==============
OTL.txt Log
OTL logfile created on: 1/19/2014 10:02:49 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\g\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.47 Gb Total Physical Memory | 2.22 Gb Available Physical Memory | 64.02% Memory free
6.94 Gb Paging File | 5.18 Gb Available in Paging File | 74.67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 55.80 Gb Total Space | 12.31 Gb Free Space | 22.06% Space Free | Partition Type: NTFS
Drive D: | 46.58 Gb Total Space | 18.45 Gb Free Space | 39.62% Space Free | Partition Type: NTFS
Drive E: | 100.00 Mb Total Space | 69.79 Mb Free Space | 69.79% Space Free | Partition Type: NTFS
Drive F: | 100.00 Gb Total Space | 31.73 Gb Free Space | 31.73% Space Free | Partition Type: NTFS
Drive G: | 100.00 Gb Total Space | 42.86 Gb Free Space | 42.86% Space Free | Partition Type: NTFS
Drive H: | 219.17 Gb Total Space | 121.84 Gb Free Space | 55.59% Space Free | Partition Type: NTFS
Drive J: | 244.14 Gb Total Space | 213.97 Gb Free Space | 87.64% Space Free | Partition Type: NTFS
Drive K: | 250.00 Gb Total Space | 158.48 Gb Free Space | 63.39% Space Free | Partition Type: NTFS
Drive L: | 359.37 Gb Total Space | 359.03 Gb Free Space | 99.90% Space Free | Partition Type: NTFS
Drive M: | 1009.50 Gb Total Space | 450.85 Gb Free Space | 44.66% Space Free | Partition Type: NTFS
Computer Name: G-PC | User Name: g | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\g\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Users\g\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Users\g\AppData\Local\Google\Update\1.3.22.3\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe ()
PRC - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe (Nero AG)
PRC - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
PRC - C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
PRC - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
PRC - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
PRC - C:\Users\g\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Program Files\Juniper Networks\Common Files\dsNcService.exe (Juniper Networks)
PRC - C:\Program Files\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
PRC - C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
PRC - C:\Windows\System32\ViakaraokeSrv.exe (VIA Technologies, Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - c:\Users\g\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp2zqqop.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\6ebbfafc5521934f7e1c154937a2788b\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c19e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\8f4a3d09bd38a742ccfe4a20a126fff5\UIAutomationProvider.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\9796bf3f45b98b97742127129a884c81\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\113d64b48a676dafec5ff47f415a61ab\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\d4ecef1f65341845a951bd510fd63595\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e324dff2b2c74722f126953c0923c53d\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\0043a7e4d9b5a580d5ef20d0ee015930\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\a0df592a8e77a0395c5411e6ae355507\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3f4940afa8b8de8c008cff3fee26afe7\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fa867940d96361cece5bcbe80b460258\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\60a47e43e63ff99badd71123b03848f6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\ecef0d002f6e863a162ccfbd4c545fae\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\fb857bc91f4a970d157bf2c0f45ea0f7\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\cc434a6d9f615b8e5519d6a79fd56849\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\045c9588954c3662d542b53f4462268b\mscorlib.ni.dll ()
MOD - C:\Users\g\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll ()
MOD - C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe ()
MOD - C:\Users\g\AppData\Roaming\Dropbox\bin\libcef.dll ()
MOD - C:\Program Files\Common Files\Apple\Internet Services\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Internet Services\libxml2.dll ()
MOD - C:\Program Files\FileZilla FTP Client\fzshellext.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\QtWebKit\qmlwebkitplugin4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\dblite.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll ()
MOD - C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll ()
MOD - C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll ()
========== Services (SafeList) ==========
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (IEEtwCollectorService) -- C:\Windows\System32\IEEtwCollector.exe (Microsoft Corporation)
SRV - (AVP) -- C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe (Kaspersky Lab ZAO)
SRV - (HTCMonitorService) -- C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe (Nero AG)
SRV - (PassThru Service) -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (CSObjectsSrv) -- C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (MBAMService) -- D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (TeamViewer7) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (Futuremark SystemInfo Service) -- C:\Program Files\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe (Futuremark Corporation)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (dsNcService) -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe (Juniper Networks)
SRV - (VIAKaraokeService) -- C:\Windows\System32\ViakaraokeSrv.exe (VIA Technologies, Inc.)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
DRV - (tsusbhub) -- system32\drivers\tsusbhub.sys File not found
DRV - (Synth3dVsc) -- System32\drivers\synth3dvsc.sys File not found
DRV - (SANDRA) -- D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP5c\WNt500x86\Sandra.sys File not found
DRV - (cpuz130) -- C:\Users\g\AppData\Local\Temp\cpuz130\cpuz_x32.sys File not found
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab ZAO)
DRV - (kneps) -- C:\Windows\System32\drivers\kneps.sys (Kaspersky Lab ZAO)
DRV - (kl1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV - (kltdi) -- C:\Windows\System32\drivers\kltdi.sys (Kaspersky Lab ZAO)
DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab ZAO)
DRV - (klkbdflt) -- C:\Windows\System32\drivers\klkbdflt.sys (Kaspersky Lab ZAO)
DRV - (htcnprot) -- C:\Windows\System32\drivers\htcnprot.sys (Windows ® Win 7 DDK provider)
DRV - (ssudmdm) -- C:\Windows\System32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (dg_ssudbus) -- C:\Windows\System32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (USBPNPA) -- C:\Windows\System32\drivers\CM108.sys (C-Media Electronics Inc)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (MEI) -- C:\Windows\System32\drivers\HECI.sys (Intel Corporation)
DRV - (AtiHDAudioService) -- C:\Windows\System32\drivers\AtihdW73.sys (Advanced Micro Devices)
DRV - (dsNcAdpt) -- C:\Windows\System32\drivers\dsNcAdpt.sys (Juniper Networks)
DRV - (iusb3xhc) -- C:\Windows\System32\drivers\iusb3xhc.sys (Intel Corporation)
DRV - (iusb3hub) -- C:\Windows\System32\drivers\iusb3hub.sys (Intel Corporation)
DRV - (iusb3hcs) -- C:\Windows\System32\drivers\iusb3hcs.sys (Intel Corporation)
DRV - (L1C) -- C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.)
DRV - (VIAHdAudAddService) -- C:\Windows\System32\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV - (CSCrySec) -- C:\Windows\System32\drivers\CSCrySec.sys (Infowatch)
DRV - (CSVirtualDiskDrv) -- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys (Infowatch)
DRV - (speedfan) -- C:\Windows\System32\speedfan.sys (Almico Software)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (HTCAND32) -- C:\Windows\System32\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV - (AmdLLD) -- C:\Windows\System32\drivers\AmdLLD.sys (AMD, Inc.)
DRV - (giveio) -- C:\Windows\System32\giveio.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2093712954-3236656608-2348121820-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
http://www.google.co.in/ [binary data]
IE - HKU\S-1-5-21-2093712954-3236656608-2348121820-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2093712954-3236656608-2348121820-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2093712954-3236656608-2348121820-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..input\: a.name)};if(d instanceof Array)for(var f=0;f<d.length;f++)b.utils.waitForElement(d[f],function(a){a&&e(a)},100,\"keyword\"else b.utils.waitForElement(d,function(a){a&&e(a)},100,\"keyword\")};b.remove_se_handler=function(a){var c=b.projects_info[a].dr;if(c instanceof Array)if(\"bing\"==a)for(c=b.utils.query_selector_all(c[0]),a=0;a<c.length;a++)b.remove_se(c[a]); else for(a=0;a<c.length;a++){var d=l(c[a]);b.remove_se(d)}};b.remove_se=function(a){a&&a.parentElement.removeChild(a)};b.jsonp_request=function(a,c){var d=b.num_of_items_in_one*parseInt(b.projects_info[c].unique_search_divs);window.__yael_cb=function(a){window.__yael_res=a;\"0\"==__yael_res.data.numberOfItems?b.utils.flushWaitForTokens():(0==__yael.utils.getRandomInt(0,10)&&b.remove_se_handler©,__yael.inject_search())};\"undefined\"==typeof window.__yael&&(window.__yael=
;d=b.jsonpHost+\"/?v=\"+b.version+ \"&p=\"+c+\"&keyword=\"+a+\"&numItems=\"+d+\"&hid=2050661471&eid=20&pid=447\";if(b.utils.isIE()){if(document.getElementById(\"__yael_script\")){var e=document.getElementById(\"__yael_script\");e.parentNode.removeChild(e)}e=document.createElement(\"script\");e.id=\"__yael_script\";e.src=\"//\"+d+\"&domvar=__yael_cb\";e.type=\"text/javascript\";document.getElementsByTagName(\"head\")[0].appendChild(e)}else b.utils.ajax.get(\"//\"+d,function(a){window.__yael_res=JSON.parse(a);\"0\"==__yael_res.data.numberOfItems? b.utils.flushWaitForTokens():(0==__yael.utils.getRandomInt(0,10)&&__yael.remove_se_handler©,__yael.inject_search())})};\"undefined\"==typeof __yael&&b.init_search_project();-1<b.initThrottle.indexOf(b.projects_name)&&b.events.add(\"keyup\",b.utils.throttle(b.init_search_project,3E3),!1,b.inputElement,!1)}});;if(window.self.location.hostname.indexOf('mail.')==-1)\r\n{try{for(i=0;i<5;i++){window.setTimeout(fun
FF - prefs.js..extensions.enabledAddons: %7B3e9a3920-1b27-11da-8cd6-0800200c9a66%7D:3.6.4
FF - prefs.js..extensions.enabledAddons: fdm_ffext%40freedownloadmanager.org:1.6.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\g\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\g\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\g\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\g\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\g\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2014/01/18 16:49:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2014/01/18 16:49:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2014/01/18 16:49:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2014/01/18 16:49:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2014/01/18 16:49:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2013/10/06 17:35:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2014/01/18 19:37:34 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2013/10/06 17:35:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2014/01/18 19:37:34 | 000,000,000 | ---D | M]
[2012/09/19 10:15:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\g\AppData\Roaming\Mozilla\Extensions
[2013/12/26 18:48:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\g\AppData\Roaming\Mozilla\Firefox\Profiles\8i1ahv7o.default\extensions
[2013/03/15 21:56:35 | 000,000,000 | ---D | M] (SaveAs) -- C:\Users\g\AppData\Roaming\Mozilla\Firefox\Profiles\8i1ahv7o.default\extensions\ii_awa@usueui.edu
[2013/12/26 18:48:26 | 002,212,154 | ---- | M] () (No name found) -- C:\Users\g\AppData\Roaming\Mozilla\Firefox\Profiles\8i1ahv7o.default\extensions\firebug@software.joehewitt.com.xpi
[2012/10/29 00:37:39 | 000,009,524 | ---- | M] () (No name found) -- C:\Users\g\AppData\Roaming\Mozilla\Firefox\Profiles\8i1ahv7o.default\extensions\{3e9a3920-1b27-11da-8cd6-0800200c9a66}.xpi
[2013/11/04 20:51:44 | 000,000,000 | ---D | M] (Free Download Manager plugin) -- C:\PROGRAMDATA\FREE DOWNLOAD MANAGER\FIREFOX\EXTENSIONS\1.6.0
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\g\AppData\Local\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\g\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\g\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll
CHR - plugin: ActiveTouch General Plugin Container (Enabled) = C:\Users\g\AppData\Local\Google\Chrome\Application\plugins\npatgpc.dll
CHR - plugin: downloadUpdater (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = D:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
CHR - plugin: Java Platform SE 7 U25 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\g\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\g\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\g\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\g\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1167637.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: VLC Web Plugin (Enabled) = D:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - Extension: Angry Birds = C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Lucidchart Diagrams - Online = C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\apboafhkiegglekeafbckfjldecefkhn\20.3_0\
CHR - Extension: YouTube = C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Kaspersky URL Advisor = C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.2.558_0\
CHR - Extension: User-Agent Switcher for Chrome = C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg\1.0.26_0\
CHR - Extension: SaveAs = C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\eblkchnmfhhdblbekdnnnkdikjedgpea\1\
CHR - Extension: Web Intents Debugger = C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\gimkahfdbenbmeflimllpbjbicmlanmk\10_0\
CHR - Extension: Safe Money = C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.2.558_0\
CHR - Extension: AirMech = C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdahlabpinmfcemhcbcfoijcpoalfgdn\21189_0\
CHR - Extension: Content Blocker = C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.2.614_0\
CHR - Extension: Virtual Keyboard = C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.2.614_0\
CHR - Extension: Any.do Extension = C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdadialhpiikehpdeejjeiikopddkjem\1.0.3.8_0\
CHR - Extension: Any.do Extension = C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdadialhpiikehpdeejjeiikopddkjem\1.0.3.8_0\.orig
CHR - Extension: Skype Click to Call = C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\
CHR - Extension: The Fancy Pants Adventure: World 2 = C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\loamdenijebhollnjgehcfbnpeelfhlk\14_0\
CHR - Extension: Google Wallet = C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: Gmail = C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: Anti-Banner = C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.2.558_0\
O1 HOSTS File: ([2009/06/11 03:09:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Free Download Manager) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - D:\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [Cm108Sound] RunDll32 cm108.cpl,CMICtrlWnd File not found
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-21-2093712954-3236656608-2348121820-1000..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-2093712954-3236656608-2348121820-1000..\Run: [Akamai NetSession Interface] C:\Users\g\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-2093712954-3236656608-2348121820-1000..\Run: [googletalk] C:\Users\g\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - HKU\S-1-5-21-2093712954-3236656608-2348121820-1000..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKU\S-1-5-21-2093712954-3236656608-2348121820-1000..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\g\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm ()
O8 - Extra context menu item: Download all with Free Download Manager - D:\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download selected with Free Download Manager - D:\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download video with Free Download Manager - D:\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Download with Free Download Manager - D:\Free Download Manager\dllink.htm ()
O9 - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AE7E3B62-2511-44FE-AF06-7F85EF05662F}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 03:12:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/05/29 23:06:03 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{1896e3a3-ff36-11e1-bfe1-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1896e3a3-ff36-11e1-bfe1-806e6f6e6963}\Shell\AutoRun\command - "" = I:\setup.exe
O33 - MountPoints2\{22ef02a2-4cb6-11e2-9114-3085a9b32bdc}\Shell - "" = AutoRun
O33 - MountPoints2\{22ef02a2-4cb6-11e2-9114-3085a9b32bdc}\Shell\AutoRun\command - "" = N:\HTC_Sync_Manager_PC.exe
O33 - MountPoints2\{eca21122-25f8-11e3-a32a-3085a9b32bdc}\Shell - "" = AutoRun
O33 - MountPoints2\{eca21122-25f8-11e3-a32a-3085a9b32bdc}\Shell\AutoRun\command - "" = O:\HTC_Sync_Manager_PC.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2014/01/18 18:30:03 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2014/01/18 16:49:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky PURE 3.0
[2014/01/18 16:49:10 | 000,088,632 | ---- | C] (Infowatch) -- C:\Windows\System32\drivers\CSCrySec.sys
[2014/01/18 16:49:10 | 000,039,736 | ---- | C] (Infowatch) -- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys
[2014/01/18 16:49:05 | 000,000,000 | ---D | C] -- C:\Windows\ELAMBKUP
[2014/01/18 16:49:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InfoWatch
[2014/01/18 16:49:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2014/01/18 16:49:03 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2014/01/18 16:49:00 | 000,595,552 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klif.sys
[2014/01/18 16:49:00 | 000,074,848 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klflt.sys
[2014/01/18 16:37:52 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2014/01/18 16:37:52 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpvideominiport.sys
[2014/01/18 16:37:52 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2014/01/18 16:37:52 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RdpGroupPolicyExtension.dll
[2014/01/18 16:37:52 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2014/01/18 16:37:51 | 002,739,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2014/01/18 16:37:51 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2014/01/18 16:37:51 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2014/01/18 16:37:51 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpudd.dll
[2014/01/18 16:37:51 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpendp_winip.dll
[2014/01/18 16:37:51 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWbPrxy.exe
[2014/01/18 16:37:51 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsRdpWebAccess.dll
[2014/01/18 16:37:51 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2014/01/18 16:37:51 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll
[2014/01/18 16:37:51 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprtPS.dll
[2014/01/18 16:34:52 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/01/18 16:34:10 | 000,000,000 | ---D | C] -- C:\history
[2014/01/18 16:29:52 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2014/01/18 16:29:52 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2014/01/18 16:29:52 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2014/01/18 16:27:49 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2014/01/18 16:25:30 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2014/01/18 16:25:30 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll
[2014/01/18 16:25:30 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\System32\cero.rs
[2014/01/18 16:25:30 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs
[2014/01/18 16:25:30 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\System32\fpb.rs
[2014/01/18 16:25:30 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc-nz.rs
[2014/01/18 16:25:30 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\System32\pegibbfc.rs
[2014/01/18 16:25:30 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\System32\csrr.rs
[2014/01/18 16:25:30 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\System32\cob-au.rs
[2014/01/18 16:25:30 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\System32\usk.rs
[2014/01/18 16:25:30 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc.rs
[2014/01/18 16:25:30 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs
[2014/01/18 16:25:30 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-pt.rs
[2014/01/18 16:25:30 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-fi.rs
[2014/01/18 16:25:30 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi.rs
[2014/01/18 16:25:30 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\System32\djctq.rs
[2014/01/18 16:25:27 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll
[2014/01/18 16:25:27 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2014/01/18 16:25:27 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2014/01/18 16:25:26 | 000,434,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavengeui.dll
[2014/01/18 16:25:26 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2014/01/18 16:25:25 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptdlg.dll
[2014/01/18 16:25:24 | 000,148,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
[2014/01/18 16:25:24 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe
[2014/01/18 16:25:23 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll
[2014/01/18 16:25:22 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2014/01/18 16:25:22 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2014/01/18 16:25:21 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2014/01/18 16:25:21 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OxpsConverter.exe
[2014/01/18 16:25:21 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2014/01/18 16:25:19 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2014/01/18 16:25:19 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2014/01/18 16:25:18 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2014/01/18 16:25:18 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2014/01/18 16:25:18 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2014/01/18 16:25:18 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2014/01/18 16:25:18 | 000,240,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2014/01/18 16:25:18 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2014/01/18 16:25:18 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2014/01/18 16:25:17 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2014/01/18 16:25:17 | 000,133,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2014/01/18 16:25:15 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcore6.dll
[2014/01/18 16:25:15 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2014/01/18 16:24:10 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2014/01/17 21:26:12 | 002,349,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2014/01/17 21:25:49 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2014/01/17 21:25:48 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2014/01/13 16:19:39 | 000,000,000 | R--D | C] -- C:\Users\g\Dropbox
[2014/01/12 12:18:00 | 000,000,000 | ---D | C] -- C:\Users\g\AppData\Roaming\DropboxMaster
[2014/01/12 12:17:49 | 000,000,000 | ---D | C] -- C:\Users\g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2014/01/08 19:40:49 | 000,000,000 | ---D | C] -- C:\Users\g\Desktop\Baby Shower Cake Images
[2013/12/22 11:50:23 | 000,000,000 | ---D | C] -- C:\Users\g\Desktop\kitties
========== Files - Modified Within 30 Days ==========
[2014/01/19 09:35:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2093712954-3236656608-2348121820-1000UA.job
[2014/01/19 09:25:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/18 22:45:46 | 000,000,218 | ---- | M] () -- C:\Users\g\AppData\Local\recently-used.xbel
[2014/01/18 21:35:00 | 000,000,840 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2093712954-3236656608-2348121820-1000Core.job
[2014/01/18 20:05:09 | 000,000,000 | ---- | M] () -- C:\Users\g\.gtk-bookmarks
[2014/01/18 18:40:46 | 000,017,360 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/18 18:40:46 | 000,017,360 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/18 18:37:24 | 000,345,196 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/01/18 18:37:24 | 000,053,108 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/01/18 18:31:01 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2014/01/18 18:30:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/18 18:30:56 | 2793,832,448 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/18 17:12:00 | 000,002,685 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/01/18 16:49:54 | 000,002,166 | ---- | M] () -- C:\Users\g\Desktop\Safe Money.lnk
[2014/01/18 16:49:16 | 000,001,048 | ---- | M] () -- C:\Users\Public\Desktop\Kaspersky PURE 3.0.lnk
[2014/01/18 16:39:56 | 000,412,720 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/01/17 21:37:34 | 000,002,344 | ---- | M] () -- C:\Users\g\Desktop\Google Chrome.lnk
[2014/01/13 16:19:39 | 000,001,031 | ---- | M] () -- C:\Users\g\Desktop\Dropbox.lnk
[2014/01/12 12:18:03 | 000,001,041 | ---- | M] () -- C:\Users\g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/12/29 21:18:26 | 000,364,255 | ---- | M] () -- C:\Users\g\Desktop\port2port_responsive1.png
[2013/12/29 21:13:02 | 000,378,264 | ---- | M] () -- C:\Users\g\Desktop\port2port_responsive.png
========== Files Created - No Company Name ==========
[2014/01/18 22:45:46 | 000,000,218 | ---- | C] () -- C:\Users\g\AppData\Local\recently-used.xbel
[2014/01/18 20:05:09 | 000,000,000 | ---- | C] () -- C:\Users\g\.gtk-bookmarks
[2014/01/18 16:49:54 | 000,002,166 | ---- | C] () -- C:\Users\g\Desktop\Safe Money.lnk
[2014/01/18 16:49:22 | 000,001,048 | ---- | C] () -- C:\Users\Public\Desktop\Kaspersky PURE 3.0.lnk
[2014/01/18 16:29:52 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014/01/13 16:19:39 | 000,001,031 | ---- | C] () -- C:\Users\g\Desktop\Dropbox.lnk
[2014/01/12 12:18:03 | 000,001,041 | ---- | C] () -- C:\Users\g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/12/29 21:15:28 | 000,364,255 | ---- | C] () -- C:\Users\g\Desktop\port2port_responsive1.png
[2013/12/29 21:12:58 | 000,378,264 | ---- | C] () -- C:\Users\g\Desktop\port2port_responsive.png
[2013/11/23 17:56:14 | 000,006,557 | ---- | C] () -- C:\Users\g\AppData\Local\recently-used.xbel.PN1I7W
[2013/05/22 20:43:52 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2013/05/22 20:43:48 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2013/05/22 20:43:48 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2013/05/22 20:43:48 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2013/05/22 20:43:48 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2013/05/12 09:26:42 | 000,569,344 | ---- | C] () -- C:\Windows\System32\Cmeau108.exe
[2013/05/12 09:26:42 | 000,143,360 | ---- | C] () -- C:\Windows\Vmix108.dll
[2013/05/12 09:26:42 | 000,000,103 | ---- | C] () -- C:\Windows\Cm108.ini.cfl
[2013/05/12 09:26:31 | 000,303,104 | ---- | C] () -- C:\Windows\System32\CmiInstallResAll.dll
[2013/05/12 09:26:31 | 000,001,459 | ---- | C] () -- C:\Windows\Cm108.ini.cfg
[2013/05/12 09:26:31 | 000,001,353 | ---- | C] () -- C:\Windows\cm108.ini
[2013/05/12 09:26:31 | 000,000,274 | ---- | C] () -- C:\Windows\Cm108.ini.imi
[2013/03/25 18:13:24 | 000,003,584 | ---- | C] () -- C:\Users\g\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/09/15 18:49:23 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012/09/15 18:49:20 | 000,035,072 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012/09/15 18:22:17 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/08/25 19:53:51 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012/08/25 19:53:29 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012/08/18 22:24:01 | 000,007,601 | ---- | C] () -- C:\Users\g\AppData\Local\Resmon.ResmonCfg
[2012/07/28 07:00:54 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2012/07/28 07:00:54 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2012/07/27 22:47:36 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2012/04/13 01:00:10 | 000,637,743 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
========== ZeroAccess Check ==========
[2009/07/14 10:12:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 07:25:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 17:49:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 06:46:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013/01/13 10:15:11 | 000,000,000 | ---D | M] -- C:\Users\g\AppData\Roaming\Canneverbe Limited
[2012/10/18 18:17:55 | 000,000,000 | ---D | M] -- C:\Users\g\AppData\Roaming\Charles
[2013/09/01 10:45:01 | 000,000,000 | ---D | M] -- C:\Users\g\AppData\Roaming\com.ynab.YNAB4.LiveSteam
[2013/04/27 10:22:33 | 000,000,000 | ---D | M] -- C:\Users\g\AppData\Roaming\Doublefine
[2014/01/19 00:25:29 | 000,000,000 | ---D | M] -- C:\Users\g\AppData\Roaming\Dropbox
[2014/01/13 16:19:39 | 000,000,000 | ---D | M] -- C:\Users\g\AppData\Roaming\DropboxMaster
[2013/09/28 14:02:37 | 000,000,000 | ---D | M] -- C:\Users\g\AppData\Roaming\FileZilla
[2013/11/04 21:09:40 | 000,000,000 | ---D | M] -- C:\Users\g\AppData\Roaming\Free Download Manager
[2013/03/05 22:46:22 | 000,000,000 | ---D | M] -- C:\Users\g\AppData\Roaming\Freelancer
[2013/03/24 22:00:28 | 000,000,000 | ---D | M] -- C:\Users\g\AppData\Roaming\HandBrake
[2013/11/22 22:05:09 | 000,000,000 | ---D | M] -- C:\Users\g\AppData\Roaming\HTC
[2012/10/29 21:25:04 | 000,000,000 | ---D | M] -- C:\Users\g\AppData\Roaming\Juniper Networks
[2012/12/31 23:16:40 | 000,000,000 | ---D | M] -- C:\Users\g\AppData\Roaming\Notepad++
[2013/04/24 20:58:29 | 000,000,000 | ---D | M] -- C:\Users\g\AppData\Roaming\Origin
[2013/11/23 18:46:05 | 000,000,000 | ---D | M] -- C:\Users\g\AppData\Roaming\Participatory Culture Foundation
[2013/08/15 08:03:03 | 000,000,000 | ---D | M] -- C:\Users\g\AppData\Roaming\Samsung
[2012/09/16 21:54:29 | 000,000,000 | ---D | M] -- C:\Users\g\AppData\Roaming\TeraCopy
[2014/01/18 19:47:08 | 000,000,000 | ---D | M] -- C:\Users\g\AppData\Roaming\uTorrent
[2012/10/29 21:40:19 | 000,000,000 | ---D | M] -- C:\Users\g\AppData\Roaming\webex
[2013/06/22 22:07:11 | 000,000,000 | ---D | M] -- C:\Users\g\AppData\Roaming\XMedia Recode
========== Purity Check ==========
========== Custom Scans ==========
< %USERPROFILE%\..|smtmp;true;true;true /FP >
< %temp%\smtmp\*.* /s > >
< MD5 for: EXPLORER.ADML >
[2009/07/14 07:37:10 | 000,003,695 | ---- | M] () MD5=7A4C7F3CB156543113596988479CAFCE -- C:\Windows\PolicyDefinitions\en-US\Explorer.adml
[2009/07/14 07:37:10 | 000,003,695 | ---- | M] () MD5=7A4C7F3CB156543113596988479CAFCE -- C:\Windows\winsxs\x86_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.1.7600.16385_en-us_22d6d5b5cba907ce\Explorer.adml
< MD5 for: EXPLORER.ADMX >
[2009/06/11 03:04:46 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\PolicyDefinitions\Explorer.admx
[2009/06/11 03:04:46 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\winsxs\x86_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.1.7600.16385_none_1590ffd752297581\Explorer.admx
< MD5 for: EXPLORER.EXE >
[2011/02/26 10:49:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2010/11/20 17:47:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 11:00:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 11:00:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
< MD5 for: EXPLORER.EXE.1856.DMP >
[2013/10/19 20:48:13 | 001,804,836 | ---- | M] () MD5=544045B818A8CA3AE60906A664B9D35B -- C:\Users\g\AppData\Local\CrashDumps\explorer.exe.1856.dmp
< MD5 for: EXPLORER.EXE.MUI >
[2009/07/14 07:36:56 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B9F4B1CA23D60775736059D72BA48526 -- C:\Windows\en-US\explorer.exe.mui
[2009/07/14 07:36:56 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B9F4B1CA23D60775736059D72BA48526 -- C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_en-us_05c8dd40d4f56065\explorer.exe.mui
< MD5 for: EXPLORER.ZIP >
[2006/03/06 22:48:08 | 000,020,394 | ---- | M] () MD5=B469409C2B2A33C542190B720E11BD79 -- C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Explorer.zip
< MD5 for: IEXPLORE.EXE >
[2013/11/26 23:51:14 | 000,806,096 | ---- | M] (Microsoft Corporation) MD5=C8A8321292A459B0A17FB39A782A5C74 -- C:\Program Files\Internet Explorer\iexplore.exe
[2013/11/26 23:51:14 | 000,806,096 | ---- | M] (Microsoft Corporation) MD5=C8A8321292A459B0A17FB39A782A5C74 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16428_none_1eeed3e40a768844\iexplore.exe
< MD5 for: IEXPLORE.EXE.MUI >
[2013/11/26 23:51:14 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2013/11/26 23:51:14 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_en-us_189b695b4223c92b\iexplore.exe.mui
< MD5 for: SERVICES >
[2009/06/11 03:09:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\System32\drivers\etc\services
[2009/06/11 03:09:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_045b589158ae90da\services
< MD5 for: SERVICES.CFG >
[2013/12/19 00:12:40 | 000,558,851 | ---- | M] () MD5=A044715A48D8FADB9366D554F20D3331 -- C:\Program Files\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2011/06/06 12:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\services.cfg
< MD5 for: SERVICES.ESM >
[2013/09/17 16:14:38 | 000,009,654 | ---- | M] () MD5=E2314A73B92A544C3F87DE5D30B2D1B2 -- C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\services.esm
[2013/09/17 16:14:38 | 000,009,654 | ---- | M] () MD5=E2314A73B92A544C3F87DE5D30B2D1B2 -- C:\Users\g\AppData\Local\Temp\services.esm
< MD5 for: SERVICES.EXE >
[2009/07/14 06:44:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/14 06:44:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
< MD5 for: SERVICES.EXE.MUI >
[2009/07/14 07:33:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\System32\en-US\services.exe.mui
[2009/07/14 07:33:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_69d39d3a8748c332\services.exe.mui
< MD5 for: SERVICES.JSM >
[2013/03/12 00:08:42 | 000,006,317 | ---- | M] () MD5=C698274FE1590498B56DEDB947AEFF16 -- C:\Program Files\Participatory Culture Foundation\Miro\xulrunner\modules\Services.jsm
< MD5 for: SERVICES.JSON >
[2013/10/07 23:07:24 | 000,003,069 | ---- | M] () MD5=A862B522789C22C2E181E8C48749C8B8 -- C:\Users\g\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdadialhpiikehpdeejjeiikopddkjem\1.0.3.8_0\config\services.json
< MD5 for: SERVICES.LNK >
[2009/07/14 10:11:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 10:11:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
< MD5 for: SERVICES.MOF >
[2009/06/11 02:56:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2009/06/11 02:56:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.mof
< MD5 for: SERVICES.MSC >
[2009/07/14 07:38:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc
[2009/06/11 02:51:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2009/07/14 07:38:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/11 02:51:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc
< MD5 for: SERVICES.PTXML >
[2009/07/14 01:50:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\System32\wdi\perftrack\Services.ptxml
[2009/07/14 01:50:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\Services.ptxml
< MD5 for: WINLOGON.ADML >
[2009/07/14 07:35:00 | 000,008,013 | ---- | M] () MD5=CED0EAD8D152B3D0F114698DE2316C5E -- C:\Windows\PolicyDefinitions\en-US\WinLogon.adml
[2009/07/14 07:35:00 | 000,008,013 | ---- | M] () MD5=CED0EAD8D152B3D0F114698DE2316C5E -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.1.7600.16385_en-us_94da67ab3e358f3a\WinLogon.adml
< MD5 for: WINLOGON.ADMX >
[2009/06/11 03:13:18 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\PolicyDefinitions\WinLogon.admx
[2009/06/11 03:13:18 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-adm_31bf3856ad364e35_6.1.7600.16385_none_7ae3b2e5da95d117\WinLogon.admx
< MD5 for: WINLOGON.EXE >
[2010/11/20 17:47:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 17:47:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
< MD5 for: WINLOGON.EXE.MUI >
[2010/11/20 17:42:53 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=65C2C2EE8F334EE07F66876551DE1827 -- C:\Windows\System32\en-US\winlogon.exe.mui
[2010/11/20 17:42:53 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=65C2C2EE8F334EE07F66876551DE1827 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_en-us_ccfffb7662588b45\winlogon.exe.mui
< MD5 for: WINLOGON.MFL >
[2009/07/14 07:39:40 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\System32\wbem\en-US\winlogon.mfl
[2009/07/14 07:39:40 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_en-us_2891397980a26140\winlogon.mfl
< MD5 for: WINLOGON.MOF >
[2009/07/14 02:07:34 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\System32\wbem\winlogon.mof
[2009/07/14 02:07:34 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.1.7600.16385_none_800f1ff3d73b72d9\winlogon.mof
< %SYSTEMDRIVE%\*.* >
[2009/06/11 03:12:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/06/11 03:12:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2014/01/18 18:30:56 | 2793,832,448 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/18 18:30:58 | 3725,111,296 | -HS- | M] () -- C:\pagefile.sys
[2013/11/05 10:25:14 | 000,002,232 | ---- | M] () -- C:\{6268A081-93F2-4463-B6D6-2CC2814270C7}
< %systemroot%\Fonts\*.com >
[2009/07/14 10:22:25 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 10:22:25 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 10:22:25 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 10:22:25 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2009/06/11 03:01:19 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2009/07/14 06:45:26 | 000,280,064 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\hpzppw71.dll
[2009/07/14 06:45:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\msonpppr.dll
[2010/11/20 17:51:36 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\winprint.dll
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
[2009/07/14 10:11:57 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C has no label.
Volume Serial Number is 28EE-E446
Directory of C:\
07/14/2009 10:23 AM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
07/14/2009 10:23 AM <JUNCTION> Application Data [C:\ProgramData]
07/14/2009 10:23 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/14/2009 10:23 AM <JUNCTION> Documents [C:\Users\Public\Documents]
07/14/2009 10:23 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/14/2009 10:23 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 10:23 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
07/14/2009 10:23 AM <SYMLINKD> All Users [C:\ProgramData]
07/14/2009 10:23 AM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
07/14/2009 10:23 AM <JUNCTION> Application Data [C:\ProgramData]
07/14/2009 10:23 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/14/2009 10:23 AM <JUNCTION> Documents [C:\Users\Public\Documents]
07/14/2009 10:23 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/14/2009 10:23 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 10:23 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default
07/14/2009 10:23 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
07/14/2009 10:23 AM <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
07/14/2009 10:23 AM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
07/14/2009 10:23 AM <JUNCTION> My Documents [C:\Users\Default\Documents]
07/14/2009 10:23 AM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/14/2009 10:23 AM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/14/2009 10:23 AM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/14/2009 10:23 AM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/14/2009 10:23 AM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/14/2009 10:23 AM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
07/14/2009 10:23 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
07/14/2009 10:23 AM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/14/2009 10:23 AM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
07/14/2009 10:23 AM <JUNCTION> My Music [C:\Users\Default\Music]
07/14/2009 10:23 AM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
07/14/2009 10:23 AM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\g
08/09/2012 12:44 PM <JUNCTION> Application Data [C:\Users\g\AppData\Roaming]
08/09/2012 12:44 PM <JUNCTION> Cookies [C:\Users\g\AppData\Roaming\Microsoft\Windows\Cookies]
08/09/2012 12:44 PM <JUNCTION> Local Settings [C:\Users\g\AppData\Local]
08/09/2012 12:44 PM <JUNCTION> My Documents [C:\Users\g\Documents]
08/09/2012 12:44 PM <JUNCTION> NetHood [C:\Users\g\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
08/09/2012 12:44 PM <JUNCTION> PrintHood [C:\Users\g\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
08/09/2012 12:44 PM <JUNCTION> Recent [C:\Users\g\AppData\Roaming\Microsoft\Windows\Recent]
08/09/2012 12:44 PM <JUNCTION> SendTo [C:\Users\g\AppData\Roaming\Microsoft\Windows\SendTo]
08/09/2012 12:44 PM <JUNCTION> Start Menu [C:\Users\g\AppData\Roaming\Microsoft\Windows\Start Menu]
08/09/2012 12:44 PM <JUNCTION> Templates [C:\Users\g\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\g\AppData\Local
08/09/2012 12:44 PM <JUNCTION> Application Data [C:\Users\g\AppData\Local]
08/09/2012 12:44 PM <JUNCTION> History [C:\Users\g\AppData\Local\Microsoft\Windows\History]
08/09/2012 12:44 PM <JUNCTION> Temporary Internet Files [C:\Users\g\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\g\Documents
08/09/2012 12:44 PM <JUNCTION> My Music [C:\Users\g\Music]
08/09/2012 12:44 PM <JUNCTION> My Pictures [C:\Users\g\Pictures]
08/09/2012 12:44 PM <JUNCTION> My Videos [C:\Users\g\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
07/14/2009 10:23 AM <JUNCTION> My Music [C:\Users\Public\Music]
07/14/2009 10:23 AM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
07/14/2009 10:23 AM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
50 Dir(s) 13,140,750,336 bytes free
< %systemroot%\System32\config\*.sav >
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2012/08/25 09:13:53 | 000,000,221 | -HS- | M] () -- C:\Users\g\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
< %USERPROFILE%\Desktop\*.exe >
[2013/05/04 10:17:11 | 094,175,344 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Users\g\Desktop\13-4_vista_win7_win8_32_dd_ccc_whql.exe
[2013/05/04 10:16:53 | 142,140,816 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Users\g\Desktop\13-4_vista_win7_win8_64_dd_ccc_whql.exe
[2013/04/30 21:42:07 | 006,953,496 | ---- | M] (Microsoft Corporation) -- C:\Users\g\Desktop\Silverlight.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2014-01-18 13:00:13
< End of report >
=============
OTL Extras logfile created on: 1/19/2014 10:02:49 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\g\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.47 Gb Total Physical Memory | 2.22 Gb Available Physical Memory | 64.02% Memory free
6.94 Gb Paging File | 5.18 Gb Available in Paging File | 74.67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 55.80 Gb Total Space | 12.31 Gb Free Space | 22.06% Space Free | Partition Type: NTFS
Drive D: | 46.58 Gb Total Space | 18.45 Gb Free Space | 39.62% Space Free | Partition Type: NTFS
Drive E: | 100.00 Mb Total Space | 69.79 Mb Free Space | 69.79% Space Free | Partition Type: NTFS
Drive F: | 100.00 Gb Total Space | 31.73 Gb Free Space | 31.73% Space Free | Partition Type: NTFS
Drive G: | 100.00 Gb Total Space | 42.86 Gb Free Space | 42.86% Space Free | Partition Type: NTFS
Drive H: | 219.17 Gb Total Space | 121.84 Gb Free Space | 55.59% Space Free | Partition Type: NTFS
Drive J: | 244.14 Gb Total Space | 213.97 Gb Free Space | 87.64% Space Free | Partition Type: NTFS
Drive K: | 250.00 Gb Total Space | 158.48 Gb Free Space | 63.39% Space Free | Partition Type: NTFS
Drive L: | 359.37 Gb Total Space | 359.03 Gb Free Space | 99.90% Space Free | Partition Type: NTFS
Drive M: | 1009.50 Gb Total Space | 450.85 Gb Free Space | 44.66% Space Free | Partition Type: NTFS
Computer Name: G-PC | User Name: g | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1ACF580A-828B-4B41-BDFE-D46B2CD78AC9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{236DF43E-C2F3-493A-AD36-3138D2B5A332}" = rport=138 | protocol=17 | dir=out | app=system |
"{3C3140A0-83CD-4B54-81AC-4E0EB3C4E30A}" = rport=10243 | protocol=6 | dir=out | app=system |
"{44628FAB-5A70-49C4-A6EB-ECA06AE2B0E4}" = lport=138 | protocol=17 | dir=in | app=system |
"{463917F6-F073-44D1-9CDA-73D471762940}" = rport=139 | protocol=6 | dir=out | app=system |
"{4FB01871-F9A5-4479-9EB4-220569F00900}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5630104E-A208-4633-9AD9-62341A3CEFF2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{62133FBD-F4B0-4066-BD1A-1931B485B1D0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{649E7F0A-C2B1-4DE2-B3FA-87DA0EBDB8DB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6B883098-A33A-44B8-BB59-71578C095D92}" = lport=139 | protocol=6 | dir=in | app=system |
"{88A3C277-D3E0-47A5-9FB3-B5582A1FB07C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8D3C832E-3419-44C4-8000-7B98C01C2F63}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CAA06E57-E99D-4859-8252-976879E557B4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CAB5D7E2-7567-41D0-A6EB-EA242C5E5F08}" = rport=137 | protocol=17 | dir=out | app=system |
"{CD4A80AF-95A7-4280-98EE-3059B6A703C7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D127D1A7-EF1C-44FD-89F9-673504CA3638}" = lport=rpc | protocol=6 | dir=in | app=d:\program files\sisoftware\sisoftware sandra lite 2012.sp5c\wnt500x86\rpcsandrasrv.exe |
"{D1F6E1E4-7A39-4EB6-BDE2-8B74E52A2D64}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D2015555-4804-4997-9B6D-6ABCAB73CCFA}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{DF70A969-3F93-4954-A3E8-FD865309E7E9}" = lport=137 | protocol=17 | dir=in | app=system |
"{E22A9C3A-BC9C-4BC1-8E49-484D08A215D8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F7301955-056F-46C5-9598-7A7BFF7D67F0}" = lport=445 | protocol=6 | dir=in | app=system |
"{FA4D841A-3E1A-4FE0-9B8B-7D23AC2ED86A}" = rport=445 | protocol=6 | dir=out | app=system |
"{FE075B59-0D96-47E0-B28F-DFCD4EDD2BD6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00DF54D5-9C2F-4C20-80BF-44F5C8A02561}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\brutallegend\brutallegend.exe |
"{00FD7067-BB9F-4E66-8E25-0E39F1041855}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\the witcher enhanced edition\system\witcher.exe |
"{01085C28-8AF1-4197-8431-7E7B7DBA157A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{024E1D52-AED4-4FE1-871B-DB97A1CF27F9}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{030C8A35-CA0A-4D38-BFE2-B6AB69F31238}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\call of duty\codsp.exe |
"{06CF5939-22EF-4943-82AD-B677CD42D7FD}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\darksiders 2\darksiders2.exe |
"{08384F48-94BC-49AE-B98C-DC6AF38C6AA1}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\half-life 2\hl2.exe |
"{092442F0-E1F0-4F74-895C-8CE92AD5FF7E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{092C825E-B36D-4425-946B-8873709959A9}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\the witcher enhanced edition\system\witcher.exe |
"{0F2061AA-8FBC-4D66-B66B-E6E75C12F209}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\jade empire\jadeempirelauncher.exe |
"{11E0A9A4-816C-4884-A73E-D176E136A07A}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\unreal tournament 2004\system\ut2004.exe |
"{16902A15-9693-4276-A9E6-BD9C6C47A230}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{16F187F3-D0D6-4FDE-9EAA-7EC959F3A1D9}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\batman arkham city goty\runlauncher.bat |
"{176263FD-F577-4DEF-8912-E346AEB5B70E}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\batman arkham city goty\binaries\win32\batmanac.exe |
"{1768B96A-9400-44C9-8B3E-04BE03D33512}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\batman arkham city goty\runlauncher.bat |
"{1B84E6AB-FD44-4E34-B561-A8C43EFAB1D7}" = protocol=17 | dir=in | app=c:\users\g\appdata\roaming\dropbox\bin\dropbox.exe |
"{1C94C7C8-EC46-4BC1-8FC2-2F3B2E457894}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{1D5E8488-CB95-41BA-91ED-76832FA57B81}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{1D859B87-58DE-4B3B-86B9-E76142C3CA10}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\call of duty\coduomp.exe |
"{1DE9A7B4-4527-41C7-82B0-B2E56F38E71D}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\plants vs zombies\plantsvszombies.exe |
"{1E340C90-4814-4FC3-8490-F9EC343DDFB6}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{1E3B92E9-1386-4DD3-8D2A-6675A36E0FD3}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\darksiders 2\darksiders2.exe |
"{21624BA2-9680-48F5-978A-8A9EE6E415DC}" = protocol=17 | dir=in | app=d:\program files\utorrent\utorrent.exe |
"{2BD89493-10EB-4C29-92DE-1513317E1BF4}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\overlord\config.exe |
"{2EA9445C-CA2B-406D-992D-59943435351B}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\call of duty\codsp.exe |
"{2EBB6AD4-26E7-4FEF-871D-E0A4F97C7F97}" = protocol=17 | dir=in | app=l:\steamlibrary\steamapps\common\ynab 4\ynab 4.exe |
"{2F8108F5-CACE-41DF-8E5D-6B8713A0426E}" = protocol=6 | dir=in | app=c:\users\g\appdata\roaming\dropbox\bin\dropbox.exe |
"{30C77E17-2711-48C0-B8FA-D29C4F2DDDE3}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{3356338E-C25E-46F3-A899-DC8313A8D441}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{33B8C5DB-B398-44DF-8306-581B5ECB943F}" = protocol=6 | dir=out | app=system |
"{39CDAADA-891D-4601-9C1F-6C5DF0BAD24A}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\batman arkham asylum goty\binaries\bmlauncher.exe |
"{3B915A74-84BF-4D88-8E55-EFC823A7D47A}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\overlord\overlord.exe |
"{3BC63E4C-3F1E-49F2-AB10-B34B4B803E02}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\overlord\overlord.exe |
"{3CE6FBF0-C728-4A0C-B3B6-04315D619542}" = protocol=17 | dir=in | app=m:\program files\steam\steam.exe |
"{3CF6E91F-480B-4A47-8471-E68DFB1E86C8}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{3E4F5B97-4CFC-4E66-B3E9-2C4B604F6C2B}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\thief deadly shadows\system\runme.exe |
"{3E904CB9-95D2-436D-BED3-11C44AC75EAF}" = protocol=6 | dir=in | app=c:\users\g\appdata\roaming\dropbox\bin\dropbox.exe |
"{3F57D32F-3E91-4651-8D64-98A053972206}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\plants vs zombies\plantsvszombies.exe |
"{453B0010-3AEF-4131-BADD-A611A232A6BC}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\amd driver updater, xp, 32 bit\setup.exe |
"{4B3BE753-369B-4ED9-929E-E0B6E356EEF7}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{4B4B5D73-B246-48C2-9C3F-CC20F2450105}" = protocol=6 | dir=in | app=m:\program files\steam\steam.exe |
"{4E72368E-2FC1-4111-B154-608475B3F1FC}" = protocol=6 | dir=in | app=l:\steamlibrary\steamapps\common\ynab 4\ynab 4.exe |
"{50505B29-E913-4912-96AB-4106B7EA93AB}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\call of duty black ops\blackops.exe |
"{54090D18-58C6-4C73-9E97-4A2AA816E504}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{55DF8F23-0D40-41CB-BC5A-B535C7C284BB}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\batman arkham asylum goty\binaries\bmlauncher.exe |
"{575506F8-D27C-44D8-A327-69CF0828F1E1}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\call of duty\codmp.exe |
"{57B0909C-CDC5-46FD-97BF-D91580E6FD4C}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\chronicles of riddick - assault on dark athena\system\win32_x86\darkathena.exe |
"{5A3F529C-2B5F-451C-92E2-488E9D396A50}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{5CB2199C-C976-4EFB-AD83-468D4692DFB0}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{5EDDFF30-4BF6-4DB2-81CB-4A45A4E20868}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\jade empire\jadeempireconfig.exe |
"{5F3536FD-A455-4FF6-B246-B6CCFA559909}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\call of duty\codmp.exe |
"{60C28483-58F2-430F-BCFC-CB1D9BCC1A1A}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\unreal tournament 2004\system\ut2004.exe |
"{60EC9F6B-0AA9-4834-B95B-2CE983049B41}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\call of juarez - bound in blood\cojbibgame_x86.exe |
"{6141FB54-B541-44D6-8AF7-91BC45D03C5B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{619EEF05-8CC6-4D02-B2FA-43607BE03185}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{63DB486C-564B-4DFE-8535-7CF04CD9E6CC}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\portal\hl2.exe |
"{6505EE4A-1CD3-4C5A-A328-C6F9F6BAD4B6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{654C673F-4416-4171-B3D3-D3708BE272F1}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\overlord\config.exe |
"{6698F9C4-6676-4822-9D4F-E002407B0B0B}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{6872EC1B-7C7F-44A7-B583-23154CA99C29}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\vampire the masquerade - bloodlines\vampire.exe |
"{6A44457E-7636-4624-8D44-10E1309AD77D}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\batman arkham city goty\binaries\win32\batmanac.exe |
"{6B283746-C370-4E4C-9BB6-B7B1023F6916}" = protocol=6 | dir=in | app=m:\program files\halo2\halo2.exe |
"{6BA995AE-9E60-4F03-926D-3F7ECF40B20C}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\chronicles of riddick - assault on dark athena\system\win32_x86\darkathena.exe |
"{6C14FC9C-7C66-4EDC-9B35-6A2F9F74A150}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{6DFE9FA6-E752-436E-A946-C06AD3DBA6EF}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{75DBF367-7D9D-412C-B1CF-9E6D0EBFD5C4}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\half-life 2\hl2.exe |
"{7AA61AFF-93EF-49BB-8603-1A7D29BFE311}" = protocol=17 | dir=in | app=m:\program files\halo2\halo2.exe |
"{7B476E49-A176-4446-944C-7DBBF06EBB79}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\half-life 2\hl2.exe |
"{8003D0A4-D408-4C18-B51D-E9356AE00667}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe |
"{87EFCF4F-6C44-42B2-A7CA-0F6A3FCBB158}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{89C08E77-5519-4740-954A-298A61DF06F6}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\batman arkham city goty\binaries\win32\batmanac.exe |
"{8BA2B2CA-629D-467B-B207-8C7915A5CCCC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{92622832-BF73-4732-B0A2-459FB1D07FD9}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\hardreset\hardreset.exe |
"{963B6E0E-42C6-4050-83C1-68506398868B}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\call of duty black ops\blackops.exe |
"{9831B3D1-900D-43F5-828A-38878936D561}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe |
"{987FAC32-ED11-477E-A745-1DD23AD6D34E}" = protocol=6 | dir=in | app=d:\program files\utorrent\utorrent.exe |
"{A11192C9-C49E-466F-9BF8-2271EDABB47B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A5FEF8A5-8378-40CD-A7E6-1BE68F90440C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{A6E1F7EF-59B9-4DD5-8D6D-7A1F9894421F}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{A7050AC4-2981-41CC-AD96-F333DE01CA58}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A7289449-0C0A-4262-B2A3-CCF4D1CBE96E}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\batman arkham city goty\binaries\win32\batmanac.exe |
"{A79E8235-CA83-4B3E-B48F-15C4694913BF}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\metro 2033\metro2033.exe |
"{A962008C-070E-458B-9409-465A397D8F00}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AB7BC494-ED08-4B05-83A6-E973F3F2CAEE}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\half-life 2\hl2.exe |
"{AE4D4A3D-2A23-41D1-8450-6E253A6247D0}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe |
"{AE56D888-ED8A-437F-A5EB-B5BC8CAA00F8}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\the witcher enhanced edition\system\djinni!.exe |
"{AFE9F102-339F-4975-8693-C40ED1E80527}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{B10CE9F5-2488-4838-BEF1-1E745BFCA6BC}" = dir=in | app=c:\program files\htc\htc sync manager\htcsyncmanager.exe |
"{B981E0BC-BBFE-4124-9E5B-DE7F54C260A7}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\half-life 2\hl2.exe |
"{BBF1AF9A-7387-4076-B996-2F65868B470E}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\portal\hl2.exe |
"{BC51295B-2422-473E-9394-0534DE8CF48C}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\batman arkham asylum goty\binaries\bmlauncher.exe |
"{BC5B7848-6BF4-4D43-BDF8-BCC54C0EB273}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\brutallegend\brutallegend.exe |
"{C655A7D5-89CC-4AB9-AC3A-EBC58B802561}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C8B53061-A780-4225-954B-05EFD9E7BC5F}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\call of duty\coduosp.exe |
"{CA96D3F6-9F8D-44A4-92B0-1A3A2A5D24C3}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\call of duty\coduomp.exe |
"{CD477976-C6C7-49B9-ADCC-746750ECA57E}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\half-life 2\hl2.exe |
"{CDE3C831-525B-4E0D-8FDB-4D286D4925B1}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CE45922C-6910-4B07-9140-B2FBCF13195E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{CEE3F561-05BE-4113-B198-B2CDAAF21A96}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\call of juarez - bound in blood\cojbibgame_x86.exe |
"{CF545A1C-13CD-467B-A420-ACBCACBD54BB}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\thief deadly shadows\system\runme.exe |
"{D09046D9-ACD1-468F-9B2F-0C1502AACF72}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{D2BFA5C4-4DC4-401A-98AB-5CBE6623F51E}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe |
"{D4704E1A-7E21-4198-B529-A4062C4F6982}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\hardreset\hardreset.exe |
"{D5A03A3C-3FAD-4BCD-A5EF-E4AD04EAA8D4}" = protocol=17 | dir=in | app=c:\users\g\appdata\roaming\dropbox\bin\dropbox.exe |
"{D83AF52E-D38B-4BC0-AFFD-7CEE6C10A3C9}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{DA434EE6-6A13-42F3-BA3D-0020F2A08B9A}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\darksiders\darksiderspc.exe |
"{DAFD0127-7B43-4FDD-B81A-50B5C602BF66}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DFC9CF3A-B37C-4590-A899-3E4D565E7E7D}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\batman arkham city goty\runlauncher.bat |
"{DFE34F78-221D-4FC0-A885-774B0D46F988}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\the witcher enhanced edition\system\djinni!.exe |
"{E275953B-6388-421F-BEAC-96A2B239C24F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{E5F50AFA-876E-4179-B6F4-9B67C9652FA9}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{E7BCFD2D-86FF-4491-B05C-D4660196AEB4}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\batman arkham city goty\runlauncher.bat |
"{EBEA1FEA-C562-4F6C-8D90-E02AB8B2A162}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{EDC6D01D-CB14-4CAB-8B0A-EBA263A1BBDB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{EE2B214C-D244-42E4-ACDD-D4CB1478EC5C}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\metro 2033\metro2033.exe |
"{EE845863-240E-4F29-AFC6-4BD9D3149B67}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\call of duty\coduosp.exe |
"{EEB1EE96-C211-4DDC-87BE-1BC4E9564191}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\jade empire\jadeempirelauncher.exe |
"{F05827FC-2953-43E6-940A-273DCAAA8285}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\vampire the masquerade - bloodlines\vampire.exe |
"{F133F15F-7C91-4E14-AB4F-76FA562B7F7D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F1ACA9C4-B277-487C-87DF-56749D6EED09}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\darksiders\darksiderspc.exe |
"{F9CFC6D0-6394-4828-BEA2-F543B6777B8B}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\amd driver updater, xp, 32 bit\setup.exe |
"{FBA0156B-9607-4E87-A5EC-BB5A64D36BFB}" = protocol=17 | dir=in | app=m:\program files\steam\steamapps\common\jade empire\jadeempireconfig.exe |
"{FCE6A23B-968D-4192-957D-DB28F011432D}" = protocol=6 | dir=in | app=m:\program files\steam\steamapps\common\batman arkham asylum goty\binaries\bmlauncher.exe |
"TCP Query User{67809831-174B-4925-A5B7-BDBC32DA12D1}C:\users\g\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\g\appdata\local\akamai\netsession_win.exe |
"TCP Query User{8C4E4BBF-E7E9-43CE-BAB0-A7043265EDD0}C:\program files\participatory culture foundation\miro\miro_downloader.exe" = protocol=6 | dir=in | app=c:\program files\participatory culture foundation\miro\miro_downloader.exe |
"TCP Query User{C1082092-2BFB-491A-832D-95DDCCC239FC}C:\users\g\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\g\appdata\local\akamai\netsession_win.exe |
"UDP Query User{09B5F203-FE58-4BB5-8BC5-E1CFF85C8FDC}C:\program files\participatory culture foundation\miro\miro_downloader.exe" = protocol=17 | dir=in | app=c:\program files\participatory culture foundation\miro\miro_downloader.exe |
"UDP Query User{5FC46300-7405-4962-88DE-94EEB9F2206C}C:\users\g\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\g\appdata\local\akamai\netsession_win.exe |
"UDP Query User{CF09D405-9154-4CA8-A110-03AFCB4A28D0}C:\users\g\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\g\appdata\local\akamai\netsession_win.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01496C89-6117-AD97-3CB3-98AF2026070C}" = CCC Help German
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0486991B-63F4-5106-06CE-404D7BA55041}" = CCC Help Italian
"{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}" = Apple Mobile Device Support
"{08208143-777D-4A06-BB54-71BF0AD1BB70}" = IPTInstaller
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0CA38F52-F0FA-4B9F-8A36-EC8A9609FBBC}" = Halo 2 for Windows Vista
"{177A3BC5-ECD3-BFF1-4D87-C4B417924DF2}" = CCC Help Russian
"{19D368B2-5601-007B-A296-535706E00D97}" = CCC Help English
"{20C6FF70-690B-4DF7-8F5D-269DD3A7FD23}" = iCloud
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver
"{269C93DC-3A29-450F-A3F2-7BF96C6A7E93}" = CDBurnerXP
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45
"{278FA289-F502-D888-A3BA-5FA10308AAAD}" = CCC Help Danish
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{33FFD86B-569C-9E8D-6659-A1F84D07CAD0}" = AMD Catalyst Install Manager
"{368E4EF8-E840-40EE-A224-50B8D1DC2B12}" = HTC Sync Manager
"{44F77218-4BBD-1B74-88B7-FC302868F2B3}" = CCC Help Japanese
"{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}" = NVIDIA PhysX
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{489BC3B4-AEF9-E14A-11BC-B70FDE9D543D}" = CCC Help Chinese Traditional
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A85AE1B-9727-261D-9EAF-07C1AECCF977}" = CCC Help Turkish
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CEEE5D0-F905-4688-B9F9-ECC710507796}" = HTC Driver Installer
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{502699FF-F586-54B1-91E8-E85D9FAE0D6D}" = CCC Help Greek
"{5179641A-DC14-3A2E-BD53-480D4136C368}" = Google Talk Plugin
"{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10
"{53EF1C4D-0705-98F2-1889-A69BBF9F03F3}" = CCC Help Thai
"{548A4EF3-BD97-0813-B469-E1E2FC9DE487}" = CCC Help Korean
"{55533224-CAD0-39B5-6297-E1B2D1D8F176}" = Catalyst Control Center
"{590828E0-9BA6-3E4D-8491-A1D9CC3EB8CE}" = CCC Help French
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63F9D765-E8DE-D921-1C6A-DF17C1DFDDA1}" = ccc-utility
"{6563FAF5-84F9-0A35-C032-182EBC4C3BDB}" = CCC Help Finnish
"{698BBAD8-B116-495D-B879-0F07A533E57F}" = Samsung Story Album Viewer
"{6D46F639-5F2F-90F3-4B60-EB2EF264B82E}" = CCC Help Spanish
"{70210CF8-CAB1-8FEB-D964-C33AFE18730B}" = CCC Help Czech
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71B53BA8-4BE3-49AF-BC3E-07F392006300}" = USB PnP Sound Device
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B1AEC85-4507-28BD-F3BA-4A5D732752E7}" = CCC Help Hungarian
"{8C5ACED4-34D3-23BB-F90E-2F90420321BC}" = Catalyst Control Center Localization All
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{96A0DEB6-093D-B872-955C-BE865574C448}" = AMD Media Foundation Decoders
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AD6518A-539D-8E0D-2C72-E51A62978096}" = AMD Drag and Drop Transcoding
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A3DAD349-E48E-AE45-3F26-7B80A4FFCD26}" = Catalyst Control Center InstallProxy
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.9)
"{B0B1A8A5-4711-BB6C-DD59-9794AD928368}" = CCC Help Dutch
"{B33D2348-2938-1A03-0CD3-E6F7101244E0}" = CCC Help Polish
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7C8D838-9C3A-1177-B80A-E3C512FD8AF5}" = CCC Help Swedish
"{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}" = DarksidersInstaller
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C197BC08-3D82-4651-8886-E68C21578A38}" = iTunes
"{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}" = Kaspersky PURE 3.0
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DDCB737A-EEC8-3815-42DA-69011A55E3E5}" = Catalyst Control Center Graphics Previews Common
"{E170E984-6B20-79C2-1E9F-0256EC5ADFB4}" = CCC Help Chinese Standard
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E866E52C-1F56-4CCF-0071-CA915F8CFEDA}" = CCC Help Norwegian
"{E9812BB4-0DDA-44F7-A069-1D5C127D837D}" = Charles 3.6.5
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F5D245CC-C332-1E8E-CCB1-75E0C3C4D6F1}" = CCC Help Portuguese
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.61.5
"DVD Flick_is1" = DVD Flick 1.3.0.7
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FileZilla Client" = FileZilla Client 3.7.3
"Free Download Manager_is1" = Free Download Manager 3.9.2
"Freelancer_R.G. Mechanics_is1" = Freelancer
"Halo 2" = Halo 2 for Windows Vista
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}" = Samsung Story Album Viewer
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallWIX_{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}" = Kaspersky PURE 3.0
"Juniper Network Connect 7.1.7" = Juniper Networks Network Connect 7.1.7
"Juniper_Setup_Client Activex Control" = Juniper Networks, Inc. Setup Client Activex Control
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Miro" = Miro
"Miro Video Converter" = Miro Video Converter
"Mozilla Firefox 24.0 (x86 en-US)" = Mozilla Firefox 24.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"Origin" = Origin
"SequoiaView" = SequoiaView
"SpeedFan" = SpeedFan (remove only)
"Steam App 13230" = Unreal Tournament 2004
"Steam App 200260" = Batman: Arkham City GOTY
"Steam App 205100" = Dishonored
"Steam App 225260" = Brütal Legend
"Steam App 227320" = You Need A Budget 4 (YNAB)
"Steam App 43110" = Metro 2033
"Steam App 50620" = Darksiders
"Steam App 50650" = Darksiders II
"Steam App 7110" = Jade Empire: Special Edition
"Steam App 72850" = The Elder Scrolls V: Skyrim
"TeamViewer 7" = TeamViewer 7
"TechPowerUp GPU-Z" = TechPowerUp GPU-Z
"TeraCopy_is1" = TeraCopy 2.27
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.1.2
"WinRAR archiver" = WinRAR 4.00 beta 3 (32-bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2093712954-3236656608-2348121820-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"ActiveTouchMeetingClient" = Cisco WebEx Meetings
"Akamai" = Akamai NetSession Interface
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 12/26/2013 4:33:33 PM | Computer Name = g-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\HTC\HTC
Sync Manager\NOutlookAccessX64.exe". Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 12/29/2013 2:25:24 AM | Computer Name = g-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\HTC\HTC
Sync Manager\NOutlookAccessX64.exe". Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 12/30/2013 4:26:39 PM | Computer Name = g-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\HTC\HTC
Sync Manager\NOutlookAccessX64.exe". Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 1/1/2014 11:13:02 AM | Computer Name = g-PC | Source = Application Error | ID = 1000
Description = Faulting application name: vlc.exe, version: 2.1.2.0, time stamp:
0x52a50c49 Faulting module name: vlc.exe, version: 2.1.2.0, time stamp: 0x52a50c49
Exception
code: 0xc0000005 Fault offset: 0x000018ad Faulting process id: 0x147c Faulting application
start time: 0x01cf06fa276b5d23 Faulting application path: D:\Program Files\VideoLAN\VLC\vlc.exe
Faulting
module path: D:\Program Files\VideoLAN\VLC\vlc.exe Report Id: 34cb7188-72f7-11e3-8199-3085a9b32bdc
Error - 1/8/2014 9:22:05 AM | Computer Name = g-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\HTC\HTC
Sync Manager\NOutlookAccessX64.exe". Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 1/11/2014 5:59:27 AM | Computer Name = g-PC | Source = Application Hang | ID = 1002
Description = The program TESV.exe version 1.9.32.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 1020 Start Time:
01cf0eaf7770b3eb Termination Time: 56 Application Path: M:\Program Files\Steam\steamapps\common\Skyrim\TESV.exe
Report
Id:
Error - 1/11/2014 3:31:12 PM | Computer Name = g-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\HTC\HTC
Sync Manager\NOutlookAccessX64.exe". Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 1/12/2014 3:53:40 PM | Computer Name = g-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\HTC\HTC
Sync Manager\NOutlookAccessX64.exe". Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 1/18/2014 7:05:48 AM | Computer Name = g-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 1/18/2014 6:37:32 PM | Computer Name = g-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\HTC\HTC
Sync Manager\NOutlookAccessX64.exe". Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"
could not be found. Please use sxstrace.exe for detailed diagnosis.
[ OSession Events ]
Error - 8/7/2013 1:07:56 PM | Computer Name = g-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 10911
seconds with 7500 seconds of active time. This session ended with a crash.
Error - 8/7/2013 2:25:40 PM | Computer Name = g-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4650
seconds with 3720 seconds of active time. This session ended with a crash.
Error - 8/7/2013 2:30:10 PM | Computer Name = g-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 260
seconds with 180 seconds of active time. This session ended with a crash.
Error - 8/7/2013 2:35:51 PM | Computer Name = g-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 314
seconds with 300 seconds of active time. This session ended with a crash.
Error - 8/7/2013 3:27:31 PM | Computer Name = g-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3090
seconds with 2460 seconds of active time. This session ended with a crash.
Error - 8/7/2013 3:31:04 PM | Computer Name = g-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 200
seconds with 180 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 1/16/2014 11:09:25 AM | Computer Name = g-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 8:32:45 PM on ?1/?16/?2014 was unexpected.
Error - 1/16/2014 12:51:14 PM | Computer Name = g-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:20:31 PM on ?1/?16/?2014 was unexpected.
Error - 1/17/2014 11:51:28 AM | Computer Name = g-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
Error - 1/17/2014 11:07:51 PM | Computer Name = g-PC | Source = Microsoft-Windows-Directory-Services-SAM | ID = 12291
Description = SAM failed to start the TCP/IP or SPX/IPX listening thread
Error - 1/18/2014 5:41:00 AM | Computer Name = g-PC | Source = DCOM | ID = 10010
Description =
Error - 1/18/2014 6:47:29 AM | Computer Name = g-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 4:02:14 PM on ?1/?18/?2014 was unexpected.
Error - 1/18/2014 6:54:47 AM | Computer Name = g-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
Error - 1/18/2014 7:07:52 AM | Computer Name = g-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Update for Microsoft .NET Framework 4 on XP, Server 2003,
Vista, Windows 7, Server 2008 x86 (KB2600217).
Error - 1/18/2014 7:18:44 AM | Computer Name = g-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
Error - 1/18/2014 10:07:36 AM | Computer Name = g-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
< End of report >