-F8DF9294065B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\risk factions\risk factions.exe | "{496AED40-98A3-417B-9A50-189E7B2EE2ED}" = protocol=6 | dir=in | app=c:\program files (x86)\epsonnet\epsonnet setup\tool09\eneasyapp.exe | "{4A35D200-BCF1-430E-BF9B-157279DE43DC}" = protocol=17 | dir=in | app=e:\fc3\bin\farcry3_d3d11.exe | "{4B385AAF-AA76-4A30-AF26-F444FEEAE446}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\might and magic heroes vi\might & magic heroes vi.exe | "{4CE3C33F-5323-4D54-974F-9AC59CC876F8}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\spotify.exe | "{4E18C9F4-2EC9-4349-A832-BF2390423AEE}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\anno 2070\anno5.exe | "{4E71BDE1-3FD5-4BC8-B6A6-D60AC104C6DE}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\might and magic heroes vi\might & magic heroes vi.exe | "{4F01D452-89B6-476F-9326-7C6DA2FA4869}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | "{518DC755-4A51-417E-8914-FA1B61A1A80B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe | "{51CEF57E-5E2F-4308-BD10-69A36307D176}" = protocol=17 | dir=in | app=e:\2070\autopatcher.exe | "{51F31751-37F9-4DA3-AA3D-AE96051C39C2}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\toy soldiers\game.exe | "{54916E8E-13B2-4804-89B7-F46B531925C1}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dawn of war 2\dow2.exe | "{56229B5C-926D-4BF6-A66C-399DA561CD52}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\mass effect 2\binaries\masseffect2.exe | "{584C2444-856A-4B52-96FF-DAF741AF3DAA}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe | "{5966222C-6679-47FF-9B76-E8F6B8A51E9F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{59CCC7A3-5355-4CC9-9028-0F60ED92F759}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{5AC3C0E9-4907-41A5-B11C-69063326746B}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | "{5B0569E3-E85C-4978-B011-015E1F344D3B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe | "{5B87D27C-E5E1-4539-AC22-86CB568D490B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\tribes\binaries\win32\hirezbridge.exe | "{5C11C501-C1F2-4805-8FA5-12840D41CB8C}" = protocol=6 | dir=in | app=e:\tsw\clientpatcher.exe | "{5C9502B6-A3C6-46EF-BEF8-764517337D76}" = protocol=6 | dir=in | app=c:\users\main\appdata\local\apps\2.0\1pjx01qq.mhe\h4mzyccx.4m2\curs..tion_9e9e83ddf3ed3ead_0005.0001_35ab96b41397406c\curseclient.exe | "{5DF8D667-2BC9-4B6A-B736-9EC16C11C89A}" = protocol=6 | dir=in | app=c:\users\main\appdata\local\apps\2.0\1pjx01qq.mhe\h4mzyccx.4m2\curs..tion_9e9e83ddf3ed3ead_0005.0001_f98d05d4713e76ec\curseclient.exe | "{5F87B465-13E2-4D57-8201-66E6BB3BA386}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dragon age ii\docs\ea help\electronic_arts_technical_support.htm | "{60A193A2-9883-48D9-9580-E8D30D1296C1}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\mass effect 2\masseffect2launcher.exe | "{61DD37DE-7D5A-4E79-85DB-BCD5CD1443E2}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat | "{6490D471-44B8-4EE5-9F3D-6378D35B7A4D}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe | "{66549A12-D77B-4EDA-9DF4-9B708E299582}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\patrician iv\patrician4.exe | "{67B493AF-B694-4BB9-9C88-E9B96C6A48ED}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\simcity\simcity\simcity.exe | "{67E61E37-9078-4960-BC3C-8CF55D60C4D9}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\empire total war\empire.exe | "{6866EDEF-DD36-4AA5-AF57-06F25A505BFD}" = protocol=6 | dir=in | app=e:\2070\autopatcher.exe | "{69C5F32C-D8A3-40C6-BA52-04CBED497801}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\the witcher 2\launcher.exe | "{6B429517-DBAD-4C3A-9C4E-099D9A36A69A}" = protocol=6 | dir=in | app=e:\acr\assassinscreedrevelations.exe | "{70344CC2-4E56-4452-834F-D7620D3F1695}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\tribes\binaries\win32\hirezbridge.exe | "{72DE49A4-46E7-4D92-9575-7E18347B2923}" = protocol=6 | dir=in | app=d:\steam\steam.exe | "{739065A9-507C-4DDE-8438-6675E6EAA6D7}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe | "{7533A099-9527-448E-AC72-C8F959845C67}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe | "{77B48BB1-20C6-4AF7-9966-157986072A33}" = protocol=17 | dir=in | app=e:\vt4\vt4.exe | "{78073FBC-8854-450D-BBB5-6E93FD1AA391}" = protocol=17 | dir=in | app=e:\fc3\bin\fc3updater.exe | "{7822E1C1-1D60-4FFA-B6EE-FA0B4414429C}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\skyrim\skyrimlauncher.exe | "{78B43221-0E94-4D04-A7A5-93DE73DE8F0A}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe | "{79D38AC4-01F4-4FF2-A7E7-9EE917A42C2A}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\anno 2070\anno5.exe | "{7C846DA9-35E6-4F5C-B264-ACBD9E57C6F9}" = protocol=6 | dir=in | app=e:\2070\initengine.exe | "{7D5A215A-58E8-4532-A6D9-278B5FD2B00A}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{7E2B8036-9824-48E0-9C5D-F00F9AEE74C1}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe | "{7E92AC2B-46FE-4A10-A97B-7B074DB99135}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\toy soldiers\gamesw.exe | "{7F2EB356-850F-4FE2-BC59-E6C3078C60EA}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html | "{7F9AE59B-5D2C-46A2-8C95-E5DB744F6413}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{8120E712-CA1E-414F-A814-15854691692E}" = protocol=17 | dir=in | app=e:\2070\initengine.exe | "{8225E600-C768-4136-B3A7-F5E5D143F6A5}" = protocol=6 | dir=in | app=e:\acb\uplaybrowser.exe | "{8406CF63-347B-49D2-A3C1-29AED3ABA219}" = protocol=17 | dir=in | app=c:\users\main\appdata\local\google\google talk plugin\googletalkplugin.exe | "{84495213-3183-471E-8FF1-431DB00F3E8E}" = dir=in | app=c:\users\main\appdata\local\facebook\video\skype\facebookvideocalling.exe | "{86E20F3E-ADEB-43A1-A0DE-F843A3C16B1D}" = protocol=17 | dir=in | app=e:\tsw\clientpatcher.exe | "{86E3B833-D573-412C-BC86-1DACEF9EDAF7}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\dead space 3\deadspace3.exe | "{87E76CCF-D898-4E05-AAD3-4A4A1F813396}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe | "{8AB07A82-ED20-4FDA-8731-03663EDAA07C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat | "{8C857BDC-858B-430D-83A5-BA6A28A2DDDA}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\crysis 3\bin32\crysis3.exe | "{8D1553EA-581A-4549-9BB1-8F8AD241490E}" = protocol=17 | dir=in | app=c:\users\main\appdata\roaming\dropbox\bin\dropbox.exe | "{910EC7AE-9266-4C7C-8F64-6843415C9CCD}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\torchlight\torchlight.exe | "{92819DD1-1455-4E92-8BEA-3C9F1FFFC48D}" = protocol=17 | dir=in | app=c:\users\main\appdata\local\google\google talk plugin\googletalkplugin.exe | "{94EC3D68-417C-4E92-8AD5-FEB0CA00DA8C}" = protocol=6 | dir=in | app=e:\2070\anno5.exe | "{950DEFD7-8F6A-411B-9D06-79265AF08E24}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{95314DD9-83F6-4899-9F0B-3AEC1E011192}" = protocol=17 | dir=in | app=c:\users\main\documents\azureus.exe | "{97A15FDC-31AB-416B-88DB-ADD7C61B0D97}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{97E1395F-E275-4DBA-930A-C7E905AFE829}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{9BE4A1FC-9761-4762-8F31-F7DB7A668137}" = protocol=6 | dir=in | app=e:\starcraft ii\versions\base24944\sc2.exe | "{9C296C89-F555-40D6-9337-DAE247327F4F}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dragon age origins\daoriginslauncher.exe | "{9DC99414-7256-457F-8094-1B91CF13A93D}" = protocol=17 | dir=in | app=e:\starcraft ii\versions\base24944\sc2.exe | "{9E5CB6D6-A937-48A4-826A-46525D3FF65F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{A0D14A73-9412-489D-933F-570CE0FB4266}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe | "{A13E535E-0664-4D0B-B824-266FE5246B39}" = protocol=6 | dir=in | app=e:\vt4\vt4.exe | "{A631F1A7-D036-4541-A53B-94771726FFB1}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe | "{A6BB3CEA-4973-478C-8CDE-263AD0106B91}" = protocol=17 | dir=in | app=e:\swtorbeta\launcher.exe | "{A8085768-100D-4A68-AD92-5EFEC79ED54C}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe | "{A9520868-C02C-4735-8776-29C1F6C1CCA0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{A9D49647-AA22-447B-BF22-CCC36C31E582}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\mass effect 3\binaries\win32\masseffect3.exe | "{AAF0BE27-9914-4A8D-A232-BE2FD5BED41E}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\sid meier's civilization v\launcher.exe | "{AD05FFFA-FF8A-4F71-935A-BCA5D4E79CCD}" = protocol=6 | dir=in | app=e:\starcraft ii\starcraft ii public test.exe | "{AD876252-E2AB-4667-8E9C-B7D549E436D5}" = dir=in | app=c:\users\main\appdata\local\microsoft\skydrive\skydrive.exe | "{B074E8A3-A829-4800-8845-D4FB79EBACE7}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\napoleon total war\napoleon.exe | "{B128CF76-E7E1-416B-A5A2-CBE92B178E3A}" = protocol=17 | dir=in | app=e:\acb\acbmp.exe | "{B1EAF827-E43E-4C9E-ACAE-E4E599BD2448}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\eve online\eve.exe | "{B2843ABC-16C8-4CAF-A559-2506E448D28B}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html | "{B2A828ED-F544-4953-A941-1E5FE897D2B6}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dawn of war ii - retribution\dow2.exe | "{B3D52A78-F9FF-42B1-B237-45AD0BF9376A}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\crysis 3\bin32\crysis3.exe | "{B42FD8E2-7A91-4FE7-8F3A-19DCC97C955B}" = protocol=6 | dir=in | app=c:\users\main\documents\azureus.exe | "{B60FF9E4-95B1-4700-81DB-188EE6F80982}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dawn of war ii - retribution\dow2.exe | "{B8671E97-2646-4B7E-B4AB-83FB89D2B081}" = protocol=17 | dir=in | app=e:\fc3\bin\fc3editor.exe | "{B8D9DC31-D2A8-4E52-BEE8-2FC76EEB2FBA}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\risk factions\risk factions.exe | "{BABC861B-AEFB-4429-9A66-C8F667BC7BE0}" = protocol=6 | dir=in | app=e:\fc3\bin\fc3editor.exe | "{BB7D14B1-72B7-4C1A-97AD-94A102563C97}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{BCE1504A-F0ED-4E69-B56C-0B792DA58192}" = protocol=6 | dir=out | app=system | "{BFF98236-99F2-4AB5-BB9D-AD4B743828D9}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | "{C2DED6F8-C12F-47AB-838B-4BD308FB3F55}" = protocol=1 | dir=out | [email protected],-28544 | "{C3EAE179-0683-4226-8AEE-E0F1CDA9F2C1}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\mass effect 3\binaries\win32\masseffect3.exe | "{C464C9E1-0C0A-4D3C-8840-CA9A01BC1D96}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\mass effect 2\docs\ea help\electronic_arts_technical_support.htm | "{C4FD363A-2585-4454-A49F-659A335D5635}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{C7FC5162-D841-43BC-8020-5A660355CBFB}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\mass effect 2\masseffect2launcher.exe | "{C978D277-B480-4A88-8CC5-A8DBF3E57367}" = protocol=58 | dir=in | [email protected],-28545 | "{CA3E6289-AC4D-4CFD-870C-F5AFEC4473CF}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\spotify.exe | "{CA6558E6-1D7E-463A-B211-D1ED3F3D161E}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\total war shogun 2\shogun2.exe | "{CC140450-DC17-4BB8-A4EE-DD8C19E9228B}" = protocol=6 | dir=in | app=e:\fc3\bin\farcry3.exe | "{CD45F19C-41CE-4811-B270-6389B8DCA45A}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\company of heroes\reliccoh.exe | "{CE38BB32-D9A9-40D6-AE37-A3FCA67DBBD8}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dragon age origins\bin_ship\daorigins.exe | "{D1FC3390-546B-4D56-BF9F-E8DC6D29BE31}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{D35F7B9E-2E7D-4CBC-8A45-084C170AEAC9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{D61C5B95-757E-41D9-93CB-091A5CCEABBC}" = protocol=17 | dir=in | app=e:\starcraft ii\starcraft ii.exe | "{D8E7C348-2594-48A9-9691-355BECBD3548}" = protocol=6 | dir=in | app=e:\swtorbeta\launcher.exe | "{DB1EB71D-3D82-4C40-9B31-C3DD710B67D2}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe | "{DC0E41DE-B263-4A27-9F66-3E97693F0CDD}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{DDB54BDF-17C1-4034-8C80-877E5C20AED0}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dragon age origins\daoriginslauncher.exe | "{DF3049BD-AE3C-4F7B-A7C2-BD67DFBEB872}" = protocol=17 | dir=in | app=e:\acb\acbsp.exe | "{E077EAC6-E44B-498D-8D10-6E731490E379}" = protocol=17 | dir=in | app=e:\mmhvi\might & magic heroes vi.exe | "{E2A42EA5-EFE9-4096-8687-390B12EF9F08}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dragon age ii\docs\ea help\electronic_arts_technical_support.htm | "{E3350FAD-FC5D-4F54-B809-2B988CD840EE}" = protocol=6 | dir=in | app=e:\acb\acbsp.exe | "{E37BB4C1-9CBA-44C4-90E0-9C9EE5A2E2B9}" = protocol=17 | dir=in | app=d:\steam\steam.exe | "{E71B9290-0C26-436F-B47C-5C343E2EC6A0}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\the witcher 2\launcher.exe | "{E7BADBBD-2D32-4287-8341-511E127FDB5C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\patrician iv\patrician4.exe | "{E7D78464-A0FE-4EF1-B8E7-37551BF2681D}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{E7FAA017-4E78-4648-9F65-4437F4F6A956}" = protocol=6 | dir=in | app=e:\acr\acrmp.exe | "{EA52530D-6C0E-4682-B8D4-FEAE2F1781DD}" = protocol=6 | dir=in | app=e:\acb\assassinscreedbrotherhood.exe | "{EA9352B9-D7A3-4172-8CBB-63A616FDB472}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{ECF69254-B9AC-41A7-818B-1ACFA36165D3}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\torchlight\torchlight.exe | "{EE056F20-EAEB-496A-A22D-BC77BFC6C582}" = protocol=6 | dir=in | app=e:\acb\acbmp.exe | "{F1569863-D1FF-4581-9897-54B64731983A}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat | "{F45BBB44-15F4-4C4F-8962-C6CA571330F7}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe | "{F62F82E2-2CB1-4806-9DC0-46EAC6571D84}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe | "{F703392A-0678-44C6-9956-D8F3BA2C536A}" = protocol=6 | dir=in | app=c:\users\main\appdata\roaming\dropbox\bin\dropbox.exe | "{F70CBCB5-4B20-4B92-9D09-5D81AEA60A54}" = protocol=6 | dir=in | app=e:\fc3\bin\fc3updater.exe | "{F8C60468-59E3-491E-A674-926FC2817EB8}" = protocol=6 | dir=in | app=c:\users\main\appdata\local\google\google talk plugin\googletalkplugin.exe | "{FA845421-03C8-4270-89E9-AE077FD97DA3}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{FAB4BC80-C608-4733-9477-976280B363E7}" = protocol=17 | dir=in | app=e:\starcraft ii\starcraft ii public test.exe | "{FC1D07E5-7887-4DF6-B425-041F5E5DCB40}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\dead space 3\deadspace3.exe | "{FC2CFCA5-A931-40E7-ABFC-6338E09969B9}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe | "{FC8D2E40-73C1-4500-858E-F546E9DF8C5B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat | "{FDAD061E-BE4D-43F6-8E26-1D5770205080}" = protocol=17 | dir=in | app=e:\acr\acrsp.exe | "{FE905D89-7AFC-4E0E-988D-52D3CF290A65}" = protocol=17 | dir=in | app=e:\acr\assassinscreedrevelations.exe | "TCP Query User{0215FCFC-C858-4F46-B454-05C227134480}E:\marvel heroes beta\unrealengine3\binaries\win32\marvelgame.exe" = protocol=6 | dir=in | app=e:\marvel heroes beta\unrealengine3\binaries\win32\marvelgame.exe | "TCP Query User{0219F3AF-864F-4364-AF35-40C4BCD730EC}E:\batman2\binaries\win32\batmanac.exe" = protocol=6 | dir=in | app=e:\batman2\binaries\win32\batmanac.exe | "TCP Query User{0323B016-D797-4722-8CD9-1708A5A2D0DB}D:\steam\steamapps\common\the witcher 2\bin\witcher2.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\the witcher 2\bin\witcher2.exe | "TCP Query User{11DA378E-B5FD-418C-8C86-F0C9AFBF861A}C:\unified remote\remoteserver.exe" = protocol=6 | dir=in | app=c:\unified remote\remoteserver.exe | "TCP Query User{1503A6E5-5F8C-4D78-B9F5-30AD3A61F63E}E:\champions online\champions online\live\gameclient.exe" = protocol=6 | dir=in | app=e:\champions online\champions online\live\gameclient.exe | "TCP Query User{1AD2D07B-D877-4866-996D-655D4CE1DC71}E:\codbo\blackops.exe" = protocol=6 | dir=in | app=e:\codbo\blackops.exe | "TCP Query User{1FC32C03-97C5-4954-8F00-AF2CADE27623}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe | "TCP Query User{2439FCE5-1DB3-4FD5-9940-045EAEF3AB0A}D:\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe | "TCP Query User{2F1A7B34-19D2-4A3D-AC97-07A73833414E}E:\dishonored\dishonored\binaries\win32\dishonored.exe" = protocol=6 | dir=in | app=e:\dishonored\dishonored\binaries\win32\dishonored.exe | "TCP Query User{2F73660A-292E-4549-A5A5-432AF253EB27}E:\swtorbeta\launcher.exe" = protocol=6 | dir=in | app=e:\swtorbeta\launcher.exe | "TCP Query User{350823E0-CE2A-4225-91BE-2322FAB1FA02}C:\program files (x86)\spotimote\spotimote.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spotimote\spotimote.exe | "TCP Query User{353BD3E5-077E-4BE1-8B3D-0392F95E843C}E:\b2\binaries\win32\borderlands2.exe" = protocol=6 | dir=in | app=e:\b2\binaries\win32\borderlands2.exe | "TCP Query User{3D66BC2E-AF5F-47FC-80F5-D50B4439D230}E:\amalur\reckoning.exe" = protocol=6 | dir=in | app=e:\amalur\reckoning.exe | "TCP Query User{469F6419-26ED-406F-A436-1F8CA1B19F53}E:\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=e:\guild wars 2\gw2.exe | "TCP Query User{47194761-96A0-48E6-B2B5-C9C105FF6960}D:\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe | "TCP Query User{50EDE16E-BB47-4C02-925D-3AB4B9A43353}D:\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe | "TCP Query User{5A92E95B-7A1A-4BF1-AE0F-51EFC26E3699}D:\steam\steamapps\common\eve online\bin\exefile.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\eve online\bin\exefile.exe | "TCP Query User{623C4A34-92DA-40C5-9569-FE99D90760A3}C:\program files (x86)\spotimote\spotimote.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spotimote\spotimote.exe | "TCP Query User{66318793-7A72-4C42-B291-E9B978E4C21C}C:\users\main\appdata\local\screamer radio\screamer.exe" = protocol=6 | dir=in | app=c:\users\main\appdata\local\screamer radio\screamer.exe | "TCP Query User{686FE548-D647-4047-991E-7FC10BB5A3B3}C:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game | "TCP Query User{6C28BE85-2FFD-4CE9-9091-3D49AD70BCA3}C:\program files (x86)\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\spotify.exe | "TCP Query User{778E9447-A720-40EB-A3EB-756EE980B4A9}E:\prototype2\prototype2.exe" = protocol=6 | dir=in | app=e:\prototype2\prototype2.exe | "TCP Query User{81370C60-F257-4472-A102-E5E338255024}E:\swtorbeta\betatest\retailclient\swtor.exe" = protocol=6 | dir=in | app=e:\swtorbeta\betatest\retailclient\swtor.exe | "TCP Query User{821A50A7-C6F4-4965-AAAE-258E4BD07017}C:\program files (x86)\sony\station\launchpad\launchpad.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sony\station\launchpad\launchpad.exe | "TCP Query User{87F1E01C-C35E-4B89-9C53-991F8C6F148C}E:\ps2beta\planetside2.exe" = protocol=6 | dir=in | app=e:\ps2beta\planetside2.exe | "TCP Query User{8B21CC43-3015-4E4B-83FF-D13C61C42B5B}C:\asscreed3\ac3sp.exe" = protocol=6 | dir=in | app=c:\asscreed3\ac3sp.exe | "TCP Query User{A46C1E48-499D-460C-8AAA-05F654145FEA}E:\dmc\binaries\win32\dmc-devilmaycry.exe" = protocol=6 | dir=in | app=e:\dmc\binaries\win32\dmc-devilmaycry.exe | "TCP Query User{A6EB47B4-C52D-4BCD-ABB6-16A8FF93A4B1}D:\nedlastet\diablo-iii-setup-engb.exe" = protocol=6 | dir=in | app=d:\nedlastet\diablo-iii-setup-engb.exe | "TCP Query User{A86F3389-3E57-402D-89A8-2D62B0C15CAA}E:\warlock\game.exe" = protocol=6 | dir=in | app=e:\warlock\game.exe | "TCP Query User{AE28DCD1-3F3B-4B95-A974-CD8B39D0C420}E:\dead island\deadislandgame.exe" = protocol=6 | dir=in | app=e:\dead island\deadislandgame.exe | "TCP Query User{B02CA16C-0877-4180-B83C-F9F3B1F2F67B}C:\users\main\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\main\appdata\local\temp\gw2.exe | "TCP Query User{C4065493-8040-488C-9FEC-99595B741220}E:\transformers2\binaries\tfoc.exe" = protocol=6 | dir=in | app=e:\transformers2\binaries\tfoc.exe | "TCP Query User{C6FA7B1E-8C14-429B-AFC4-EF873153D500}C:\users\main\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\main\appdata\roaming\dropbox\bin\dropbox.exe | "TCP Query User{CED27442-076A-4A1D-9028-8A474A2B51D2}E:\worldoftanks\worldoftanks.exe" = protocol=6 | dir=in | app=e:\worldoftanks\worldoftanks.exe | "TCP Query User{D29E1577-B114-40E1-8265-796CC4E2E555}D:\steam\steamapps\common\red faction guerrilla\rfg.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\red faction guerrilla\rfg.exe | "TCP Query User{D37A423F-D252-4D5B-A2A1-5A97F326BB9C}E:\sr3\saintsrowthethird_dx11.exe" = protocol=6 | dir=in | app=e:\sr3\saintsrowthethird_dx11.exe | "TCP Query User{E0B30912-3210-470C-8075-E7C219500CF7}D:\steam\steamapps\common\hunted\binaries\win32\p4dftre.dll" = protocol=6 | dir=in | app=d:\steam\steamapps\common\hunted\binaries\win32\p4dftre.dll | "TCP Query User{E21E8C46-439C-43F6-B23B-816D74E28874}E:\worldoftanks\wotlauncher.exe" = protocol=6 | dir=in | app=e:\worldoftanks\wotlauncher.exe | "TCP Query User{F66C2379-6240-4264-A435-9D7CCEA51465}D:\games\eq\eqvoiceservice.exe" = protocol=6 | dir=in | app=d:\games\eq\eqvoiceservice.exe | "TCP Query User{FBB726EE-1EFF-4FD4-A4AE-E5A1156C398E}C:\users\main\documents\azureus.exe" = protocol=6 | dir=in | app=c:\users\main\documents\azureus.exe | "TCP Query User{FBE1286C-782C-4CEB-A802-CA77F5D92FEF}E:\sh3\bin\win32_release\stronghold3.exe" = protocol=6 | dir=in | app=e:\sh3\bin\win32_release\stronghold3.exe | "TCP Query User{FD94FD31-092D-499E-970A-A33EC6CD7B84}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe | "UDP Query User{03D9DF36-DF6E-4F3A-A087-DC928A8FA229}C:\users\main\documents\azureus.exe" = protocol=17 | dir=in | app=c:\users\main\documents\azureus.exe | "UDP Query User{083D49A1-9D48-48B3-800C-08C008652392}E:\ps2beta\planetside2.exe" = protocol=17 | dir=in | app=e:\ps2beta\planetside2.exe | "UDP Query User{0CA467BE-DFD5-4C75-9625-7BE71692FB3B}D:\steam\steamapps\common\hunted\binaries\win32\p4dftre.dll" = protocol=17 | dir=in | app=d:\steam\steamapps\common\hunted\binaries\win32\p4dftre.dll | "UDP Query User{0CFBDCE7-7598-403B-9A12-7DD1F4F8C266}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe | "UDP Query User{19BD2E1D-0213-46AC-9925-8BBFCAE8F24C}C:\users\main\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\main\appdata\local\temp\gw2.exe | "UDP Query User{2172AC8D-27D2-46AB-9384-EFD1103B07C0}D:\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe | "UDP Query User{27899D71-D1B4-4FEA-89CE-D23FEF1B40E5}C:\users\main\appdata\local\screamer radio\screamer.exe" = protocol=17 | dir=in | app=c:\users\main\appdata\local\screamer radio\screamer.exe | "UDP Query User{31C1639E-A07F-4965-8588-893AD0C38A29}C:\program files (x86)\spotimote\spotimote.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spotimote\spotimote.exe | "UDP Query User{32AEFD0F-934A-4683-8308-530CBC2585F1}D:\steam\steamapps\common\red faction guerrilla\rfg.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\red faction guerrilla\rfg.exe | "UDP Query User{3B4CB898-4381-4C6E-B27C-A81DE60AC59E}E:\swtorbeta\betatest\retailclient\swtor.exe" = protocol=17 | dir=in | app=e:\swtorbeta\betatest\retailclient\swtor.exe | "UDP Query User{4205B6BA-10B2-4409-9F1B-09894C7379BA}E:\batman2\binaries\win32\batmanac.exe" = protocol=17 | dir=in | app=e:\batman2\binaries\win32\batmanac.exe | "UDP Query User{55EC2639-9079-46D3-9339-8F6FF32AF41A}E:\warlock\game.exe" = protocol=17 | dir=in | app=e:\warlock\game.exe | "UDP Query User{5FF072A4-0AE4-4A6D-8146-634731930F0A}E:\champions online\champions online\live\gameclient.exe" = protocol=17 | dir=in | app=e:\champions online\champions online\live\gameclient.exe | "UDP Query User{62DFC0B1-BE3B-4C47-A36F-265EEEA62902}C:\asscreed3\ac3sp.exe" = protocol=17 | dir=in | app=c:\asscreed3\ac3sp.exe | "UDP Query User{69407A52-3528-474F-A8C9-57DD14BB3F2C}E:\dead island\deadislandgame.exe" = protocol=17 | dir=in | app=e:\dead island\deadislandgame.exe | "UDP Query User{74875503-3CBE-48BD-BE86-B1E1D06E540A}E:\sh3\bin\win32_release\stronghold3.exe" = protocol=17 | dir=in | app=e:\sh3\bin\win32_release\stronghold3.exe | "UDP Query User{7F460D16-DCA8-42C7-BB1F-F020B22F9556}C:\users\main\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\main\appdata\roaming\dropbox\bin\dropbox.exe | "UDP Query User{830036A4-773F-4E5C-B433-8ECF802620FD}C:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game | "UDP Query User{91B3CC7D-835B-408C-AC59-1CD0382CD097}D:\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe | "UDP Query User{93C38A78-A567-4D05-A3C3-9E363C97138F}E:\transformers2\binaries\tfoc.exe" = protocol=17 | dir=in | app=e:\transformers2\binaries\tfoc.exe | "UDP Query User{9B725CF1-F6CF-4806-A235-46C365BA8B45}E:\marvel heroes beta\unrealengine3\binaries\win32\marvelgame.exe" = protocol=17 | dir=in | app=e:\marvel heroes beta\unrealengine3\binaries\win32\marvelgame.exe | "UDP Query User{A1B7CF1C-C4DB-445A-A049-5280D47C5EFB}E:\prototype2\prototype2.exe" = protocol=17 | dir=in | app=e:\prototype2\prototype2.exe | "UDP Query User{A4F650F1-0854-43E7-B8BB-875AA1C504F2}E:\swtorbeta\launcher.exe" = protocol=17 | dir=in | app=e:\swtorbeta\launcher.exe | "UDP Query User{ACBBBC45-964E-4F29-B33E-A04BB454790D}D:\steam\steamapps\common\eve online\bin\exefile.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\eve online\bin\exefile.exe | "UDP Query User{AE988385-7493-4415-984A-F217DB5AAF4E}E:\amalur\reckoning.exe" = protocol=17 | dir=in | app=e:\amalur\reckoning.exe | "UDP Query User{B63BB2D6-E18C-4FC1-9198-E095E584656B}C:\program files (x86)\sony\station\launchpad\launchpad.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sony\station\launchpad\launchpad.exe | "UDP Query User{B93E1079-36F9-45A3-8193-6A6F5E0FB5A8}C:\program files (x86)\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\spotify.exe | "UDP Query User{BB513791-E97A-475F-B2D5-F683DABE016E}E:\sr3\saintsrowthethird_dx11.exe" = protocol=17 | dir=in | app=e:\sr3\saintsrowthethird_dx11.exe | "UDP Query User{BDFB14EB-6964-4952-B7EC-94B2701DC18D}E:\b2\binaries\win32\borderlands2.exe" = protocol=17 | dir=in | app=e:\b2\binaries\win32\borderlands2.exe | "UDP Query User{C398CE3E-DC18-44B9-8AB3-2D544EEB2FC9}E:\codbo\blackops.exe" = protocol=17 | dir=in | app=e:\codbo\blackops.exe | "UDP Query User{C3E46E51-219D-4A9F-97BD-4E231439B977}E:\worldoftanks\worldoftanks.exe" = protocol=17 | dir=in | app=e:\worldoftanks\worldoftanks.exe | "UDP Query User{C90E8675-409C-4953-89EB-B719D79B2BB8}E:\worldoftanks\wotlauncher.exe" = protocol=17 | dir=in | app=e:\worldoftanks\wotlauncher.exe | "UDP Query User{CB36F774-0B5E-402C-9ED2-6AFA7C415114}D:\nedlastet\diablo-iii-setup-engb.exe" = protocol=17 | dir=in | app=d:\nedlastet\diablo-iii-setup-engb.exe | "UDP Query User{D52E6300-DD89-4FD3-A976-8D8D86B0A0FC}E:\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=e:\guild wars 2\gw2.exe | "UDP Query User{D6450A59-4157-4D41-90FA-118926629F38}D:\games\eq\eqvoiceservice.exe" = protocol=17 | dir=in | app=d:\games\eq\eqvoiceservice.exe | "UDP Query User{DAEFB43E-E8CD-4A0D-A773-1E0402E886F0}D:\steam\steamapps\common\the witcher 2\bin\witcher2.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\the witcher 2\bin\witcher2.exe | "UDP Query User{E4733F22-94C4-4863-A35B-A73CB882083B}C:\program files (x86)\spotimote\spotimote.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spotimote\spotimote.exe | "UDP Query User{EF96F517-DDB1-4451-8544-E4037DAF274F}E:\dmc\binaries\win32\dmc-devilmaycry.exe" = protocol=17 | dir=in | app=e:\dmc\binaries\win32\dmc-devilmaycry.exe | "UDP Query User{F0BC62CC-8027-4983-995F-B16C1B634B65}E:\dishonored\dishonored\binaries\win32\dishonored.exe" = protocol=17 | dir=in | app=e:\dishonored\dishonored\binaries\win32\dishonored.exe | "UDP Query User{F3906504-AF5E-4A35-B45B-D1E9D06F16B4}C:\unified remote\remoteserver.exe" = protocol=17 | dir=in | app=c:\unified remote\remoteserver.exe | "UDP Query User{F5938BB7-31C7-41F7-B7DB-3E845C3D2C65}D:\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe | "UDP Query User{F6A0FA5A-D982-4FBB-AF1E-0DC4943E49A4}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64 "{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = Media Player Classic - Home Cinema v1.5.2.3456 x64 "{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support "{38AFD787-4D2E-4442-92D2-7739F5F92CF4}_is1" = SoftPerfect WiFi Guard version 1.0.0 "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64 "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{704C0303-D20C-45AF-BD2B-556EAF31BE09}" = iCloud "{7DBFFECE-904C-470E-9322-4F0353B753DD}" = Microsoft Antimalware Service NB-NO Language Pack "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64 "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64 "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64 "{AEF6C676-D7A2-4487-BD4B-1BED17B229B5}" = Microsoft Mouse and Keyboard Center "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision-driver 314.22 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA kontrollpanel 314.22 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafikkdriver 314.22 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.1 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Driver til 3D Vision-kontroller 314.22 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX systemprogramvare 9.12.1031 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA oppdateringer 3.10.8 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Driver for HD-lyd 1.3.23.1 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64 "{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client "{D9C50188-12D5-4D3E-8F00-682346C2AA5F}" = Microsoft Xbox 360 Accessories 1.2 "{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client NB-NO Language Pack "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Adobe Photoshop Ext CS5 English Lang_is1" = Adobe Photoshop Extended CS5 Official English Language Pack "EPSON PX710W Series" = Avinstaller skriver EPSON PX710W Series "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft Mouse and Keyboard Center" = Microsoft Mouse and Keyboard Center "Microsoft Security Client" = Microsoft Security Essentials "TeamSpeak 3 Client" = TeamSpeak 3 Client "WinRAR archiver" = WinRAR 4.00 (64-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{09CF6AF5-9206-4FD7-9B08-BA6819FB47E3}" = Anno 1404 "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1 "{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5 "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java 6 Update 31 "{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21 "{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver "{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations "{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic "{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service "{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404 "{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print "{4198AE83-A3C6-4C41-85C8-EC63E990696E}" = Crysis®3 "{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple-programsupport "{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = Epson Event Manager "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1 "{53450FA2-E900-456E-9715-501000008200}" = Virtua Tennis 4™ "{534A31BD-20F4-46b0-85CE-09778379663C}" = Mass Effect™ 3 "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7204BDEE-1A48-4D95-A964-44A9250B439E}" = Facebook Messenger 2.1.4814.0 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{745D37C2-26F4-4B65-BA13-F9840EBFA75B}" = Might & Magic Heroes VI "{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™ "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195 "{98813202-6C6E-4ABE-A128-6E8FB3368BE0}" = Photobucket Backup "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AB8AADDB-E980-492D-B8F0-E7C52E9B20CC}" = EverQuest: Escape to Norrath "{AC76BA86-7AD7-1044-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Norsk "{AEA26C08-FC1C-474F-9766-6C0887998B6B}" = OpenOffice.org 3.3 "{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime "{B48E264C-C8CD-4617-B0BE-46E977BAD694}" = ANNO 2070 "{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287 "{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D4329609-4102-4F8C-B83F-7FE024EEA314}" = Dead Space™ 3 "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player "{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}" = Far Cry 3 "{E829EED6-D748-40C8-92DF-87FD22E6BCEE}" = SlimCleaner "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable "{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}" = SimCity™ "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "{FFFAE01B-466F-4C07-9821-A94FD753BDDA}" = EpsonNet Setup "8461-7759-5462-8226" = Vuze "Acoustica Effects Pack" = Acoustica Effects Pack "Acoustica Mixcraft 5" = Acoustica Mixcraft 5 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "AIMP2" = AIMP2 "Battlelog Web Plugins" = Battlelog Web Plugins "Binary Domain_is1" = Binary Domain "BioShock Infinite_is1" = BioShock Infinite "BitRaider Web Client" = BitRaider Web Client "Borderlands 2_is1" = Borderlands 2 "Call of Duty: Black Ops_is1" = Call of Duty: Black Ops "Champions Online" = Champions Online "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "Cities XL 2012" = Cities XL 2012 "Clover" = Clover 2.0 "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "Darksiders II_is1" = Darksiders II "Diablo III" = Diablo III "DMC Devi May Cry © Capcom_is1" = DMC Devi May Cry © Capcom version 1 "EPSON Scanner" = EPSON Scan "EQ2MAP Updater" = EQ2MAP Updater 1.2.8 "ESN Sonar-0.70.4" = ESN Sonar "FileZilla Client" = FileZilla Client 3.5.0 "GFWL_{53450FA2-E900-456E-9715-501000008200}" = Virtua Tennis 4™ "Gizmo Central" = Gizmo Central "GOGPACKOMERTA_is1" = Omerta - City of Gangsters "Google Chrome" = Google Chrome "Guild Wars 2" = Guild Wars 2 "HandBrake" = HandBrake 0.9.6 "Hitman Absolution_is1" = Hitman Absolution "ImgBurn" = ImgBurn "InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform devise leder "Jagged Alliance - Back in Action_is1" = Jagged Alliance - Back in Action "marvelheroesbeta" = Marvel Heroes "MyTools" = MyTools "NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "OpenAL" = OpenAL "Opera 12.15.1748" = Opera 12.15 "Origin" = Origin "Premiumplay Codec-C" = Premiumplay Codec-C "PunkBusterSvc" = PunkBuster Services "Quick Memory Editor_is1" = Quick Memory Editor 5.7 "Renoise_is1" = Renoise 2.7.1 "Rockstar Games Social Club" = Rockstar Games Social Club "Saints Row The Third_is1" = Saints Row The Third "Social for Facebook_is1" = Social for Facebook 2 "Spotify" = Spotify "spotimote" = spotimote "StarCraft II" = StarCraft II "Steam App 10500" = Empire: Total War "Steam App 17080" = Tribes: Ascend "Steam App 17450" = Dragon Age: Origins "Steam App 200510" = XCOM: Enemy Unknown "Steam App 20540" = Company of Heroes: Tales of Valor "Steam App 20920" = The Witcher 2 "Steam App 231550" = Company of Heroes 2 - Beta Stress Test "Steam App 24980" = Mass Effect 2 "Steam App 33230" = Assassin's Creed II "Steam App 34030" = Napoleon: Total War "Steam App 34330" = Total War: SHOGUN 2 "Steam App 41500" = Torchlight "Steam App 47900" = Dragon Age II "Steam App 48220" = Might & Magic ® Heroes ® VI "Steam App 48240" = Anno 2070 "Steam App 57620" = Patrician IV: Steam Special Edition "Steam App 72850" = The Elder Scrolls V: Skyrim "Steam App 98300" = Toy Soldiers "The KMPlayer" = The KMPlayer (remove only) "The Secret World_is1" = The Secret World "Tombraider_is1" = Tombraider "Transformers Fall of Cybertron_is1" = Transformers Fall of Cybertron "Uplay" = Uplay "VLC media player" = VLC media player 2.0.1 "Warlock - Master of the Arcane © Paradox Interactive_is1" = Warlock - Master of the Arcane © Paradox Interactive version 1 "YTubePlayer_is1" = YTubePlayer ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "101a9f93b8f0bb6f" = Curse Client "b352a799ff501dab" = TunlrControl "Dropbox" = Dropbox "optimizer_chrome" = Widevine Media Optimizer Chrome 6.0.0 "SkyDriveSetup.exe" = Microsoft SkyDrive "SOE-EverQuest II" = EverQuest II "SOE-PlanetSide 2 Beta" = PlanetSide 2 Beta "Spotify" = Spotify ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 24.04.2013 21:19:01 | Computer Name = Main-PC | Source = Windows Search Service | ID = 3028 Description = Error - 24.04.2013 21:19:01 | Computer Name = Main-PC | Source = Windows Search Service | ID = 3058 Description = Error - 24.04.2013 21:19:01 | Computer Name = Main-PC | Source = Windows Search Service | ID = 7010 Description = Error - 26.04.2013 06:05:37 | Computer Name = Main-PC | Source = Google Update | ID = 20 Description = Error - 26.04.2013 10:56:00 | Computer Name = Main-PC | Source = Application Hang | ID = 1002 Description = Programmet TombRaider.exe versjon 1.0.716.5 sluttet å samhandle med Windows og ble lukket. Hvis du vil se om det finnes mer informasjon tilgjengelig om problemet, ser du i problemloggen i kontrollpanelet for Handlingssenter. Prosess-ID: 17d0 Starttidspunkt: 01ce427a3305d297 Avslutningstidspunkt: 282 Programbane: E:\tombraider\TombRaider.exe Rapport-ID: Error - 29.04.2013 10:47:50 | Computer Name = Main-PC | Source = Application Error | ID = 1000 Description = Programnavn med feil: Photoshop.exe, versjon: 12.0.0.0, tidsangivelse: 0x4bbc5b10 Modulnavn med feil: Photoshop.exe, versjon: 12.0.0.0, tidsangivelse: 0x4bbc5b10 Unntakskode: 0xc0000005 Feilforskyvning: 0x00000000010255ca Feil prosess-ID: 0x25cc Feil starttid for program: 0x01ce44c168d233f3 Feil programbane: C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe Feil modulbane: C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe Rapport-ID: c3366274-b0db-11e2-8a77-f46d0499301a Error - 29.04.2013 12:25:34 | Computer Name = Main-PC | Source = Application Hang | ID = 1002 Description = Programmet chrome.exe versjon 26.0.1410.64 sluttet å samhandle med Windows og ble lukket. Hvis du vil se om det finnes mer informasjon tilgjengelig om problemet, ser du i problemloggen i kontrollpanelet for Handlingssenter. Prosess-ID: 1520 Starttidspunkt: 01ce44f4ecfb18c3 Avslutningstidspunkt: 54 Programbane: C:\Users\Main\AppData\Local\Google\Chrome\Application\chrome.exe Rapport-ID: 67ac8891-b0e9-11e2-8a6b-f46d0499301a Error - 10.05.2013 21:33:49 | Computer Name = Main-PC | Source = Microsoft-Windows-Defrag | ID = 257 Description = Error - 12.05.2013 04:58:28 | Computer Name = Main-PC | Source = Application Hang | ID = 1002 Description = Programmet spotify.exe versjon 0.9.0.133 sluttet å samhandle med Windows og ble lukket. Hvis du vil se om det finnes mer informasjon tilgjengelig om problemet, ser du i problemloggen i kontrollpanelet for Handlingssenter. Prosess-ID: a74 Starttidspunkt: 01ce4eeeaa3078d3 Avslutningstidspunkt: 5 Programbane: C:\Program Files (x86)\Spotify\spotify.exe Rapport-ID: 18c277da-bae2-11e2-801f-f46d0499301a Error - 12.05.2013 06:00:26 | Computer Name = Main-PC | Source = Application Hang | ID = 1002 Description = Programmet Opera.exe versjon 12.15.1748.0 sluttet å samhandle med Windows og ble lukket. Hvis du vil se om det finnes mer informasjon tilgjengelig om problemet, ser du i problemloggen i kontrollpanelet for Handlingssenter. Prosess-ID: 1714 Starttidspunkt: 01ce4ef763fa4342 Avslutningstidspunkt: 6 Programbane: C:\Program Files (x86)\Opera\Opera.exe Rapport-ID: c22ed3ad-baea-11e2-886f-f46d0499301a Error - 12.05.2013 13:06:43 | Computer Name = Main-PC | Source = Application Hang | ID = 1002 Description = Programmet spotify.exe versjon 0.9.0.133 sluttet å samhandle med Windows og ble lukket. Hvis du vil se om det finnes mer informasjon tilgjengelig om problemet, ser du i problemloggen i kontrollpanelet for Handlingssenter. Prosess-ID: c7c Starttidspunkt: 01ce4f328df37cac Avslutningstidspunkt: 12 Programbane: C:\Program Files (x86)\Spotify\spotify.exe Rapport-ID: 4d5bb201-bb26-11e2-a2fc-f46d0499301a [ System Events ] Error - 12.05.2013 05:18:02 | Computer Name = Main-PC | Source = EventLog | ID = 6008 Description = Forrige avslutning av systemet klokken 11:14:48 den ?12.?05.?2013 var uventet. Error - 12.05.2013 05:18:03 | Computer Name = MAIN-PC | Source = SCardSvr | ID = 602 Description = Error - 12.05.2013 05:18:03 | Computer Name = MAIN-PC | Source = SCardSvr | ID = 602 Description = Error - 12.05.2013 13:02:36 | Computer Name = Main-PC | Source = EventLog | ID = 6008 Description = Forrige avslutning av systemet klokken 18:59:50 den ?12.?05.?2013 var uventet. Error - 12.05.2013 13:02:37 | Computer Name = Main-PC | Source = SCardSvr | ID = 602 Description = Error - 12.05.2013 13:02:37 | Computer Name = Main-PC | Source = SCardSvr | ID = 602 Description = Error - 12.05.2013 13:02:40 | Computer Name = Main-PC | Source = Service Control Manager | ID = 7038 Description = Tjenesten nvUpdatusService kan ikke logge på som .\UpdatusUser med det gjeldende konfigurerte passordet på grunn av følgende feil: %%1330 Bruk snapin-modulen Tjenester i MMC (Microsoft Management Console) til å konfigurere tjenesten riktig. Error - 12.05.2013 13:02:40 | Computer Name = Main-PC | Source = Service Control Manager | ID = 7000 Description = Tjenesten NVIDIA Update Service Daemon kan ikke starte på grunn av følgende feil: %%1069 Error - 12.05.2013 15:18:44 | Computer Name = Main-PC | Source = Disk | ID = 262151 Description = Enheten \Device\Harddisk0\DR0 har en dårlig blokk. Error - 12.05.2013 15:18:45 | Computer Name = Main-PC | Source = Disk | ID = 262151 Description = Enheten \Device\Harddisk0\DR0 har en dårlig blokk. < End of report > Lenke til kommentar
mobile999 Skrevet 12. mai 2013 Del Skrevet 12. mai 2013 Error - 12.05.2013 15:18:44 | Computer Name = Main-PC | Source = Disk | ID = 262151 Description = Enheten \Device\Harddisk0\DR0 har en dårlig blokk. Error - 12.05.2013 15:18:45 | Computer Name = Main-PC | Source = Disk | ID = 262151 Description = Enheten \Device\Harddisk0\DR0 har en dårlig blokk. Kjør Harddisk "reparasjon" og oppdater meg på om maskinen fungerer bedre. Instruksjoner på engelsk følger: Click Start and type CMD in the start search box. When CMD is found, right click it and choose "Run as Administrator" At the Command Prompt type the following: Now type in CHKDSK C: /R and hit the Enter/Return key (Note the space between C: and /R). When prompted with:CHKDSK cannot run because the volume is in use by another process. Would you like to schedule this volume to be checked next time the system restarts (Y/N) Hit the Y key. Now Reboot (Restart) your computer. Note: Upon Reboot (Restart) the CHKDSK (check-disk) will start and carry out any repairs required. Note: Do not touch either the keyboard or Mouse, otherwise the Check-Disk will be canceled and you computer will continue to boot-up as normal. Note: When CHKDSK has completed its scans, the machine will proceed to load and Boot to Windows. Lenke til kommentar
Argentum Skrevet 13. mai 2013 Forfatter Del Skrevet 13. mai 2013 (endret) Må nok teste litt videre, men inntil videre kan jeg kjøre Chrome uten problemer, så det virker som en harddisk-sjekk var tingen. Også lærte jeg et par nye triks å ty til. Takker for den Edit: hadde ikke før sagt det så frøs systemet igjen. Skal kjøre ny otl og se om jeg får noe mer info utav det. edit2: Fikk kun vanlige OTL-filen ved scan nå. Vedlagt: OTL logfile created on: 13.05.2013 13:49:04 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Main\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000414 | Country: Norge | Language: NOR | Date Format: dd.MM.yyyy 15,99 Gb Total Physical Memory | 13,03 Gb Available Physical Memory | 81,46% Memory free 31,98 Gb Paging File | 28,97 Gb Available in Paging File | 90,58% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 931,51 Gb Total Space | 725,62 Gb Free Space | 77,90% Space Free | Partition Type: NTFS Drive D: | 1397,26 Gb Total Space | 899,10 Gb Free Space | 64,35% Space Free | Partition Type: NTFS Drive E: | 465,76 Gb Total Space | 66,60 Gb Free Space | 14,30% Space Free | Partition Type: NTFS Unable to calculate disk information. Computer Name: MAIN-PC | User Name: Main | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days ========== Processes (SafeList) ========== PRC - [2013.05.12 21:15:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Main\Desktop\OTL.exe PRC - [2013.05.12 11:59:23 | 000,879,456 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe PRC - [2013.05.05 11:59:22 | 004,573,184 | ---- | M] (Spotify Ltd) -- C:\Program Files (x86)\Spotify\spotify.exe PRC - [2013.05.05 11:59:16 | 001,105,408 | ---- | M] (Spotify Ltd) -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe PRC - [2013.05.04 01:35:30 | 001,635,752 | ---- | M] (Valve Corporation) -- D:\Steam\Steam.exe PRC - [2013.04.27 19:27:23 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Users\Main\AppData\Local\Facebook\Update\FacebookUpdate.exe PRC - [2013.04.09 10:47:58 | 000,320,000 | ---- | M] (Photobucket) -- C:\Program Files (x86)\Photobucket Backup\Photobucket.App.exe PRC - [2013.04.05 00:41:44 | 025,863,280 | ---- | M] (Dropbox, Inc.) -- C:\Users\Main\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2013.03.24 10:46:24 | 000,976,672 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe PRC - [2013.03.14 22:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2013.03.07 22:32:38 | 000,248,240 | ---- | M] (Facebook) -- C:\Users\Main\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe PRC - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.12.07 18:22:22 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2011.06.19 14:40:04 | 000,034,728 | ---- | M] (Arainia Solutions) -- C:\Program Files (x86)\Gizmo\gservice.exe PRC - [2010.09.16 14:06:22 | 000,080,896 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe PRC - [2009.04.07 09:13:10 | 000,673,616 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe PRC - [2006.12.19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe ========== Modules (No Company Name) ========== MOD - [2013.05.12 11:59:25 | 000,312,832 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll MOD - [2013.05.12 11:59:25 | 000,158,208 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll MOD - [2013.05.12 11:59:25 | 000,101,888 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll MOD - [2013.05.12 11:59:25 | 000,096,256 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll MOD - [2013.05.12 11:59:25 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll MOD - [2013.05.12 11:59:25 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll MOD - [2013.05.12 11:59:25 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll MOD - [2013.05.12 11:59:25 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll MOD - [2013.05.12 11:59:25 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll MOD - [2013.05.12 11:59:25 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll MOD - [2013.05.12 11:59:24 | 000,835,584 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll MOD - [2013.05.12 11:59:24 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll MOD - [2013.05.05 11:59:16 | 024,985,600 | ---- | M] () -- C:\Program Files (x86)\Spotify\Data\libcef.dll MOD - [2013.05.04 01:35:30 | 001,114,536 | ---- | M] () -- D:\Steam\bin\chromehtml.dll MOD - [2013.04.24 04:30:08 | 000,652,800 | ---- | M] () -- D:\Steam\SDL2.dll MOD - [2013.03.31 16:12:42 | 000,121,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inte#\1c0f43f162489dc2021aa09db8dfabda\System.Windows.Interactivity.ni.dll MOD - [2013.03.31 16:12:41 | 000,766,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\log4net\14d83eecd50cfd510718262afd2fca79\log4net.ni.dll MOD - [2013.03.27 02:16:40 | 020,341,672 | ---- | M] () -- D:\Steam\bin\libcef.dll MOD - [2013.03.13 22:48:52 | 024,978,944 | ---- | M] () -- C:\Users\Main\AppData\Roaming\Dropbox\bin\libcef.dll MOD - [2013.03.12 22:20:27 | 014,717,144 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll MOD - [2013.03.07 22:32:40 | 021,014,960 | ---- | M] () -- C:\Users\Main\AppData\Local\Facebook\Messenger\2.1.4814.0\libcef.dll MOD - [2013.03.07 22:32:38 | 000,292,272 | ---- | M] () -- C:\Users\Main\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.dll MOD - [2013.03.07 22:32:38 | 000,179,632 | ---- | M] () -- C:\Users\Main\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.WinForms.dll MOD - [2013.02.15 05:28:34 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll MOD - [2013.02.15 04:08:21 | 001,880,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\75b362975753a31559874bea5609e59c\System.Deployment.ni.dll MOD - [2013.01.10 08:23:13 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll MOD - [2013.01.10 08:23:01 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll MOD - [2013.01.10 08:22:59 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll MOD - [2013.01.10 08:22:59 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll MOD - [2013.01.10 08:22:54 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll MOD - [2013.01.09 21:40:04 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\ac9e3eca6c148504588e7c6d09fe83e3\System.Management.ni.dll MOD - [2013.01.09 21:39:47 | 013,345,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\52588e18078ea592ce9cc2399b624a15\System.Data.Entity.ni.dll MOD - [2013.01.09 21:39:05 | 000,194,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\47479aabdb346a716ba90335ebd0c25f\System.ComponentModel.DataAnnotations.ni.dll MOD - [2013.01.09 21:38:55 | 000,096,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\a1b65a602c75409c0c1ce7fa1f2a0983\UIAutomationProvider.ni.dll MOD - [2013.01.09 21:38:54 | 001,189,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.OracleC#\aad0fd94c3d1be97f53ce20c138490de\System.Data.OracleClient.ni.dll MOD - [2013.01.09 21:38:48 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\5ea93652e4752c75bc6fbb195b4eb864\System.Runtime.Remoting.ni.dll MOD - [2013.01.09 21:38:47 | 000,787,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\1d254fbc811d0de6c54a9d9c428c4497\System.EnterpriseServices.ni.dll MOD - [2013.01.09 21:38:46 | 000,649,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\dcb0e7d56ffca14d7c483103235b11ad\System.Transactions.ni.dll MOD - [2013.01.09 21:38:46 | 000,236,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\1d254fbc811d0de6c54a9d9c428c4497\System.EnterpriseServices.Wrapper.dll MOD - [2013.01.09 21:38:45 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\910fe53ec2122cf3a2ad11c2b2f5cbfd\System.Runtime.Serialization.ni.dll MOD - [2013.01.09 21:38:43 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\d01a925ecd339eae8ea1da8488eb2283\System.Xml.Linq.ni.dll MOD - [2013.01.09 21:38:28 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dll MOD - [2013.01.09 21:38:26 | 000,044,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Accessibility\e290208a6d4ea4451ac118f1e0c3b488\Accessibility.ni.dll MOD - [2013.01.09 21:30:16 | 018,002,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\14f511c47523f19ca591eb207e9e2084\PresentationFramework.ni.dll MOD - [2013.01.09 21:30:07 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e10fd15441d278c04a03302880a3e231\PresentationCore.ni.dll MOD - [2013.01.09 21:30:06 | 006,815,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\9071f089ab65d518d1bd7e8fa857a95f\System.Data.ni.dll MOD - [2013.01.09 21:30:06 | 001,616,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\e6f1669a51fbf73520ae79dca19f005e\Microsoft.CSharp.ni.dll MOD - [2013.01.09 21:30:03 | 000,377,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\ebd8e7de507b634d15b3e16614270f06\System.Dynamic.ni.dll MOD - [2013.01.09 21:30:02 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\27dcf04ed7a3506045597c02a5a1fc31\System.Core.ni.dll MOD - [2013.01.09 21:30:00 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll MOD - [2013.01.09 21:30:00 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\7a9ff5ce3a909d075179a2ac70d8f388\WindowsBase.ni.dll MOD - [2013.01.09 21:29:59 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\dfeff31ab1e7cd3480c8942290c92f5d\PresentationFramework.Aero.ni.dll MOD - [2013.01.09 21:29:58 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll MOD - [2013.01.09 21:29:58 | 000,745,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Security\581e9ba9c81e2840a917fbd3d9661f85\System.Security.ni.dll MOD - [2013.01.09 21:29:57 | 009,094,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll MOD - [2013.01.09 21:29:57 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5de5d8c1c02e33789e3cf7e3f54c0ec9\System.Configuration.ni.dll MOD - [2013.01.09 21:29:53 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll MOD - [2013.01.09 21:29:53 | 000,145,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\c300c8ca0910bbffb16a244b56be6d05\System.Numerics.ni.dll MOD - [2012.12.11 19:51:10 | 001,100,800 | ---- | M] () -- D:\Steam\bin\avcodec-53.dll MOD - [2012.12.11 19:51:10 | 000,192,000 | ---- | M] () -- D:\Steam\bin\avformat-53.dll MOD - [2012.12.11 19:51:10 | 000,124,416 | ---- | M] () -- D:\Steam\bin\avutil-51.dll MOD - [2012.11.14 01:32:50 | 003,558,400 | ---- | M] () -- C:\Users\Main\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll MOD - [2012.05.30 20:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2012.05.30 20:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2010.11.13 03:41:38 | 000,290,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_no_b77a5c561934e089\mscorlib.resources.dll MOD - [2009.03.12 15:45:32 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll MOD - [2008.11.21 13:58:42 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll ========== Services (SafeList) ========== SRV - [2013.05.12 22:09:55 | 000,938,776 | ---- | M] (BitRaider, LLC) [On_Demand | Stopped] -- C:\ProgramData\bitraider\BRSptSvc.exe -- (BRSptSvc) SRV - [2013.03.24 10:41:08 | 001,927,968 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2013.03.14 22:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2013.03.12 22:20:28 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.01.27 12:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Programfiler\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV - [2013.01.27 12:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programfiler\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2013.01.08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.12.07 18:22:22 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012.08.15 18:44:42 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Paused] -- D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService) SRV - [2011.09.22 10:46:18 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011.06.19 14:40:04 | 000,034,728 | ---- | M] (Arainia Solutions) [Auto | Running] -- C:\Program Files (x86)\Gizmo\gservice.exe -- (Gizmo Central) SRV - [2010.09.16 14:06:22 | 000,080,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007.12.17 13:00:00 | 000,163,840 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE -- (EPSON_EB_RPCV4_01) SRV - [2007.01.11 13:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01) SRV - [2006.12.19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.03.22 10:52:16 | 000,186,880 | ---- | M] (HID Global Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cxbu0x64.sys -- (cxbu0x64) DRV:64bit: - [2013.02.12 06:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx) DRV:64bit: - [2013.01.20 16:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2012.12.19 07:41:52 | 000,194,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2012.11.15 03:38:20 | 000,040,712 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6) DRV:64bit: - [2012.11.15 03:33:20 | 000,042,248 | ---- | M] (AnchorFree Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\hssdrv6.sys -- (HssDRV6) DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012.08.01 20:13:40 | 000,038,632 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss) DRV:64bit: - [2012.06.26 21:38:30 | 000,046,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64) DRV:64bit: - [2012.05.11 07:34:14 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) DRV:64bit: - [2012.05.11 07:34:12 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:64bit: - [2012.04.25 12:11:36 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.11.05 19:36:30 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:64bit: - [2011.11.05 19:36:29 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:64bit: - [2011.06.19 14:40:07 | 000,034,704 | ---- | M] (Arainia Solutions LLC) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gizmodrv.sys -- (GizmoDrv) DRV:64bit: - [2011.06.10 07:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.06.25 16:08:10 | 000,036,928 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot) DRV:64bit: - [2010.05.15 13:11:48 | 001,327,520 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV:64bit: - [2009.11.01 19:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64) DRV:64bit: - [2009.08.13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:64bit: - [2009.07.16 05:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 02:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2013.04.19 13:46:55 | 000,074,024 | ---- | M] (BitRaider) [File_System | On_Demand | Stopped] -- C:\ProgramData\bitraider\BRDriver64.sys -- (BRDriver64) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (All) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://no.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nb-NO IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CE B4 2C 29 F3 4E CE 01 [binary data] IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "https://accounts.google.com/ServiceLoginAuth|https://www.facebook.com/|http://www.blogger.com/home|http://forum.kvinneguiden.no/|https://www.diskusjon.no/" FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.4 FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.172 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Users\Main\AppData\LocalLow\Sony Online Entertainment\npsoe.dll () FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Main\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Main\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Main\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Main\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.) [2012.06.26 19:12:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Main\AppData\Roaming\mozilla\Extensions [2012.06.29 10:57:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Main\AppData\Roaming\mozilla\Firefox\Profiles\ejff5n0q.default\extensions [2012.06.26 19:17:28 | 000,109,964 | ---- | M] () (No name found) -- C:\Users\Main\AppData\Roaming\mozilla\firefox\profiles\ejff5n0q.default\extensions\[email protected] [2012.06.29 10:57:44 | 000,743,305 | ---- | M] () (No name found) -- C:\Users\Main\AppData\Roaming\mozilla\firefox\profiles\ejff5n0q.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi File not found (No name found) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5 [2013.02.16 00:31:23 | 000,186,432 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: http://www.google.com/ig CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll CHR - plugin: Java Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: SOE Web Installer (Enabled) = C:\Users\Main\AppData\LocalLow\Sony Online Entertainment\npsoe.dll CHR - plugin: Facebook Desktop (Enabled) = C:\Users\Main\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - Extension: Google Docs = C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Google Drive = C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: QR-Code Tag Extension = C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcfddoencoiedfjgepnlhcpfikgaogdg\0.7.9_0\ CHR - Extension: YouTube = C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Adblock Plus = C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\ CHR - Extension: Google Search = C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: MaskMe = C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpkiidbpeijnaaacjlfnijncdlkicejg\1.15.200_0\ CHR - Extension: Mail Checker Plus for Google Mail™ = C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\gffjhibehnempbkeheiccaincokdjbfe\1.3.19_0\ CHR - Extension: Google Calendar (by Google) = C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich\1.3.1_0\ CHR - Extension: FlashBlock = C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl\0.9.31_0\ CHR - Extension: SearchPreview = C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo\2.9_0\ CHR - Extension: Codec-V = C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.23.75_0\crossrider CHR - Extension: Codec-V = C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.23.75_0\ CHR - Extension: Google Dictionary (by Google) = C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.17_0\ CHR - Extension: Media Hint = C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbogbchcdigifagelnlmhlenmofdgbao\0.1.12_0\ CHR - Extension: Gmail = C:\Users\Main\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2011.06.19 14:57:11 | 000,000,867 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com #Adobe Block O2:64bit: - BHO: (ExplorerWatcher Class) - {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} - C:\Program Files (x86)\Clover\TabHelper64.dll (EJIE Soft Studio) O2:64bit: - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No CLSID value found. O2 - BHO: (Premiumplay Codec-C) - {11111111-1111-1111-1111-110011041135} - C:\Program Files (x86)\Premiumplay Codec-C\Premiumplay Codec-C.dll (WebPicks) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:64bit: - HKLM..\Run: [intelliPoint] c:\Program Files\Microsoft Device Center\ipoint.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [intelliType Pro] c:\Program Files\Microsoft Device Center\itype.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation) O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [Photobucket Backup] C:\Program Files (x86)\Photobucket Backup\Photobucket.App.exe (Photobucket) O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle Corporation) O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [Epson Stylus Photo PX710W(Nettverk)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFSE.EXE /FU "C:\Windows\TEMP\E_S53D5.tmp" /EF "HKCU" File not found O4 - HKCU..\Run: [Facebook Update] C:\Users\Main\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKCU..\Run: [GizmoDriveDelegate] C:\Program Files (x86)\Gizmo\gizmo.exe (Arainia Solutions) O4 - HKCU..\Run: [Google Update] C:\Users\Main\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) O4 - HKCU..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) O4 - HKCU..\Run: [skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) O4 - HKCU..\Run: [spotify] C:\Program Files (x86)\Spotify\Spotify.exe (Spotify Ltd) O4 - HKCU..\Run: [spotify Web Helper] C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O4 - HKCU..\Run: [steam] D:\Steam\steam.exe (Valve Corporation) O4 - Startup: C:\Users\Main\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Main\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\Main\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\Main\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programfiler\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.21.2) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.21.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.100 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{13EB4956-F91B-4204-9C36-EC90B28DA9DE}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4201C03D-6E10-4A37-B41E-CDEBDED03893}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7542E423-DB7C-4452-867D-CFDB8FFEC3EB}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FCBB6F98-4A89-4844-B094-E0139E0F6950}: DhcpNameServer = 192.168.0.100 O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation) O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation) O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation) O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation) O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation) O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation) O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation) O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation) O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation) O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 7 Days ========== [2013.05.12 21:15:03 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Main\Desktop\OTL.exe [2013.05.12 18:57:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2013.05.11 22:40:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2013.05.11 22:40:30 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013.05.11 22:40:30 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2013.05.11 22:40:30 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013.05.10 11:13:47 | 000,000,000 | ---D | C] -- C:\Users\Main\AppData\Roaming\Opera [2013.05.10 11:13:47 | 000,000,000 | ---D | C] -- C:\Users\Main\AppData\Local\Opera [2013.05.10 11:13:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 7 Days ========== [2013.05.13 13:36:24 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.05.13 13:36:24 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.05.13 13:35:09 | 001,355,550 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.05.13 13:35:09 | 000,652,166 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.05.13 13:35:09 | 000,492,510 | ---- | M] () -- C:\Windows\SysNative\perfh014.dat [2013.05.13 13:35:09 | 000,121,098 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.05.13 13:35:09 | 000,094,300 | ---- | M] () -- C:\Windows\SysNative\perfc014.dat [2013.05.13 13:32:08 | 000,000,984 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.05.13 13:32:00 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4093237729-1801006139-1280472821-1001UA.job [2013.05.13 13:29:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.05.13 13:28:59 | 4287,930,366 | -HS- | M] () -- C:\hiberfil.sys [2013.05.13 13:20:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.05.13 13:01:00 | 000,000,988 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.05.13 12:53:00 | 000,000,998 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4093237729-1801006139-1280472821-1001UA.job [2013.05.13 02:53:00 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4093237729-1801006139-1280472821-1001Core.job [2013.05.12 21:15:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Main\Desktop\OTL.exe [2013.05.12 19:32:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4093237729-1801006139-1280472821-1001Core.job [2013.05.12 19:07:04 | 000,000,053 | ---- | M] () -- C:\Users\Main\Desktop\Netflix - Watch TV Shows Online, Watch Movies Online.url [2013.05.12 11:59:25 | 000,001,793 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk [2013.05.11 16:09:14 | 000,001,456 | ---- | M] () -- C:\Users\Main\AppData\Local\Adobe Save for Web 12.0 Prefs [2013.05.10 13:09:05 | 000,000,000 | ---- | M] () -- C:\END [2013.05.06 19:14:20 | 000,000,000 | ---- | M] () -- C:\Windows\EEventManager.INI [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.05.12 19:07:04 | 000,000,053 | ---- | C] () -- C:\Users\Main\Desktop\Netflix - Watch TV Shows Online, Watch Movies Online.url [2013.05.12 18:56:53 | 000,000,988 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.05.12 18:56:52 | 000,000,984 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.05.12 11:59:25 | 000,001,805 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk [2013.05.12 11:59:25 | 000,001,793 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk [2013.05.06 19:14:20 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI [2013.04.30 00:14:20 | 000,000,104 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc [2013.04.27 21:58:00 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat [2013.04.27 21:58:00 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat [2013.04.27 21:58:00 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat [2013.04.27 21:58:00 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat [2013.04.27 21:58:00 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat [2013.04.27 21:58:00 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat [2013.04.27 21:58:00 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat [2013.04.27 21:58:00 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat [2013.04.27 21:58:00 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat [2013.04.27 21:58:00 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat [2013.04.27 21:58:00 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat [2013.04.27 21:58:00 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat [2013.04.27 21:58:00 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat [2013.04.27 21:58:00 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat [2013.04.27 21:58:00 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat [2013.04.27 21:58:00 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat [2013.04.27 21:58:00 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat [2013.04.27 21:58:00 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat [2013.04.27 21:58:00 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini [2012.08.22 00:48:10 | 000,000,017 | ---- | C] () -- C:\Users\Main\AppData\Local\resmon.resmoncfg [2012.07.06 17:11:17 | 000,000,132 | ---- | C] () -- C:\Users\Main\AppData\Roaming\Adobe PNG Format CS5 Prefs [2012.07.04 23:38:41 | 000,413,396 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2011.10.27 20:10:13 | 002,580,552 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2011.09.12 21:20:01 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011.09.12 21:19:57 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011.06.19 17:47:09 | 000,001,456 | ---- | C] () -- C:\Users\Main\AppData\Local\Adobe Save for Web 12.0 Prefs [2011.06.18 01:20:08 | 000,034,754 | ---- | C] () -- C:\Windows\Ascd_log.ini [2011.06.18 01:19:23 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2011.06.18 01:19:21 | 000,026,966 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2011.06.18 01:04:00 | 001,334,386 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.06.10 18:15:58 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\.minecraft [2011.06.23 11:40:58 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Acoustica [2011.07.06 10:43:00 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\AIMP [2013.04.19 13:48:26 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Awesomium [2013.05.12 11:00:55 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Azureus [2012.03.02 05:47:32 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\bc [2013.04.13 17:05:13 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2012.03.22 17:13:31 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Command and Conquer 4 [2013.04.06 01:20:01 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Curse Advertising [2012.02.23 03:21:02 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\DarknessII [2011.09.24 23:07:43 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Day 1 Studios [2013.05.13 13:33:20 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Dropbox [2013.04.29 17:32:39 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Epson [2012.03.24 19:02:53 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\GameFly [2011.06.19 14:40:09 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Gizmo [2013.01.22 15:34:51 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\HandBrake [2013.01.14 20:26:39 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\IDM [2011.08.31 23:23:47 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Kalypso Media [2011.10.22 17:02:21 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Might & Magic Heroes VI [2013.02.17 01:07:42 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Omerta [2011.06.28 14:02:15 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\OpenOffice.org [2013.05.12 11:59:28 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Opera [2013.02.27 17:49:57 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Origin [2013.04.30 00:15:30 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Photobucket [2011.09.12 21:19:53 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\PunkBuster [2011.06.27 21:07:40 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Renoise [2011.06.27 19:42:54 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Rift [2013.05.13 13:34:42 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Spotify [2013.03.19 22:39:26 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\spotimote [2013.04.19 18:25:59 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2011.06.23 13:19:48 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\SynthMaker [2012.04.22 20:26:28 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\The Creative Assembly [2012.11.25 19:45:21 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Theta [2012.09.30 14:16:34 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\TS3Client [2012.04.04 22:34:41 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Ubisoft [2013.04.11 14:54:11 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Unified Remote [2012.12.21 13:25:24 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Wargaming.net [2013.04.29 17:46:31 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\Windows Live Writer [2012.12.27 19:06:54 | 000,000,000 | ---D | M] -- C:\Users\Main\AppData\Roaming\ytplayer ========== Purity Check ========== < End of report > Endret 13. mai 2013 av Argentum Lenke til kommentar
mobile999 Skrevet 13. mai 2013 Del Skrevet 13. mai 2013 For å skaffe ny Extras.txt gjør du følgende: Start OTL, sørg for at alle radio-knapper ved siden av "None" er valgt (dette er en del). Radio-knappen under "Extra Registry" skal stå på "Use safelist". Klikk deretter "Run Scan" (ikke Quick Scan!). Etter kort tid dukker det opp to logger derav en ny Extras.txt Lenke til kommentar
mobile999 Skrevet 13. mai 2013 Del Skrevet 13. mai 2013 (endret) Avles S.M.A.R.T ved å bruke HD tune eller HD Tune Pro (15 dagers trial). Jeg testet med HD Tune og fikk av en eller annen grunn ikke opp smart dataene, måtte bruke pro-versjonen. Se etter "Reallocated sector count", se screenshot. Programmet har egen knapp for å lagre screenshot, bruk den og post bildet. Endret 13. mai 2013 av mobile999 Lenke til kommentar
Argentum Skrevet 14. mai 2013 Forfatter Del Skrevet 14. mai 2013 Ser ut som det fungerer. Siste krasj ble forårsaket av en beta-applikasjon. Tror det er urelatert. Kommer likevel til å teste ut programmene du har foreslått Takker mye for hjelp. Anser saken som løst. Lenke til kommentar
mobile999 Skrevet 14. mai 2013 Del Skrevet 14. mai 2013 (endret) Avinstaller Java™ 6 Update 31 og oppdater Adobe Reader X (10.1.6) - Norsk (sikkerhetsrisiko). Du kan bruke Secunia online software inspector til å sjekke om det er noe annet som bør oppdateres. Bruk gjerne denne en gang i uken. Java bør ikke oppdateres via Secunia, da blir det trøbbel med nettbaken. Endret 14. mai 2013 av mobile999 Lenke til kommentar
Argentum Skrevet 15. mai 2013 Forfatter Del Skrevet 15. mai 2013 Med tanke på at harddiskene (billige sådan) har holdt ut så lenge som de har, så synes jeg at det var lurt å gi dem litt fri. Har bestilt meg et par nye som skal ta over. Regner med dette vil løse den ustabiliteten som er igjen. Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå