Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- OTL Extras logfile created on: 10/22/2012 9:18:18 PM - Run 1
- OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\user\Downloads\Programs
- 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
- Internet Explorer (Version = 8.0.7601.17514)
- Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
- 1.98 Gb Total Physical Memory | 0.81 Gb Available Physical Memory | 40.90% Memory free
- 3.95 Gb Paging File | 2.11 Gb Available in Paging File | 53.36% Paging File free
- Paging file location(s): ?:\pagefile.sys [binary data]
- %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
- Drive C: | 172.69 Gb Total Space | 123.35 Gb Free Space | 71.43% Space Free | Partition Type: NTFS
- Drive E: | 125.30 Gb Total Space | 63.17 Gb Free Space | 50.42% Space Free | Partition Type: NTFS
- Computer Name: USER-PC | User Name: user | Logged in as Administrator.
- Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
- Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
- [color=#E56717]========== Extra Registry (SafeList) ==========[/color]
- [color=#E56717]========== File Associations ==========[/color]
- [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
- .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
- .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
- .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
- .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
- [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
- .html [@ = FlockHTML] -- C:\Program Files (x86)\Flock\flock.exe (Flock, Inc.)
- [color=#E56717]========== Shell Spawning ==========[/color]
- [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
- batfile [open] -- "%1" %*
- cmdfile [open] -- "%1" %*
- comfile [open] -- "%1" %*
- exefile [open] -- "%1" %*
- helpfile [open] -- Reg Error: Key error.
- http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
- https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
- inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
- InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
- InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
- piffile [open] -- "%1" %*
- regfile [merge] -- Reg Error: Key error.
- scrfile [config] -- "%1"
- scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
- scrfile [open] -- "%1" /S
- txtfile [edit] -- Reg Error: Key error.
- Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
- Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
- Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
- Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
- Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
- Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
- Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
- Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
- Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
- Folder [explore] -- Reg Error: Value error.
- Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
- batfile [open] -- "%1" %*
- cmdfile [open] -- "%1" %*
- comfile [open] -- "%1" %*
- cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
- exefile [open] -- "%1" %*
- helpfile [open] -- Reg Error: Key error.
- http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
- https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
- inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
- piffile [open] -- "%1" %*
- regfile [merge] -- Reg Error: Key error.
- scrfile [config] -- "%1"
- scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
- scrfile [open] -- "%1" /S
- txtfile [edit] -- Reg Error: Key error.
- Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
- Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
- Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
- Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
- Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
- Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
- Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
- Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
- Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
- Folder [explore] -- Reg Error: Value error.
- Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
- [color=#E56717]========== Security Center Settings ==========[/color]
- [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
- "cval" = 1
- [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
- [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
- "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
- "AntiVirusOverride" = 0
- "AntiSpywareOverride" = 0
- "FirewallOverride" = 0
- [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
- [color=#E56717]========== Firewall Settings ==========[/color]
- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
- "DisableNotifications" = 0
- "EnableFirewall" = 1
- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
- "DisableNotifications" = 0
- "EnableFirewall" = 1
- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
- "DisableNotifications" = 0
- "EnableFirewall" = 1
- [color=#E56717]========== Authorized Applications List ==========[/color]
- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
- "C:\Program Files (x86)\Sierra Wireless Inc\3G Watcher\SwiApiMux.exe" = C:\Program Files (x86)\Sierra Wireless Inc\3G Watcher\SwiApiMux.exe:*:Enabled:SwiApiMux -- (Sierra Wireless, Inc.)
- "C:\Program Files (x86)\Sierra Wireless Inc\3G Watcher\TRUUpdater.exe" = C:\Program Files (x86)\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe:*:Enabled:TRUUpdater -- (Sierra Wireless, Inc.)
- "C:\Program Files (x86)\Sierra Wireless Inc\WebUpdater\SwiApiMux.exe" = C:\Program Files (x86)\Sierra Wireless Inc\WebUpdater\SwiApiMux.exe:*:Enabled:SwiApiMux -- (Sierra Wireless, Inc.)
- "C:\Program Files (x86)\Sierra Wireless Inc\3G Watcher\SwiApiMux.exe" = C:\Program Files (x86)\Sierra Wireless Inc\3G Watcher\SwiApiMux.exe:*:Enabled:SwiApiMux -- (Sierra Wireless, Inc.)
- "C:\Program Files (x86)\Sierra Wireless Inc\3G Watcher\TRUUpdater.exe" = C:\Program Files (x86)\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe:*:Enabled:TRUUpdater -- (Sierra Wireless, Inc.)
- "C:\Program Files (x86)\Sierra Wireless Inc\WebUpdater\SwiApiMux.exe" = C:\Program Files (x86)\Sierra Wireless Inc\WebUpdater\SwiApiMux.exe:*:Enabled:SwiApiMux -- (Sierra Wireless, Inc.)
- [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
- "{03134D5B-E1EE-4FA0-B996-20040EF62EF1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
- "{10D862FC-5526-473E-91CA-1DBF566F26CD}" = rport=138 | protocol=17 | dir=out | app=system |
- "{14881642-DA99-448D-9388-04FC9B3466C4}" = lport=10243 | protocol=6 | dir=in | app=system |
- "{175E58FE-FEC1-44D5-9317-18010D854551}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
- "{1F971768-876E-4616-B331-32EB152D5CEB}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
- "{37053D91-D02C-43E9-9B94-ACF8640FC3EF}" = lport=2869 | protocol=6 | dir=in | app=system |
- "{3989D25D-9483-4EED-AD22-69795E116BD1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
- "{3FB0A8EA-4697-49DA-9B5F-207B8B58CA55}" = lport=139 | protocol=6 | dir=in | app=system |
- "{4D7A8278-0EF3-4940-8ABA-435307A7F3CB}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
- "{5F098451-6034-4DC3-8E6A-5B512400D16A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
- "{6661FCD8-D801-4888-808E-231A087CF0AD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
- "{6E68DF70-5A94-49B8-8E72-F317A56078B5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
- "{7556E784-211C-4641-AA46-99BBE52A8E92}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
- "{7DB8E95D-74CE-4636-B8D8-FE839A27A5E2}" = rport=2869 | protocol=6 | dir=out | app=system |
- "{859819F6-9B04-4960-A0BF-C3DE371BD913}" = rport=445 | protocol=6 | dir=out | app=system |
- "{895B62FE-F3A9-486C-8876-5066FF73F291}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
- "{90956AF0-1D24-4BBB-A65D-8FC0BA393336}" = rport=139 | protocol=6 | dir=out | app=system |
- "{925F34AE-4BA7-4A53-9598-67A54C2DB4B1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
- "{97C5E08F-5022-4EAE-AF60-B201BECCC47D}" = rport=10243 | protocol=6 | dir=out | app=system |
- "{9BDCA46E-C5A7-4C2A-BA72-E79BBEEAED4A}" = lport=138 | protocol=17 | dir=in | app=system |
- "{BE6AC828-AE4A-4C96-AF1B-5FFA9AEEE1B6}" = lport=2869 | protocol=6 | dir=in | app=system |
- "{C4DFDAFE-52DF-4C88-AEB0-D9ED719A1B0B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
- "{C8DC6F83-E708-4E62-B644-6B4E202A76AA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
- "{CFAD21DA-CA38-410B-ACE5-EFE42D700F25}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
- "{D334A835-8170-41D8-AFFD-909B35FBBDFA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
- "{EA8055D2-A9BF-4E5C-B007-6F9029629A9D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
- "{EB206441-0734-4460-9609-D53080FE5DE2}" = lport=137 | protocol=17 | dir=in | app=system |
- "{ED82A8C6-F4FE-40F4-B378-4EB450218E88}" = lport=445 | protocol=6 | dir=in | app=system |
- "{F04E4646-C11D-45D6-9C83-D4EC4E74B897}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
- "{F5178D6E-3E0B-4556-95D3-47D641668315}" = rport=137 | protocol=17 | dir=out | app=system |
- [color=#E56717]========== Vista Active Application Exception List ==========[/color]
- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
- "{099C1A2C-0D3F-48EC-898A-AFDBDDE79E8C}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
- "{0F2DF978-6BA5-4848-8A9F-2C535475A017}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
- "{17FB491A-A4F2-4971-A4E4-AFD26790CC11}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
- "{1C914352-A391-4B1A-A9A9-4AA111C484AE}" = protocol=17 | dir=in | app=c:\program files (x86)\windows ilivid toolbar\datamngr\toolbar\dtuser.exe |
- "{215DFCC3-2A8C-4E73-9E91-BC0FA374EC83}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yserver.exe |
- "{2346AB98-8230-4AD5-97FB-C1AA27174ABB}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
- "{2B7B3E93-6417-4B33-B3EF-DF399451D27C}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
- "{34F0D8C4-1E1F-4EED-80FE-0F258A51B421}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
- "{378CC0AF-142D-4AE4-8E11-8C1DCD18A22F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
- "{4BF017E5-148A-4119-8265-8A414589ED1D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
- "{508C3852-57A1-48AF-A515-37335F78528D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
- "{5120771F-B2F9-46D9-87D9-CA232A7F0E36}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
- "{53FDDBE9-EE60-40E7-9850-6565B1B698D6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
- "{548A8B2A-46EC-4FFB-85A0-74EEFE443CD0}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
- "{5F8BE8A0-FB64-4927-9FB5-CCD38310FC23}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
- "{61CBF7B3-952F-47B4-9DF2-DDE427DB20A3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
- "{6981AABC-78C9-4837-A486-537AB917A7F0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
- "{915E00B5-BFDE-4071-88EB-6F694149DDB7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
- "{94DA3A65-B555-47DD-A0DE-18D82F351B2E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
- "{A03C1F6F-8D6F-4862-AF50-EE6625CB3F7E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
- "{A2AAE6E0-A9A0-4AEE-BC49-2EB8B3EC8340}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
- "{A85EC412-CAD2-4B84-9B36-4B0F244378B2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
- "{B13A845E-1BA3-4BB9-9A14-9FAC9AFBA471}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
- "{B458804B-9075-44E2-BEA4-9A9E3D72AD76}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
- "{B4631A43-CAE9-4AA7-A1AE-2EFB263B2F16}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
- "{C6DF341A-5AE2-4586-BBC9-59F89113D3EC}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yserver.exe |
- "{C8859832-15FF-49CE-9081-247A6DFECE42}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
- "{D0F89C15-5B46-4B97-B35A-F6E9548073D7}" = protocol=6 | dir=out | app=system |
- "{D8A114D6-E785-4878-90DD-F29AF0F2E463}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
- "{DA09667D-2DA9-4028-B5CF-B394FBF38B7C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
- "{E5E463F6-0F59-47EE-B3C1-83E1AEBC88AC}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
- "{F2B01E61-D850-445A-BC88-4962A19387C5}" = protocol=6 | dir=in | app=c:\program files (x86)\windows ilivid toolbar\datamngr\toolbar\dtuser.exe |
- "{F3107799-EB94-46DE-9F87-7307D3902249}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
- "{FD3AE917-D325-4F6C-90D3-3EC60A8CF7D4}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
- "TCP Query User{0D2C3E8D-1F41-417A-8EED-44BE6274B979}C:\program files\battle realms\battle_realms_f.exe" = protocol=6 | dir=in | app=c:\program files\battle realms\battle_realms_f.exe |
- "TCP Query User{2F00F743-D7D9-4D74-915E-7B31B2C39B12}C:\skypeportable\app\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\skypeportable\app\skype\phone\skype.exe |
- "TCP Query User{309112FA-639C-4700-B1FB-FD48A2238BBC}E:\battle realms\battle_realms_f.exe" = protocol=6 | dir=in | app=e:\battle realms\battle_realms_f.exe |
- "TCP Query User{462B26E9-3EBD-4426-B7E2-6D03D12C2E60}C:\program files (x86)\3do\heroes3\heroes3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\3do\heroes3\heroes3.exe |
- "TCP Query User{483921F8-5D26-4FCD-AB56-0EA68386228D}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
- "TCP Query User{739BDF03-8BAF-4896-A9A7-841CD662D5EC}C:\skypeportable\app\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\skypeportable\app\skype\phone\skype.exe |
- "TCP Query User{F945BEFD-7E0B-420B-9792-94E88D4AB41C}C:\program files (x86)\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe |
- "UDP Query User{34B7E6BF-B0A8-46F1-8F17-A6ACD7203364}C:\program files\battle realms\battle_realms_f.exe" = protocol=17 | dir=in | app=c:\program files\battle realms\battle_realms_f.exe |
- "UDP Query User{4B5A953B-C744-4F86-9F97-A7DF73C3A074}C:\program files (x86)\3do\heroes3\heroes3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\3do\heroes3\heroes3.exe |
- "UDP Query User{7DB0C69B-80C8-4F46-8731-D22BF76055D3}C:\program files (x86)\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe |
- "UDP Query User{8F2A7858-9866-44DE-9C03-5BEFFDAFC0A9}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
- "UDP Query User{AC1901D7-2E9D-499F-8461-37D8F588ECDF}C:\skypeportable\app\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\skypeportable\app\skype\phone\skype.exe |
- "UDP Query User{BA26A4B2-BC34-4AF6-ABA8-17B7DE14BC51}C:\skypeportable\app\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\skypeportable\app\skype\phone\skype.exe |
- "UDP Query User{F0C545CB-0BC2-4F70-99F8-7962330BD56D}E:\battle realms\battle_realms_f.exe" = protocol=17 | dir=in | app=e:\battle realms\battle_realms_f.exe |
- [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
- 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
- "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2700_series" = Canon iP2700 series Printer Driver
- "{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
- "{244BF058-E89B-4761-82E3-D105FE487BE4}" = Macrium Reflect - Free Edition
- "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
- "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
- "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
- "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
- "{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
- "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
- "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 268.83
- "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 268.83
- "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 268.83
- "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.23.3
- "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
- "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
- "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
- "CCleaner" = CCleaner
- "CPUID CPU-Z_is1" = CPUID CPU-Z 1.59
- "Elantech" = ETDWare PS/2-X64 8.0.5.3_WHQL
- "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
- "{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
- "{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = Sonic Focus
- "{17D26CDD-B87C-412B-92F0-2D5DD4313522}" = Facebook Messenger 2.1.4651.0
- "{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
- "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
- "{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
- "{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
- "{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart
- "{38253529-D97D-4901-AE53-5CC9736D3A2E}" = ASUS AI Recovery
- "{50B00A1F-CB20-4AAB-A448-66B24B1E83A9}" = Adobe Photoshop CS5
- "{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
- "{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
- "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
- "{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
- "{6E67710E-206D-43AB-BF21-E7CD63056C55}_is1" = System Ninja version 2.1.0.0
- "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
- "{878CADF7-5BD6-4A29-A6F4-AC51C0CE8068}" = Alcor Micro USB Card Reader
- "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
- "{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
- "{8F9C77FF-C017-4B12-BA71-A3A53BD52775}_is1" = AnyBizSoft PDF Converter (Build 2.0.2)
- "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
- "{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
- "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
- "{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
- "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
- "{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
- "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
- "{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
- "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
- "{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
- "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
- "{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
- "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
- "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
- "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
- "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
- "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
- "{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
- "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
- "{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
- "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
- "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
- "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
- "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
- "{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
- "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
- "{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
- "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
- "{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
- "{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
- "{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
- "{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
- "{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
- "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
- "{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
- "{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
- "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
- "{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
- "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
- "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
- "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
- "{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
- "{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
- "{DFD30824-6BD0-34E1-ABE8-308AD3CBB9A0}" = Google Talk Plugin
- "{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
- "{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
- "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
- "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
- "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
- "{F1AFD1D1-3536-4614-8333-6B1B256E806F}" = Sierra Wireless Watcher
- "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
- "{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
- "{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
- "7-Zip" = 7-Zip 9.20
- "Adobe AIR" = Adobe AIR
- "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
- "Adobe Photoshop 7.0" = Adobe Photoshop 7.0
- "ASUS K3 Series ScreenSaver" = ASUS K3 Series ScreenSaver
- "AsusScr_K3 Series_ENG" = AsusScr_K3 Series_ENG
- "Autodesk DWF Viewer" = Autodesk DWF Viewer
- "Cool Edit Pro 2.1" = Cool Edit Pro 2.1
- "ENTERPRISE" = Microsoft Office Enterprise 2007
- "Fingerprint Reader Driver_is1" = Fingerprint Reader Driver 2.2.3
- "Flock (2.5.2)" = Flock (2.5.2)
- "Football Manager 2012_is1" = Football Manager 2012
- "Google Chrome" = Google Chrome
- "InstallShield_{878CADF7-5BD6-4A29-A6F4-AC51C0CE8068}" = Alcor Micro USB Card Reader
- "Internet Download Manager" = Internet Download Manager
- "Kamus2" = Kamus 2.03
- "KLiteCodecPack_is1" = K-Lite Codec Pack 2.81 Full
- "Mobile Partner" = Mobile Partner
- "Mozilla Firefox 17.0 (x86 en-US)" = Mozilla Firefox 17.0 (x86 en-US)
- "MozillaMaintenanceService" = Mozilla Maintenance Service
- "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
- "PhotoScape" = PhotoScape
- "Total Video Converter 3.61_is1" = Total Video Converter 3.61 100319
- "VLC media player" = VLC media player 2.0.3
- "Warcraft III" = Warcraft III
- "WhiteSmokeTranslator" = WhiteSmokeTranslator
- "Winamp" = Winamp
- "WinPcapInst" = WinPcap 4.1.2
- "WinRAR archiver" = WinRAR archiver
- [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
- "Warcraft III" = Warcraft III: All Products
- [color=#E56717]========== Last 20 Event Log Errors ==========[/color]
- [ Application Events ]
- Error - 10/21/2012 9:44:24 PM | Computer Name = user-PC | Source = Application Error | ID = 1000
- Description = Faulting application name: FBAgent.exe, version: 1.0.10.0, time stamp:
- 0x4d6f576c Faulting module name: FBAgent.exe, version: 1.0.10.0, time stamp: 0x4d6f576c
- Exception
- code: 0xc0000005 Fault offset: 0x000000000002d802 Faulting process id: 0x604 Faulting
- application start time: 0x01cdaff6b5c302e1 Faulting application path: C:\Windows\system32\FBAgent.exe
- Faulting
- module path: C:\Windows\system32\FBAgent.exe Report Id: 01991468-1bea-11e2-87d1-14dae95dc61c
- Error - 10/21/2012 9:49:05 PM | Computer Name = user-PC | Source = Google Update | ID = 20
- Description =
- Error - 10/21/2012 9:51:33 PM | Computer Name = user-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
- Description = The performance strings in the Performance registry value is corrupted
- when process Performance extension counter provider. The BaseIndex value from the
- Performance registry is the first DWORD in the Data section, LastCounter value
- is the second DWORD in the Data section, and LastHelp value is the third DWORD in
- the Data section.
- Error - 10/21/2012 9:51:33 PM | Computer Name = user-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
- Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
- failed. The first DWORD in the Data section contains the error code.
- Error - 10/21/2012 11:23:49 PM | Computer Name = user-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
- Description = The performance strings in the Performance registry value is corrupted
- when process Performance extension counter provider. The BaseIndex value from the
- Performance registry is the first DWORD in the Data section, LastCounter value
- is the second DWORD in the Data section, and LastHelp value is the third DWORD in
- the Data section.
- Error - 10/21/2012 11:23:49 PM | Computer Name = user-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
- Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
- failed. The first DWORD in the Data section contains the error code.
- Error - 10/22/2012 1:26:41 AM | Computer Name = user-PC | Source = Application Error | ID = 1000
- Description = Faulting application name: FBAgent.exe, version: 1.0.10.0, time stamp:
- 0x4d6f576c Faulting module name: FBAgent.exe, version: 1.0.10.0, time stamp: 0x4d6f576c
- Exception
- code: 0xc0000005 Fault offset: 0x000000000002d802 Faulting process id: 0x604 Faulting
- application start time: 0x01cdb015c3f3ca64 Faulting application path: C:\Windows\system32\FBAgent.exe
- Faulting
- module path: C:\Windows\system32\FBAgent.exe Report Id: 0ec79e4a-1c09-11e2-8884-14dae95dc61c
- Error - 10/22/2012 1:32:43 AM | Computer Name = user-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
- Description = The performance strings in the Performance registry value is corrupted
- when process Performance extension counter provider. The BaseIndex value from the
- Performance registry is the first DWORD in the Data section, LastCounter value
- is the second DWORD in the Data section, and LastHelp value is the third DWORD in
- the Data section.
- Error - 10/22/2012 1:32:43 AM | Computer Name = user-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
- Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
- failed. The first DWORD in the Data section contains the error code.
- Error - 10/22/2012 3:36:32 AM | Computer Name = user-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
- Description = The performance strings in the Performance registry value is corrupted
- when process Performance extension counter provider. The BaseIndex value from the
- Performance registry is the first DWORD in the Data section, LastCounter value
- is the second DWORD in the Data section, and LastHelp value is the third DWORD in
- the Data section.
- Error - 10/22/2012 3:36:32 AM | Computer Name = user-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
- Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
- failed. The first DWORD in the Data section contains the error code.
- [ OSession Events ]
- Error - 9/24/2012 2:12:27 AM | Computer Name = user-PC | Source = Microsoft Office 12 Sessions | ID = 7001
- Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
- 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8484
- seconds with 1620 seconds of active time. This session ended with a crash.
- Error - 10/4/2012 10:33:36 PM | Computer Name = user-PC | Source = Microsoft Office 12 Sessions | ID = 7001
- Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
- 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 441
- seconds with 300 seconds of active time. This session ended with a crash.
- [ System Events ]
- Error - 10/21/2012 9:56:20 PM | Computer Name = user-PC | Source = Server | ID = 2505
- Description = The server could not bind to the transport \Device\NetBT_Tcpip_{44829754-1240-48D2-9C50-C3C81DCE6732}
- because another computer on the network has the same name. The server could not
- start.
- Error - 10/21/2012 9:56:20 PM | Computer Name = user-PC | Source = NetBT | ID = 4321
- Description = The name "USER-PC :20" could not be registered on the interface
- with IP address 192.168.1.2. The computer with the IP address 169.254.96.0 did not
- allow the name to be claimed by this computer.
- Error - 10/21/2012 9:56:20 PM | Computer Name = user-PC | Source = NetBT | ID = 4321
- Description = The name "USER-PC :0" could not be registered on the interface
- with IP address 192.168.1.2. The computer with the IP address 169.254.96.0 did not
- allow the name to be claimed by this computer.
- Error - 10/22/2012 1:25:57 AM | Computer Name = user-PC | Source = sptd | ID = 262148
- Description = Driver detected an internal error in its data structures for .
- Error - 10/22/2012 1:26:27 AM | Computer Name = user-PC | Source = Service Control Manager | ID = 7009
- Description = A timeout was reached (30000 milliseconds) while waiting for the Mobile
- Partner. OUC service to connect.
- Error - 10/22/2012 1:26:27 AM | Computer Name = user-PC | Source = Service Control Manager | ID = 7000
- Description = The Mobile Partner. OUC service failed to start due to the following
- error: %%1053
- Error - 10/22/2012 1:26:50 AM | Computer Name = user-PC | Source = Service Control Manager | ID = 7034
- Description = The AFBAgent service terminated unexpectedly. It has done this 1
- time(s).
- Error - 10/22/2012 1:26:50 AM | Computer Name = user-PC | Source = Service Control Manager | ID = 7026
- Description = The following boot-start or system-start driver(s) failed to load:
- sptd
- Error - 10/22/2012 3:50:08 AM | Computer Name = user-PC | Source = ipnathlp | ID = 31004
- Description =
- Error - 10/22/2012 4:09:35 AM | Computer Name = user-PC | Source = ipnathlp | ID = 31004
- Description =
- < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement