OTL Extras logfile created on: 9/12/2011 13:38:05 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder =
C:\Users\Timothy_2\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type
= NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000813 | Country: België | Language: NLB | Date Format:
d/MM/yyyy
1,99 Gb Total Physical Memory | 0,89 Gb Available Physical Memory | 44,83%
Memory free
4,21 Gb Paging File | 3,09 Gb Available in Paging File | 73,37% Paging File
free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program
Files
Drive C: | 458,44 Gb Total Space | 237,50 Gb Free Space | 51,81% Space Free |
Partition Type: NTFS
Drive D: | 7,32 Gb Total Space | 1,25 Gb Free Space | 17,11% Space Free |
Partition Type: NTFS
Drive E: | 141,40 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free |
Partition Type: UDF
Drive K: | 465,65 Gb Total Space | 68,13 Gb Free Space | 14,63% Space Free |
Partition Type: FAT32
Drive M: | 465,65 Gb Total Space | 30,29 Gb Free Space | 6,50% Space Free |
Partition Type: FAT32
Computer Name: TIMOTHY | User Name: Timothy_2 | Logged in as
Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name
Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft
Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft
Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft
Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft
Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft
Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft
Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft
Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft
Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft
Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft
Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft
Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft
Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft
Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft
Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft
Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft
Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft
Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\system32\mshta.exe "%1" %* (Microsoft
Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
(Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
(Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML
"%1"
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending
-osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1"
(Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft
Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft
Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft
Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft
Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe"
"C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe"
"C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft
Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft
Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft
Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft
Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft
Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft
Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft
Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft
Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft
Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft
Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3"
"%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft
Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft
Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft
Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft
Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft
Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft
Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft
Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft
Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft
Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft
Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe
%SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Add to archive] -- "C:\Program Files\PeaZip\PEAZIP.EXE"
"-add2multi" "%1" (Giorgio Tani)
Directory [Browse path with PeaZip] -- "C:\Program Files\PeaZip\PEAZIP.EXE"
"-ext2browsepath" "%1" (Giorgio Tani)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft
Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L
(Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet
Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program
Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security
Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms
EU\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms
EU\Engine.exe:*Enabled:Engine.exe -- (Nexon)
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat
Arms\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat
Arms\Engine.exe:*Enabled:Engine.exe -- (Nexon)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms
EU\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms
EU\Engine.exe:*Enabled:Engine.exe -- (Nexon)
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data
over 1000 bytes]
"C:\Users\Josephine\AppData\Local\Kamuse\KCSTrayDownloader\KCSTrayDownloaderEngine.exe"
= [String data over 1000 bytes]
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat
Arms\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat
Arms\Engine.exe:*Enabled:Engine.exe -- (Nexon)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00069931-6BC8-447E-A962-6E1792C1FF56}" = lport=137 | protocol=17 | dir=in |
app=system |
"{05C44039-0035-4550-956B-828BF122DA3F}" = rport=3702 | protocol=17 | dir=out
| svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{08399A8E-D449-447E-B288-B4B0EEB854A4}" = lport=5358 | protocol=6 | dir=in |
app=system |
"{0F3C26E2-67B0-40EE-87EB-8D1FC4EF02C9}" = rport=3702 | protocol=17 | dir=out
| app=c:\windows\system32\netproj.exe |
"{0FA673F3-576C-45AD-BA40-2C5942AFEE29}" = lport=445 | protocol=6 | dir=in |
app=system |
"{12ECE25C-8B5E-4F81-A0BF-3FA7BA4CFE6D}" = rport=2177 | protocol=6 | dir=out
| svc=qwave | app=%systemroot%\system32\svchost.exe |
"{16AFF538-E023-4401-A5C7-BE2565A44FF3}" = rport=5355 | protocol=17 | dir=out
| svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1CC0E4AE-FCFA-4B9D-AF0C-1FC7B2E18072}" = rport=3540 | protocol=17 | dir=out
| svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{2CA9656E-9EDF-48C8-A97F-9651E340C9A7}" = lport=1900 | protocol=17 | dir=in
| svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{2FC520F3-9604-4572-8D5A-C384775993A1}" = lport=rpc | protocol=6 | dir=in |
svc=vds | app=c:\windows\system32\vds.exe |
"{3097DC73-CEE7-417D-BE71-957191F89F74}" = lport=3702 | protocol=17 | dir=in
| app=c:\windows\system32\p2phost.exe |
"{337A1216-98CE-48C1-9C84-7875A08303CD}" = rport=138 | protocol=17 | dir=out
| app=system |
"{366FA647-F7B2-440E-8EC6-0287EFFE3278}" = lport=162 | protocol=17 | dir=in |
svc=snmptrap | app=c:\windows\system32\snmptrap.exe |
"{3957690A-852D-4CD5-B603-E6C973F94EB2}" = lport=26792 | protocol=17 | dir=in
| name=bitcomet 26792 udp |
"{3A0AB13B-6B4B-4077-943B-1C6EFDE56BD8}" = rport=1723 | protocol=6 | dir=out
| app=system |
"{3ABB5004-88DB-4779-8118-063CD4243E2D}" = lport=2869 | protocol=6 | dir=in |
app=system |
"{3B35BB7E-D570-49DC-A8F3-32BB6997970C}" = rport=139 | protocol=6 | dir=out |
app=system |
"{3CB36F95-DA83-4CF3-9409-472A45A231FE}" = lport=445 | protocol=6 | dir=in |
app=system |
"{3D629C61-7F8B-4409-ADB1-F3EB785E93BB}" = lport=1900 | protocol=17 | dir=in
| svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{3F099D77-00E7-4039-83BB-3634F574E55B}" = lport=5985 | protocol=6 | dir=in |
app=system |
"{49BE4D8C-9E4D-47A7-9E2F-7EC0E85E917E}" = lport=443 | protocol=6 | dir=in |
app=system |
"{4BAA54B7-397A-474E-A69A-6CB332ABD87F}" = rport=2177 | protocol=17 | dir=out
| svc=qwave | app=%systemroot%\system32\svchost.exe |
"{51B07077-DFD0-4615-AF1D-5CCA042E73BC}" = lport=19316 | protocol=6 | dir=in
| name=bitcomet 19316 tcp |
"{53A3AB37-EBCD-45B5-A2B6-8524AA1FDEB4}" = lport=2869 | protocol=6 | dir=in |
app=system |
"{563D8A87-919C-457C-A81B-198E11F6FE85}" = lport=2177 | protocol=17 | dir=in
| svc=qwave | app=%systemroot%\system32\svchost.exe |
"{59D62104-EC1E-4FB3-9061-DD753A7A656D}" = lport=rpc-epmap | protocol=6 |
dir=in | svc=rpcss | [email protected],-28539 |
"{5A5E43EC-FE56-4626-A849-B74E25419A67}" = lport=1900 | protocol=17 | dir=in
| svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5A97F0A8-3E2C-48E7-8304-3B9769294875}" = lport=rpc-epmap | protocol=6 |
dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{5DB9EECE-0B76-400D-B766-E37CEF214C9A}" = lport=19316 | protocol=17 | dir=in
| name=bitcomet 19316 udp |
"{6AAF0746-7C47-4283-A656-2C69C911AC40}" = rport=3702 | protocol=17 | dir=out
| app=c:\windows\system32\p2phost.exe |
"{6EA26471-F27D-4B56-A8D4-8C281A77BB91}" = rport=1900 | protocol=17 | dir=out
| svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{764722FA-6322-45F3-AD16-1F8F07ECE1B5}" = rport=3540 | protocol=17 | dir=out
| svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{774A64A0-704F-4411-B163-3EBD4B963F22}" = lport=1723 | protocol=6 | dir=in |
app=system |
"{78424D5B-F58B-474F-B859-4BE609560204}" = lport=138 | protocol=17 | dir=in |
app=system |
"{790B3D3E-7ED6-4C12-92AD-E293BB6F2703}" = lport=rpc-epmap | protocol=6 |
dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{7B4D073F-A186-4AD7-AC48-6C53FE02CD75}" = lport=rpc | protocol=6 | dir=in |
app=c:\windows\system32\services.exe |
"{7B617272-0393-4374-8792-EF3661E83D8E}" = rport=3702 | protocol=17 | dir=out
| svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{7BB84AB4-10B4-49B1-BC5D-8C011F0C3A19}" = lport=135 | protocol=6 | dir=in |
svc=rpcss | app=c:\windows\system32\svchost.exe |
"{7EA82247-FEAA-47A8-9546-54D1DB22F79E}" = lport=26792 | protocol=6 | dir=in
| name=bitcomet 26792 tcp |
"{83FB335B-92CE-4DD1-86F4-3411DD0FCEB2}" = lport=3540 | protocol=17 | dir=in
| svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{869B734C-0874-45D3-B54C-2C328182AA82}" = lport=rpc | protocol=6 | dir=in |
svc=eventlog | app=c:\windows\system32\svchost.exe |
"{87A9C155-300D-4F80-BE38-23B244C8C4BE}" = rport=3587 | protocol=6 | dir=out
| svc=p2psvc | app=c:\windows\system32\svchost.exe |
"{8A7E7DC8-4BEB-4C3A-ACCD-42061C04A629}" = rport=445 | protocol=6 | dir=out |
app=system |
"{94407F0A-4408-4F80-9619-5AFF113CDC0E}" = lport=19316 | protocol=17 | dir=in
| name=bitcomet 19316 udp |
"{99D4DF28-CB94-4A6C-A844-7755634F3D6F}" = lport=445 | protocol=6 | dir=in |
app=system |
"{9D2000E6-E39E-466F-933B-FF8D1F8E6706}" = lport=2869 | protocol=6 | dir=in |
app=system |
"{A216741F-13A0-446B-A29C-151666B220FA}" = lport=rpc-epmap | protocol=6 |
dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{A4F4693F-3A00-4B38-AD54-ED233D8C02B4}" = lport=445 | protocol=6 | dir=in |
app=system |
"{A569721E-B6C8-4B40-93A1-D856B1B49BC5}" = lport=139 | protocol=6 | dir=in |
app=system |
"{A7AB5D61-A199-40B7-9AF5-12ABEC2478F8}" = lport=26792 | protocol=17 | dir=in
| name=bitcomet 26792 udp |
"{A8D25237-AABE-4F68-B98D-1BD41078802E}" = lport=33674 | protocol=17 | dir=in
| name=thunderlan(udp) |
"{A98A5E2D-D95F-4AF9-AA14-81B0321E71F4}" = lport=rpc-epmap | protocol=6 |
dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{A9DBC596-9470-4755-9660-8345AB08D4D7}" = lport=rpc | protocol=6 | dir=in |
svc=* | app=c:\windows\system32\svchost.exe |
"{AF37D09F-8DAF-47BF-B599-2FA760909125}" = lport=26792 | protocol=6 | dir=in
| name=bitcomet 26792 tcp |
"{AF4D57F1-9487-4802-9CB4-A859C6654380}" = lport=1900 | protocol=17 | dir=in
| svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{B1686AEF-4E48-4685-B5C4-17CBA6C458C6}" = lport=rpc | protocol=6 | dir=in |
app=c:\windows\system32\vdsldr.exe |
"{B37C0812-C55C-4103-A03B-5CEF85412199}" = rport=5722 | protocol=6 | dir=out
| svc=dfsr | app=c:\windows\system32\dfsr.exe |
"{B534BE65-C9D5-4681-857B-9660A0A56520}" = lport=3702 | protocol=17 | dir=in
| svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B8109C37-C870-4F4D-AC9C-EE1C55FF4A03}" = lport=1900 | protocol=17 | dir=in
| svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{B9664E97-206F-46FE-9799-B08B496C87B4}" = rport=1900 | protocol=17 | dir=out
| svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{B9949777-47F5-4EF9-B7A2-D227DD538892}" = lport=6004 | protocol=17 | dir=in
| app=c:\program files\microsoft office\office12\outlook.exe |
"{BB68D376-AE0F-4DDE-8D67-5BF9EBA944BB}" = lport=33673 | protocol=6 | dir=in
| name=thunderlan(tcp) |
"{BBB385B5-FA68-46B0-9818-4E000860272D}" = lport=1701 | protocol=17 | dir=in
| app=system |
"{BBD85063-D3BD-48D2-BB24-3F8BE4AE8158}" = lport=rpc | protocol=6 | dir=in |
svc=schedule | app=c:\windows\system32\svchost.exe |
"{BD9A8ADF-C361-4D9C-9AE3-A2EC6A1C1A8C}" = lport=3702 | protocol=17 | dir=in
| app=c:\windows\system32\netproj.exe |
"{BDC6DCCD-6E00-4728-BD71-A9A099B18C04}" = lport=80 | protocol=6 | dir=in |
[email protected],-50 |
"{BF7A7403-334B-41B7-9522-E151675A0B76}" = lport=5355 | protocol=17 | dir=in
| svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C37964BD-B148-4D4B-9319-DABB81DCB663}" = lport=rpc-epmap | protocol=6 |
dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{C7E0C775-894D-41D4-90C6-74420F9C55D5}" = lport=19316 | protocol=6 | dir=in
| name=bitcomet 19316 tcp |
"{C8424A17-8246-4DF2-AB6A-7415ECDAF72C}" = lport=1900 | protocol=17 | dir=in
| svc=ssdpsrv | app=svchost.exe |
"{CADBA3B6-3811-4AEA-BF94-E0DDD92468C9}" = rport=1900 | protocol=17 | dir=out
| svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{D0656DED-96E8-4659-9B14-538B3AFBFF86}" = rport=1900 | protocol=17 | dir=out
| svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{D0B91047-D3C1-482D-881C-79954915FB70}" = rport=1900 | protocol=17 | dir=out
| svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D3D3DEE4-B0AD-432C-B514-632EDBC6D55D}" = lport=3587 | protocol=6 | dir=in |
svc=p2psvc | app=c:\windows\system32\svchost.exe |
"{D87D7499-C493-4DD0-95FD-46E281F69AA2}" = rport=137 | protocol=17 | dir=out
| app=system |
"{DB92054A-69D6-4997-B50A-413BD5D10A9C}" = lport=5722 | protocol=6 | dir=in |
svc=dfsr | app=c:\windows\system32\dfsr.exe |
"{DCBF6EA9-42BA-4ECF-856D-39210337B944}" = lport=3540 | protocol=17 | dir=in
| svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{DD9AE878-5B10-42AF-BF81-DFE1710A248A}" = lport=3702 | protocol=17 | dir=in
| svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{DDFCA0B8-75AF-4F23-AF6F-C48F0D8CDB08}" = rport=5358 | protocol=6 | dir=out
| app=system |
"{DF3ABF38-52FA-43CA-BDE9-F2DEACEAFC24}" = lport=10243 | protocol=6 | dir=in
| app=system |
"{E2779CEA-AD5B-4FDF-B68D-F5809AAC8E51}" = lport=808 | protocol=6 | dir=in |
svc=nettcpactivator |
app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{E801A805-F46C-41A0-94F6-3DE3BBC34667}" = rport=1701 | protocol=17 | dir=out
| app=system |
"{ED1CF4D4-8514-40FC-AFF2-F073A8D4701D}" = rport=10243 | protocol=6 | dir=out
| app=system |
"{EDEDD13B-577D-4CFA-8969-52CB84A47805}" = lport=rpc | protocol=6 | dir=in |
svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{EE570BE0-2FEB-4775-9CE2-A19444B097FF}" = lport=5357 | protocol=6 | dir=in |
app=system |
"{F31040B3-60CA-46E4-950E-00CA66347F55}" = lport=2177 | protocol=6 | dir=in |
svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FC082296-DE19-4C22-A142-573D2B46A069}" = rport=5357 | protocol=6 | dir=out
| app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{023739BE-B6E7-4472-B4DE-2D30B22D1029}" = protocol=17 | dir=in |
app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{0689CF32-82DB-49CD-BE05-139D0D4845F0}" = protocol=6 | dir=in |
app=c:\windows\system32\wbem\unsecapp.exe |
"{08C09FF0-3C8E-4BC5-B5A4-808C54673838}" = protocol=6 | dir=in |
app=c:\program files\pando networks\media booster\pmb.exe |
"{0923E99D-8D91-4106-A68F-BB45A387A2DA}" = protocol=17 | dir=in |
app=c:\program files\common files\thunder network\kankan\xmp.exe |
"{0AB3B15A-BE4B-4916-991A-E99AB3EC750B}" = protocol=17 | dir=in |
app=c:\nexon\combat arms eu\nmservice.exe |
"{0BA47710-C500-401C-B08A-64B7A4B56BF3}" = dir=in | app=c:\program
files\pando networks\media booster\pmb.exe |
"{0CDDF956-E170-41CF-9687-60FD61C7CB5E}" = protocol=6 | dir=in |
app=c:\program files\thunder network\xmp4\program\xlbugreport.exe |
"{0E0C5035-E840-43B2-A369-D2D2CC7215B1}" = protocol=6 | dir=in |
app=c:\nexon\combat arms eu\nmservice.exe |
"{0F2353E5-2F8B-44D0-9F42-51A4C18BF365}" = protocol=6 | dir=in |
app=c:\nexon\combat arms eu\nmservice.exe |
"{1338A88A-8A20-4E34-B01A-48F5614ACEC0}" = protocol=17 | dir=in |
app=c:\program files\common files\thunder
network\tp\ver1\1.1.2.84_1111\xlbugreport.exe |
"{175A3373-5DB7-424F-AAE9-E7455A527A36}" = protocol=17 | dir=in |
app=c:\program files\windows collaboration\wincollab.exe |
"{185488C0-DC8B-44CB-87E0-1BBF7AE56AD7}" = protocol=17 | dir=in |
app=c:\programdata\nexoneu\ngm\ngm.exe |
"{185FBDFE-84CD-432A-8AAE-BC447DB30FBB}" = protocol=6 | dir=in |
app=c:\program files\thunder network\thunder\netmon\lsp_check.exe |
"{1A6ED39E-1720-4DE9-A130-8FB8D0D85487}" = protocol=17 | dir=in |
app=c:3\steam\steamapps\timothy110\garrysmod\hl2.exe |
"{1AC6C1E6-B513-44B3-A722-388CEC34C064}" = protocol=17 | dir=in |
app=f:\steam\steam.exe |
"{1DFB498B-C2B8-40ED-B879-8CFEBEABC102}" = protocol=6 | dir=in |
app=c:\program files\bitcomet\bitcomet.exe |
"{1E02B8D6-63BF-4E87-875F-E71B1EDB7A67}" = protocol=6 | dir=in |
app=c:\ngm\ngm.exe |
"{1EABD0C5-F73E-4517-8A97-3685C72AFF3D}" = protocol=17 | dir=in |
app=c:\program files\thunder
network\thunder\xldoctor\7.2.3.3254_3\program\xldoctorui.exe |
"{1FAED33F-4783-462B-A968-F22A5CCFFE71}" = protocol=1 | dir=out |
[email protected],-28544 |
"{23B1EDCA-4E9E-4B01-B45B-E9EBF6F96689}" = protocol=6 | dir=out |
app=c:\windows\system32\p2phost.exe |
"{24125FCC-3488-4DB1-9383-85FF63E6D216}" = protocol=6 | dir=out |
app=c:\program files\windows collaboration\wincollab.exe |
"{26A03C5F-6966-4665-8147-B0153E4859C1}" = protocol=58 | dir=in |
[email protected],-28545 |
"{2767C872-F20D-42A2-A7EB-8559A9D6A0CF}" = protocol=6 | dir=in |
app=c:\program files\ppfilm\ppfilmplayer.exe |
"{279363F7-1D7C-4F1C-920E-38358ED9606D}" = protocol=17 | dir=in |
app=c:\program files\thunder network\thunder\program\thunderliveud.exe |
"{2A2CF54D-A86D-45C0-A436-9443253583BB}" = dir=in | app=c:\program
files\windows live\messenger\msnmsgr.exe |
"{2E83A121-3277-416B-A3AD-5E792268515A}" = protocol=6 | dir=in |
app=c:\windows\system32\p2phost.exe |
"{32CCB6DB-59D0-4A38-B9C3-59D4926940C9}" = protocol=17 | dir=in |
app=c:\program files\thunder network\thunder\program\thunder.exe |
"{359BB022-1209-4DFC-A272-0DF328CE4AD3}" = protocol=6 | dir=in |
app=c:\program files\thunder network\xmp4\program\thunderliveud.exe |
"{35F83013-388A-481A-8759-6D632D849684}" = dir=in | app=c:\program
files\pando networks\media booster\pmb.exe |
"{3E760B26-FD3A-4C15-AF6B-93DD41DC5630}" = protocol=17 | dir=in |
app=c:\program files\common files\thunder
network\tp\ver1\1.1.2.84_1111\thunderliveud.exe |
"{3F4EBD10-E969-48A5-86FF-7AD7A8BB5519}" = protocol=6 | dir=in |
app=c:\program files\thunder network\thunder\program\thunderliveud.exe |
"{3F5C78A2-2DA7-4F13-B203-57775257815B}" = protocol=6 | dir=in |
app=c:\programdata\nexonus\ngm\ngm.exe |
"{420C84D4-F762-47B6-B836-5819E70BEC51}" = protocol=6 | dir=out |
app=c:\windows\system32\wudfhost.exe |
"{47AC9062-B4DD-408B-A7DE-715825F20474}" = protocol=17 | dir=in |
app=c:\program files\thunder network\xmp4\program\thunderliveud.exe |
"{4C08A30D-AA9A-4F31-8CB4-5E42B6728110}" = protocol=17 | dir=in |
app=c:\program files\bitcomet\bitcomet.exe |
"{54120DA7-718A-4F4A-8FBE-5570C1EFD8D8}" = dir=in | app=c:\program
files\pando networks\media booster\pmb.exe |
"{5449D81F-74AC-4AAE-B1A3-C9B630E694FC}" = protocol=6 | dir=in |
app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{564537B2-5CD3-4F08-A13A-718C0159C6C9}" = protocol=17 | dir=in |
app=c:\program files\thunder network\thunder\netmon\net_monitor_i.exe |
"{58AA8BBE-E255-4C64-B87B-0520C08A17E2}" = protocol=6 | dir=in |
app=f:\steam\steamapps\timothy110\condition zero\hl.exe |
"{58E38EF0-E40B-4A1E-8083-4E69D127DF22}" = protocol=6 | dir=in |
app=c:\programdata\nexoneu\ngm\ngm.exe |
"{59B9350A-1935-4237-BD3B-1362440644F5}" = protocol=6 | dir=in |
app=c:\windows\system32\netproj.exe |
"{59D4D8B0-38A0-42C3-AC98-E73BA11A69D2}" = protocol=17 | dir=in |
app=c:\program files\efusion\blackshot\system\blackshot.exe |
"{5D3F0932-9E8D-4588-8E60-120FC91B1462}" = protocol=6 | dir=in |
app=c:\program files\thunder network\thunder\program\thunder.exe |
"{5DD09528-EB9A-4D28-B299-2FB15C94F28F}" = protocol=6 | dir=in |
app=c:3\steam\steamapps\timothy110\garrysmod\hl2.exe |
"{5DDDCBC7-7A31-4565-AD17-3846A4A28624}" = protocol=17 | dir=in |
app=c:\program files\thunder network\xmp4\program\xmp.exe |
"{5E47D4EF-9B14-4B62-9BC5-C1DEDD81A2AE}" = protocol=17 | dir=out |
app=%programfiles%\windows media player\wmpnetwk.exe |
"{5E5212D2-E001-4AF2-9C4D-D7F5F3F6EAFF}" = protocol=17 | dir=in |
app=c:\programdata\nexoneu\ngm\ngm.exe |
"{64E56977-B7F0-4AB9-AC4F-6407E4E8B737}" = protocol=6 | dir=out |
svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{67DAEEAC-C42D-44ED-8785-C035F7A48F3D}" = protocol=6 | dir=in |
app=c:\program files\thunder network\xmp4\program\xmp.exe |
"{6C3C7EC6-970A-4A58-A0E4-AD453C5B4AE4}" = protocol=17 | dir=in |
app=c:\windows\system32\pnkbstrb.exe |
"{6C4A2F42-4823-4C21-8CB7-996577BB2DA9}" = protocol=6 | dir=out |
app=%programfiles%\windows media player\wmplayer.exe |
"{6CC8C6C6-4A7C-4F39-9123-12C1FE9F8BB9}" = protocol=6 | dir=in |
app=c:\program files\thunder network\xmp4\program\xmp.exe |
"{6E8847DE-33FE-433E-BD6C-268A09284E8C}" = protocol=6 | dir=out |
app=c:\windows\system32\netproj.exe |
"{7181E810-7213-431A-BD07-AC004C917A4A}" = protocol=6 | dir=in |
app=c:\windows\system32\pnkbstra.exe |
"{71AF470D-5691-477A-9381-62E5B369EC34}" = protocol=6 | dir=in |
app=c:\program files\efusion\blackshot\system\blackshot.exe |
"{72C4277A-AD5F-434C-BCB2-331D6D99FB2B}" = dir=in | app=c:\program
files\pando networks\media booster\pmb.exe |
"{7A27B0D5-64C0-4DD5-863C-CC3A4520B33E}" = protocol=17 | dir=in |
app=c:\program files\pando networks\media booster\pmb.exe |
"{7A2A2E77-5FB3-46AA-9939-6719CC1DEFC3}" = protocol=17 | dir=in |
app=f:\steam\steamapps\timothy110\condition zero\hl.exe |
"{7F6DA9CD-F74B-4DAE-B370-AA26DFF8D419}" = protocol=17 | dir=in |
app=c:\program files\pando networks\media booster\pmb.exe |
"{7FB8056B-1AE4-471C-B2C1-0EB235AD3949}" = protocol=6 | dir=in |
app=c:\program files\common files\thunder
network\tp\ver1\1.1.2.84_1111\xlbugreport.exe |
"{80E01034-8633-4E06-8F9A-12EB03A23089}" = protocol=17 | dir=in | app=c:\program files\lucasarts\star wars republic commando\gamedata\system\swrepubliccommando.exe |
"{8321C0D6-4F97-4BA3-A1E0-9811FDCE8C5A}" = protocol=6 | dir=in |
app=c:\program files\common files\thunder
network\tp\ver1\1.1.2.84_1111\thunderliveud.exe |
"{83461DC4-AE2D-43EB-8244-AC1FA35F61DA}" = protocol=17 | dir=in |
app=c:\program files\common files\thunder network\kankan\thunderservicelite.exe
|
"{842A341B-236D-4276-88EA-E64060AE46F5}" = protocol=17 | dir=in |
app=c:\program files\thunder network\xmp4\program\xlbugreport.exe |
"{84E45547-8B79-4796-976E-730CF8C397EE}" = protocol=6 | dir=in |
app=c:\program files\ppfilm\kmliveupdate.exe |
"{85CBF751-D3F8-4C94-8AA1-524D1CA68D90}" = protocol=17 | dir=in |
app=%programfiles%\windows media player\wmpnetwk.exe |
"{8AC237B4-55F8-4526-BE77-EB44017A7773}" = protocol=17 | dir=in |
app=c:\program files\thunder network\xmp4\program\xlbugreport.exe |
"{8CB92D21-0A53-4E7C-91C3-A0AF47ED23FA}" = protocol=17 | dir=in |
app=%programfiles%\windows media player\wmplayer.exe |
"{8CB95D1E-28D2-4992-ABEF-F3CFCC3126F2}" = protocol=6 | dir=out |
svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8D80321E-F695-411D-903C-333AB30D9C2C}" = dir=in | app=c:\program
files\windows live\sync\windowslivesync.exe |
"{901FAF35-848E-433A-8241-73CC5021F5AF}" = protocol=17 | dir=in |
app=c:\program files\thunder network\xmp4\program\xmp.exe |
"{95D151FE-C529-421B-B683-0CB05D9CC7C0}" = protocol=17 | dir=out |
app=%programfiles%\windows media player\wmplayer.exe |
"{95F4FC75-7DC8-47C9-A7AA-450425506A37}" = protocol=17 | dir=in |
app=c:\program files\pando networks\media booster\pmb.exe |
"{9ABB11E1-CA86-4C2D-A73D-CDA9303D664D}" = protocol=6 | dir=in |
app=c:\program files\thunder network\xmp4\program\xlbugreport.exe |
"{9D62BBD4-5EC6-4ECE-9466-8469B5C59DEC}" = protocol=6 | dir=out |
app=%programfiles%\windows media player\wmpnetwk.exe |
"{9F2F7524-6728-4DE8-9D13-1DCF799B9E9C}" = protocol=6 | dir=in |
app=c:\program files\efusion\blackshot\system\blackshot.exe |
"{A2EA0760-64D3-475E-8BAF-99D28DC3B096}" = protocol=6 | dir=in |
app=c:\program files\thunder network\thunder\netmon\net_monitor_i.exe |
"{A5D39F25-C145-4570-BE5C-671CE4F09287}" = protocol=6 | dir=out |
svc=upnphost | app=c:\windows\system32\svchost.exe |
"{A85B48EE-D263-4762-B82D-B0003E615D8B}" = protocol=6 | dir=out |
app=%programfiles%\windows media player\wmplayer.exe |
"{A947B76A-20DB-4E9D-88EC-49E3B05CAE50}" = protocol=58 | dir=out |
[email protected],-28546 |
"{A956E5F2-B1FA-4BF1-9D32-E8B7FCBC1A9F}" = protocol=6 | dir=in |
app=c:\program files\thunder
network\thunder\xldoctor\7.2.3.3254_3\program\xldoctorui.exe |
"{AD66A91A-7D42-4420-849F-A8E1CD3329B7}" = protocol=17 | dir=in |
app=c:\program files\thunder network\thunder\netmon\lsp_check.exe |
"{B1B07C10-C764-4DF3-8440-2914DA51865D}" = protocol=6 | dir=in |
app=%programfiles%\windows media player\wmpnetwk.exe |
"{B26AACDB-93FF-4AA3-AFE0-93230FE1B1DD}" = protocol=17 | dir=in |
app=c:\program files\skype\phone\skype.exe |
"{B846349B-B0D7-4BE4-9EAC-D4C72D64F012}" = protocol=17 | dir=in |
app=c:\ngm\ngm.exe |
"{B8A93C14-307B-4FFF-98A9-D25FC590B519}" = protocol=6 | dir=in |
app=c:\program files\pando networks\media booster\pmb.exe |
"{BAA762D7-B163-4686-BEAF-D06E6F4782E2}" = protocol=6 | dir=in |
app=c:\program files\ijji\ijji reactor\ijjioptimizer.exe |
"{BD9CFE23-5707-4ED8-969A-47122F7CABC6}" = protocol=6 | dir=in |
app=c:\program files\thunder network\thunder\bbinside\baidu-tb-asbar.exe |
"{C3391562-F7CD-4540-9975-80A9A932D179}" = protocol=17 | dir=in |
app=c:\nexon\combat arms eu\nmservice.exe |
"{CC725743-CB63-498A-BBCF-85BCCDE3C531}" = protocol=17 | dir=in |
app=c:\programdata\nexonus\ngm\ngm.exe |
"{CE0B8B75-21E6-4328-98DB-BB033137E069}" = protocol=17 | dir=out |
app=c:\program files\windows collaboration\wincollab.exe |
"{CED977E2-61EE-46C0-9457-94FB3B6DB905}" = protocol=17 | dir=in |
app=c:\program files\efusion\blackshot\system\blackshot.exe |
"{CF87E301-0F97-48BC-B606-9436C529A230}" = protocol=6 | dir=in |
app=f:\steam\steam.exe |
"{D19F6450-7A63-4A8C-B26D-A866E945418B}" = protocol=6 | dir=in | svc=winmgmt
| app=c:\windows\system32\svchost.exe |
"{D26EFA0D-8B43-429F-AF7A-C840E107C528}" = protocol=6 | dir=in |
app=c:\program files\windows collaboration\wincollab.exe |
"{D2C8F21E-915B-47BB-857A-C285DB48149E}" = protocol=6 | dir=in |
app=c:\program files\lucasarts\star wars republic
commando\gamedata\system\swrepubliccommando.exe |
"{D32C0BF2-9E1E-40BC-BAFD-7B0E9E5D2DDD}" = protocol=1 | dir=in |
[email protected],-28543 |
"{D572880B-CDDD-4B8E-A156-D610398D821B}" = protocol=6 | dir=in |
app=c:\program files\pando networks\media booster\pmb.exe |
"{D5D36359-63BF-4B54-8AE3-BAC602AF2C58}" = protocol=6 | dir=in |
app=c:\program files\thunder network\xmp4\program\thunderliveud.exe |
"{D76EEADC-27C9-4870-A7EB-92379D5754C9}" = protocol=17 | dir=in |
app=c:\program files\thunder network\xmp4\program\thunderliveud.exe |
"{D79DD442-B0E5-4718-8A45-8E51AE787997}" = protocol=6 | dir=in |
app=c:\program files\common files\thunder network\kankan\xmp.exe |
"{D851830E-922D-4C94-9330-38567FE8D140}" = protocol=6 | dir=in |
app=c:\programdata\nexoneu\ngm\ngm.exe |
"{DB047F4D-999A-4E6B-91FC-C5DF2D322252}" = protocol=17 | dir=in |
app=c:\program files\ijji\ijji reactor\ijjioptimizer.exe |
"{DB88F45B-6A1D-43F8-8EFA-92383E177D6D}" = protocol=17 | dir=in |
app=c:\program files\thunder network\thunder\bbinside\baidu-tb-asbar.exe |
"{DD0E726C-EB14-435C-B816-AFF8F372E7C7}" = protocol=6 | dir=out | app=system
|
"{DFCF83F4-FD4D-407C-ADB7-140B0CF97AA4}" = protocol=17 | dir=in |
app=c:\program files\ppfilm\jfcachemgr.exe |
"{E6B545CD-1439-4FBF-95D9-953EFF0FE0F9}" = protocol=6 | dir=in |
app=c:\program files\common files\thunder network\kankan\thunderservicelite.exe
|
"{E784116C-3A93-42E2-8B8F-D9345AD95AB5}" = protocol=17 | dir=out |
app=%programfiles%\windows media player\wmplayer.exe |
"{E92D1FFD-8C41-4FE7-8D5E-38686D6356F2}" = protocol=6 | dir=out | app=system
|
"{EAE61D36-5BB4-4450-BD61-AF7F25F1E670}" = protocol=17 | dir=in |
app=c:\windows\system32\pnkbstra.exe |
"{EBFB7C7B-D42D-498E-9AAF-2DB9C17210F5}" = dir=in | app=c:\program
files\pando networks\media booster\pmb.exe |
"{EE18D380-DD41-4770-9EE5-4FED1064DD33}" = protocol=6 | dir=in |
app=c:\windows\system32\pnkbstrb.exe |
"{F576E7FD-25BD-44AF-B6FF-1782FF06F5BF}" = protocol=17 | dir=in |
app=%programfiles%\windows media player\wmplayer.exe |
"{F7BC5E02-B3F5-422C-9146-57666607D0F4}" = protocol=17 | dir=in |
app=c:\program files\ppfilm\kmliveupdate.exe |
"{F8C713E6-11CF-4F08-925B-E28B3AC41D9E}" = protocol=6 | dir=in |
app=c:\program files\ppfilm\jfcachemgr.exe |
"{F971998F-67D9-4F1F-B3C4-27B3C9DC06EC}" = protocol=6 | dir=out | svc=winmgmt
| app=c:\windows\system32\svchost.exe |
"{FAA76B47-E161-4823-9A15-1B20197DF2CB}" = protocol=6 | dir=in |
app=c:\program files\common files\thunder
network\tp\ver1\1.1.2.84_1111\thunderplatform.exe |
"{FD50258B-3D8E-4638-A7AD-DBF01699EB33}" = protocol=17 | dir=in |
app=c:\program files\ppfilm\ppfilmplayer.exe |
"{FD73C5FB-8524-4527-8265-C176B32B6E2C}" = protocol=17 | dir=in |
app=c:\program files\common files\thunder
network\tp\ver1\1.1.2.84_1111\thunderplatform.exe |
"TCP Query User{03380FA6-A8F3-431B-9F3F-70F06365D321}C:4\dow portable
gk13\dawn of war portable\dow\w40k.exe" = protocol=6 | dir=in | app=c:4\dow
portable gk13\dawn of war portable\dow\w40k.exe |
"TCP Query User{0713C41F-F3E1-4801-B506-296DBADE28CF}C:\program
files\valve\steam\steamapps\timothy110\condition zero\hl.exe" = protocol=6 |
dir=in | app=c:\program files\valve\steam\steamapps\timothy110\condition
zero\hl.exe |
"TCP Query User{09A4FE9F-86D0-4FC1-B2D1-BAA410E333DF}C:\program
files\valve\steam\steamapps\timothy110\counter-strike\hl.exe" = protocol=6 |
dir=in | app=c:\program
files\valve\steam\steamapps\timothy110\counter-strike\hl.exe |
"TCP Query User{0D4EFFC0-9382-4F36-A47E-7E5DD4A10A1E}C:\program
files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program
files\java\jre6\bin\java.exe |
"TCP Query User{0ED04211-46C2-4D86-AF78-A6D6E986301B}C:0\dawn of war\dawn of
war - soulstorm\soulstorm.exe" = protocol=6 | dir=in | app=c:0\dawn of war\dawn
of war - soulstorm\soulstorm.exe |
"TCP Query User{13090BAE-64C1-4D2D-9D43-88F67BCB5263}C:\program files\common
files\pplivenetwork\ppap.exe" = protocol=6 | dir=in | app=c:\program
files\common files\pplivenetwork\ppap.exe |
"TCP Query User{195BD341-6EE1-4507-83FD-68240ADBBD4E}C:\program
files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in |
app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query
User{19857098-A08B-4651-B892-2FD56489AD7F}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe"
= protocol=6 | dir=in |
app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"TCP Query
User{21D7E6E4-86BD-4454-8415-8F840100BE50}C:\users\pok\desktop\program\thunderplatform.exe"
= protocol=6 | dir=in | app=c:\users\pok\desktop\program\thunderplatform.exe |
"TCP Query User{23B2C1B1-E2B1-4EED-AB7D-87C11BEAF71E}C:1\dawn of war\dawn of
war - soulstorm\soulstorm.exe" = protocol=6 | dir=in | app=c:1\dawn of war\dawn
of war - soulstorm\soulstorm.exe |
"TCP Query User{255B893C-A352-458C-A558-3D31E9CD92C7}C:\program
files\hdplayer\hdplayer.exe" = protocol=6 | dir=in | app=c:\program
files\hdplayer\hdplayer.exe |
"TCP Query
User{257C5729-4412-40D4-B86F-7C015BBDD5D0}C:\users\josephine\appdata\roaming\octoshape\octoshape
streaming services\octoshapeclient.exe" = protocol=6 | dir=in |
app=c:\users\josephine\appdata\roaming\octoshape\octoshape streaming
services\octoshapeclient.exe |
"TCP Query
User{28682F9A-6A7D-4B26-8DD2-A96422A2E9FF}C:\users\josephine\appdata\local\kamuse\kcstraydownloader\kcstraydownloaderengine.exe"
= protocol=6 | dir=in |
app=c:\users\josephine\appdata\local\kamuse\kcstraydownloader\kcstraydownloaderengine.exe
|
"TCP Query
User{30C255C4-2BA8-40EF-BB3E-0D7E2F8B313C}C:\qvodplayer\qvodterminal.exe" =
protocol=6 | dir=in | app=c:\qvodplayer\qvodterminal.exe |
"TCP Query User{31F20396-963A-4A46-8475-D6152BE1A76A}C:\users\pok\program
files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\pok\program
files\dna\btdna.exe |
"TCP Query
User{43235EAF-144B-4192-A524-61776354E7F1}C:\users\josephine\appdata\local\akamai\netsession_win.exe"
= protocol=6 | dir=in |
app=c:\users\josephine\appdata\local\akamai\netsession_win.exe |
"TCP Query User{4EC94DB9-D9A6-46A6-864E-5D794DDE60DB}C:2\dawn of war\dawn of
war - soulstorm\soulstorm.exe" = protocol=6 | dir=in | app=c:2\dawn of war\dawn
of war - soulstorm\soulstorm.exe |
"TCP Query User{5BAEC055-DC64-4128-A425-5219064C8634}C:2\dow portable
gk13\dawn of war portable\dow\w40k.exe" = protocol=6 | dir=in | app=c:2\dow
portable gk13\dawn of war portable\dow\w40k.exe |
"TCP Query User{5D442473-084A-4568-83C1-D56FDF7F5D92}C:\program files\gamespy
arcade\aphex.exe" = protocol=6 | dir=in | app=c:\program files\gamespy
arcade\aphex.exe |
"TCP Query User{66DA58C9-023B-4A5B-8E91-2C1169CE0215}C:\program
files\valve\steam\steamapps\timothy110\dedicated server\hlds.exe" = protocol=6 |
dir=in | app=c:\program files\valve\steam\steamapps\timothy110\dedicated
server\hlds.exe |
"TCP Query User{702EDE20-4A71-4993-9834-68F76B826324}C:\program
files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program
files\bitcomet\bitcomet.exe |
"TCP Query
User{716647C7-976B-4A23-AAAC-5821E2B62EC3}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe"
= protocol=6 | dir=in |
app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"TCP Query User{75CF5892-C303-4577-B9F9-13809F5EE931}C:\program
files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in |
app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{7E83B50C-0AC5-4EAB-82BA-7E6E4B32337E}C:\program
files\valve\steam\steamapps\timothy110\deathmatch classic\hl.exe" = protocol=6 |
dir=in | app=c:\program files\valve\steam\steamapps\timothy110\deathmatch
classic\hl.exe |
"TCP Query User{7F6624F2-18B7-4135-9D00-3FBEEC3645ED}C:\program
files\valve\steam\steamapps\timothy110\ricochet\hl.exe" = protocol=6 | dir=in |
app=c:\program files\valve\steam\steamapps\timothy110\ricochet\hl.exe |
"TCP Query
User{8AA5998F-BCEB-497A-8564-7F50BDA0D88D}C:\users\josephine\appdata\roaming\octoshape\octoshape
streaming services\octoshapeclient.exe" = protocol=6 | dir=in |
app=c:\users\josephine\appdata\roaming\octoshape\octoshape streaming
services\octoshapeclient.exe |
"TCP Query
User{8B5CA73F-0BC3-45E3-9644-872F0151A151}C:\aeriagames\wolfteam\wolfteam.bin" =
protocol=6 | dir=in | app=c:\aeriagames\wolfteam\wolfteam.bin |
"TCP Query
User{B5595B25-044F-4371-AE84-245C1CB76881}C:\users\josephine\program
files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\josephine\program
files\dna\btdna.exe |
"TCP Query
User{C3B8C8E0-3633-48B7-97CC-B79AA6756B24}C:\qvodplayer\qvodterminal.exe" =
protocol=6 | dir=in | app=c:\qvodplayer\qvodterminal.exe |
"TCP Query
User{C54849FD-0EBD-41F4-AF88-CA80AE3C1DB2}C:\aeriagames\wolfteam\wolfteam.bin" =
protocol=6 | dir=in | app=c:\aeriagames\wolfteam\wolfteam.bin |
"TCP Query User{C8FFB8C4-A4CD-4BC1-98EF-77465C90B410}C:\program
files\valve\steam\steamapps\timothy110\day of defeat\hl.exe" = protocol=6 |
dir=in | app=c:\program files\valve\steam\steamapps\timothy110\day of
defeat\hl.exe |
"TCP Query
User{D2E81519-C888-41C8-B233-81AFAFB8B57A}C:\users\pok\desktop\program\thunderplatform.exe"
= protocol=6 | dir=in | app=c:\users\pok\desktop\program\thunderplatform.exe |
"TCP Query User{D41A5045-5FEA-4E8F-8FAC-402887DABFC3}C:\program
files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program
files\java\jre6\bin\javaw.exe |
"TCP Query User{DE0814A3-F880-4FB5-84C4-D09E9D7EB283}C:\program
files\roozz\roozznhostsvc.exe" = protocol=6 | dir=in | app=c:\program
files\roozz\roozznhostsvc.exe |
"TCP Query User{DFADC9A7-EE55-475C-8F5F-78A89531AB82}C:\users\pok\program
files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\pok\program
files\dna\btdna.exe |
"TCP Query User{E0119D4B-D7BE-4A7B-B905-8FFBE71BAEF7}C:1\dawn of war\dawn of
war - soulstorm\soulstorm.exe" = protocol=6 | dir=in | app=c:1\dawn of war\dawn
of war - soulstorm\soulstorm.exe |
"TCP Query User{E3305626-BA39-46A4-9534-F43CD6D6EF0E}C:\program
files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in |
app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{E34F8DA9-3AEF-4D4A-A799-2E2B739AE66B}C:\program
files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program
files\java\jre6\bin\javaw.exe |
"TCP Query User{E6080D30-217F-4F16-A17B-608C6E5E0C19}N:\dow portable
gk13\dawn of war portable\dow\w40k.exe" = protocol=6 | dir=in | app=n:\dow
portable gk13\dawn of war portable\dow\w40k.exe |
"TCP Query User{F31AADCB-49C8-4F27-8051-0C126171DC32}C:\program files\mozilla
firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla
firefox\firefox.exe |
"TCP Query User{F4EA701A-7DD1-4AF0-A98D-BD77F782B2D3}C:4\halo portable
v2\haloce.exe" = protocol=6 | dir=in | app=c:4\halo portable v2\haloce.exe |
"TCP Query User{F6645EA3-3881-4B05-B8C8-AB6BD027F2D2}C:\program
files\valve\steam\steamapps\timothy110\counter-strike beta\hl.exe" = protocol=6
| dir=in | app=c:\program files\valve\steam\steamapps\timothy110\counter-strike
beta\hl.exe |
"TCP Query User{F6675A35-0F0A-4146-A05B-A2D916FAEC9F}C:\program files\common
files\pplivenetwork\ppap.exe" = protocol=6 | dir=in | app=c:\program
files\common files\pplivenetwork\ppap.exe |
"TCP Query User{F89040FC-952B-4CEC-8FD6-1AEC3C61BBAB}C:\program
files\valve\steam\steamapps\timothy110\counter-strike source\hl2.exe" =
protocol=6 | dir=in | app=c:\program
files\valve\steam\steamapps\timothy110\counter-strike source\hl2.exe |
"UDP Query User{06EA8EB5-F84E-42D8-B01A-179790275A64}C:\program
files\valve\steam\steamapps\timothy110\dedicated server\hlds.exe" = protocol=17
| dir=in | app=c:\program files\valve\steam\steamapps\timothy110\dedicated
server\hlds.exe |
"UDP Query User{0DCA785E-530F-4B77-A82F-D2846C5D6E6A}C:\program files\gamespy
arcade\aphex.exe" = protocol=17 | dir=in | app=c:\program files\gamespy
arcade\aphex.exe |
"UDP Query User{188A9E74-6DE3-42BC-9AB3-5B751E34FB28}C:\program
files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program
files\bitcomet\bitcomet.exe |
"UDP Query User{21E405F4-B2FF-44BF-B3A1-D397482EA6A5}C:\program
files\valve\steam\steamapps\timothy110\counter-strike\hl.exe" = protocol=17 |
dir=in | app=c:\program
files\valve\steam\steamapps\timothy110\counter-strike\hl.exe |
"UDP Query User{23B57026-4405-4173-81E5-52C737B7FC40}C:\program files\common
files\pplivenetwork\ppap.exe" = protocol=17 | dir=in | app=c:\program
files\common files\pplivenetwork\ppap.exe |
"UDP Query
User{2743CE4F-860D-4D01-AE53-6F0899C3FA6B}C:\users\josephine\appdata\local\akamai\netsession_win.exe"
= protocol=17 | dir=in |
app=c:\users\josephine\appdata\local\akamai\netsession_win.exe |
"UDP Query
User{281AA14A-0048-49DC-BEBC-186BC9B9ACE6}C:\users\pok\desktop\program\thunderplatform.exe"
= protocol=17 | dir=in | app=c:\users\pok\desktop\program\thunderplatform.exe |
"UDP Query
User{2979717C-D4A3-4973-83CA-5F6ABBE02397}C:\users\josephine\appdata\local\kamuse\kcstraydownloader\kcstraydownloaderengine.exe"
= protocol=17 | dir=in |
app=c:\users\josephine\appdata\local\kamuse\kcstraydownloader\kcstraydownloaderengine.exe
|
"UDP Query User{30FA48F8-203F-49D4-A534-4E6F2F133F5D}C:\program
files\roozz\roozznhostsvc.exe" = protocol=17 | dir=in | app=c:\program
files\roozz\roozznhostsvc.exe |
"UDP Query User{34817CC2-5564-42B7-8F14-71C2C4FDEDF0}C:\program
files\valve\steam\steamapps\timothy110\counter-strike beta\hl.exe" = protocol=17
| dir=in | app=c:\program files\valve\steam\steamapps\timothy110\counter-strike
beta\hl.exe |
"UDP Query User{3FA16477-9DDB-4F52-96B4-7B66BB8C6ED4}C:\program
files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in |
app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{418A4C5E-F5E2-4270-ABF4-DC86027EFCAE}C:4\halo portable
v2\haloce.exe" = protocol=17 | dir=in | app=c:4\halo portable v2\haloce.exe |
"UDP Query User{4212FD74-0BAC-49B4-848D-3A74299ECE32}C:\program files\mozilla
firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla
firefox\firefox.exe |
"UDP Query User{4EAD62BF-8352-468A-9785-733A83799AC2}C:\program
files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program
files\java\jre6\bin\javaw.exe |
"UDP Query
User{51BBF25C-E66E-4D56-B72C-A3623B345EF7}C:\aeriagames\wolfteam\wolfteam.bin" =
protocol=17 | dir=in | app=c:\aeriagames\wolfteam\wolfteam.bin |
"UDP Query User{55511A00-4E10-45D8-8EFB-D23056493642}C:1\dawn of war\dawn of
war - soulstorm\soulstorm.exe" = protocol=17 | dir=in | app=c:1\dawn of war\dawn
of war - soulstorm\soulstorm.exe |
"UDP Query User{561FEE68-3613-4696-8EAA-02B1ECF1A880}C:\program
files\valve\steam\steamapps\timothy110\day of defeat\hl.exe" = protocol=17 |
dir=in | app=c:\program files\valve\steam\steamapps\timothy110\day of
defeat\hl.exe |
"UDP Query User{6942607C-2EBC-40AD-A24D-03814C645513}C:1\dawn of war\dawn of
war - soulstorm\soulstorm.exe" = protocol=17 | dir=in | app=c:1\dawn of war\dawn
of war - soulstorm\soulstorm.exe |
"UDP Query User{6A100FF1-0E11-4A3D-B1E3-895F5CD9B774}N:\dow portable
gk13\dawn of war portable\dow\w40k.exe" = protocol=17 | dir=in | app=n:\dow
portable gk13\dawn of war portable\dow\w40k.exe |
"UDP Query User{6B2AE0D1-11ED-4E13-BC0F-3F81E8532B3F}C:2\dow portable
gk13\dawn of war portable\dow\w40k.exe" = protocol=17 | dir=in | app=c:2\dow
portable gk13\dawn of war portable\dow\w40k.exe |
"UDP Query
User{79C41B37-45DA-4D6C-AA98-5576A9939EA3}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe"
= protocol=17 | dir=in |
app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query
User{7B0D823F-2AAA-46FF-BFFB-D315828D5434}C:\qvodplayer\qvodterminal.exe" =
protocol=17 | dir=in | app=c:\qvodplayer\qvodterminal.exe |
"UDP Query User{8BB4F8D9-DD3A-40C6-BEA0-AF87C0C6A816}C:\program
files\valve\steam\steamapps\timothy110\ricochet\hl.exe" = protocol=17 | dir=in |
app=c:\program files\valve\steam\steamapps\timothy110\ricochet\hl.exe |
"UDP Query
User{8CBB7722-BCB7-4ABC-8BAE-7615C1AB0BBF}C:\aeriagames\wolfteam\wolfteam.bin" =
protocol=17 | dir=in | app=c:\aeriagames\wolfteam\wolfteam.bin |
"UDP Query User{8DCC01A8-7083-490D-81DD-173D00C10535}C:\program
files\hdplayer\hdplayer.exe" = protocol=17 | dir=in | app=c:\program
files\hdplayer\hdplayer.exe |
"UDP Query
User{922A8500-A113-4FDA-8B4D-CAF1824D515D}C:\users\josephine\program
files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\josephine\program
files\dna\btdna.exe |
"UDP Query User{97DA6F71-D7F2-4C21-9BA0-63E2E306D6BE}C:0\dawn of war\dawn of
war - soulstorm\soulstorm.exe" = protocol=17 | dir=in | app=c:0\dawn of war\dawn
of war - soulstorm\soulstorm.exe |
"UDP Query User{A3602F35-8C14-4920-870C-365A50B949DA}C:2\dawn of war\dawn of
war - soulstorm\soulstorm.exe" = protocol=17 | dir=in | app=c:2\dawn of war\dawn
of war - soulstorm\soulstorm.exe |
"UDP Query User{A3BBBCDA-42D7-427C-805C-434116BCC7EB}C:\program
files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program
files\java\jre6\bin\java.exe |
"UDP Query User{A3DCF201-EF00-4420-9E86-E3378F9D41F1}C:4\dow portable
gk13\dawn of war portable\dow\w40k.exe" = protocol=17 | dir=in | app=c:4\dow
portable gk13\dawn of war portable\dow\w40k.exe |
"UDP Query User{A5546CB0-7081-4062-9F9B-489CC15E8021}C:\users\josephine\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=17 | dir=in | app=c:\users\josephine\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"UDP Query User{A9A57382-4F96-46C3-A420-1A7886D5F02C}C:\program files\common
files\pplivenetwork\ppap.exe" = protocol=17 | dir=in | app=c:\program
files\common files\pplivenetwork\ppap.exe |
"UDP Query User{AC7944FB-1213-4683-9C6D-EDDE87E3CFBC}C:\program
files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program
files\java\jre6\bin\javaw.exe |
"UDP Query
User{B791F037-C229-47C5-B94E-2592946114FE}C:\qvodplayer\qvodterminal.exe" =
protocol=17 | dir=in | app=c:\qvodplayer\qvodterminal.exe |
"UDP Query User{BA8BFFB3-AC2E-463A-A0A1-147139855222}C:\program
files\valve\steam\steamapps\timothy110\deathmatch classic\hl.exe" = protocol=17
| dir=in | app=c:\program files\valve\steam\steamapps\timothy110\deathmatch
classic\hl.exe |
"UDP Query
User{DDAEB212-DF9B-42B6-BA37-2788C993BD5B}C:\users\josephine\appdata\roaming\octoshape\octoshape
streaming services\octoshapeclient.exe" = protocol=17 | dir=in |
app=c:\users\josephine\appdata\roaming\octoshape\octoshape streaming
services\octoshapeclient.exe |
"UDP Query User{E40585F6-4216-4F6B-968B-14388246D118}C:\program
files\valve\steam\steamapps\timothy110\condition zero\hl.exe" = protocol=17 |
dir=in | app=c:\program files\valve\steam\steamapps\timothy110\condition
zero\hl.exe |
"UDP Query User{F258C470-552D-4857-9057-5A1CEAF68251}C:\users\pok\program
files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\pok\program
files\dna\btdna.exe |
"UDP Query
User{F2A4A810-12FB-44C2-A9D7-65461AB52199}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe"
= protocol=17 | dir=in |
app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{F35108A8-02D2-4B97-B7F5-F4F524F36A79}C:\program
files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in |
app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{F7B64D47-CDED-4590-BB04-E69D8A5D52AC}C:\program
files\valve\steam\steamapps\timothy110\counter-strike source\hl2.exe" =
protocol=17 | dir=in | app=c:\program
files\valve\steam\steamapps\timothy110\counter-strike source\hl2.exe |
"UDP Query User{F8A77766-9044-4C8D-AA1E-D22C5D079B9A}C:\users\pok\program
files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\pok\program
files\dna\btdna.exe |
"UDP Query User{FA43ADAB-D2D5-41C9-B3B5-18CEDB114672}C:\program
files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in |
app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query
User{FFD8CCE9-068D-4B78-A715-5BA71491F32E}C:\users\pok\desktop\program\thunderplatform.exe"
= protocol=17 | dir=in | app=c:\users\pok\desktop\program\thunderplatform.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL
Update kb973924 - x86 9.0.30729.4148
"{015C057F-D7B9-4D82-B266-FBCF0178F382}" = USB Audio/Video Driver
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement
Pack
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in
Assistant
"{09645A82-CCCF-4AC6-82A3-D01E06BAC701}" = TI-SmartView™- Probeerversie
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4
Extended
"{0CFD3BAF-9F4D-4D70-BD0B-638EA2504C25}" = PSSWCORE
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{10106AA7-38E7-4348-8396-9F535DF763EF}" = MSTPCRT
"{101738D7-D805-37A9-BB91-1F2C351782BF}" = Microsoft .NET Framework 3.5
Language Pack SP1 - nld
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3300" = Canon iP3300
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet
Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86
Redistributable - 10.0.30319
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008
Redistributable - x86 9.0.30729.4148
"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live - Hulpprogramma voor
uploaden
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet
Explorer
"{24549038-9956-4EE5-976D-4419AAEA7DD5}_is1" = Boilsoft Video Splitter
6.33
"{24557DC0-0839-496f-82F9-C4EB72EFE4FA}" = HP Deskjet All-In-One Software
8.0
"{2617FA1F-0C04-3ABB-AF64-7D5B6620C341}" = Microsoft .NET Framework 4 Client
Profile NLD Language Pack
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home
Cinema v1.4.2499.0
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 29
"{2869F5EA-93C3-48E5-80DF-DB696BC84A91}" = Windows Live Mail
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Red Alert™
3
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework
Redistributable 4.0
"{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox
"{31624D5D-1FEA-4FDB-A2EF-AAFA99F5211D}" = Windows Live Toolbar Feedzoeker
(Windows Live Toolbar)
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications
Platform
"{32061277-9F45-4C3B-8299-D106D5A502ED}" = Windows Live Movie Maker
"{35CA031C-D3CD-4A28-8D9B-C71466C4F045}" = Windows Live Writer
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module
"{388D1ED3-02EB-4CFD-A46D-7F6B8E3B9109}" = ebgcRes
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39B1BD87-561E-4762-AED9-7C5213B06C24}" = ebgcInfra
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5
SP2 ENU
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client
Profile
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{41DFDD57-21B7-4C48-8C75-FFB35696CA8B}" = Windows Live Toolbar
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows
Marketplace
"{53B2D537-21CF-44D5-A03A-0DAF993B5728}" = ebgcSDK
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in
1.3
"{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1" = PeaZip 3.6.2
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{657F8B33-CBBB-45F4-9087-274F22C89400}" = DJ_AIO_ProductContext
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox
Plugin
"{6ABA8CC0-E3DE-4434-A7C7-180E153429B4}" = Unified Remote
"{6AF49698-949A-4C89-9B31-041D2CCB5FBD}" = muvee autoProducer 6.0
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6FEC9863-5EF2-4A07-9D0B-CA81B47E3F59}" = Windows Live Photo Gallery
"{709BE387-FFDD-4693-A895-76B539E20B47}" = EVU Pre-int & int
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005
Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{75E71ADD-042C-4F30-BFAC-A9EC42351313}" = Python 2.4.3
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL
Update kb973923 - x86 8.0.50727.4053
"{7DDEABFB-0621-4321-B385-CB86D3A6F90F}" = F4100
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008
Redistributable - KB2467174 - x86 9.0.30729.5570
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Runtime 1.10.01
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime
Native v1.0 (x86)
"{8BBB5E4C-3F5E-4C07-BFBE-33B34600783A}" = LogMeIn Hamachi
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8CEA85DE-955B-4BF4-87F2-0BAA62821633}" = HP Photosmart Essential2.5
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge
Modules
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus
2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}"
= Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}"
= Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI
(Dutch) 2007
"{90120000-0015-0413-0000-0000000FF1CE}_PROPLUS_{DC387AA5-94A6-4920-B004-D59846526D81}"
= Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch)
2007
"{90120000-0016-0413-0000-0000000FF1CE}_PROPLUS_{DC387AA5-94A6-4920-B004-D59846526D81}"
= Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI
(Dutch) 2007
"{90120000-0018-0413-0000-0000000FF1CE}_PROPLUS_{DC387AA5-94A6-4920-B004-D59846526D81}"
= Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI
(Dutch) 2007
"{90120000-0019-0413-0000-0000000FF1CE}_PROPLUS_{DC387AA5-94A6-4920-B004-D59846526D81}"
= Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI
(Dutch) 2007
"{90120000-001A-0413-0000-0000000FF1CE}_PROPLUS_{DC387AA5-94A6-4920-B004-D59846526D81}"
= Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch)
2007
"{90120000-001B-0413-0000-0000000FF1CE}_PROPLUS_{DC387AA5-94A6-4920-B004-D59846526D81}"
= Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German)
2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}"
= Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English)
2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}"
= Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French)
2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}"
= Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch)
2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}"
= Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch)
2007
"{90120000-0044-0413-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI
(Dutch) 2007
"{90120000-0044-0413-0000-0000000FF1CE}_PROPLUS_{DC387AA5-94A6-4920-B004-D59846526D81}"
= Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI
(Dutch) 2007
"{90120000-006E-0413-0000-0000000FF1CE}_PROPLUS_{89C8E56A-90D8-4598-B0E6-EB28F6270E07}"
= Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage
Manager
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{938B1CD7-7C60-491E-AA90-1F1888168240}" = Roxio MyDVD Basic v9
"{9455959E-D588-EFAE-329C-F66CC797F32A}" = Adobe Media Player
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error
Reporting
"{95120000-0122-0413-0000-0000000FF1CE}" = Microsoft Office Outlook
Connector
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{996F79F5-2ABF-4B9D-A0C0-ACD046AA8008}" = ArcSoft ShowBiz DVD 2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008
Redistributable - x86 9.0.30729.17
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008
Redistributable - x86 9.0.30729.6161
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{9ECB4705-B9CB-405A-B6D4-33BDF707308E}" = DJ_AIO_Software
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005
Redistributable - KB2467175
"{A2A0A82F-025F-458d-A0CD-9BB2320804B5}" = Microsoft Works
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{A72FC039-FE41-4BAD-B36E-64368EC54B54}" = ArcSoft MediaConverter 2.5
"{A8B94669-8654-4126-BD28-D0D2412CDED6}" = TI Connect 1.6
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience
Enhancements
"{AC76BA86-7AD7-1043-7B44-AA1000000001}" = Adobe Reader X (10.1.1) -
Nederlands
"{AC76BA86-7AD7-2448-0000-800000000003}" = Chinese Traditional Fonts Support
For Adobe Reader 8
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For
Adobe Reader 8
"{AC76BA86-7AD7-5670-0000-900000000003}" = Korean Fonts Support For Adobe
Reader 9
"{ACE22C48-49D7-4531-BE20-5C3D03393AB6}" = F4100_Help
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{BC3804E5-77CC-47A0-8BD5-797355A26BA3}" = WD SmartWare
"{BC5E28DB-A496-415F-9BCF-374AE8E33AB5}" = ArcSoft TotalMedia Extreme
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services
Native v1.0 (x86)
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C1EDC38F-2760-4A4E-9CED-95B53024134C}" = VersionTracker Pro Windows
"{C20C2630-B3A7-44BA-BDD0-31E256AE490E}" = Windows Live Call
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{CAEB2BE8-EF9E-4BFE-8165-3B54B62AF6CF}" = Windows Live Family Safety
"{CC38A00D-7EED-46CE-9281-D1D97B81F22A}" = Windows Live Messenger
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5
SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D5395E5F-4D45-4665-8F00-234FA33678AF}" = SlimDX Redistributable (March
2009)
"{DC54F2F8-C26F-4D22-B92D-7075BC626106}" = Smart Menu's (Windows Live
Toolbar)
"{DC83F417-8068-4074-BA2F-C4F8AB872556}" = DJ_AIO_Software_min
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{DFAE9340-E8BB-4433-9A08-C8334DAFE1B9}" = Star Wars Republic Commando
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E34F703A-1C9D-4B1F-ABBE-D7E8800B860D}" = Windows Live Sync
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB5A3E9D-91CF-4C97-B816-72DE0625ACA3}" = Windows Live Essentials
"{EBB11C78-68A6-42D7-84FC-517F9DBF9D55}" = GameShadow
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact
Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio
Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components
Installer
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE
Redistributable
"{F7D53B02-2C51-4CF5-9A51-F7A6D658EA5A}" = PenPowerJR
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced SystemCare 5_is1" = Advanced SystemCare 5
"AhnLab Online Security" = AhnLab Online Security
"Akamai" = Akamai NetSession Interface Service
"Ask Toolbar_is1" = Ask Toolbar
"BitComet" = BitComet 1.26
"BlackShot" = BlackShot
"CCleaner" = CCleaner
"Combat Arms" = Combat Arms
"Combat Arms EU" = Combat Arms EU
"DAEMON Tools Lite" = DAEMON Tools Lite
"Easy CD-DA Extractor 11" = Easy CD-DA Extractor 11
"eSupport UndeletePlus_is1" = eSupport UndeletePlus 3.0.2.830
"Game Booster_is1" = Game Booster 3
"GamersFirst LIVE!" = GamersFirst LIVE!
"GameSpy Arcade" = GameSpy Arcade
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HDPlayer" = HDPlayer 3.3.2
"Hide Window Hotkey" = Hide Window Hotkey
"hotpot_is1" = HotPotatoes v 6.3.0.4
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Photosmart Essential" = HP Photosmart Essential 2.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"InstallShield_{015C057F-D7B9-4D82-B266-FBCF0178F382}" = USB Audio/Video
Driver
"InterActual Player" = InterActual Player
"IObit Malware Fighter_is1" = IObit Malware Fighter
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.0.0 (Full)
"LogMeIn Hamachi" = LogMeIn Hamachi
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - nld" = Taalpakket voor
Microsoft .NET Framework 3.5 SP1 - NL
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4
Client Profile
"Microsoft .NET Framework 4 Client Profile NLD Language Pack" = Taalpakket
voor Microsoft .NET Framework 4 Client Profile - NLD
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4
Extended
"Mozilla Firefox 8.0 (x86 nl)" = Mozilla Firefox 8.0 (x86 nl)
"OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator
"PandoraRecovery" = PandoraRecovery (Remove Only)
"PC-Doctor 5 for Windows" = Diagnostisch hulpprogramma voor hardware
"PhotoScape" = PhotoScape
"Picasa2" = Picasa 2
"PlatinumHideIP" = Platinum Hide IP
"Player" = Player
"PPLive" = PPTV V3.0.2.0011
"PROPLUS" = Microsoft Office Professional Plus 2007
"QvodPlayer" = QvodPlayer 5.0.77
"RealArcade 1.2" = RealArcade
"Roozz plugin_is1" = Roozz plugin 2.5.5
"Sandboxie" = Sandboxie 3.58 (32-bit)
"Shop for HP Supplies" = Shop for HP Supplies
"Smart Defrag 2_is1" = Smart Defrag 2
"Tencent Browser Helper" = SOSO AddressBar Search
"thunder_is1" = ѸÀ×7
"TightSlip" = TightSlip
"TomTom HOME" = TomTom HOME 2.7.3.1894
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WolfTeam" = WolfTeam
"Yahoo! Companion" = Yahoo! 工具列
"Yahoo! Internet Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
"迅雷看看播放器" = 迅雷看看播放器
"迅雷看看高清播放组件" = 迅雷看看高清播放组件
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the
Event Logs are corrupt!
< End of report >
and here is OTL.Txt
OTL logfile created on: 9/12/2011 13:38:05 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder =
C:\Users\Timothy_2\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type
= NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000813 | Country: België | Language: NLB | Date Format:
d/MM/yyyy
1,99 Gb Total Physical Memory | 0,89 Gb Available Physical Memory | 44,83%
Memory free
4,21 Gb Paging File | 3,09 Gb Available in Paging File | 73,37% Paging File
free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program
Files
Drive C: | 458,44 Gb Total Space | 237,50 Gb Free Space | 51,81% Space Free |
Partition Type: NTFS
Drive D: | 7,32 Gb Total Space | 1,25 Gb Free Space | 17,11% Space Free |
Partition Type: NTFS
Drive E: | 141,40 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free |
Partition Type: UDF
Drive K: | 465,65 Gb Total Space | 68,13 Gb Free Space | 14,63% Space Free |
Partition Type: FAT32
Drive M: | 465,65 Gb Total Space | 30,29 Gb Free Space | 6,50% Space Free |
Partition Type: FAT32
Computer Name: TIMOTHY | User Name: Timothy_2 | Logged in as
Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name
Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/12/09 13:27:41 | 000,584,192 | ---- | M] (OldTimer Tools) --
C:\Users\Timothy_2\Desktop\OTL.exe
PRC - [2011/11/18 13:46:36 | 004,759,896 | ---- | M] (IObit) -- C:\Program
Files\IObit\Advanced SystemCare 5\ASC.exe
PRC - [2011/11/12 10:42:50 | 001,647,448 | ---- | M] (IObit) -- C:\Program
Files\IObit\Advanced SystemCare 5\ASCTray.exe
PRC - [2011/11/10 19:23:52 | 000,490,840 | ---- | M] (IObit) -- C:\Program
Files\IObit\Advanced SystemCare 5\ASCService.exe
PRC - [2011/10/22 13:01:37 | 000,140,952 | ---- | M] (Google Inc.) --
C:\Program Files\Google\Update\1.3.21.79\GoogleCrashHandler.exe
PRC - [2011/10/08 17:34:24 | 000,820,568 | ---- | M] (IObit) -- C:\Program
Files\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2011/09/30 06:33:16 | 001,025,936 | ---- | M] (Shenzhen QVOD
Technology Co.,Ltd) -- C:\QvodPlayer\QvodTerminal.exe
PRC - [2011/09/28 20:05:40 | 000,141,200 | ---- | M] (Tencent) -- C:\Program
Files\TENCENT\SOSOUpdate.exe
PRC - [2011/09/07 11:08:50 | 000,033,792 | ---- | M] (Roozz.com) --
C:\Program Files\Roozz\RoozzHelper.exe
PRC - [2011/08/27 20:16:10 | 000,072,976 | ---- | M] (SANDBOXIE L.T.D) --
C:\Program Files\Sandboxie\SbieSvc.exe
PRC - [2011/08/15 15:18:10 | 001,361,288 | ---- | M] (LogMeIn Inc.) --
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems
Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/03/09 11:18:06 | 001,060,864 | ---- | M] () -- C:\Program
Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
PRC - [2011/03/09 11:16:56 | 000,484,352 | ---- | M] () -- C:\Program
Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
PRC - [2011/03/09 11:09:54 | 003,986,944 | ---- | M] (Western Digital
Technologies, Inc.) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive
Manager\WDDMStatus.exe
PRC - [2011/03/09 11:07:54 | 000,238,592 | ---- | M] (WDC) -- C:\Program
Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2010/05/27 15:29:09 | 000,126,976 | ---- | M] () --
C:\Windows\System32\UAService7.exe
PRC - [2010/04/01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) --
C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) --
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/11/13 12:31:14 | 000,092,008 | ---- | M] (TomTom) -- C:\Program
Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation)
-- C:\Windows\explorer.exe
PRC - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) --
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2007/04/19 17:11:16 | 000,151,552 | ---- | M] (Intel Corporation) --
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/04/19 17:10:42 | 000,081,920 | ---- | M] (Intel Corporation) --
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2006/11/02 13:35:35 | 000,176,128 | ---- | M] (Microsoft Corporation)
-- C:\Windows\System32\wpcumi.exe
========== Modules (No Company Name) ==========
MOD - [2011/11/18 11:49:16 | 000,880,984 | ---- | M] () -- C:\Program
Files\IObit\Advanced SystemCare 5\Scan.dll
MOD - [2011/11/10 19:24:30 | 000,599,896 | ---- | M] () -- C:\Program
Files\IObit\Advanced SystemCare 5\DiskMap.dll
MOD - [2011/10/19 22:19:30 | 008,906,072 | ---- | M] () -- C:\Program
Files\IObit\Advanced SystemCare 5\WebUI.dll
MOD - [2011/10/19 22:19:24 | 000,564,712 | ---- | M] () -- C:\Program
Files\IObit\Advanced SystemCare 5\sqlite3.dll
MOD - [2011/10/19 22:18:48 | 000,058,712 | ---- | M] () -- C:\Program
Files\IObit\Advanced SystemCare 5\NtfsData.dll
MOD - [2011/04/21 16:54:40 | 000,347,024 | ---- | M] () -- C:\Program
Files\IObit\Advanced SystemCare 5\madexcept_.bpl
MOD - [2011/04/21 16:54:40 | 000,179,088 | ---- | M] () -- C:\Program
Files\IObit\Advanced SystemCare 5\madbasic_.bpl
MOD - [2011/04/21 16:54:40 | 000,046,480 | ---- | M] () -- C:\Program
Files\IObit\Advanced SystemCare 5\maddisAsm_.bpl
MOD - [2008/01/19 08:37:11 | 001,314,816 | ---- | M] () --
C:\Windows\System32\disevwow.dll
MOD - [2008/01/19 08:37:11 | 000,958,464 | ---- | M] () --
C:\Windows\System32\dlgofpop.dll
MOD - [2008/01/19 08:37:11 | 000,442,368 | ---- | M] () --
C:\Windows\System32\zipohrip\tcpoxvox\tblovlan.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (vvdsvc)
SRV - File not found [Auto | Stopped] -- -- (SKLService)
SRV - [2011/11/18 03:23:18 | 003,313,752 | ---- | M] () [Auto | Running] --
c:\program files\common files\akamai/netsession_win_d768ebc.dll -- (Akamai)
SRV - [2011/11/10 19:23:52 | 000,490,840 | ---- | M] (IObit) [Auto | Running]
-- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe --
(AdvancedSystemCareService5)
SRV - [2011/10/14 08:32:40 | 000,087,728 | ---- | M] (ShenZhen Xunlei
Networking Technologies,LTD) [Auto | Running] -- C:\Program Files\Common
Files\Thunder Network\ServicePlatform\XLSP.dll -- (XLServicePlatform)
SRV - [2011/10/08 17:34:24 | 000,820,568 | ---- | M] (IObit) [Auto | Running]
-- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011/09/28 20:05:40 | 000,141,200 | ---- | M] (Tencent) [Auto |
Running] -- C:\Program Files\TENCENT\SOSOUpdate.exe -- (SOSOUpSvc)
SRV - [2011/09/07 11:08:50 | 000,033,792 | ---- | M] (Roozz.com) [Auto |
Running] -- C:\Program Files\Roozz\RoozzHelper.exe -- (Roozz Helper)
SRV - [2011/08/27 20:16:10 | 000,072,976 | ---- | M] (SANDBOXIE L.T.D) [Auto
| Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2011/08/15 15:18:10 | 001,361,288 | ---- | M] (LogMeIn Inc.) [Auto |
Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems
Incorporated) [Auto | Running] -- C:\Program Files\Common
Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/03/25 06:23:26 | 004,060,984 | ---- | M] (INCA Internet Co.,
Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2011/03/09 11:18:06 | 001,060,864 | ---- | M] () [Auto | Running] --
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe --
(WDFME)
SRV - [2011/03/09 11:16:56 | 000,484,352 | ---- | M] () [Auto | Running] --
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe --
(WDSC)
SRV - [2011/03/09 11:07:54 | 000,238,592 | ---- | M] (WDC) [Auto | Running]
-- C:\Program Files\Western Digital\WD SmartWare\WD Drive
Manager\WDDMService.exe -- (WDDMService)
SRV - [2010/12/28 09:00:34 | 001,296,728 | ---- | M] ([URL="http://www.BitComet.com"]BitComet - A free C++ BitTorrent/HTTP/FTP Download Client[/URL])
[On_Demand | Stopped] -- C:\Program Files\BitComet\tools\BitCometService.exe --
(BITCOMET_HELPER_SERVICE)
SRV - [2010/05/27 15:29:09 | 000,126,976 | ---- | M] () [Auto | Running] --
C:\Windows\System32\UAService7.exe -- (UserAccess7) SecuROM User Access Service
(V7)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto |
Running] -- C:\Program Files\Common Files\ArcSoft\Connection
Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/01/15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.)
[On_Demand | Stopped] -- C:\Program Files\McAfee Security
Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/11/13 12:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto |
Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe --
(TomTomHOMEService)
SRV - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto |
Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe --
(YahooAUService)
SRV - [2008/01/19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation)
[Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll --
(WinDefend)
SRV - [2008/01/19 08:36:49 | 000,365,568 | ---- | M] (Microsoft Corporation)
[Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008/01/19 08:36:15 | 000,167,936 | ---- | M] (Microsoft Corporation)
[Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/04/19 17:10:42 | 000,081,920 | ---- | M] (Intel Corporation)
[Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage
Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
========== Driver Services (SafeList) ==========
DRV - [2011/11/10 23:04:38 | 000,691,696 | ---- | M] () [Kernel | Boot |
Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011/10/12 18:00:42 | 000,232,512 | ---- | M] (DT Soft Ltd) [Kernel |
System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys --
(dtsoftbus01)
DRV - [2011/10/08 17:04:26 | 000,018,768 | ---- | M] () [File_System |
On_Demand | Stopped] -- C:\Program Files\IObit\IObit Malware
Fighter\Drivers\wlh_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011/09/20 14:28:42 | 000,019,792 | ---- | M] (IObit.com) [Kernel |
On_Demand | Stopped] -- C:\Program Files\IObit\IObit Malware
Fighter\Drivers\wlh_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2011/09/20 14:28:36 | 000,030,600 | ---- | M] (IObit.com) [Kernel |
On_Demand | Stopped] -- C:\Program Files\IObit\IObit Malware
Fighter\Drivers\wlh_x86\RegFilter.sys -- (RegFilter)
DRV - [2011/08/27 20:16:04 | 000,129,808 | ---- | M] (SANDBOXIE L.T.D)
[Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys --
(SbieDrv)
DRV - [2011/02/16 16:52:46 | 000,011,520 | ---- | M] (Western Digital
Technologies) [Kernel | On_Demand | Stopped] --
C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2010/11/26 18:02:28 | 000,015,672 | ---- | M] () [Kernel | Boot |
Running] -- C:\Windows\System32\Drivers\SmartDefragDriver.sys --
(SmartDefragDriver)
DRV - [2009/04/11 05:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation)
[Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys --
(winusb)
DRV - [2009/03/18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel
| On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys --
(hamachi)
DRV - [2008/10/17 09:50:00 | 000,131,072 | ---- | M] (AhnLab, Inc.) [Kernel |
On_Demand | Stopped] -- C:\Windows\System32\drivers\Mkd2kfNT.sys --
(Mkd2kfNt)
DRV - [2008/10/17 09:50:00 | 000,079,104 | ---- | M] (AhnLab, Inc.) [Kernel |
On_Demand | Stopped] -- C:\Windows\System32\drivers\Mkd2Nadr.sys --
(Mkd2Nadr)
DRV - [2008/05/14 19:32:42 | 000,535,040 | ---- | M] (eMPIA Technology, Inc.)
[Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emBDA.sys --
(USB28xxBGA)
DRV - [2008/05/14 19:32:24 | 000,286,208 | ---- | M] (eMPIA Technology, Inc.)
[Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emOEM.sys --
(USB28xxOEM)
DRV - [2008/02/26 08:17:30 | 000,493,568 | ---- | M] (Ralink Technology,
Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr73.sys
-- (netr73)
DRV - [2008/01/29 10:02:00 | 000,011,392 | ---- | M] () [Kernel | System |
Running] -- C:\Windows\System32\drivers\archlp.sys -- (archlp)
DRV - [2008/01/19 08:37:11 | 000,044,544 | ---- | M] () [File_System | Boot |
Running] -- C:\Windows\system32\DRIVERS\icodocam.sys -- (icodocam)
DRV - [2007/07/18 23:44:02 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel
| On_Demand | Stopped] -- C:\Windows\System32\drivers\LVUSBSta.sys --
(LVUSBSta)
DRV - [2007/07/18 23:39:40 | 000,490,776 | ---- | M] (Logitech Inc.) [Kernel
| On_Demand | Stopped] -- C:\Windows\System32\drivers\LV561AV.SYS -- (PID_0928)
Logitech QuickCam Express(PID_0928)
DRV - [2007/06/21 12:00:53 | 000,320,384 | ---- | M] () [Kernel | On_Demand |
Stopped] -- C:\Windows\System32\drivers\UDXTTM6000.sys -- (UDXTTM6000)
DRV - [2007/03/02 23:06:02 | 000,028,144 | ---- | M] (PC-Doctor, Inc.)
[Kernel | On_Demand | Stopped] -- C:\Program Files\PC-Doctor 5 for
Windows\pcd5srvc.pkms -- (PCD5SRVC{BD6912E3-AC9D80E8-05010004})
DRV - [2006/11/10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel
| On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)
DRV - [2006/06/29 03:11:48 | 000,017,408 | ---- | M] (DTV-DVB) [Kernel |
On_Demand | Stopped] -- C:\Windows\System32\drivers\UDXTTM6000HID.sys --
(UDXTTM6000HID)
DRV - [2005/12/12 18:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard
Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PS2.sys
-- (Ps2)
DRV - [2005/06/13 10:03:12 | 000,060,768 | ---- | M] (MCCI) [Kernel |
On_Demand | Stopped] -- C:\Windows\System32\drivers\w800bus.sys -- (w800bus)
Sony Ericsson W800 driver (WDM)
DRV - [2005/02/11 11:19:20 | 000,055,216 | ---- | M] (MCCI) [Kernel |
On_Demand | Stopped] -- C:\Windows\System32\drivers\k750bus.sys -- (k750bus)
Sony Ericsson 750 driver (WDM)
DRV - [2004/02/04 09:27:56 | 000,049,536 | ---- | M] (Texas Instruments
Incorporated) [Kernel | On_Demand | Stopped] --
C:\Windows\System32\drivers\tiehdusb.sys -- (TIEHDUSB)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [URL="http://be.msn.com/?lang=nl-be"]MSN | Hotmail | Messenger |
Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is
MSN ![/URL]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [URL="http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com"]Yahoo![/URL]
IE - HKLM\SOFTWARE\Microsoft\Internet
Explorer\Main,Default_Secondary_Page_URL = [URL]http://www.live.com/[/URL] [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [URL="http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html"]Yahoo! SearchBar Home Page[/URL]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [URL="http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com"]Yahoo![/URL]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
[URL]http://www.live.com/[/URL] [binary
data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [URL="http://be.msn.com/?lang=nl-be"]MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video,
lifestyle, auto en nog veel meer, dat is MSN ![/URL]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = [URL="http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html"]Yahoo! SearchBar Home Page[/URL]
IE - HKLM\..\URLSearchHook: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - No CLSID
value found
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [URL="http://be.msn.com/?lang=nl-be"]MSN | Hotmail | Messenger |
Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is
MSN ![/URL]
IE - HKCU\SOFTWARE\Microsoft\Internet
Explorer\Main,Default_Secondary_Page_URL = [URL]http://www.live.com/[/URL] [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded =
1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
[URL]http://www.live.com/[/URL] [binary
data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [URL="http://be.msn.com/?lang=nl-be"]MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video,
lifestyle, auto en nog veel meer, dat is MSN ![/URL]
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} -
C:\Program Files\Yahoo!\Companion\Installs\cpn9\YTNavAssist.dll (Yahoo!
Inc.)
IE - HKCU\..\URLSearchHook: {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - No CLSID
value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings:
"ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings:
"ProxyServer" = http=;ftp=;https=;
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer:
C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer:
C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@ahnlab.com/asp/npmkd25aos: C:\Program
Files\AhnLab\ASP\MyKeyDefense 2.5\npmkd25aos.dll (AhnLab, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser
Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll
(DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload
Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
(DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: File not
found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program
Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0:
C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program
Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF -
HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6:
C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0:
c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft
Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3:
C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416:
C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft
Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5:
C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation
Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: \NGM\npNxGameUS.dll
()
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame:
C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14:
C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
(Google)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin:
C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando
Networks)
FF - HKLM\Software\MozillaPlugins\@qvod.com/QvodInsert:
C:\QvodPlayer\npQvodInsert.dll (Shenzhen QVOD Technology Co.,Ltd)
FF - HKLM\Software\MozillaPlugins\@real.com/npracplug;version=1.0.0.0:
C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll
(RealNetworks)
FF - HKLM\Software\MozillaPlugins\@Roozz.com/RoozzPlugin: C:\Program
Files\Roozz\nproozz.dll (Roozz.com)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3:
C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9:
C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader
10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin:
C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando
Networks)
FF -
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}:
C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009/11/20 16:14:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox
8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
[2011/11/10 21:04:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox
8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/01
16:13:46 | 000,000,000 | ---D | M]
[2011/08/24 05:20:44 | 000,000,000 | ---D | M] (No name found) --
C:\Users\Timothy\AppData\Roaming\Mozilla\Extensions
[2011/11/11 21:37:32 | 000,000,000 | ---D | M] (No name found) --
C:\Users\Timothy_2\AppData\Roaming\mozilla\Firefox\Profiles\3xobnkku.default\extensions
[2011/11/10 08:56:49 | 000,000,000 | ---D | M] (Ant Video Downloader) --
C:\Users\Timothy_2\AppData\Roaming\mozilla\Firefox\Profiles\3xobnkku.default\extensions\[email protected]
[2011/11/11 21:37:32 | 000,000,000 | ---D | M] (Yontoo Layers) --
C:\Users\Timothy_2\AppData\Roaming\mozilla\Firefox\Profiles\3xobnkku.default\extensions\[email protected]
[2011/11/10 21:04:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program
Files\Mozilla Firefox\extensions
[2007/11/04 14:25:17 | 000,000,000 | ---D | M] (Google Toolbar for Firefox)
-- C:\Program Files\Mozilla
Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/10/04 19:18:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program
Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2011/11/01 13:37:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program
Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2009/06/27 09:04:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework
Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION
FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/11/10 21:04:20 | 000,134,104 | ---- | M] (Mozilla Foundation) --
C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/08/24 10:31:30 | 000,773,120 | ---- | M] (BitComet) -- C:\Program
Files\mozilla firefox\plugins\npBitCometAgent.dll
[2011/10/03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) --
C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2008/02/09 23:01:03 | 000,024,576 | ---- | M] (RealNetworks) -- C:\Program
Files\mozilla firefox\plugins\npgcplug.dll
[2007/12/19 13:57:38 | 000,310,272 | ---- | M] () -- C:\Program Files\mozilla
firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
[2009/02/21 07:24:52 | 000,660,872 | ---- | M] (Microsoft Corporation) --
C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll
[2005/04/27 21:10:49 | 000,102,400 | ---- | M] (RealNetworks) -- C:\Program
Files\mozilla firefox\plugins\npracplug.dll
[2010/11/10 22:31:18 | 000,002,226 | ---- | M] () -- C:\Program Files\mozilla
firefox\searchplugins\babylon.xml
[2011/10/02 17:59:54 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla
firefox\searchplugins\bing.xml
[2011/10/02 17:59:54 | 000,001,892 | ---- | M] () -- C:\Program Files\mozilla
firefox\searchplugins\bolcom-nl.xml
[2011/10/02 17:59:54 | 000,004,558 | ---- | M] () -- C:\Program Files\mozilla
firefox\searchplugins\marktplaats-nl.xml
[2011/10/02 17:59:54 | 000,001,049 | ---- | M] () -- C:\Program Files\mozilla
firefox\searchplugins\wikipedia-nl.xml
[2011/03/18 19:11:02 | 000,001,106 | ---- | M] () -- C:\Program Files\mozilla
firefox\searchplugins\yahoo-nl.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url =
{google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url =
{google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program
Files\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) =
C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla
Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla
Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla
Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla
Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla
Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla
Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla
Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program
Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program
Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader
9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft
Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) =
C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\Mozilla
Firefox\plugins\npdivx32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) =
C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program
Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) =
C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program
Files\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program
Files\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: BitCometAgent (Enabled) = C:\Program Files\Mozilla
Firefox\plugins\npBitCometAgent.dll
CHR - plugin: Google Gadget Plugin (Enabled) = C:\Program Files\Mozilla
Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
CHR - plugin: Office Genuine Advantage (Enabled) = C:\Program Files\Mozilla
Firefox\plugins\npOGAPlugin.dll
CHR - plugin: RealArcade Mozilla Plugin (Enabled) = C:\Program Files\Mozilla
Firefox\plugins\npracplug.dll
CHR - plugin: AhnLab MyKeyDefense 2.5 (Enabled) = C:\Program
Files\AhnLab\ASP\MyKeyDefense 2.5\npmkd25aos.dll
CHR - plugin: DivX\u00AE Content Upload Plugin (Enabled) = C:\Program
Files\DivX\DivX Content Uploader\npUpload.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google
Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google
Updater\2.4.1536.6592\npCIDetect13.dll
CHR - plugin: Google Update (Enabled) = C:\Program
Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando
Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Picasa2\npPicasa2.dll
CHR - plugin: Roozz plugin (Enabled) = C:\Program Files\Roozz\nproozz.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program
Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program
Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Nexon Game Controller (Enabled) =
C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
CHR - plugin: QvodInsert (Enabled) = C:\QvodPlayer\npQvodInsert.dll
CHR - plugin: Windows Presentation Foundation (Enabled) =
C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation
Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Beat the Boot (van Google) =
C:\Users\Timothy_2\AppData\Local\Google\Chrome\User
Data\Default\Extensions\aidgmjkfmbhldhnhkopojimkhhhcpenl\1.0.0.0_0\
CHR - Extension: Angry Birds =
C:\Users\Timothy_2\AppData\Local\Google\Chrome\User
Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\
CHR - Extension: 3DTin = C:\Users\Timothy_2\AppData\Local\Google\Chrome\User
Data\Default\Extensions\algoakekcdmbbikdjgjdahbfihboglmi\0.97_0\
CHR - Extension: ImmorTall =
C:\Users\Timothy_2\AppData\Local\Google\Chrome\User
Data\Default\Extensions\ccgofchligkleafmbnobellmjjoppoin\1.5.0_0\
CHR - Extension: Pool = C:\Users\Timothy_2\AppData\Local\Google\Chrome\User
Data\Default\Extensions\cedbddnnmhgnedpamoenmdkhnpnfbpjb\1.0.4_0\
CHR - Extension: Gun Bros =
C:\Users\Timothy_2\AppData\Local\Google\Chrome\User
Data\Default\Extensions\ciamkmigckbgfajcieiflmkedohjjohh\2.0.0_0\
CHR - Extension: Crazy Flasher 4 =
C:\Users\Timothy_2\AppData\Local\Google\Chrome\User
Data\Default\Extensions\dhhfpmofefjgffdobfkihcccibfgfnaj\1.0_0\
CHR - Extension: Ratchet & Clank Future 2 =
C:\Users\Timothy_2\AppData\Local\Google\Chrome\User
Data\Default\Extensions\ejhfomhehcinmhgnlhdpghklkjgppdmn\3_0\
CHR - Extension: Spartan Warfare =
C:\Users\Timothy_2\AppData\Local\Google\Chrome\User
Data\Default\Extensions\gbhoeifpbfimlcjcldnfmgglgcplockk\1.0_0\
CHR - Extension: 3D Bowling =
C:\Users\Timothy_2\AppData\Local\Google\Chrome\User
Data\Default\Extensions\gemohgpikgjbgmdfbfjdailocichgbjm\1.9_0\
CHR - Extension: Air Hockey =
C:\Users\Timothy_2\AppData\Local\Google\Chrome\User
Data\Default\Extensions\hcchbhjknakkndfpdbapmdkhbbgojkno\2.0_0\
CHR - Extension: Chrome Klok =
C:\Users\Timothy_2\AppData\Local\Google\Chrome\User
Data\Default\Extensions\icegcmhgphfkgglbljbkdegiaaihifce\2.0.3_0\
CHR - Extension: LineBall =
C:\Users\Timothy_2\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jeclmehkhpookgkhkecnaanahhoglakj\1.2.0_0\
CHR - Extension: Perpetual Blaze =
C:\Users\Timothy_2\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jgjbldhpikblgpcbgdokneecddeomimo\1.1.5_0\
CHR - Extension: Skyrama =
C:\Users\Timothy_2\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlehaidnnmjjkhgbbiombcdifogolhap\1.0.1_0\
CHR - Extension: IP-adres =
C:\Users\Timothy_2\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jpnjjlbngpejmmhgcaagljaomgnginml\7.0_0\
CHR - Extension: Cargo Bridge =
C:\Users\Timothy_2\AppData\Local\Google\Chrome\User
Data\Default\Extensions\keembkgclppcbilkekfgpobhldjjhpmn\1.5.7_0\
O1 HOSTS File: ([2011/11/30 17:36:12 | 000,000,690 | ---- | M]) -
C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 vscan.novirusthanks.org
O1 - Hosts: 127.0.0.1 [URL="http://www.virusscan.jotti.org"]Jotti's
malware scan[/URL]
O1 - Hosts: 127.0.0.1 virus-trap.org
O1 - Hosts: 127.0.0.1 [URL="http://www.virus-trap.org"]Virus | Internet Security | Software Mcafee Gold Technical
Support at Virus-Trap.org[/URL]
O1 - Hosts: 127.0.0.1 filterbit.com
O1 - Hosts: 127.0.0.1 [URL="http://www.filterbit.com"]Metascan Online | Free online file scanning with multiple
antivirus engines[/URL]
O1 - Hosts: 127.0.0.1 [URL="http://www.eblaster.com"]eBlaster Spy Software - Spector Pro Internet Spy[/URL]
O1 - Hosts: 127.0.0.1 [URL="http://www.spectorsoft.com"]Computer and Internet Monitoring Software[/URL]
O1 - Hosts: 127.0.0.1 eblaster.com
O1 - Hosts: 127.0.0.1 spectorsoft.com
O1 - Hosts: 127.0.0.1 [URL="http://www.u2a1376gf-43ty-245b.com"]www.u2a1376gf-43ty-245b.com[/URL]
O1 - Hosts: 127.0.0.1 u2a1376gf-43ty-245b.com
O1 - Hosts: 127.0.0.1 [URL="http://www.v19170dc0-7597-11d.com"]www.v19170dc0-7597-11d.com[/URL]
O1 - Hosts: 127.0.0.1 v19170dc0-7597-11d.com
O1 - Hosts: 127.0.0.1 [URL="http://www.d2a1376gf-43ty-245a.com"]www.d2a1376gf-43ty-245a.com[/URL]
O1 - Hosts: 127.0.0.1 d2a1376gf-43ty-245a.com
O1 - Hosts: 127.0.0.1 photofunia.com
O1 - Hosts: 127.0.0.1 [URL="http://www.photofunia.com"]PhotoFunia :: Effects[/URL]
O1 - Hosts: 127.0.0.1 photofunia.nl
O1 - Hosts: 127.0.0.1 [URL="http://www.photofunia.nl"]photofunia.nl[/URL]
O1 - Hosts: 127.0.0.1 photofunia.be
O1 - Hosts: 127.0.0.1 [URL="http://www.photofunia.be"]www.photofunia.be[/URL]
O2 - BHO: (&Yahoo! Toolbar Helper) -
{02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program
Files\Yahoo!\Companion\Installs\cpn9\yt.dll (Yahoo! Inc.)
O2 - BHO: (ѸÀ×FLVÊÓƵÐá̽¼°ÏÂÔØÖ§³Ö) -
{0EA37B17-6B8B-4085-8257-F3A4AA69C27A} - C:\Program Files\Thunder
Network\Thunder\BHO\XlBrowserAddin1.0.5.64.dll (ShenZhen Xunlei Networking
Technologies,LTD)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program
Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value
found.
O2 - BHO: (ѸÀ×ÏÂÔØÖ§³Ö) - {889D2FEB-5411-4565-8998-1DD2C5261283} -
C:\Program Files\Thunder Network\Thunder\BHO\XunleiBHO7.2.3.3254.dll
(深圳市迅雷网络技术有限公司)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -
C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -
C:\Program Files\Yahoo!\Companion\Installs\cpn9\YTSingleInstance.dll (Yahoo!
Inc)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98}
- C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (no name) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - No
CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No
CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! 工具列) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
C:\Program Files\Yahoo!\Companion\Installs\cpn9\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) -
{3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program
Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage
Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [QvodTerminal] C:\QvodPlayer\QvodTerminal.exe (Shenzhen QVOD
Technology Co.,Ltd)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft
Corporation)
O4 - HKCU..\Run: [Advanced SystemCare 5] C:\Program Files\IObit\Advanced
SystemCare 5\ASCTray.exe (IObit)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools
Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer:
NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer:
AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer:
AllowUnhashedWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer:
EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System:
EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer:
NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System:
LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System:
DontDisplayLogonHoursWarnings = 1
O9 - Extra Button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} -
C:\Program Files\PPLive\PPTV\PPLive.exe (PPLive Corporation)
O9 - Extra 'Tools' menuitem : PPLive - {95B3F550-91C4-4627-BCC4-521288C52977}
- C:\Program Files\PPLive\PPTV\PPLive.exe (PPLive Corporation)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} -
C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll (BitComet)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} [URL]http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab[/URL]
(Checkers Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} [URL]http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab[/URL]
(UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [URL]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/URL]
(Java Plug-in 1.6.0_29)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [URL]http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab[/URL]
(Reg Error: Value error.)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} [URL]http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab[/URL]
(MSN Games - Installer)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} [URL]http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab[/URL]
(MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [URL]http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab[/URL]
(Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [URL]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/URL]
(Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [URL]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/URL]
(Java Plug-in 1.6.0_29)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} [URL]http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab[/URL]
(Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer =
192.168.2.1
O17 -
HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F9B81F55-B9C0-4292-A566-F1BB74565462}:
DhcpNameServer = 192.168.2.1
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL) -C:\Program
Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe
(Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\SYSTEM32\userinit.exe)
-C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Timothy\AppData\Roaming\Microsoft\Windows
Photo Gallery\Bureaubladachtergrond van Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper:
C:\Users\Timothy\AppData\Roaming\Microsoft\Windows Photo
Gallery\Bureaubladachtergrond van Windows Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {4562B511-62E9-4533-B7B2-56A8BB10B482} -
C:\Program Files\Common Files\Thunder Network\KanKan\xappex.1.1.1.29.(815).dll
(深圳市迅雷网络技术有限公司)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/10/23 17:20:55 | 000,000,121 | ---- | M] () -
C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/02/06 09:08:46 | 000,000,046 | ---- | M] () -
E:\Autorun.inf -- [ UDF ]
O32 - AutoRun File - [2009/02/27 01:57:36 | 000,000,120 | ---- | M] () -
K:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{41596d8f-b4a8-11e0-b409-001bfca45913}\Shell - "" =
AutoRun
O33 -
MountPoints2\{41596d8f-b4a8-11e0-b409-001bfca45913}\Shell\AutoRun\command - "" =
F:\ITNT.exe
O33 - MountPoints2\{d369a014-6ce5-11dc-aad6-806e6f6e6963}\Shell - "" =
AutoRun
O33 -
MountPoints2\{d369a014-6ce5-11dc-aad6-806e6f6e6963}\Shell\AutoRun\command - "" =
E:\Fysica4.exe -- [2008/11/26 13:36:06 | 002,790,015 | ---- | M] (Multidmedia
Limited)
O33 - MountPoints2\{da6f64f8-b2ab-11e0-a5a2-001bfca45913}\Shell - "" =
AutoRun
O33 -
MountPoints2\{da6f64f8-b2ab-11e0-a5a2-001bfca45913}\Shell\AutoRun\command - "" =
L:\ITNT.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/12/09 13:25:12 | 000,584,192 | ---- | C] (OldTimer Tools) --
C:\Users\Timothy_2\Desktop\OTL.exe
[2011/12/08 14:37:07 | 000,000,000 | ---D | C] --
C:\Users\Timothy_2\AppData\Local\Western_Digital
[2011/12/08 14:19:19 | 000,000,000 | ---D | C] -- C:\Program Files\Western
Digital
[2011/12/08 14:19:19 | 000,000,000 | ---D | C] --
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD SmartWare
[2011/12/08 14:03:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Texas
Instruments
[2011/12/08 14:03:39 | 000,000,000 | ---D | C] --
C:\Users\Timothy_2\AppData\Roaming\Texas Instruments
[2011/12/07 20:57:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Western
Digital
[2011/12/07 20:54:07 | 000,000,000 | ---D | C] --
C:\Users\Timothy_2\AppData\Local\Western Digital
[2011/12/07 12:25:41 | 000,000,000 | ---D | C] -- C:\NGM
[2011/12/06 19:27:48 | 000,000,000 | ---D | C] --
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2
[2011/12/06 19:27:44 | 000,000,000 | ---D | C] --
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
[2011/12/06 19:26:52 | 000,000,000 | ---D | C] --
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster 3
[2011/12/06 19:19:59 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2011/12/06 19:19:02 | 000,000,000 | ---D | C] --
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 5
[2011/12/05 21:20:49 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonUS
[2011/12/05 19:05:36 | 000,000,000 | ---D | C] --
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Platinum Hide IP
[2011/12/05 19:05:34 | 000,000,000 | ---D | C] -- C:\Program
Files\PlatinumHideIP
[2011/12/05 17:04:46 | 000,000,000 | ---D | C] --
C:\Users\Timothy_2\AppData\Roaming\C__Users_Timothy_2_Downloads_PlatinumHideIP_PlatinumHideIP.exe
[2011/12/05 17:04:46 | 000,000,000 | ---D | C] --
C:\ProgramData\C__Users_Timothy_2_Downloads_PlatinumHideIP_PlatinumHideIP.exe
[2011/12/05 16:57:04 | 000,000,000 | ---D | C] --
C:\Users\Timothy_2\AppData\Roaming\PlatinumHideIP
[2011/12/05 16:57:04 | 000,000,000 | ---D | C] --
C:\ProgramData\PlatinumHideIP
[2011/12/04 14:03:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky
Lab
[2011/11/30 17:35:30 | 000,000,000 | ---D | C] --
C:\Users\Timothy_2\AppData\Roaming\com.bigfatsimulations.airportmadness3.3A85083A650345D1ADAB4572C5816AD2DC9802A3.1
[2011/11/24 21:04:43 | 000,000,000 | ---D | C] -- C:\Program
Files\Cambridge
[2011/11/23 18:51:03 | 000,000,000 | ---D | C] --
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
[2011/11/23 18:51:03 | 000,000,000 | ---D | C] -- C:\Program
Files\WinDirStat
[2011/11/23 18:27:41 | 000,000,000 | ---D | C] --
C:\ProgramData\AltrixSoft
[2011/11/23 18:16:51 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/11/22 20:48:47 | 000,000,000 | ---D | C] -- C:\TestZip
[2011/11/21 17:01:31 | 000,000,000 | ---D | C] --
C:\Users\Timothy_2\Desktop\7zcracker
[2011/11/21 16:57:57 | 000,000,000 | ---D | C] --
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zip Password Recovery
Master
[2011/11/21 16:47:12 | 000,000,000 | ---D | C] --
C:\Users\Timothy_2\AppData\Roaming\bonetown
[2011/11/18 00:11:45 | 000,000,000 | ---D | C] --
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/11/17 18:51:06 | 000,000,000 | ---D | C] --
C:\Users\Timothy_2\AppData\Roaming\Printer Info Cache
[2011/11/17 18:51:05 | 000,000,000 | ---D | C] --
C:\Users\Timothy_2\Documents\Mijn scanafbeeldingen
[2011/11/17 18:51:05 | 000,000,000 | ---D | C] --
C:\Users\Timothy_2\AppData\Roaming\Image Zone Express
[2011/11/16 18:44:14 | 000,000,000 | ---D | C] -- C:\output
[2011/11/12 09:59:13 | 000,000,000 | ---D | C] --
C:\Users\Timothy_2\AppData\Roaming\HP
[2011/11/11 21:37:32 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo
Layers Runtime
[2011/11/11 21:16:56 | 000,000,000 | ---D | C] --
C:\Users\Timothy_2\AppData\Roaming\PhotoScape
[2011/11/11 21:16:20 | 000,000,000 | ---D | C] -- C:\Program
Files\PhotoScape
[2011/11/10 23:04:39 | 000,000,000 | ---D | C] --
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2011/11/10 21:37:10 | 000,000,000 | ---D | C] --
C:\Users\Timothy_2\Documents\combat amrs
[2011/11/10 09:16:59 | 000,000,000 | ---D | C] --
C:\Users\Timothy_2\Documents\Command & Conquer 3 Tiberium Wars
[2011/11/10 09:15:04 | 000,000,000 | ---D | C] --
C:\Users\Timothy_2\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2011/11/10 09:02:44 | 000,000,000 | ---D | C] --
C:\Users\Timothy_2\AppData\Roaming\SystemRequirementsLab
[2011/10/09 16:11:17 | 000,250,544 | ---- | C] (KeyWorks Software) --
C:\Program Files\Common Files\keyhelp.ocx
[2007/11/16 20:03:49 | 000,774,144 | ---- | C] (RealNetworks, Inc.) --
C:\Program Files\RngInterstitial.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/12/09 13:29:08 | 000,001,042 | ---- | M] () --
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/09 13:27:41 | 000,584,192 | ---- | M] (OldTimer Tools) --
C:\Users\Timothy_2\Desktop\OTL.exe
[2011/12/09 13:06:14 | 000,001,046 | ---- | M] () --
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/09 12:18:10 | 000,003,568 | -H-- | M] () --
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/09 12:18:10 | 000,003,568 | -H-- | M] () --
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/09 12:18:01 | 000,067,584 | --S- | M] () --
C:\Windows\bootstat.dat
[2011/12/09 04:02:19 | 000,447,056 | ---- | M] () --
C:\Windows\System32\FNTCACHE.DAT
[2011/12/08 23:38:39 | 000,721,688 | ---- | M] () --
C:\Windows\System32\perfh013.dat
[2011/12/08 23:38:39 | 000,634,846 | ---- | M] () --
C:\Windows\System32\perfh009.dat
[2011/12/08 23:38:39 | 000,149,892 | ---- | M] () --
C:\Windows\System32\perfc013.dat
[2011/12/08 23:38:39 | 000,123,716 | ---- | M] () --
C:\Windows\System32\perfc009.dat
[2011/12/08 20:23:52 | 000,002,453 | ---- | M] () --
C:\Users\Public\Desktop\TI-SmartView.lnk
[2011/12/08 14:47:00 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\Google
Software Updater.job
[2011/12/08 14:41:08 | 000,020,480 | ---- | M] () --
C:\Users\Timothy_2\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/08 14:21:19 | 000,001,223 | ---- | M] () --
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
[2011/12/06 18:06:33 | 000,021,257 | ---- | M] () --
C:\Windows\System32\jobadocx.dll
[2011/12/06 02:08:40 | 000,476,298 | ---- | M] () --
C:\Users\Timothy_2\Documents\F4.2 Leerstofoverzicht Kerstexamen 11-12.pdf
[2011/12/05 21:26:08 | 000,001,553 | ---- | M] () --
C:\Users\Public\Desktop\Combat Arms.lnk
[2011/12/05 19:05:36 | 000,000,878 | ---- | M] () --
C:\Users\Public\Desktop\Platinum Hide IP.lnk
[2011/11/30 17:36:12 | 000,000,690 | ---- | M] () --
C:\Windows\System32\drivers\etc\hosts
[2011/11/24 22:18:43 | 000,000,038 | ---- | M] () --
C:\Windows\avisplitter.INI
[2011/11/20 12:07:55 | 000,001,973 | ---- | M] () --
C:\Users\Public\Desktop\Google Chrome.lnk
[2011/11/18 20:44:18 | 000,326,187 | ---- | M] () --
C:\Users\Timothy_2\Documents\ELOV CIRKEL (1).pdf
[2011/11/18 13:03:40 | 000,414,368 | ---- | M] (Adobe Systems Incorporated)
-- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/11/13 19:04:47 | 002,120,092 | ---- | M] () --
C:\Users\Timothy_2\Documents\tanguy redesign.jpg
[2011/11/13 18:38:01 | 002,123,424 | ---- | M] () --
C:\Users\Timothy_2\Documents\Frans Tanguy.zip
[2011/11/13 09:38:14 | 000,977,539 | ---- | M] () --
C:\Users\Timothy_2\Documents\tanguy1.jpg
[2011/11/13 09:38:14 | 000,584,046 | ---- | M] () --
C:\Users\Timothy_2\Documents\tanguy3.jpg
[2011/11/13 09:38:14 | 000,561,523 | ---- | M] () --
C:\Users\Timothy_2\Documents\tanguy2.jpg
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/12/08 14:21:19 | 000,001,223 | ---- | C] () --
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
[2011/12/08 14:02:08 | 000,002,453 | ---- | C] () --
C:\Users\Public\Desktop\TI-SmartView.lnk
[2011/12/06 20:38:50 | 000,020,312 | ---- | C] () --
C:\Windows\System32\RegistryDefragBootTime.exe
[2011/12/06 19:27:51 | 000,025,944 | ---- | C] () --
C:\Windows\System32\SmartDefragBootTime.exe
[2011/12/06 19:27:51 | 000,015,672 | ---- | C] () --
C:\Windows\System32\drivers\SmartDefragDriver.sys
[2011/12/06 18:52:31 | 000,476,298 | ---- | C] () --
C:\Users\Timothy_2\Documents\F4.2 Leerstofoverzicht Kerstexamen 11-12.pdf
[2011/12/06 18:52:31 | 000,384,224 | ---- | C] () --
C:\Users\Timothy_2\Documents\F4 - Hoofdstuk 1 - Fysische grootheden -
correctiesleutel (deel 1).pdf
[2011/12/06 18:52:31 | 000,225,412 | ---- | C] () --
C:\Users\Timothy_2\Documents\F4 - Hoofdstuk 1 - Fysische grootheden -
correctiesleutel (deel 2).pdf
[2011/12/06 18:52:31 | 000,107,670 | ---- | C] () --
C:\Users\Timothy_2\Documents\F4.2 - Arbeid - Extra oefeningen.pdf
[2011/12/06 18:52:31 | 000,044,401 | ---- | C] () --
C:\Users\Timothy_2\Documents\F4.2 - Vermogen - Extra oefeningen.pdf
[2011/12/05 21:26:08 | 000,001,553 | ---- | C] () --
C:\Users\Public\Desktop\Combat Arms.lnk
[2011/12/05 19:05:36 | 000,000,878 | ---- | C] () --
C:\Users\Public\Desktop\Platinum Hide IP.lnk
[2011/11/18 20:44:16 | 000,326,187 | ---- | C] () --
C:\Users\Timothy_2\Documents\ELOV CIRKEL (1).pdf
[2011/11/13 19:04:47 | 002,120,092 | ---- | C] () --
C:\Users\Timothy_2\Documents\tanguy redesign.jpg
[2011/11/13 18:39:18 | 000,584,046 | ---- | C] () --
C:\Users\Timothy_2\Documents\tanguy3.jpg
[2011/11/13 18:39:18 | 000,561,523 | ---- | C] () --
C:\Users\Timothy_2\Documents\tanguy2.jpg
[2011/11/13 18:37:56 | 002,123,424 | ---- | C] () --
C:\Users\Timothy_2\Documents\Frans Tanguy.zip
[2011/11/12 18:52:19 | 000,977,539 | ---- | C] () --
C:\Users\Timothy_2\Documents\tanguy1.jpg
[2011/09/29 21:13:20 | 000,021,257 | ---- | C] () --
C:\Windows\System32\jobadocx.dll
[2011/09/26 18:55:17 | 000,118,272 | ---- | C] () -- C:\Windows\EHsvc.dll
[2011/09/22 18:45:40 | 000,001,972 | ---- | C] () --
C:\Windows\Sandboxie.ini
[2011/09/16 16:42:06 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011/08/27 16:14:06 | 000,020,480 | ---- | C] () --
C:\Users\Timothy_2\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/27 16:13:49 | 000,000,680 | ---- | C] () --
C:\Users\Timothy_2\AppData\Local\d3d9caps.dat
[2011/06/20 14:53:47 | 000,000,046 | ---- | C] () --
C:\Windows\System32\4E37A837910D.ini
[2011/04/11 21:22:11 | 000,053,248 | ---- | C] () --
C:\Windows\System32\PPadApi.dll
[2011/04/11 21:22:02 | 000,131,072 | ---- | C] () --
C:\Windows\System32\PPWORDW.DLL
[2011/04/09 17:55:28 | 000,179,261 | ---- | C] () --
C:\Windows\System32\xlive.dll.cat
[2011/03/29 14:05:48 | 000,709,992 | ---- | C] () --
C:\Windows\System32\kindling.dll
[2010/12/13 18:00:31 | 000,000,262 | RHS- | C] () --
C:\ProgramData\ntuser.pol
[2010/05/27 15:29:09 | 000,126,976 | ---- | C] () --
C:\Windows\System32\UAService7.exe
[2010/05/11 19:37:10 | 000,041,872 | ---- | C] () --
C:\Windows\System32\xfcodec.dll
[2010/04/09 22:27:32 | 000,000,038 | ---- | C] () --
C:\Windows\avisplitter.INI
[2010/03/21 07:31:24 | 000,069,632 | ---- | C] () --
C:\Windows\System32\xmltok.dll
[2010/03/21 07:31:24 | 000,036,864 | ---- | C] () --
C:\Windows\System32\xmlparse.dll
[2010/03/12 20:42:51 | 000,011,392 | ---- | C] () --
C:\Windows\System32\drivers\archlp.sys
[2010/02/14 08:26:24 | 000,189,248 | ---- | C] () --
C:\Windows\System32\PnkBstrB.exe
[2010/02/14 08:25:54 | 000,075,064 | ---- | C] () --
C:\Windows\System32\PnkBstrA.exe
[2010/01/22 16:13:05 | 000,000,065 | ---- | C] () --
C:\Windows\WININIT.INI
[2009/12/25 04:35:20 | 000,000,008 | ---- | C] () --
C:\ProgramData\sysReserve.ini
[2009/10/10 18:07:10 | 000,000,075 | ---- | C] () --
C:\Windows\cdplayer.ini
[2009/10/09 20:00:24 | 000,000,552 | ---- | C] () -- C:\Windows\eReg.dat
[2009/09/26 19:52:03 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/09/01 07:05:16 | 000,000,040 | ---- | C] () --
C:\ProgramData\ra3.ini
[2009/08/29 02:23:20 | 000,000,020 | ---- | C] () --
C:\Windows\System32\pub_store.dat
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () --
C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () --
C:\Windows\System32\OGAEXEC.exe
[2009/08/01 08:45:39 | 000,107,612 | ---- | C] () --
C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/01 08:45:38 | 000,117,248 | ---- | C] () --
C:\Windows\System32\EhStorAuthn.dll
[2009/08/01 08:44:05 | 000,018,904 | ---- | C] () --
C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/02/16 13:32:47 | 000,755,027 | ---- | C] () --
C:\Windows\System32\xvidcore.dll
[2009/02/16 13:32:47 | 000,159,839 | ---- | C] () --
C:\Windows\System32\xvidvfw.dll
[2009/02/16 13:32:46 | 003,596,288 | ---- | C] () --
C:\Windows\System32\qt-dx331.dll
[2009/02/16 13:32:44 | 000,007,680 | ---- | C] () --
C:\Windows\System32\ff_vfw.dll
[2009/02/15 15:43:22 | 004,994,717 | ---- | C] () --
C:\Windows\System32\q9data.bin
[2009/02/15 15:43:22 | 000,000,086 | ---- | C] () --
C:\Windows\System32\QTRAYIME.INI
[2009/02/15 15:43:22 | 000,000,049 | ---- | C] () -- C:\Windows\Q9.INI
[2009/02/15 15:41:10 | 000,047,252 | ---- | C] () --
C:\Windows\System32\Qcbeigbk.bin
[2009/02/15 15:41:10 | 000,029,514 | ---- | C] () --
C:\Windows\System32\QCBEIB5.BIN
[2009/02/15 15:41:00 | 000,057,396 | ---- | C] () --
C:\Windows\System32\Q9xpb5u.EXE
[2009/02/15 15:41:00 | 000,035,328 | ---- | C] () --
C:\Windows\System32\qseteudc.exe
[2009/02/15 15:40:57 | 000,113,488 | ---- | C] () --
C:\Windows\System32\Qc4dic.dat
[2009/02/15 15:40:57 | 000,065,536 | ---- | C] () --
C:\Windows\System32\SkinMakerDll.dll
[2009/02/15 15:40:57 | 000,065,536 | ---- | C] () --
C:\Windows\System32\qcSkinMakerDll.dll
[2009/02/15 15:40:54 | 000,029,516 | ---- | C] () --
C:\Windows\System32\q9b5gb.bin
[2009/02/15 15:40:54 | 000,028,672 | ---- | C] () --
C:\Windows\System32\doime.exe
[2009/01/31 18:37:18 | 000,168,448 | ---- | C] () --
C:\Windows\System32\unrar.dll
[2008/09/03 01:09:11 | 000,000,000 | ---- | C] () --
C:\Windows\iPlayer.INI
[2008/07/14 17:40:13 | 000,000,107 | ---- | C] () --
C:\Windows\usrwiz.ini
[2008/06/28 15:35:02 | 006,656,000 | ---- | C] () --
C:\Windows\System32\kbdadcom.exe
[2008/06/28 15:35:02 | 001,683,456 | ---- | C] () --
C:\Windows\System32\w32anuri.dll
[2008/06/28 15:35:02 | 000,958,464 | ---- | C] () --
C:\Windows\System32\dlgofpop.dll
[2008/06/28 15:35:02 | 000,164,781 | ---- | C] () --
C:\Windows\System32\cfgipctl32.dll
[2008/06/28 15:35:02 | 000,044,544 | ---- | C] () --
C:\Windows\System32\drivers\icodocam.sys
[2008/06/18 20:51:06 | 000,147,456 | ---- | C] () --
C:\Windows\System32\igfxCoIn_v1504.dll
[2008/04/13 22:04:56 | 000,096,577 | ---- | C] () --
C:\Windows\hpqins16.dat
[2008/03/25 15:56:08 | 000,147,456 | ---- | C] () --
C:\Windows\System32\igfxCoIn_v1461.dll
[2007/11/04 14:25:06 | 000,003,424 | ---- | C] () --
C:\Windows\mozver.dat
[2007/10/18 21:39:27 | 000,320,384 | ---- | C] () --
C:\Windows\System32\drivers\UDXTTM6000.sys
[2007/10/01 20:18:40 | 000,000,013 | ---- | C] () -- C:\Windows\msgtn.ini
[2007/09/29 12:17:45 | 000,140,852 | ---- | C] () --
C:\Windows\hpoins12.dat
[2007/09/29 12:17:44 | 000,001,470 | ---- | C] () --
C:\Windows\hpomdl12.dat
[2007/08/24 19:46:48 | 000,147,456 | ---- | C] () --
C:\Windows\System32\igfxCoIn_v1322.dll
[2007/07/18 22:54:18 | 000,058,163 | ---- | C] () --
C:\Windows\System32\lvcoinst.ini
[2007/06/14 19:32:25 | 000,721,688 | ---- | C] () --
C:\Windows\System32\perfh013.dat
[2007/06/14 19:32:25 | 000,336,440 | ---- | C] () --
C:\Windows\System32\perfi013.dat
[2007/06/14 19:32:25 | 000,149,892 | ---- | C] () --
C:\Windows\System32\perfc013.dat
[2007/06/14 19:32:25 | 000,041,976 | ---- | C] () --
C:\Windows\System32\perfd013.dat
[2007/06/14 10:01:18 | 000,106,222 | ---- | C] () --
C:\Windows\hpqins13.dat
[2007/06/14 09:56:34 | 000,204,800 | ---- | C] () --
C:\Windows\System32\igfxCoIn_v1227.dll
[2007/06/14 09:48:24 | 000,061,440 | ---- | C] () --
C:\Windows\System32\OsdRemove.exe
[2007/06/14 09:44:47 | 000,102,400 | ---- | C] () --
C:\Windows\System32\pywintypes24.dll
[2007/06/14 09:44:46 | 000,327,680 | ---- | C] () --
C:\Windows\System32\pythoncom24.dll
[2007/03/06 09:47:24 | 000,000,000 | ---- | C] () --
C:\Windows\System32\px.ini
[2007/01/12 06:07:48 | 000,520,192 | ---- | C] () --
C:\Windows\System32\CddbPlaylist2Roxio.dll
[2007/01/12 06:07:48 | 000,204,800 | ---- | C] () --
C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/11/02 13:57:28 | 000,067,584 | --S- | C] () --
C:\Windows\bootstat.dat
[2006/11/02 13:47:37 | 000,447,056 | ---- | C] () --
C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () --
C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:33:01 | 000,634,846 | ---- | C] () --
C:\Windows\System32\perfh009.dat
[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () --
C:\Windows\System32\perfi009.dat
[2006/11/02 11:33:01 | 000,123,716 | ---- | C] () --
C:\Windows\System32\perfc009.dat
[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () --
C:\Windows\System32\perfd009.dat
[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () --
C:\Windows\System32\dssec.dat
[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () --
C:\Windows\System32\NOISE.DAT
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () --
C:\Windows\System32\pacerprf.ini
[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () --
C:\Windows\System32\mlang.dat
========== Files - Unicode (All) ==========
[2011/10/08 20:44:20 | 000,013,267 | ---- | M]
()(C:\Users\Timothy_2\Documents\????.docx) --
C:\Users\Timothy_2\Documents\我的媽媽.docx
[2011/09/24 17:26:01 | 000,013,267 | ---- | C]
()(C:\Users\Timothy_2\Documents\????.docx) --
C:\Users\Timothy_2\Documents\我的媽媽.docx
[2011/08/27 16:43:33 | 005,285,376 | ---- | M]
()(C:\Users\Timothy_2\Desktop\????.pps) --
C:\Users\Timothy_2\Desktop\魔術貓眼.pps
[2011/08/27 16:43:17 | 005,285,376 | ---- | C]
()(C:\Users\Timothy_2\Desktop\????.pps) --
C:\Users\Timothy_2\Desktop\魔術貓眼.pps
[2011/01/23 10:25:41 | 000,000,036 | ---- | M] ()(C:\Windows\System32\??) --
C:\Windows\System32\⯐И
[2011/01/23 10:25:41 | 000,000,036 | ---- | C] ()(C:\Windows\System32\??) --
C:\Windows\System32\⯐И
[2011/01/14 20:32:39 | 000,000,036 | ---- | M] ()(C:\Windows\System32\??) --
C:\Windows\System32\팘ϛ
[2011/01/14 20:32:39 | 000,000,036 | ---- | C] ()(C:\Windows\System32\??) --
C:\Windows\System32\팘ϛ
(C:\ProgramData\Microsoft\Windows\Start Menu\Programs\????) --
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\迅雷软件
========== Alternate Data Streams ==========
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:EB170088
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:FA5F15C4
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:1493A0EF
< End of report >