Windows 8 - Virus found Script/Exploit.Kit - found by AVG Anit-virus

Hi Phel,

Thank you very much for the quick response. My logs are as follows:

Thanks,

rocket-ron.

**********************************************************************
*********** Extra.txt ************************************************
**********************************************************************

OTL Extras logfile created on: 21/01/2013 07:52:09 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kiran\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16453)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

31.95 Gb Total Physical Memory | 28.90 Gb Available Physical Memory | 90.47% Memory free
39.45 Gb Paging File | 35.22 Gb Available in Paging File | 89.29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 223.23 Gb Total Space | 111.95 Gb Free Space | 50.15% Space Free | Partition Type: NTFS
Drive D: | 2794.39 Gb Total Space | 2663.03 Gb Free Space | 95.30% Space Free | Partition Type: NTFS

Computer Name: RON-HAL | User Name: Kiran | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00D6057C-EE37-423E-97F3-45BC9BBA7EF0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1BC6FBD0-2EFA-4D18-A6CC-2F69FFEEDD6C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{28BD0407-EB8D-4A3C-8F9D-B8BF73146D57}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{355A1147-CAA9-4307-89A6-35D02791A64A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{3A4B2499-0D83-4008-BD62-265487BB5223}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{49088D94-6F6A-4581-85CD-A41A477BD3A7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{493E1EA5-1DB5-482A-8A36-6FBBE3E17968}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5B4B66EA-EF30-4092-9502-FC0BDD3D9A52}" = lport=138 | protocol=17 | dir=in | app=system |
"{6996921B-F70B-4AFC-8B55-1D4685929D6E}" = lport=137 | protocol=17 | dir=in | app=system |
"{747F6FAB-4FB8-481B-A463-50A4FBFF607C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7BEA49EE-3E99-469F-A3CC-9962ECC0DFC6}" = rport=445 | protocol=6 | dir=out | app=system |
"{7FF80783-FCC5-45EF-AF52-F17D7F709C25}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8017AD01-4666-4139-A331-FBED39D327DE}" = rport=139 | protocol=6 | dir=out | app=system |
"{8246995D-727C-4E7D-A088-BD5F882CF1DD}" = rport=138 | protocol=17 | dir=out | app=system |
"{8703188E-8D37-4209-8BC4-349D94CC4B7D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8BCD7C6D-3FCB-4029-920C-19B5C67DE286}" = lport=3702 | protocol=17 | dir=in | app=c:\program files (x86)\common7\ide\vswinexpress.exe |
"{94450DE4-C27F-4655-BDE6-E0245AC8DA4B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AF5B8F38-4A2A-4288-83DE-3FDEEA9577F1}" = lport=139 | protocol=6 | dir=in | app=system |
"{B914D298-ABC2-41C9-B831-2109461D08D7}" = lport=445 | protocol=6 | dir=in | app=system |
"{E00379BE-FF79-4D04-896E-70152DBDECB3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EB827A4F-08D4-41F6-A633-AB4712FCC3FD}" = rport=137 | protocol=17 | dir=out | app=system |
"{EFEF4733-8AE4-4D24-B0D4-ECB78C426EF2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F5AFA164-6AD9-4BBA-ABA0-8CE888368D2A}" = rport=10243 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{054C4742-109B-49E6-91C6-C92415DE8B09}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{055A3042-D5B5-467E-8D38-DBBD118EF944}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{0761BB0E-4AF2-4727-A90E-457764F37255}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{0C770A79-A48C-443B-8779-132A00B6F898}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{0D8693A3-78CC-4671-96F4-16967E037A5F}" = dir=out | name=windows_ie_ac_001 |
"{0FE7177C-2D4D-4926-82A4-B6502BCE5EDB}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{10D2B1BA-B59C-4301-AD0E-BCF8800A3795}" = dir=in | app=c:\program files (x86)\vmware\vmware workstation\vmware-hostd.exe |
"{10EFE2BF-5715-4826-877C-88EF701387BC}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{1544C97E-E489-43BD-8C02-827401192C64}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{1583D813-133D-4086-9B1B-39D95F252A06}" = dir=in | app=c:\program files (x86)\vmware\vmware workstation\vmware-hostd.exe |
"{18885E66-963A-4639-8E47-669CD2A9309F}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{18F2196C-FE8E-427D-A247-CDA2F4DDDA78}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{1AE5EC42-F5CA-4313-BDC2-04F09D10E0F4}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{1F9A02F5-76BB-4EBF-B050-2698DF247C6F}" = protocol=1 | dir=in | [email protected],-28543 |
"{240C61B5-E017-4B0F-B926-771B0D53DBBB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{248CE827-7204-4D20-B6A8-C08A82BCAA2B}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{26F05049-AFF0-422C-A2AD-39D72C35EADA}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2C28ACF0-29A7-4E31-8831-7E575E0DC230}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{2E6F2F7A-D97B-407D-B33C-7B7406B73F71}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{30227C08-B3BE-49D3-B437-B136447EAAE5}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\3ds max 9\3dsmax.exe |
"{31ECB478-CDDC-4751-8298-61A2A9B3643F}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |
"{339A3FDA-7C3F-4C73-9EA0-E22E3AEAA7F1}" = dir=in | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe |
"{349D66CF-8B5D-4112-A410-21EFC77D6BAD}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |
"{3597B0CA-65F0-4651-9901-B531C3364A53}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{39E3ED49-4AC6-44D7-9251-C7A8C31EA118}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{3B26D603-0F99-4FA2-83E0-51C08E652FF8}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{3C0C8E01-385B-40A3-A105-2153ED82BC18}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |
"{3C4A1CB7-7F17-4918-A936-92766A18F7E5}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{3C613CCF-2017-4386-A2A9-39448CCF7019}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{3DA208D7-1967-49EB-9FC8-FBAA4DE2D690}" = dir=out | name=windows_ie_ac_001 |
"{40629DE6-8CA6-4A69-B6B9-AAF9E6B7AA2A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{44DE6FE8-91B0-434F-84B1-43C994073F21}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{466877C3-6D02-4E20-94EA-C750F273511A}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |
"{4668E2C1-2ECB-4D24-8DB5-97A85CB4475E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{46FE982D-5FA5-412D-8666-6ABB67D1D112}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{4812E559-17F1-4B65-9831-D3D56CC8558D}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{4E73D75A-D313-4A84-B365-945CA5EE3E33}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{4E8F82D8-6806-4E97-A84F-BA3B4613776E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4EA388C5-982C-4DF6-8CA7-B01582BBEEB8}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{4FEA892B-DC41-4E9D-AA2B-57BAB6DB355A}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{513CDE40-6148-4BDE-9002-34B4CA4EFAC8}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |
"{52B37B22-03FA-4CD5-B506-2AC43532C6A4}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{54B1A2A3-3014-46A8-889D-1C0F7578BE9E}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{570252E9-21EF-4C42-A151-6466D98B7C69}" = dir=out | name=@{microsoft.skypeapp_1.3.0.112_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{5A663881-8341-4997-808E-B8914B498986}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |
"{5AC01B4B-0E2D-4372-935A-04FE36B67015}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{60D72F9C-69ED-468C-8579-1CDA24F60313}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{62501893-665B-4D5F-B163-A9D2AB96D5CF}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{628339B9-41A5-4F3C-B09E-9FD2FDB3713B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{66BC5F14-CC3B-4A7B-804B-2C823C9732CC}" = protocol=6 | dir=out | app=system |
"{69E19DC4-E240-4C24-ADB3-6A8C07F48BE6}" = protocol=6 | dir=in | app=c:\users\kiran\appdata\roaming\dropbox\bin\dropbox.exe |
"{6AD1AAB3-ABD4-4A5A-AF39-DBEF45EB2049}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{6B84C707-79A9-43C0-83D5-7860BB22CDC2}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6DAB4CF4-17E0-4B00-B5B3-091E4ED46671}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{6DBFC1D5-392D-4C10-9B0D-5B8B77EAF931}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{6DC0C623-FAAF-4B1A-B5BD-BA804D540FE7}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{70EA5771-2C01-4E12-B7C1-8942B819D0A7}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{715B5D6D-CE43-4F9C-A785-2BE55607B72D}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{78C2A763-48DB-492A-90A0-3A0E73F14F82}" = protocol=17 | dir=in | app=c:\users\kiran\appdata\roaming\dropbox\bin\dropbox.exe |
"{78EDD002-E7B9-4267-AD93-5194C81BC146}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{792AA897-DAD6-4FD5-B1AA-95A944ACF2DF}" = dir=in | app=c:\program files (x86)\vmware\vmware workstation\vmware-authd.exe |
"{7B0EDD73-5E78-4C6E-9BA0-D6AC30F3A358}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{7E39DF1F-A2FC-4918-89BD-E3FCDD2790BD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{801ADE97-4B83-4F22-9E1E-C9CD37BF5CFE}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{813C9F2E-8DE6-464B-9E69-7A5FCD390B77}" = protocol=6 | dir=out | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe |
"{82A6ED5C-8FF8-4A82-83DF-7225B58D2E1F}" = protocol=58 | dir=out | [email protected],-28546 |
"{8A23EB08-1BE9-435E-91E3-ABCA268AD5F2}" = dir=in | app=c:\users\kiran\appdata\local\microsoft\skydrive\skydrive.exe |
"{8BD5E0F7-4C93-4F59-9521-A0713E2EEAA3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8F798CCF-F9D4-4BA4-BD42-D64F41901CE0}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{90EED483-6891-407E-9EA9-9636DF8CED01}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{978942C6-F250-4587-B5E2-C5FD0FD4CBB2}" = dir=out | name=canon inkjet print utility |
"{99F8644D-305B-4777-BFDA-85D1E3412D27}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{9EA0B5D0-5577-4897-B51D-D40F8CA1CF2A}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{9F803B59-B027-4352-96CC-AB861BFD3A33}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{9FDA4FF4-DCCA-4546-8E6F-D87370B393FA}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{A0AAE5A2-0B5F-4892-956C-FAFFF1344476}" = dir=in | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe |
"{A11CC844-C703-4D46-9C9D-B06D2FF5D1D9}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{A6F8FEAC-7E65-40E7-8592-67E04B402BD2}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{AD09A551-AEA6-4D65-90CB-251335DE106A}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{AD453902-7999-4C12-B06E-304BF3103EC3}" = protocol=6 | dir=out | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe |
"{AF56FFE0-2F68-4E74-B785-E2B7E6A0DED1}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{B0B18D6B-74E8-4B61-A31A-2E4A9C6EF8B4}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{B3F4E382-7E67-4C8D-8F61-FC487B6CADF3}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{B44E244E-52B4-41D8-BCAE-9287AD142A26}" = dir=in | name=@{microsoft.skypeapp_1.3.0.112_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{BA98E33F-6252-4AC3-AC79-E3D13924AECA}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{BC71F759-0ECD-432A-BD55-94593B77E788}" = protocol=1 | dir=out | [email protected],-28544 |
"{C232488B-3DFF-488F-9282-77C705ED2865}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C2C17716-80D8-4E75-971C-C62091958165}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C3D3CF39-C860-4336-A3F7-DA6682C555B5}" = dir=in | app=c:\program files (x86)\vmware\vmware workstation\vmware-authd.exe |
"{C3E95F69-1E71-421A-A9C3-B89CCF532EDF}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{C47BCBBC-8B3C-4EAE-91A9-4417E8B73E2E}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{C76F5286-C75A-4FFB-9921-91F860127EC0}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{C8A2BE99-2D9A-4AC7-B39D-D50E274CA55C}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{C9973FCA-E786-4F79-950B-CB4C82D85576}" = protocol=17 | dir=in | app=c:\users\kiran\appdata\roaming\dropbox\bin\dropbox.exe |
"{CA3FC67C-8EA5-4DEB-B40D-6F90D5BF84F5}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{CE179C22-11E9-4304-BD2F-9C28D1FBBDE3}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{D00974ED-168B-4A6F-90ED-1E4690FB1C2E}" = protocol=58 | dir=in | [email protected],-28545 |
"{D148FC23-8C6F-4A63-A0EB-BF1C830D366B}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{D1A0E960-1ACD-48F2-8AD5-56D0D1F0A23B}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{D679CD97-AD14-47ED-B86E-5C860CC74872}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{D6E23C50-30D1-467E-9CB8-DBA86F116B5A}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{D876ED16-FF40-4007-86D1-BBF1B6740FDC}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{D8CDADAA-34D0-4A20-BB10-DEF2075AF445}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DF746A8E-B58F-4DD4-987D-F0DD9AC6E002}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{E053EB14-0A5D-415D-B50F-2459E3770FD1}" = protocol=6 | dir=in | app=c:\users\kiran\appdata\roaming\dropbox\bin\dropbox.exe |
"{E5E27F14-5B96-4CF3-A6F9-0A51164508AC}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{E6AE49E8-CD02-4DEF-9D8C-6B952A145ACE}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E843F5DD-D083-4828-94F3-509AA4404D70}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{E9C34DA1-7242-483C-B08D-768DAAB650C7}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{EA317B01-3791-4B2C-BB28-C7ED2615244C}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{EAAB7C04-4F4C-4F0C-A09B-0F6B89A59F49}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{EBC3F75A-0396-4514-816D-BC07963F5185}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EDB65ADA-81FE-4033-9AD1-7A136FC6E9B1}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{F5392A16-262B-43C3-8B97-DF42968C849E}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{FF178568-C3C3-411A-8816-73B978B8B735}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{FF189E48-0044-4B23-B34B-735BD929117A}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\3ds max 9\3dsmax.exe |
"TCP Query User{FB9EC5F0-85B7-47E9-B4BA-9E49E1AFC5C7}C:\users\kiran\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\kiran\appdata\roaming\spotify\spotify.exe |
"UDP Query User{E22D4C74-9688-43DE-AD77-5FEBA8D42D77}C:\users\kiran\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\kiran\appdata\roaming\spotify\spotify.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033DFDB6-AAFA-4AF0-B5CA-93276FA910EF}" = SQL Server 2012 Distributed Replay
"{0D94F75A-0EA6-4951-B3AF-B145FA9E05C6}" = VMware Workstation
"{0E8670B8-3965-4930-ADA6-570348B67153}" = Microsoft SQL Server 2012 Transact-SQL ScriptDom
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series" = Canon MG5200 series MP Drivers
"{18B2A97C-92C3-4AC7-BE72-F823E0BC895B}" = SQL Server 2012 Database Engine Services
"{1ABA92B0-CD1F-478B-A351-415F79B2A9E6}" = SQL Server 2012 Data quality service
"{1D411379-9CE0-4B13-A19B-72D3222DD620}" = SQL Server 2012 Common Files
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{202AAF1F-69AA-442A-B59F-6B54B1AD07C6}" = SQL Server 2012 Common Files
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{22BCA430-2A68-4678-9824-184F3839948F}" = SQL Server 2012 Integration Services
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26BFF1F1-5C03-4C55-9C7C-FD65889AFA70}" = SQL Server 2012 Management Studio
"{27EF252D-800C-ED42-9904-459FE0046225}" = Windows Software Development Kit for Windows Store Apps DirectX x64 Remote
"{2B997E80-3BEC-3222-9114-98DBE1182B2E}" = Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727
"{30B7A7A6-D519-3332-BEB3-D105EFC7389A}" = Microsoft Visual Studio 2012 Express Prerequisites x64 - ENU
"{34A7A77A-A23D-44ED-B3B6-EC8198BE2622}" = SQL Server 2012 Full text search
"{3652FFB5-6F97-4113-9420-1A09A13FDDC8}" = SQL Server 2012 Distributed Replay
"{36BF5D42-BF68-4E0C-A165-A4C6E9841F4A}" = SQL Server 2012 Integration Services
"{38661DD1-576D-48CA-A188-F97819D5B5FB}" = SQL Server 2012 Data quality service
"{3C50A8F3-6BB8-44E8-9B8B-D3696561DF2E}" = SQL Server 2012 Data quality client
"{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}" = Microsoft VSS Writer for SQL Server 2012
"{3FA063D7-EDC1-AFA8-54AF-0563C7DEE070}" = Windows App Certification Kit Native Components
"{499AC996-7E71-47FD-B302-E81A604E3A2F}" = Microsoft SQL Server 2012 RS Add-in for SharePoint
"{49D665A2-4C2A-476E-9AB8-FCC425F526FC}" = Microsoft SQL Server 2012 Native Client
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{50150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{502275B0-3DA3-44D8-8702-066525CAAE98}" = AVG 2013
"{54FF8FAB-DE27-4187-82F1-EBAE6AEE869A}" = SQL Server 2012 Database Engine Shared
"{656E214E-B73F-458C-AD64-ED316F008207}" = SQL Server 2012 BI Development Studio
"{6603C2CE-3C54-4F1D-92F9-8390CD4CCCA8}" = SQL Server 2012 Database Engine Shared
"{662014D2-0450-37ED-ABAE-157C88127BEB}" = Visual Studio 2010 Prerequisites - English
"{68A48EF1-DF03-394F-AF40-1E4FE42BB8DD}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU
"{6B3840D6-4B8F-4E74-9202-9CE36DA94E99}" = SQL Server 2012 Client Tools
"{6F07A6C2-9068-3673-A120-DC10012468C6}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model
"{7272DF1C-2F88-43AC-A481-84DD67DF9746}" = SQL Server 2012 Documentation Components
"{74E7AE48-2396-4779-9642-B4B015A806EC}" = SQL Server 2012 Distributed Replay
"{7842C220-6E9A-4D5A-AE70-0E138271F883}" = SQL Server 2012 Client Tools
"{78909610-D229-459C-A936-25D92283D3FD}" = Microsoft SQL Server Compact 4.0 SP1 x64 ENU
"{80162C08-0FA6-4656-9685-AD88C6527F0B}" = SQL Server 2012 Data quality client
"{84FBCA4A-D650-4B0D-8094-EC0671FA9B91}" = SQL Server 2012 Database Engine Services
"{91C4DE4A-CE48-4F8B-9D73-D2BFB619FB88}" = SQL Server 2012 RS_SharePoint_SharedService
"{9674CB74-4808-4B59-B79D-9AB501F23279}" = SQL Server 2012 Analysis Services
"{A007BD05-ECFD-4F64-89F6-7E95F91F0DFB}" = Microsoft SQL Server 2012 Data-Tier App Framework
"{A0F05048-7653-4FCD-9F3A-C740E4052ACE}" = Microsoft SQL Server 2012 RsFx Driver
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{A7037EB2-F953-4B12-B843-195F4D988DA1}" = SQL Server 2012 Management Studio
"{AB4AE7E5-E63E-458E-A9D9-B271EA2ED69B}" = Microsoft SQL Server 2012 Setup (English)
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3192F55-2CE8-4C8E-9E40-D3B4998276B2}" = SQL Server 2012 Documentation Components
"{B40EE88B-400A-4266-A17B-E3DE64E94431}" = Microsoft SQL Server 2008 Setup Support Files
"{B7274680-CDD7-49FA-8086-964328E195E0}" = SQL Server 2012 Master Data Services
"{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}" = Microsoft SQL Server 2012 Transact-SQL Compiler Service
"{BED1EA3D-592D-4305-9D1F-20F03726EFC1}" = Sql Server Customer Experience Improvement Program
"{BFAB7835-55A2-41CD-AE66-F673BCA4E49F}" = AVG 2013
"{CC8B009A-98C9-497F-99AF-CEBE35D8C0CF}" = Microsoft SQL Server 2012 T-SQL Language Service
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CECA0188-BD7A-43EF-B1F7-DDF719099C46}" = SQL Server 2012 Documentation Components
"{D05595D6-8288-4DF8-A911-FD8D76268815}" = SQL Server 2012 Distributed Replay
"{D307B5CF-D1F0-48A4-8DA3-54765F535208}" = SQL Server 2012 SQL Data Quality Common
"{DCCB1789-1DA0-4E3A-A52F-7815B602CC98}" = SQL Server 2012 Reporting Services
"{E5748D30-7E6D-3A8E-BFE6-C1D02C6DDABB}" = Microsoft Help Viewer 1.1
"{EE1B54D1-BFBC-4C19-8D66-E0AF3E967896}" = SQL Server 2012 BI Development Studio
"{F14401A9-F0A0-33CC-8444-F60823A60DEB}" = Microsoft Visual Studio Tools for Applications x64 Runtime 3.0
"{F1949145-EB64-4DE7-9D81-E6D27937146C}" = Microsoft System CLR Types for SQL Server 2012 (x64)
"{F5A2F6B7-9065-4808-9528-0B944558604A}" = SQL Server 2012 Master Data Services
"{FA0A244E-F3C2-4589-B42A-3D522DE79A42}" = Microsoft SQL Server 2012 Management Objects (x64)
"{FB1349FD-D102-4722-9F0A-2543670FF7FB}" = SQL Server 2012 Analysis Services
"{FCD81E1A-6ED6-4F19-A572-82FFE102654E}" = SQL Server 2012 Reporting Services
"AVG" = AVG 2013
"C-Media Oxygen HD Audio Driver" = ASUS Xonar Xense Audio Driver
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft Office Professional 15 (Technical Preview) - en-us" = Microsoft Office 365 Home Premium Preview - en-us
"Microsoft SQL Server 11" = Microsoft SQL Server 2012 (64-bit)
"Microsoft SQL Server SQLServer2012" = Microsoft SQL Server 2012 (64-bit)
"R for Windows 2.15.2_is1" = R for Windows 2.15.2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}" = tools-freebsd
"{012D26C3-E12A-3BDA-8ECE-DF14E721A507}" = Microsoft Visual Studio 2010 Shell (Integrated) - ENU
"{02213A81-CB13-7262-5ABE-1FFA2C75559F}" = Windows App Certification Kit x64
"{148E08FF-D7C4-46ED-8D4D-601C67FE0AFD}" = Rosetta Stone Version 3
"{191A6F65-6878-398D-A272-EF011B80F371}" = Microsoft Visual Studio Tools for Applications x86 Runtime 3.0
"{1948E039-EC79-4591-951D-9867A8C14C90}" = Microsoft .NET Framework 4.5 SDK
"{197597A7-AD33-4898-9D8E-73066818B464}" = tools-netware
"{1B9BBB23-65CB-3AEE-BFC6-633E7CA299FD}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU
"{1C163D33-33B3-33EB-A617-0D4D852BE8E1}" = Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F8E06E2-BA93-40DC-B183-E024CBD853A8}" = Microsoft Visual C++ 2012 Compilers
"{20150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{2C0CC01A-DDBC-3AED-AF18-E741242FD727}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{38FC6E9A-F719-431A-A83D-4C86D5FD6555}" = Microsoft Visual Studio 2012 Shell (Minimum) Resources
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Backburner
"{4222A6C9-6127-4445-A820-B02ECFD9F407}" = Microsoft NuGet - Visual Studio 2012 Express for Windows 8
"{42F61556-29ED-8122-F39E-6F04EA5FF279}" = Windows Software Development Kit for Windows Store Apps DirectX x86 Remote
"{4B9E6EB0-0EED-4E74-9479-F982C3254F71}" = SQL Server Browser for SQL Server 2012
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{532DBCC8-9468-435C-AEF6-30B7F50735A2}" = Blend for Visual Studio 2012 ENU resources
"{57AC2726-F265-4FAF-B07A-BB6FD9E021D1}" = Microsoft Visual Studio 2012 Preparation
"{57F20F04-014D-453F-B6A3-AE9485C4DFAB}" = Blend for Visual Studio 2012
"{5A03C202-08B4-3F1D-9A60-A4F53EF1B636}" = Microsoft Visual Studio Tools for Applications Design-Time 3.0
"{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}" = Microsoft .NET Framework 4.5 Multi-Targeting Pack
"{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
"{6DAB46E3-D017-3E2B-85D8-F57A230384C0}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer
"{7C8B5E63-821A-4DFB-BDFA-19854D88EC5C}" = 3dsmax ancillary install
"{800F484E-9D69-492D-B656-7BAA32586142}" = Microsoft Visual Studio 2012 Shell (Minimum)
"{820C677A-41B2-48C3-8136-FEE35A052E73}" = Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies
"{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}" = Microsoft SQL Server 2008 R2 Management Objects
"{89B4532E-19CE-4FA9-9692-10BFD5A38532}" = Visual Studio Extensions for Windows Library for JavaScript
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{9169C939-ED01-446A-BD0C-29873BAF4E48}" = Prerequisites for SSDT
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7
"{9CCE40CE-A9E6-4916-8729-B008558EEF3F}" = Microsoft Report Viewer 2012 Runtime
"{A4366F69-CE22-4DB7-9C8C-46A5845AF997}" = Microsoft Visual C++ 2012 Compilers - ENU Resources
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}" = tools-solaris
"{AD1AEE2A-D9C0-3FAC-8D6B-B5E07B47257B}" = Microsoft Visual C++ 2012 Core Libraries
"{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}" = tools-winPre2k
"{B51F97E6-83F3-3B02-8CBB-15F86DFCE1DB}" = Microsoft Visual Studio Express 2012 for Windows 8
"{b6391d7a-479c-494c-a76f-cad96a8a73ac}" = Microsoft Visual Studio Express 2012 for Windows 8 - ENU
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{C1BE4600-7D15-3D1E-8AA2-B3241DB1D063}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core
"{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}" = Microsoft SQL Server System CLR Types
"{C81452EB-CBCF-B8EB-3124-48C5B3D506B0}" = Windows Runtime Intellisense Content - en-us
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
"{D11F66FF-82B3-DDB8-1146-525370552BE1}" = Windows Software Development Kit for Windows Store Apps
"{D64B6984-242F-32BC-B008-752806E5FC44}" = Microsoft Visual Studio 2010 Shell (Isolated) - ENU
"{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}" = Microsoft SQL Server 2012 Management Objects
"{DC487E40-046E-42A9-9C7C-5D2B1A7EB211}" = Microsoft SQL Server 2012 Policies
"{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}" = Microsoft System CLR Types for SQL Server 2012
"{E96D4088-AAC5-437F-9E39-EC0E387897B4}" = Autodesk 3ds Max 9 32-bit
"{E9A2B5C5-5885-3B1A-A30C-0E5ACB76B5F1}" = Microsoft Visual Studio Express 2012 for Windows 8 - ENU
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3BBC56F-2282-4464-952F-A89772181F30}" = Microsoft SQL Server Data Tools – Database Projects – Web installer entry point
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FEB375AB-6EEC-3929-8FAF-188ED81DD8B5}" = Microsoft Help Viewer 2.0
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"FBX Plugin 2006.08 for Max 9.0" = FBX Plugin 2006.08 for Max 9.0
"Foxit Reader_is1" = Foxit Reader
"Google Chrome" = Google Chrome
"JRE 1.3.1_03" = Java 2 Runtime Environment Standard Edition v1.3.1_03
"LinuxLive USB Creator" = LinuxLive USB Creator
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"Microsoft Help Viewer 2.0" = Microsoft Help Viewer 2.0
"Mozilla Firefox 18.0.1 (x86 en-US)" = Mozilla Firefox 18.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"PowerISO" = PowerISO
"TeamViewer 8" = TeamViewer 8
"VLC media player" = VLC media player 2.0.5
"VMware_Workstation" = VMware Workstation

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"SkyDriveSetup.exe" = Microsoft SkyDrive
"Spotify" = Spotify

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 13/01/2013 20:54:20 | Computer Name = ron-hal | Source = Application Error | ID = 1000
Description = Faulting application name: 3dsmax.exe, version: 9.0.0.100, time stamp:
0x451d9061 Faulting module name: ntdll.dll, version: 6.2.9200.16420, time stamp:
0x505aaa82 Exception code: 0xc0000005 Fault offset: 0x000530f6 Faulting process ID:
0x7ec Faulting application start time: 0x01cdf1f1af9a3196 Faulting application path:
C:\Program Files (x86)\Autodesk\3ds Max 9\3dsmax.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
ID: ed662c6a-5de4-11e2-be7b-3085a98ce5fe Faulting package full name: Faulting package-relative
application ID:

Error - 13/01/2013 20:54:32 | Computer Name = ron-hal | Source = Application Error | ID = 1000
Description = Faulting application name: 3dsmax.exe, version: 9.0.0.100, time stamp:
0x451d9061 Faulting module name: ntdll.dll, version: 6.2.9200.16420, time stamp:
0x505aaa82 Exception code: 0xc0000005 Fault offset: 0x000530f6 Faulting process ID:
0xe30 Faulting application start time: 0x01cdf1f1b715da04 Faulting application path:
C:\Program Files (x86)\Autodesk\3ds Max 9\3dsmax.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
ID: f4e17fda-5de4-11e2-be7b-3085a98ce5fe Faulting package full name: Faulting package-relative
application ID:

Error - 13/01/2013 20:54:38 | Computer Name = ron-hal | Source = Application Error | ID = 1000
Description = Faulting application name: 3dsmax.exe, version: 9.0.0.100, time stamp:
0x451d9061 Faulting module name: ntdll.dll, version: 6.2.9200.16420, time stamp:
0x505aaa82 Exception code: 0xc0000005 Fault offset: 0x000530f6 Faulting process ID:
0x6f4 Faulting application start time: 0x01cdf1f1ba8daca5 Faulting application path:
C:\Program Files (x86)\Autodesk\3ds Max 9\3dsmax.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
ID: f85731d1-5de4-11e2-be7b-3085a98ce5fe Faulting package full name: Faulting package-relative
application ID:

Error - 13/01/2013 20:55:02 | Computer Name = ron-hal | Source = Application Error | ID = 1000
Description = Faulting application name: 3dsmax.exe, version: 9.0.0.100, time stamp:
0x451d9061 Faulting module name: ntdll.dll, version: 6.2.9200.16420, time stamp:
0x505aaa82 Exception code: 0xc0000005 Fault offset: 0x000530f6 Faulting process ID:
0x1a98 Faulting application start time: 0x01cdf1f1c8dfe273 Faulting application path:
C:\Program Files (x86)\Autodesk\3ds Max 9\3dsmax.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
ID: 06ad2572-5de5-11e2-be7b-3085a98ce5fe Faulting package full name: Faulting package-relative
application ID:

Error - 14/01/2013 16:39:22 | Computer Name = ron-hal | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Application or service 'Windows Explorer' could not be shut down.

Error - 15/01/2013 09:26:16 | Computer Name = ron-hal | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files\R\r-2.15.2\Tcl\bin64\tk85.dll".Error
in manifest or policy file "c:\program files\R\r-2.15.2\Tcl\bin64\tk85.dll" on
line 9. The value "x64" of attribute "processorArchitecture" in element "assemblyIdentity"
is invalid.

Error - 16/01/2013 09:00:29 | Computer Name = ron-hal | Source = RaySat_3dsmax9_32 Server | ID = 131074
Description =

Error - 16/01/2013 09:00:36 | Computer Name = ron-hal | Source = Perflib | ID = 1008
Description =

Error - 16/01/2013 09:00:36 | Computer Name = ron-hal | Source = Perflib | ID = 1023
Description =

Error - 16/01/2013 09:00:40 | Computer Name = ron-hal | Source = Report Server Windows Service (MSSQLSERVER) | ID = 107
Description = Report Server Windows Service (MSSQLSERVER) cannot connect to the
report server database.

[ System Events ]
Error - 11/01/2013 20:27:56 | Computer Name = ron-hal | Source = DCOM | ID = 10010
Description =

Error - 11/01/2013 20:27:57 | Computer Name = ron-hal | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5

Error - 11/01/2013 20:29:03 | Computer Name = ron-hal | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5

Error - 11/01/2013 20:29:03 | Computer Name = ron-hal | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5

Error - 11/01/2013 20:41:24 | Computer Name = ron-hal | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5

Error - 11/01/2013 20:41:24 | Computer Name = ron-hal | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5

Error - 11/01/2013 20:56:07 | Computer Name = ron-hal | Source = DCOM | ID = 10010
Description =

Error - 11/01/2013 20:56:07 | Computer Name = ron-hal | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5

Error - 11/01/2013 20:57:03 | Computer Name = ron-hal | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5

Error - 11/01/2013 20:57:04 | Computer Name = ron-hal | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5

< End of report >

**********************************************************************
*********** OTL.txt ************************************************
**********************************************************************
OTL logfile created on: 21/01/2013 07:52:09 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kiran\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16453)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

31.95 Gb Total Physical Memory | 28.90 Gb Available Physical Memory | 90.47% Memory free
39.45 Gb Paging File | 35.22 Gb Available in Paging File | 89.29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 223.23 Gb Total Space | 111.95 Gb Free Space | 50.15% Space Free | Partition Type: NTFS
Drive D: | 2794.39 Gb Total Space | 2663.03 Gb Free Space | 95.30% Space Free | Partition Type: NTFS

Computer Name: RON-HAL | User Name: Kiran | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/21 07:46:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kiran\Desktop\OTL(1).exe
PRC - [2013/01/21 07:45:55 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.124\GoogleCrashHandler.exe
PRC - [2013/01/19 23:35:41 | 007,880,664 | ---- | M] (Spotify Ltd) -- C:\Users\Kiran\AppData\Roaming\Spotify\spotify.exe
PRC - [2013/01/19 23:35:41 | 001,199,576 | ---- | M] (Spotify Ltd) -- C:\Users\Kiran\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2013/01/14 20:34:04 | 000,255,992 | ---- | M] (Microsoft Corporation) -- C:\Users\Kiran\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
PRC - [2013/01/14 00:41:25 | 000,072,704 | ---- | M] (Autodesk) -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
PRC - [2013/01/12 09:56:17 | 000,165,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
PRC - [2013/01/12 09:50:45 | 000,077,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
PRC - [2013/01/04 22:29:06 | 028,539,232 | ---- | M] (Dropbox, Inc.) -- C:\Users\Kiran\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/12/14 09:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2012/12/11 03:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe
PRC - [2012/12/03 15:47:14 | 001,259,880 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/11/30 22:43:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/11/15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
PRC - [2012/11/01 02:35:20 | 000,357,016 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2012/11/01 02:34:56 | 000,104,088 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
PRC - [2012/11/01 02:34:52 | 000,435,864 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2012/11/01 01:57:50 | 013,234,176 | ---- | M] () -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
PRC - [2012/11/01 00:48:42 | 000,079,872 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
PRC - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
PRC - [2010/04/12 08:40:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
PRC - [2008/07/11 15:04:22 | 000,200,704 | ---- | M] () -- C:\Windows\SysWOW64\HsMgr.exe

========== Modules (No Company Name) ==========

MOD - [2013/01/19 23:35:41 | 020,220,376 | ---- | M] () -- C:\Users\Kiran\AppData\Roaming\Spotify\Data\libcef.dll
MOD - [2013/01/12 09:50:46 | 000,110,192 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\office15\jitv.dll
MOD - [2013/01/12 09:50:40 | 000,340,592 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\c2r32.dll
MOD - [2013/01/12 09:50:39 | 000,307,976 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
MOD - [2013/01/12 09:50:17 | 000,340,592 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\office15\c2r32.dll
MOD - [2013/01/12 09:50:17 | 000,307,976 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\office15\appvisvstream32.dll
MOD - [2008/07/11 15:04:22 | 000,200,704 | ---- | M] () -- C:\Windows\SysWOW64\HsMgr.exe

========== Services (SafeList) ==========

SRV:64bit: - [2012/12/06 04:23:00 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2012/12/06 04:22:59 | 000,178,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2012/11/06 04:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/11/06 04:17:41 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2012/09/20 09:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012/09/20 06:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/09/20 06:30:41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2012/09/11 18:13:02 | 001,494,144 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe -- (OfficeSvc)
SRV:64bit: - [2012/07/26 03:17:59 | 000,015,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2012/07/26 03:08:04 | 001,968,128 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2012/07/26 03:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/26 03:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012/07/26 03:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/26 03:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/26 03:06:36 | 000,463,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2012/07/26 03:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/26 03:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/26 03:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/26 03:06:00 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012/07/26 03:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/26 03:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/26 03:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2012/07/26 03:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/26 03:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/26 00:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/26 00:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/26 00:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/26 00:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/26 00:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/07/26 00:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012/07/11 18:54:58 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV - [2013/01/19 11:06:01 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/01/14 00:41:25 | 000,072,704 | ---- | M] (Autodesk) [Auto | Running] -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2013/01/12 00:58:15 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/01/08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/14 09:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2012/12/03 15:47:14 | 001,259,880 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/11/30 22:43:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/11/15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/11/06 04:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/11/01 02:35:20 | 000,357,016 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2012/11/01 02:34:52 | 000,435,864 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2012/11/01 01:57:50 | 013,234,176 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe -- (VMwareHostd)
SRV - [2012/11/01 00:48:42 | 000,079,872 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012/10/11 17:15:30 | 000,918,680 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
SRV - [2012/07/26 03:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/07/25 18:58:26 | 000,126,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe -- (Te.Service)
SRV - [2012/07/25 18:13:16 | 000,139,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe -- (fussvc)
SRV - [2012/02/11 16:55:16 | 000,597,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\SQL_Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE -- (SQLSERVERAGENT)
SRV - [2012/02/11 16:55:15 | 000,191,064 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\SQL_Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe -- (MSSQLSERVER)
SRV - [2012/02/11 10:14:12 | 000,342,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\SQL_Server\SQLx86\110\Tools\DReplayController\DReplayController.exe -- (SQL Server Distributed Replay Controller)
SRV - [2012/02/11 10:14:12 | 000,137,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\SQL_Server\SQLx86\110\Tools\DReplayClient\DReplayClient.exe -- (SQL Server Distributed Replay Client)
SRV - [2012/02/11 08:55:36 | 061,538,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\SQL_Server\MSAS11.MSSQLSERVER\OLAP\bin\msmdsrv.exe -- (MSSQLServerOLAPService)
SRV - [2012/02/11 08:55:36 | 000,049,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- D:\SQL_Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe -- (MSSQLFDLauncher)
SRV - [2012/02/11 08:55:18 | 002,348,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\SQL_Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe -- (ReportServer)
SRV - [2012/02/11 08:52:30 | 000,218,200 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\SQL_Server\110\DTS\Binn\MsDtsSrvr.exe -- (MsDtsServer110)
SRV - [2006/09/29 12:48:06 | 000,065,536 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe -- (mi-raysat_3dsmax9_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/01/12 00:25:14 | 002,733,568 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\cmudaxp.sys -- (cmudaxp)
DRV:64bit: - [2012/12/01 12:41:38 | 000,446,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2012/11/27 07:00:32 | 000,194,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2012/11/27 03:56:29 | 000,031,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2012/11/27 03:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/11/26 23:36:16 | 000,208,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgwfpa.sys -- (Avgwfpa)
DRV:64bit: - [2012/11/20 04:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/11/15 23:33:24 | 000,111,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2012/11/06 07:52:07 | 000,445,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2012/11/06 07:36:23 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2012/11/06 03:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/11/01 02:34:54 | 000,067,224 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2012/11/01 02:34:32 | 000,030,360 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2012/11/01 02:34:10 | 000,045,720 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2012/11/01 02:34:08 | 000,020,120 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2012/10/26 04:17:44 | 000,020,912 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\avgboota.sys -- (Avgboota)
DRV:64bit: - [2012/10/24 14:17:14 | 000,070,296 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\vsock.sys -- (vsock)
DRV:64bit: - [2012/10/24 14:17:10 | 000,085,104 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\vmci.sys -- (vmci)
DRV:64bit: - [2012/10/22 13:02:44 | 000,154,464 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2012/10/15 03:48:50 | 000,063,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012/10/12 08:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/10/11 17:15:32 | 000,052,376 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2012/10/11 17:15:06 | 000,037,680 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmusb.sys -- (vmusb)
DRV:64bit: - [2012/10/11 07:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/10/11 07:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012/10/11 05:19:44 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2012/10/02 03:30:38 | 000,185,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012/09/21 03:46:00 | 000,225,120 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2012/09/20 07:55:33 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2012/09/20 07:55:33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2012/09/20 07:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012/09/20 07:55:29 | 000,028,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012/09/20 07:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/09/20 07:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/09/20 07:03:08 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2012/09/14 03:05:18 | 000,040,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2012/07/26 05:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/26 05:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/26 05:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/26 05:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/26 05:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/26 05:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/26 05:00:55 | 000,283,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2012/07/26 05:00:55 | 000,077,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2012/07/26 05:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/26 05:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/26 05:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/26 05:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/26 05:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/26 05:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/26 05:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/26 05:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/26 05:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/26 05:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/26 05:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/26 04:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/26 04:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012/07/26 04:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/26 04:44:30 | 000,258,288 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2012/07/26 04:36:15 | 000,034,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2012/07/26 03:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/26 02:29:47 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2012/07/26 02:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/26 02:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/26 02:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/26 02:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/26 02:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/26 02:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/26 02:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/26 02:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/26 02:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/26 02:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/26 02:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/26 02:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/26 02:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/26 02:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/26 02:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/26 02:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/26 02:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/26 02:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/26 02:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/26 02:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/26 02:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/07/25 22:53:22 | 011,926,528 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/07/03 15:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/06/29 02:00:48 | 000,360,448 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/06/02 14:31:38 | 000,333,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\e1i63x64.sys -- (e1iexpress)
DRV:64bit: - [2012/06/02 14:31:33 | 005,139,968 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BCMWL63A.SYS -- (BCM43XX)
DRV:64bit: - [2012/02/11 07:59:34 | 000,334,936 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\Drivers\RsFx0200.sys -- (RsFx0200)
DRV:64bit: - [2011/07/22 16:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 21:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2010/04/12 08:55:00 | 000,091,568 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.uk.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C2 35 7B 56 A0 EF CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/19 11:06:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/19 11:06:01 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/01/11 02:13:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kiran\AppData\Roaming\mozilla\Extensions
[2013/01/19 11:05:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/01/19 11:06:01 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/01/05 03:45:12 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/01/05 03:45:12 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\pdf.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
CHR - Extension: Docs = C:\Users\Kiran\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Google Drive = C:\Users\Kiran\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Users\Kiran\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Kiran\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\Kiran\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/07/26 05:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SPFS Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll (Microsoft Corporation)
O2 - BHO: (Microsoft SPFS Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Cmaudio8788GX] C:\Windows\syswow64\HsMgr.exe ()
O4:64bit: - HKLM..\Run: [Cmaudio8788GX64] C:\Windows\system\HsMgr64.exe ()
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [vmware-tray.exe] C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
O4 - HKCU..\Run: [SkyDrive] C:\Users\Kiran\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Spotify] C:\Users\Kiran\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Kiran\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\Kiran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Kiran\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Microsoft Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Microsoft Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus....k_sys_ctrl3.cab (asusTek_sysctrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...-131_03-win.cab (Java Plug-in 1.3.1_03)
O16 - DPF: {CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA} http://java.sun.com/...-131_03-win.cab (Java Plug-in 1.3.1_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6B903C76-883B-4F06-9962-CDBAABBCD658}: DhcpNameServer = 192.168.1.254 192.168.1.254
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = "G:\SETUP.EXE"
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = "J:\setup.exe"
O33 - MountPoints2\J\Shell\odbcdrv\command - "" = odbcdrv\setup.exe
O33 - MountPoints2\J\Shell\sas\command - "" = J:\sas\setup.exe
O33 - MountPoints2\J\Shell\sasview\command - "" = J:\sasview\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/21 07:46:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Kiran\Desktop\OTL(1).exe
[2013/01/21 07:46:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/01/21 07:45:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013/01/21 07:45:53 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Local\Google
[2013/01/19 23:26:16 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Local\Spotify
[2013/01/19 23:26:02 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Roaming\Spotify
[2013/01/19 13:00:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
[2013/01/19 13:00:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
[2013/01/19 11:05:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/01/19 11:01:18 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Roaming\Skype
[2013/01/19 11:01:16 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2013/01/19 11:01:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/01/19 11:01:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013/01/19 11:01:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2013/01/16 21:51:36 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Roaming\TeamViewer
[2013/01/16 21:17:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2013/01/14 21:42:16 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013/01/14 21:39:16 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Local\Microsoft Help
[2013/01/14 21:01:51 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information
[2013/01/14 21:01:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series
[2013/01/14 21:01:49 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2013/01/14 20:42:39 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Roaming\SUPERAntiSpyware.com
[2013/01/14 20:42:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2013/01/14 20:42:37 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2013/01/14 20:42:37 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013/01/14 20:40:48 | 000,000,000 | R--D | C] -- C:\Users\Kiran\Dropbox
[2013/01/14 20:39:22 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2013/01/14 20:32:06 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Roaming\Dropbox
[2013/01/14 00:41:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Autodesk
[2013/01/14 00:38:40 | 000,000,000 | ---D | C] -- C:\Users\Kiran\Desktop\Max3d
[2013/01/13 22:47:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Autodesk Shared
[2013/01/13 22:47:20 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Local\Autodesk
[2013/01/13 22:47:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
[2013/01/13 22:47:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Autodesk
[2013/01/13 22:09:12 | 000,000,000 | ---D | C] -- C:\VM
[2013/01/13 21:51:28 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Local\Microsoft_Corporation
[2013/01/13 21:34:15 | 000,000,000 | ---D | C] -- C:\Users\Kiran\Documents\SQL Server Management Studio
[2013/01/13 21:27:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\RsFx
[2013/01/13 21:27:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2013/01/13 21:27:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2013/01/13 21:27:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2013/01/13 21:26:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
[2013/01/13 21:26:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ReportViewer
[2013/01/13 21:25:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010
[2013/01/13 21:24:28 | 000,000,000 | ---D | C] -- C:\Users\Kiran\Documents\Visual Studio 2010
[2013/01/13 21:24:06 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\1033
[2013/01/13 21:23:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 10.0
[2013/01/13 21:23:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Help Viewer
[2013/01/13 21:23:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\1033
[2013/01/13 21:23:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 10.0
[2013/01/13 21:22:55 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2013/01/13 21:22:55 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2013/01/13 21:20:15 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013/01/13 21:11:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2012
[2013/01/13 21:11:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2013/01/13 21:09:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2013/01/12 11:38:59 | 000,000,000 | ---D | C] -- C:\Users\Kiran\Documents\Visual Studio 2012
[2013/01/12 11:38:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NuGet
[2013/01/12 11:38:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Blend
[2013/01/12 11:38:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Merge Modules
[2013/01/12 11:38:07 | 000,000,000 | ---D | C] -- C:\Windows\symbols
[2013/01/12 11:38:02 | 000,000,000 | ---D | C] -- C:\Program Files\Application Verifier
[2013/01/12 11:38:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Verifier
[2013/01/12 11:38:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows App Certification Kit
[2013/01/12 11:37:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
[2013/01/12 11:37:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft
[2013/01/12 11:37:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Kits
[2013/01/12 11:37:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012 Express
[2013/01/12 11:37:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VSWinExpress
[2013/01/12 11:37:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
[2013/01/12 11:37:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Licenses
[2013/01/12 11:37:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Help Viewer
[2013/01/12 11:37:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VC#
[2013/01/12 11:37:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SDKs
[2013/01/12 11:37:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VB
[2013/01/12 11:37:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Web
[2013/01/12 11:37:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xml
[2013/01/12 11:37:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JavaScript
[2013/01/12 11:37:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VC
[2013/01/12 11:37:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Team Tools
[2013/01/12 11:37:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2013/01/12 11:37:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2013/01/12 11:37:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2013/01/12 11:37:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Setup
[2013/01/12 11:37:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SDK
[2013/01/12 11:37:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2013/01/12 11:37:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common7
[2013/01/12 11:37:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013/01/12 11:26:40 | 000,000,000 | R--D | C] -- C:\Windows\BrowserChoice
[2013/01/12 10:07:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive
[2013/01/12 10:07:01 | 000,000,000 | R--D | C] -- C:\Users\Kiran\SkyDrive
[2013/01/12 10:06:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive
[2013/01/12 10:00:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013/01/12 10:00:02 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013/01/12 09:56:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013/01/12 09:53:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013/01/12 09:51:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2013/01/12 09:50:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office 15
[2013/01/12 08:44:14 | 000,000,000 | ---D | C] -- C:\Summit
[2013/01/12 01:15:48 | 000,000,000 | ---D | C] -- C:\Users\Kiran\Documents\SAS Configuration Information
[2013/01/12 01:13:32 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2013/01/12 01:13:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2 Runtime Environment
[2013/01/12 01:13:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JavaSoft
[2013/01/12 01:12:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SAS
[2013/01/12 01:12:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2013/01/12 00:58:19 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2013/01/12 00:58:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rosetta Stone
[2013/01/12 00:58:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared
[2013/01/12 00:58:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Rosetta Stone
[2013/01/12 00:58:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rosetta Stone
[2013/01/12 00:56:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
[2013/01/12 00:55:43 | 000,091,568 | ---- | C] (PowerISO Computing, Inc.) -- C:\Windows\SysNative\drivers\scdemu.sys
[2013/01/12 00:55:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PowerISO
[2013/01/11 23:10:28 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Roaming\Malwarebytes
[2013/01/11 23:10:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/01/11 23:10:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/01/11 23:10:18 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/01/11 23:09:48 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Local\Programs
[2013/01/11 23:03:52 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Roaming\AVG2013
[2013/01/11 23:02:57 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Roaming\TuneUp Software
[2013/01/11 23:02:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013/01/11 23:02:49 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013/01/11 23:02:49 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2013/01/11 23:02:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2013/01/11 22:59:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013/01/11 22:59:46 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Local\MFAData
[2013/01/11 22:59:46 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2013/01/11 22:59:46 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Local\Avg2013
[2013/01/11 22:25:41 | 000,000,000 | ---D | C] -- C:\Users\Kiran\Documents\Virtual Machines
[2013/01/11 22:21:19 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Local\VMware
[2013/01/11 22:21:18 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Roaming\VMware
[2013/01/11 22:17:36 | 000,070,296 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vsock.sys
[2013/01/11 22:17:36 | 000,067,224 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\vsocklib.dll
[2013/01/11 22:17:36 | 000,063,128 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vsocklib.dll
[2013/01/11 22:17:35 | 000,067,224 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmx86.sys
[2013/01/11 22:17:15 | 000,357,016 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnetdhcp.exe
[2013/01/11 22:17:12 | 000,435,864 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnat.exe
[2013/01/11 22:17:12 | 000,030,360 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmnetuserif.sys
[2013/01/11 22:17:10 | 000,933,528 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\vnetlib64.dll
[2013/01/11 22:17:09 | 000,052,376 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\hcmon.sys
[2013/01/11 22:17:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
[2013/01/11 22:17:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\VMware
[2013/01/11 22:16:49 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware
[2013/01/11 22:16:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VMware
[2013/01/11 22:16:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\VMware
[2013/01/11 22:16:49 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Shared Virtual Machines
[2013/01/11 20:19:25 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
[2013/01/11 20:19:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LinuxLive USB Creator
[2013/01/11 02:39:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R
[2013/01/11 02:39:20 | 000,000,000 | ---D | C] -- C:\Program Files\R
[2013/01/11 02:24:26 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Roaming\dvdcss
[2013/01/11 02:24:04 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Roaming\vlc
[2013/01/11 02:24:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/01/11 02:23:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2013/01/11 02:15:19 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Local\Macromedia
[2013/01/11 02:14:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013/01/11 02:12:58 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Roaming\Mozilla
[2013/01/11 02:12:58 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Local\Mozilla
[2013/01/11 02:12:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/01/11 02:12:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/01/11 02:07:00 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Roaming\Macromedia
[2013/01/11 02:04:18 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Roaming\ASUS
[2013/01/11 02:04:05 | 000,000,000 | R--D | C] -- C:\Users\Kiran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/01/11 02:04:05 | 000,000,000 | R--D | C] -- C:\Users\Kiran\Searches
[2013/01/11 02:04:05 | 000,000,000 | R--D | C] -- C:\Users\Kiran\Contacts
[2013/01/11 02:04:05 | 000,000,000 | R--D | C] -- C:\Users\Kiran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/01/11 02:04:05 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Roaming\Adobe
[2013/01/11 02:03:51 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Local\VirtualStore
[2013/01/11 02:03:50 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Local\Packages
[2013/01/11 02:03:34 | 000,000,000 | --SD | C] -- C:\Users\Kiran\AppData\Roaming\Microsoft
[2013/01/11 02:03:34 | 000,000,000 | R--D | C] -- C:\Users\Kiran\Videos
[2013/01/11 02:03:34 | 000,000,000 | R--D | C] -- C:\Users\Kiran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2013/01/11 02:03:34 | 000,000,000 | R--D | C] -- C:\Users\Kiran\Saved Games
[2013/01/11 02:03:34 | 000,000,000 | R--D | C] -- C:\Users\Kiran\Pictures
[2013/01/11 02:03:34 | 000,000,000 | R--D | C] -- C:\Users\Kiran\Music
[2013/01/11 02:03:34 | 000,000,000 | R--D | C] -- C:\Users\Kiran\Links
[2013/01/11 02:03:34 | 000,000,000 | R--D | C] -- C:\Users\Kiran\Favorites
[2013/01/11 02:03:34 | 000,000,000 | R--D | C] -- C:\Users\Kiran\Downloads
[2013/01/11 02:03:34 | 000,000,000 | R--D | C] -- C:\Users\Kiran\Documents
[2013/01/11 02:03:34 | 000,000,000 | R--D | C] -- C:\Users\Kiran\Desktop
[2013/01/11 02:03:34 | 000,000,000 | R--D | C] -- C:\Users\Kiran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/01/11 02:03:34 | 000,000,000 | R--D | C] -- C:\Users\Kiran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2013/01/11 02:03:34 | 000,000,000 | -H-D | C] -- C:\Users\Kiran\AppData
[2013/01/11 02:03:34 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Local\Temp
[2013/01/11 02:03:34 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Local\Microsoft
[2013/01/11 02:03:34 | 000,000,000 | ---D | C] -- C:\Users\Kiran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/01/11 01:47:24 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/01/09 09:30:22 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013/01/09 09:30:21 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2013/01/09 09:30:19 | 002,075,712 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2013/01/09 09:30:19 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2013/01/09 09:30:18 | 002,601,816 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2013/01/09 09:30:18 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2013/01/09 09:30:18 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2013/01/09 09:30:18 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2013/01/09 09:30:18 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2013/01/09 09:30:18 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2013/01/09 09:30:18 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2013/01/09 09:30:18 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2013/01/09 09:30:18 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2013/01/09 09:30:18 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2013/01/09 09:30:18 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2013/01/09 09:30:18 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2013/01/09 09:28:24 | 000,466,520 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2013/01/09 09:28:24 | 000,445,016 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2013/01/09 09:28:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2013/01/09 09:28:18 | 000,217,088 | ---- | C] (C-Media Electronics Inc.) -- C:\Windows\SysWow64\HsSrv.dll
[2013/01/09 09:28:18 | 000,121,856 | ---- | C] (C-Media Electronics Inc.) -- C:\Windows\System\HsSrv64.dll
[2013/01/09 09:28:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Xonar Xense Audio
[2013/01/09 09:28:14 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS Xonar Xense Audio
[2013/01/09 09:27:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013/01/09 09:27:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013/01/09 09:27:11 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2013/01/09 09:26:58 | 000,060,776 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013/01/09 09:26:58 | 000,052,584 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013/01/09 09:26:56 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013/01/09 09:26:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2013/01/09 09:26:13 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013/01/08 17:31:49 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2013/01/21 07:50:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/21 07:50:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/21 07:46:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kiran\Desktop\OTL(1).exe
[2013/01/21 07:46:22 | 000,002,255 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/01/21 07:21:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/19 23:35:42 | 000,001,804 | ---- | M] () -- C:\Users\Kiran\Desktop\Spotify.lnk
[2013/01/19 13:00:39 | 000,001,126 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2013/01/19 11:01:16 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/01/16 21:17:26 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013/01/16 13:04:41 | 001,049,630 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/01/16 13:04:41 | 000,860,016 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/01/16 13:04:41 | 000,193,544 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/01/16 13:00:26 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/01/16 13:00:16 | 1671,233,530 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/14 20:42:39 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/01/14 20:40:48 | 000,001,038 | ---- | M] () -- C:\Users\Kiran\Desktop\Dropbox.lnk
[2013/01/14 20:39:29 | 000,001,048 | ---- | M] () -- C:\Users\Kiran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/01/14 00:46:36 | 000,425,160 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/01/14 00:41:18 | 000,001,993 | ---- | M] () -- C:\Users\Public\Desktop\Autodesk 3ds Max 9 32-bit.lnk
[2013/01/12 11:38:08 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
[2013/01/12 00:56:01 | 000,001,007 | ---- | M] () -- C:\Users\Public\Desktop\PowerISO.lnk
[2013/01/12 00:27:27 | 000,466,520 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2013/01/12 00:27:27 | 000,445,016 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2013/01/12 00:26:32 | 000,074,169 | ---- | M] () -- C:\Windows\Cmicnfgp.ini.cfl
[2013/01/12 00:26:32 | 000,001,024 | ---- | M] () -- C:\Windows\Cmicnfgp.ini.imi
[2013/01/12 00:26:32 | 000,000,963 | ---- | M] () -- C:\Windows\System\Cmicnfgp.ini
[2013/01/12 00:26:32 | 000,000,138 | ---- | M] () -- C:\Windows\System\Dlap.pfx
[2013/01/12 00:25:14 | 002,733,568 | ---- | M] (C-Media Inc) -- C:\Windows\SysNative\drivers\cmudaxp.sys
[2013/01/12 00:25:14 | 000,000,632 | ---- | M] () -- C:\Windows\cmudaxp.ini
[2013/01/12 00:25:13 | 000,000,056 | ---- | M] () -- C:\Windows\SysNative\cmasiopx.ini
[2013/01/12 00:25:13 | 000,000,051 | ---- | M] () -- C:\Windows\SysWow64\cmasiop.ini
[2013/01/12 00:25:09 | 000,004,209 | ---- | M] () -- C:\Windows\Cmicnfgp.ini.cfg
[2013/01/11 23:10:19 | 000,000,646 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/11 23:02:57 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013/01/11 22:17:08 | 000,001,024 | ---- | M] () -- C:\Windows\SysWow64\%TMP%
[2013/01/11 22:17:06 | 000,811,864 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/01/11 22:17:06 | 000,002,127 | ---- | M] () -- C:\Users\Public\Desktop\VMware Workstation.lnk
[2013/01/11 02:39:32 | 000,001,027 | ---- | M] () -- C:\Users\Public\Desktop\R i386 2.15.2.lnk
[2013/01/11 02:39:32 | 000,001,020 | ---- | M] () -- C:\Users\Public\Desktop\R x64 2.15.2.lnk
[2013/01/11 02:24:00 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/01/11 02:12:53 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/01/11 02:04:21 | 000,002,061 | ---- | M] () -- C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk

========== Files Created - No Company Name ==========

[2013/01/21 07:46:22 | 000,002,255 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/01/21 07:45:57 | 000,000,912 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/21 07:45:57 | 000,000,908 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/19 23:26:16 | 000,001,804 | ---- | C] () -- C:\Users\Kiran\Desktop\Spotify.lnk
[2013/01/19 23:26:16 | 000,001,790 | ---- | C] () -- C:\Users\Kiran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2013/01/19 13:00:39 | 000,001,126 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2013/01/19 11:01:16 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/01/16 21:17:26 | 000,001,174 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013/01/16 21:17:26 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013/01/14 20:42:39 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/01/14 20:40:48 | 000,001,038 | ---- | C] () -- C:\Users\Kiran\Desktop\Dropbox.lnk
[2013/01/14 20:39:29 | 000,001,048 | ---- | C] () -- C:\Users\Kiran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/01/14 00:46:34 | 000,425,160 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/01/14 00:41:18 | 000,001,993 | ---- | C] () -- C:\Users\Public\Desktop\Autodesk 3ds Max 9 32-bit.lnk
[2013/01/12 11:50:51 | 000,385,604 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013/01/12 11:50:01 | 000,110,592 | ---- | C] () -- C:\Windows\SysNative\OEMLicense.dll
[2013/01/12 11:50:01 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/01/12 11:38:08 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
[2013/01/12 10:07:01 | 000,002,256 | ---- | C] () -- C:\Users\Kiran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
[2013/01/12 01:13:17 | 000,020,549 | ---- | C] () -- C:\Windows\SysWow64\javaw.exe
[2013/01/12 01:13:17 | 000,020,547 | ---- | C] () -- C:\Windows\SysWow64\java.exe
[2013/01/12 00:55:43 | 000,001,007 | ---- | C] () -- C:\Users\Public\Desktop\PowerISO.lnk
[2013/01/11 23:10:19 | 000,000,646 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/11 23:02:57 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013/01/11 22:17:08 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\%TMP%
[2013/01/11 22:17:06 | 000,811,864 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/01/11 22:17:06 | 000,002,127 | ---- | C] () -- C:\Users\Public\Desktop\VMware Workstation.lnk
[2013/01/11 02:39:32 | 000,001,027 | ---- | C] () -- C:\Users\Public\Desktop\R i386 2.15.2.lnk
[2013/01/11 02:39:32 | 000,001,020 | ---- | C] () -- C:\Users\Public\Desktop\R x64 2.15.2.lnk
[2013/01/11 02:24:00 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/01/11 02:12:53 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/01/11 02:12:53 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/01/11 02:04:21 | 000,002,061 | ---- | C] () -- C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
[2013/01/11 02:04:05 | 000,001,430 | ---- | C] () -- C:\Users\Kiran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/01/09 09:28:18 | 000,282,112 | ---- | C] () -- C:\Windows\System\HsMgr64.exe
[2013/01/09 09:28:18 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\HsMgr.exe
[2013/01/09 09:28:18 | 000,000,056 | ---- | C] () -- C:\Windows\SysNative\cmasiopx.ini
[2013/01/09 09:28:18 | 000,000,051 | ---- | C] () -- C:\Windows\SysWow64\cmasiop.ini
[2013/01/09 09:28:17 | 001,144,983 | ---- | C] () -- C:\Windows\KB936225x64.msu
[2013/01/09 09:28:14 | 000,074,169 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfl
[2013/01/09 09:28:14 | 000,000,138 | ---- | C] () -- C:\Windows\System\Dlap.pfx
[2013/01/09 09:28:12 | 000,001,024 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.imi
[2013/01/09 09:28:10 | 000,004,209 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfg
[2013/01/09 09:28:10 | 000,000,963 | ---- | C] () -- C:\Windows\System\Cmicnfgp.ini
[2013/01/09 09:28:09 | 000,000,632 | ---- | C] () -- C:\Windows\cmudaxp.ini
[2013/01/09 09:27:08 | 003,663,213 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2013/01/09 09:26:42 | 000,014,446 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2013/01/08 17:32:55 | 1671,233,530 | -HS- | C] () -- C:\hiberfil.sys
[2013/01/08 17:31:50 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2012/09/17 15:17:37 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/07/26 08:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012/07/26 08:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012/07/26 07:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012/07/26 01:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012/07/25 20:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012/07/25 20:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012/06/02 14:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== ZeroAccess Check ==========

[2013/01/13 22:47:17 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/11/06 04:19:27 | 019,789,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/11/06 04:20:00 | 017,560,576 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 03:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 03:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 03:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/01/11 02:04:18 | 000,000,000 | ---D | M] -- C:\Users\Kiran\AppData\Roaming\ASUS
[2013/01/11 23:03:52 | 000,000,000 | ---D | M] -- C:\Users\Kiran\AppData\Roaming\AVG2013
[2013/01/21 07:35:39 | 000,000,000 | ---D | M] -- C:\Users\Kiran\AppData\Roaming\Dropbox
[2013/01/21 07:40:27 | 000,000,000 | ---D | M] -- C:\Users\Kiran\AppData\Roaming\Spotify
[2013/01/16 23:39:15 | 000,000,000 | ---D | M] -- C:\Users\Kiran\AppData\Roaming\TeamViewer
[2013/01/11 23:02:57 | 000,000,000 | ---D | M] -- C:\Users\Kiran\AppData\Roaming\TuneUp Software

========== Purity Check ==========

< End of report >

Windows 8 - Virus found Script/Exploit.Kit - found by AVG Anit-virus

#1
rocket-ron

Posted 19 January 2013 - 06:49 AM

Advertisements

#2
Phel

Posted 19 January 2013 - 11:11 AM

#3
rocket-ron

Posted 21 January 2013 - 02:03 AM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Windows 8 - Virus found Script/Exploit.Kit - found by AVG Anit-virus

#1 rocket-ron Posted 19 January 2013 - 06:49 AM

Advertisements

#2 Phel Posted 19 January 2013 - 11:11 AM

#3 rocket-ron Posted 21 January 2013 - 02:03 AM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Sign In

#1
rocket-ron

Posted 19 January 2013 - 06:49 AM

#2
Phel

Posted 19 January 2013 - 11:11 AM

#3
rocket-ron

Posted 21 January 2013 - 02:03 AM