Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

My laptop is taking longtime to boot up, I suspect some malware [Close


  • This topic is locked This topic is locked

#1
siva thota

siva thota

    New Member

  • Member
  • Pip
  • 2 posts
Hi,

My laptop is taking very long time to boot up from several days. Even it takes long time to connect to the internet through google chrome(in the starting). Can you please help me on this.

PFA the log of OTL tool.

OTL logfile created on: 11/13/2013 3:44:38 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ST186026\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.88 Gb Total Physical Memory | 4.96 Gb Available Physical Memory | 62.92% Memory free
15.77 Gb Paging File | 12.63 Gb Available in Paging File | 80.14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 464.40 Gb Total Space | 191.55 Gb Free Space | 41.25% Space Free | Partition Type: NTFS
Drive T: | 9748.94 Gb Total Space | 1229.94 Gb Free Space | 12.62% Space Free | Partition Type: NTFS

Computer Name: WINST186026-YA6 | User Name: st186026 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2013/11/13 03:42:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ST186026\Downloads\OTL.exe
PRC - [2013/11/13 02:33:57 | 002,163,224 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_1013b.exe
PRC - [2013/11/13 02:33:57 | 002,163,224 | ---- | M] (AVG Secure Search) -- C:\Windows\Temp\{5D00E547-D059-42CA-AA70-8348F9BA4537}.exe
PRC - [2013/10/31 01:41:13 | 002,404,376 | ---- | M] () -- C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
PRC - [2013/10/09 09:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/10/03 01:55:07 | 001,734,680 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
PRC - [2013/10/03 01:55:07 | 000,159,768 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe
PRC - [2013/07/24 10:32:50 | 000,688,232 | ---- | M] (Juniper Networks) -- C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
PRC - [2013/07/10 14:25:18 | 000,270,704 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
PRC - [2013/05/09 23:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/10/01 15:01:08 | 000,458,936 | ---- | M] (Trend Micro Inc.) -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
PRC - [2012/08/10 02:31:16 | 000,218,624 | ---- | M] () -- C:\ProgramData\Idea Net Setter\OnlineUpdate\ouc.exe
PRC - [2012/05/03 19:57:48 | 000,857,704 | ---- | M] (WebEx Communications Inc.) -- C:\Program Files (x86)\WebEx\Connect\apUpdate.exe
PRC - [2011/11/13 10:12:54 | 000,354,416 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2011/11/13 10:12:52 | 000,433,264 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2011/11/13 08:19:40 | 000,079,872 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
PRC - [2011/10/28 04:09:54 | 000,399,872 | ---- | M] (LANDesk Software, Inc. and its affiliates.) -- C:\Program Files (x86)\LANDesk\LDClient\rcgui.exe
PRC - [2011/10/20 04:22:30 | 001,459,200 | ---- | M] (LANDesk Software, Inc. and its affiliates.) -- C:\Program Files (x86)\LANDesk\LDClient\issuser.exe
PRC - [2011/10/19 04:49:24 | 000,403,632 | ---- | M] (LANDesk Software, Inc. and its affiliates.) -- C:\Program Files (x86)\LANDesk\LDClient\SoftMon.exe
PRC - [2011/10/19 04:23:28 | 000,179,200 | ---- | M] (LANDesk Software, Inc. and its affiliates.) -- C:\Program Files (x86)\LANDesk\LDClient\tmcsvc.exe
PRC - [2011/10/14 04:49:50 | 001,058,304 | ---- | M] (LANDesk Software, Inc. and its affiliates.) -- C:\Program Files (x86)\LANDesk\LDClient\amtmon.exe
PRC - [2011/10/14 04:38:50 | 000,189,952 | ---- | M] (LANDesk Software, Inc. and its affiliates.) -- C:\Program Files (x86)\LANDesk\LDClient\LocalSch.EXE
PRC - [2011/09/29 04:30:26 | 000,207,872 | ---- | M] (LANDesk Software, Inc. and its affiliates.) -- C:\Program Files (x86)\LANDesk\LDClient\policy.client.invoker.exe
PRC - [2011/09/07 18:39:52 | 000,494,192 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe
PRC - [2011/08/01 12:30:36 | 000,147,456 | ---- | M] (Avocent Corporation) -- C:\Program Files (x86)\LANDesk\Shared Files\residentAgent.exe
PRC - [2011/07/21 08:23:58 | 000,496,128 | ---- | M] (LANDesk Software, Inc. and its affiliates ) -- C:\Program Files (x86)\LANDesk\LDClient\collector.exe
PRC - [2011/06/08 10:34:16 | 000,237,568 | ---- | M] () -- C:\Program Files\McAfee\Endpoint Encryption for PC v6\EpePcMonitor.exe
PRC - [2011/06/08 10:09:40 | 001,630,208 | ---- | M] () -- C:\Program Files\McAfee\Endpoint Encryption Agent\MfeEpeHost.exe
PRC - [2011/02/02 13:08:16 | 000,018,656 | ---- | M] () -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
PRC - [2011/01/12 02:35:00 | 000,185,664 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe
PRC - [2011/01/12 02:35:00 | 000,161,088 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe
PRC - [2011/01/12 02:35:00 | 000,120,128 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
PRC - [2011/01/12 02:35:00 | 000,075,072 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\Common Framework\McTray.exe
PRC - [2010/12/15 09:46:50 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
PRC - [2010/11/16 05:37:30 | 000,230,912 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2010/03/23 12:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2007/08/31 06:13:00 | 000,032,825 | ---- | M] (LANDesk Software Ltd.) -- C:\Windows\SysWOW64\cba\pds.exe
PRC - [2007/01/01 13:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Google Talk\googletalk.exe


========== Modules (No Company Name) ==========

MOD - [2013/10/31 01:41:13 | 002,404,376 | ---- | M] () -- C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
MOD - [2013/10/08 16:02:43 | 000,415,184 | ---- | M] () -- C:\Users\ST186026\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
MOD - [2013/10/08 16:02:42 | 013,584,336 | ---- | M] () -- C:\Users\ST186026\AppData\Local\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
MOD - [2013/10/08 16:02:41 | 004,055,504 | ---- | M] () -- C:\Users\ST186026\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll
MOD - [2013/10/08 16:01:50 | 000,698,832 | ---- | M] () -- C:\Users\ST186026\AppData\Local\Google\Chrome\Application\30.0.1599.101\libglesv2.dll
MOD - [2013/10/08 16:01:49 | 000,099,792 | ---- | M] () -- C:\Users\ST186026\AppData\Local\Google\Chrome\Application\30.0.1599.101\libegl.dll
MOD - [2013/10/08 16:01:47 | 001,604,560 | ---- | M] () -- C:\Users\ST186026\AppData\Local\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
MOD - [2013/10/03 01:55:08 | 000,519,704 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\log4cplusU.dll
MOD - [2013/10/03 01:55:08 | 000,142,360 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\SiteSafety.dll
MOD - [2011/06/08 10:34:16 | 000,237,568 | ---- | M] () -- C:\Program Files\McAfee\Endpoint Encryption for PC v6\EpePcMonitor.exe
MOD - [2011/06/08 10:08:26 | 000,126,976 | ---- | M] () -- C:\Program Files\McAfee\Endpoint Encryption Agent\MfeEpeHostInterface.dll
MOD - [2011/03/16 10:41:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/12/20 11:45:30 | 001,041,248 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
MOD - [2010/12/15 09:46:50 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
MOD - [2007/04/18 06:00:46 | 000,471,040 | ---- | M] () -- C:\Program Files (x86)\McAfee\Common Framework\ccme_base.dll
MOD - [2007/04/18 06:00:46 | 000,393,216 | ---- | M] () -- C:\Program Files (x86)\McAfee\Common Framework\cryptocme2.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/05/17 05:18:36 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2011/09/07 18:43:26 | 001,125,488 | ---- | M] (VMware, Inc.) [Disabled | Running] -- C:\Program Files\VMware\VMware View\Client\bin\wsnm_usbctrl.exe -- (wsnm_usbctrl)
SRV:64bit: - [2011/09/07 18:39:52 | 000,494,192 | ---- | M] (VMware, Inc.) [Disabled | Running] -- C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe -- (wsnm)
SRV:64bit: - [2011/06/08 10:09:40 | 001,630,208 | ---- | M] () [Disabled | Running] -- C:\Program Files\McAfee\Endpoint Encryption Agent\MfeEpeHost.exe -- (McAfee Endpoint Encryption Agent)
SRV:64bit: - [2011/01/18 09:50:02 | 000,048,128 | ---- | M] (Dell Inc.) [Disabled | Running] -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2010/12/07 14:43:40 | 000,275,968 | ---- | M] (IDT, Inc.) [Disabled | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/02/10 17:50:50 | 000,072,296 | ---- | M] (O2Micro International) [Disabled | Running] -- C:\Windows\SysNative\drivers\o2flash.exe -- (O2FLASH)
SRV:64bit: - [2009/07/13 17:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 17:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/03/02 21:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Disabled | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2013/10/09 09:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) [Disabled | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/10/03 01:55:07 | 001,734,680 | ---- | M] (AVG Secure Search) [Disabled | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe -- (vToolbarUpdater17.0.12)
SRV - [2013/09/05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/07/24 10:32:50 | 000,688,232 | ---- | M] (Juniper Networks) [Disabled | Running] -- C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe -- (dsNcService)
SRV - [2013/07/10 14:25:18 | 000,270,704 | R--- | M] (Western Digital Technologies, Inc.) [Disabled | Running] -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe -- (WDDriveService)
SRV - [2013/05/09 23:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Disabled | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/06 16:00:48 | 003,116,160 | ---- | M] (Trend Micro Inc.) [Disabled | Running] -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmListen.exe -- (tmlisten)
SRV - [2012/12/06 15:55:44 | 003,015,992 | ---- | M] (Trend Micro Inc.) [Disabled | Running] -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\Ntrtscan.exe -- (ntrtscan)
SRV - [2012/11/20 13:08:32 | 000,919,192 | ---- | M] (VMware, Inc.) [Disabled | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
SRV - [2012/10/30 08:15:40 | 000,572,464 | ---- | M] (Trend Micro Inc.) [Disabled | Running] -- C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe -- (TMBMServer)
SRV - [2012/08/10 02:31:16 | 000,218,624 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Idea Net Setter\UpdateDog\ouc.exe -- (Idea Net Setter. RunOuc)
SRV - [2012/08/08 15:26:42 | 000,918,064 | ---- | M] (Trend Micro Inc.) [Disabled | Running] -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmProxy.exe -- (TmProxy)
SRV - [2012/05/03 19:57:48 | 000,857,704 | ---- | M] (WebEx Communications Inc.) [Disabled | Running] -- C:\Program Files (x86)\WebEx\Connect\apUpdate.exe -- (Cisco WebEx Connect Upgrade Service)
SRV - [2011/11/13 10:12:54 | 000,354,416 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2011/11/13 10:12:52 | 000,433,264 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2011/11/13 08:19:40 | 000,079,872 | ---- | M] (VMware, Inc.) [Disabled | Running] -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService)
SRV - [2011/10/20 04:22:30 | 001,459,200 | ---- | M] (LANDesk Software, Inc. and its affiliates.) [Auto | Running] -- C:\Program Files (x86)\LANDesk\LDClient\issuser.exe -- (ISSUSER)
SRV - [2011/10/19 04:49:24 | 000,403,632 | ---- | M] (LANDesk Software, Inc. and its affiliates.) [Auto | Running] -- C:\Program Files (x86)\LANDesk\LDClient\SoftMon.exe -- (Softmon)
SRV - [2011/10/19 04:23:28 | 000,179,200 | ---- | M] (LANDesk Software, Inc. and its affiliates.) [Auto | Running] -- C:\Program Files (x86)\LANDesk\LDClient\tmcsvc.exe -- (LANDesk Targeted Multicast)
SRV - [2011/10/19 04:23:22 | 000,143,872 | ---- | M] (LANDesk Software, Inc. and its affiliates.) [Disabled | Stopped] -- C:\Program Files (x86)\LANDesk\LDClient\ProcTriggerSvc.exe -- (ProcTrigger)
SRV - [2011/10/19 04:22:34 | 000,066,560 | ---- | M] (LANDesk Software, Inc. and its affiliates.) [Disabled | Stopped] -- C:\Program Files (x86)\LANDesk\LDClient\tracksvc.exe -- (tracksvc)
SRV - [2011/10/14 04:49:50 | 001,058,304 | ---- | M] (LANDesk Software, Inc. and its affiliates.) [Disabled | Running] -- C:\Program Files (x86)\LANDesk\LDClient\amtmon.exe -- (LANDesk®
SRV - [2011/10/14 04:38:50 | 000,189,952 | ---- | M] (LANDesk Software, Inc. and its affiliates.) [Auto | Running] -- C:\Program Files (x86)\LANDesk\LDClient\LocalSch.EXE -- (Intel Local Scheduler Service)
SRV - [2011/09/29 04:30:26 | 000,207,872 | ---- | M] (LANDesk Software, Inc. and its affiliates.) [Auto | Running] -- C:\Program Files (x86)\LANDesk\LDClient\policy.client.invoker.exe -- (LANDesk Policy Invoker)
SRV - [2011/08/01 12:30:36 | 000,147,456 | ---- | M] (Avocent Corporation) [Auto | Running] -- C:\Program Files (x86)\LANDesk\Shared Files\residentAgent.exe -- (CBA8)
SRV - [2011/04/15 08:27:06 | 000,596,736 | ---- | M] (Trend Micro Inc.) [Disabled | Running] -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPfw.exe -- (TmPfw)
SRV - [2011/02/02 13:08:16 | 000,018,656 | ---- | M] () [Disabled | Running] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2011/01/12 02:35:00 | 000,120,128 | ---- | M] (McAfee, Inc.) [Disabled | Running] -- C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe -- (McAfeeFramework)
SRV - [2010/11/16 05:38:16 | 000,339,456 | ---- | M] () [Disabled | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe)
SRV - [2010/03/23 12:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) [Disabled | Running] -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/08/31 06:13:00 | 000,032,825 | ---- | M] (LANDesk Software Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\cba\pds.exe -- (Intel PDS)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/10/03 01:55:08 | 000,046,368 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/07/24 10:04:34 | 000,036,816 | ---- | M] (Juniper Networks) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dsNcAdpt.sys -- (dsNcAdpt)
DRV:64bit: - [2012/11/20 13:08:36 | 000,052,376 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2012/11/13 16:33:12 | 000,174,016 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:64bit: - [2012/10/30 08:08:48 | 000,082,840 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:64bit: - [2012/10/30 08:08:10 | 000,065,872 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:64bit: - [2012/10/21 21:31:24 | 000,027,760 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2012/10/21 21:31:24 | 000,014,448 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2012/08/20 23:31:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/10 02:31:17 | 000,421,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbwwan.sys -- (ewusbmbb)
DRV:64bit: - [2012/08/10 02:31:17 | 000,221,312 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2012/08/10 02:31:17 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2012/08/10 02:31:17 | 000,086,016 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2012/07/09 00:12:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/06/21 13:50:12 | 000,197,432 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmlwf.sys -- (TmLwf)
DRV:64bit: - [2012/06/21 12:51:00 | 000,338,232 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmwfp.sys -- (tmWfp)
DRV:64bit: - [2012/03/26 01:20:12 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2012/02/29 22:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/11/13 10:13:36 | 000,063,088 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2011/11/13 10:13:30 | 000,031,344 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\VMparport.sys -- (VMparport)
DRV:64bit: - [2011/11/13 10:12:40 | 000,032,880 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2011/11/13 10:12:12 | 000,030,320 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2011/11/13 08:03:56 | 000,045,680 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2011/11/13 08:03:56 | 000,020,080 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2011/09/07 17:43:26 | 000,048,240 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmwvusb.sys -- (vmwvusb)
DRV:64bit: - [2011/08/29 08:31:10 | 000,037,680 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmusb.sys -- (vmusb)
DRV:64bit: - [2011/08/16 20:34:34 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2011/08/16 20:34:28 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2011/08/16 20:28:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011/08/16 20:28:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011/08/16 20:28:20 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011/08/16 20:28:16 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011/08/08 01:29:12 | 000,116,336 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2011/06/08 10:44:04 | 000,167,368 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\MfeEpePc.sys -- (MfeEpePc)
DRV:64bit: - [2011/05/13 03:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/05/13 03:21:04 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2011/05/13 03:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011/05/13 03:21:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2011/05/13 03:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011/03/17 14:27:04 | 000,138,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2011/03/17 14:27:04 | 000,021,416 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2011/02/16 17:53:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2011/01/18 09:50:00 | 000,022,592 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2011/01/18 09:49:54 | 004,719,680 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011/01/04 13:31:16 | 000,075,240 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2sdjw7x64.sys -- (O2SDJRDR)
DRV:64bit: - [2011/01/03 14:19:56 | 000,074,984 | ---- | M] (O2Micro ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\O2MDRw7x64.sys -- (O2MDRRDR)
DRV:64bit: - [2011/01/03 12:04:44 | 000,072,808 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2mdfw7x64.sys -- (O2MDFRDR)
DRV:64bit: - [2010/12/16 20:39:10 | 012,256,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/12/16 11:43:26 | 000,097,912 | ---- | M] (Juniper Networks) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NEOFLTR_700_17289.SYS -- (NEOFLTR_700_17289)
DRV:64bit: - [2010/12/13 08:34:14 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler)
DRV:64bit: - [2010/12/07 14:43:40 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/12/07 11:58:38 | 000,108,624 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:64bit: - [2010/11/05 18:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iastor)
DRV:64bit: - [2010/10/28 07:42:32 | 000,315,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2010/10/19 05:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/15 03:28:18 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/08/24 14:46:02 | 000,038,440 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cvusbdrv.sys -- (cvusbdrv)
DRV:64bit: - [2010/08/20 10:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)
DRV:64bit: - [2010/03/23 12:29:46 | 000,304,784 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV:64bit: - [2010/02/26 18:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/07 19:02:00 | 000,014,992 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVirtA64.sys -- (CVirtA)
DRV:64bit: - [2009/07/13 17:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 17:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 16:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009/06/10 12:35:02 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1k60x64.sys -- (e1kexpress)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/04/17 07:51:02 | 000,017,048 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tcm.sys -- (tcm)
DRV:64bit: - [2008/11/16 05:09:44 | 000,157,968 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dne64x.sys -- (DNE)
DRV:64bit: - [2007/11/13 13:30:00 | 000,053,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV - [2012/07/17 09:37:44 | 000,344,376 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmXPFlt.sys -- (TmFilter)
DRV - [2012/07/17 09:37:16 | 000,042,808 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmpreflt.sys -- (TmPreFilter)
DRV - [2012/07/17 09:28:46 | 002,224,952 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\vsapiNT.sys -- (VSApiNt)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.teradata.com [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {D07C580A-FEC3-4996-89CE-923CF2341B7F}
IE - HKCU\..\SearchScopes\{D07C580A-FEC3-4996-89CE-923CF2341B7F}: "URL" = http://www.google.co...1I7MXGB_enUS562
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\ST186026\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\ST186026\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\ST186026\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ST186026\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ST186026\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.0.2.13 [2013/10/31 01:41:34 | 000,000,000 | ---D | M]

[2012/12/05 14:17:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ST186026\AppData\Roaming\mozilla\Extensions
[2013/05/16 23:12:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ST186026\AppData\Roaming\mozilla\Firefox\extensions
[2013/05/16 23:12:04 | 000,000,000 | ---D | M] (uTorrentControl_v6) -- C:\Users\ST186026\AppData\Roaming\mozilla\Firefox\extensions\{96f454ea-9d38-474f-b504-56193e00c1a5}
[2012/12/05 14:17:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/11/29 00:27:12 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/11/29 00:27:12 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http:\/\/start.roboform.com
CHR - homepage: http:\/\/start.roboform.com
CHR - Extension: Skype Click to Call = C:\Users\ST186026\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_1\
CHR - Extension: AVG SafeGuard = C:\Users\ST186026\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\17.0.2.13_0\
CHR - Extension: Google Wallet = C:\Users\ST186026\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\

O1 HOSTS File: ([2013/11/12 10:04:03 | 000,002,398 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost localtdcop1
O1 - Hosts: Prod(LIvenation1)
O1 - Hosts: ------
O1 - Hosts: Dev: (Livenation2)
O1 - Hosts: ------
O1 - Hosts: TDDEVCOP2.DW.BIZSYS.TMCS 10.74.6.33
O1 - Hosts: TDDEVCOP3.DW.BIZSYS.TMCS 10.74.6.35
O1 - Hosts: TDDEVCOP4.DW.BIZSYS.TMCS 10.74.6.36
O1 - Hosts: 10.74.6.31 (SWS NODE)
O1 - Hosts: 10.74.6.34 (VIEWPOINT NODE)
O1 - Hosts: 192.168.190.129 localTDcop1
O1 - Hosts: 10.73.12.98 jira.tm.tmcs
O1 - Hosts: 10.73.12.99 confluence.tm.tmcs
O1 - Hosts: 10.7.29.61 aegdbc aegdbccop1
O1 - Hosts: 10.7.29.64 sc_teradata
O1 - Hosts: 153.64.112.181
O1 - Hosts: 153.64.112.182
O1 - Hosts: 153.64.112.184
O1 - Hosts: 172.21.25.51 benpview
O1 - Hosts: 172.21.27.10 csbenpvmsec1
O1 - Hosts: 172.21.27.11 csbenpvmsec2
O1 - Hosts: 74.208.10.249 gs.apple.com
O2:64bit: - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (WebEx Productivity Tools) - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli64.dll (Cisco WebEx LLC)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (WebEx Productivity Tools) - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli.dll (Cisco WebEx LLC)
O2 - BHO: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.0.2.13\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3:64bit: - HKLM\..\Toolbar: (WebEx Productivity Tools) - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli64.dll (Cisco WebEx LLC)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (WebEx Productivity Tools) - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli.dll (Cisco WebEx LLC)
O3 - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.0.2.13\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [OfficeScanNT Monitor] C:\Program Files (x86)\Trend Micro\OfficeScan Client\pccntmon.exe (Trend Micro Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Security present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\SQM present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPublishingWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMSAppLogo5ChannelNotify = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disablecad = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\kerberos\parameters: supportedencryptiontypes = 2147483647
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\SQM present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowCpl = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 1 = Microsoft.WindowsUpdate
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 2 = Microsoft.WindowsFirewall
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 3 = Microsoft.BitLockerDriveEncryption
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 4 = Microsoft.WindowsDefender
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 5 = Microsoft.ActionCenter
O8:64bit: - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8:64bit: - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8:64bit: - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8:64bit: - Extra context menu item: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9:64bit: - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: Teradata.com ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: Teradata.com ([]https in Local intranet)
O15 - HKCU\..Trusted Domains: Teradata.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: Teradata.com ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: Teradata.com ([]https in Local intranet)
O16:64bit: - DPF: {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/...tupClient64.cab (JuniperSetupClientControl64 Class)
O16 - DPF: {0B0F4127-1B3E-467A-B6C8-571807562DDC} http://web.teradata..../validateTD.cab (AuthenticationTD.Authenticate)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://akamaicdn.we...81/ieatgpc1.cab (GpcContainer Class)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/...SetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = TD.TERADATA.COM
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2A5C652D-0D33-470D-9C1C-E80A3B909F87}: DhcpNameServer = 153.65.2.111 153.65.2.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{97599168-8333-4578-988C-A8260F24609E}: DhcpNameServer = 10.168.36.132 10.168.36.133
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll (AVG Secure Search)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30:64bit: - LSA: Security Packages - (wsauth) - C:\Windows\SysNative\wsauth.dll (VMware, Inc.)
O30 - LSA: Security Packages - (wsauth) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/05/17 03:47:48 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O33 - MountPoints2\{1d6787c4-e132-11e1-b5cb-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{1d6787c4-e132-11e1-b5cb-005056c00008}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{1d6787c9-e132-11e1-b5cb-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{1d6787c9-e132-11e1-b5cb-005056c00008}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{46e5cf26-2264-11e2-a255-824fef64c7bb}\Shell - "" = AutoRun
O33 - MountPoints2\{46e5cf26-2264-11e2-a255-824fef64c7bb}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{895223ab-1a8e-11e2-a0c7-c3dee8875ca0}\Shell - "" = AutoRun
O33 - MountPoints2\{895223ab-1a8e-11e2-a0c7-c3dee8875ca0}\Shell\AutoRun\command - "" = E:\Startme.exe
O33 - MountPoints2\{977064aa-e206-11e1-ae05-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{977064aa-e206-11e1-ae05-005056c00008}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{977064c4-e206-11e1-ae05-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{977064c4-e206-11e1-ae05-005056c00008}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{b180fe94-e2d2-11e1-bb56-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{b180fe94-e2d2-11e1-bb56-005056c00008}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{b180feab-e2d2-11e1-bb56-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{b180feab-e2d2-11e1-bb56-005056c00008}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{d37ff086-f7d7-11e1-aec9-c1857f4398a6}\Shell - "" = AutoRun
O33 - MountPoints2\{d37ff086-f7d7-11e1-aec9-c1857f4398a6}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{ee560768-24a4-11e2-9c4a-f19cb65667a2}\Shell - "" = AutoRun
O33 - MountPoints2\{ee560768-24a4-11e2-9c4a-f19cb65667a2}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/11/13 02:29:11 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013/11/13 02:05:03 | 000,000,000 | ---D | C] -- C:\Program Files\VMware
[2013/11/13 01:43:04 | 000,000,000 | ---D | C] -- C:\Users\ST186026\AppData\Roaming\Google
[2013/11/13 01:42:35 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013/11/13 01:42:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2013/11/12 09:32:51 | 000,000,000 | ---D | C] -- C:\Users\ST186026\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Juniper Networks
[2013/11/12 05:49:41 | 000,000,000 | ---D | C] -- C:\Users\ST186026\AppData\Roaming\RoboForm
[2013/11/12 05:48:32 | 000,000,000 | ---D | C] -- C:\ProgramData\RoboForm
[2013/11/12 05:48:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm
[2013/11/12 05:48:07 | 000,000,000 | ---D | C] -- C:\Users\ST186026\Documents\My RoboForm Data
[2013/11/12 05:47:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Siber Systems
[2013/11/12 01:35:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013/11/12 01:35:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/11/12 01:35:23 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/11/12 01:35:18 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/11/12 01:35:18 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/11/12 01:35:18 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/11/12 01:34:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
[2013/11/12 01:34:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013/11/11 02:38:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HDD Regenerator
[2013/11/11 02:28:00 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloads
[2013/11/11 02:27:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
[2013/11/11 02:26:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Western Digital
[2013/11/11 02:26:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Western Digital
[2013/11/08 20:05:36 | 000,000,000 | ---D | C] -- C:\Users\ST186026\Desktop\interview
[2013/11/07 05:05:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Data Recovery Suite
[2013/11/07 05:05:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Data Recovery Suite
[2013/11/04 13:04:47 | 000,198,944 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\snapman.sys
[2013/11/04 12:13:51 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2013/11/04 12:13:40 | 000,000,000 | ---D | C] -- C:\Program Files\WDCSAM
[2013/10/23 03:20:10 | 000,000,000 | -HSD | C] -- C:\found.002
[2013/10/15 08:27:52 | 000,000,000 | ---D | C] -- C:\Users\ST186026\Desktop\Shashi
[2 C:\Users\ST186026\Desktop\*.tmp files -> C:\Users\ST186026\Desktop\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/11/13 03:52:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/13 03:50:03 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1396450758-1786167332-1027482587-105274UA.job
[2013/11/13 03:45:13 | 000,007,614 | ---- | M] () -- C:\Users\ST186026\AppData\Local\resmon.resmoncfg
[2013/11/13 02:52:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/13 02:37:47 | 000,013,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/13 02:37:47 | 000,013,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/13 02:34:48 | 000,000,420 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_1013b_rmv.job
[2013/11/13 02:34:47 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_1013b_rel.job
[2013/11/13 02:34:21 | 000,014,998 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2013/11/13 02:30:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/13 02:30:08 | 2053,799,935 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/13 02:13:55 | 000,003,654 | RHS- | M] () -- C:\Users\ST186026\ntuser.pol
[2013/11/13 02:05:16 | 000,001,323 | ---- | M] () -- C:\Users\Public\Desktop\VMware View Client.lnk
[2013/11/13 01:42:02 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/11/13 01:42:02 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/11/12 20:56:32 | 005,646,644 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/11/12 20:56:32 | 000,761,436 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2013/11/12 20:56:32 | 000,761,280 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
[2013/11/12 20:56:32 | 000,712,720 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013/11/12 20:56:32 | 000,678,328 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/11/12 20:56:32 | 000,445,356 | ---- | M] () -- C:\Windows\SysNative\perfh012.dat
[2013/11/12 20:56:32 | 000,433,762 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2013/11/12 20:56:32 | 000,418,188 | ---- | M] () -- C:\Windows\SysNative\prfh0404.dat
[2013/11/12 20:56:32 | 000,401,086 | ---- | M] () -- C:\Windows\SysNative\prfh0804.dat
[2013/11/12 20:56:32 | 000,163,150 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
[2013/11/12 20:56:32 | 000,154,118 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2013/11/12 20:56:32 | 000,153,608 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013/11/12 20:56:32 | 000,127,020 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2013/11/12 20:56:32 | 000,127,020 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/11/12 20:56:32 | 000,125,308 | ---- | M] () -- C:\Windows\SysNative\perfc012.dat
[2013/11/12 20:56:32 | 000,124,880 | ---- | M] () -- C:\Windows\SysNative\prfc0804.dat
[2013/11/12 20:56:32 | 000,119,966 | ---- | M] () -- C:\Windows\SysNative\prfc0404.dat
[2013/11/12 10:41:30 | 000,001,998 | -H-- | M] () -- C:\Users\ST186026\Documents\Default.rdp
[2013/11/12 10:15:59 | 000,001,024 | ---- | M] () -- C:\.rnd
[2013/11/12 09:50:05 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1396450758-1786167332-1027482587-105274Core.job
[2013/11/12 09:46:50 | 000,016,999 | ---- | M] () -- C:\Windows\cfgall.ini
[2013/11/12 07:03:56 | 000,050,251 | ---- | M] () -- C:\Users\ST186026\Desktop\vmware.png
[2013/11/11 21:26:15 | 747,174,879 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/11/07 05:05:50 | 000,001,125 | ---- | M] () -- C:\Users\Public\Desktop\7-Data Recovery Suite.lnk
[2013/11/06 09:18:31 | 000,162,816 | ---- | M] () -- C:\Users\ST186026\Desktop\FW Conveyance sheet for Oct-2013.msg
[2013/11/04 13:04:47 | 000,198,944 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\snapman.sys
[2013/11/04 10:47:22 | 000,000,600 | ---- | M] () -- C:\Users\ST186026\AppData\Local\PUTTY.RND
[2013/10/24 20:55:09 | 000,001,988 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2 C:\Users\ST186026\Desktop\*.tmp files -> C:\Users\ST186026\Desktop\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/11/13 02:34:07 | 000,000,420 | ---- | C] () -- C:\Windows\tasks\AVG-Secure-Search-Update_1013b_rmv.job
[2013/11/13 02:34:07 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\AVG-Secure-Search-Update_1013b_rel.job
[2013/11/13 02:05:16 | 000,001,323 | ---- | C] () -- C:\Users\Public\Desktop\VMware View Client.lnk
[2013/11/13 01:42:17 | 000,000,902 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/13 01:42:17 | 000,000,898 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/12 07:03:56 | 000,050,251 | ---- | C] () -- C:\Users\ST186026\Desktop\vmware.png
[2013/11/07 05:05:50 | 000,001,125 | ---- | C] () -- C:\Users\Public\Desktop\7-Data Recovery Suite.lnk
[2013/11/06 09:18:31 | 000,162,816 | ---- | C] () -- C:\Users\ST186026\Desktop\FW Conveyance sheet for Oct-2013.msg
[2013/11/04 12:21:12 | 000,007,614 | ---- | C] () -- C:\Users\ST186026\AppData\Local\resmon.resmoncfg
[2013/09/27 11:57:59 | 000,186,460 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2013/08/08 21:08:01 | 000,201,629 | ---- | C] () -- C:\Users\ST186026\ticket.png
[2013/08/05 08:19:44 | 000,181,808 | ---- | C] () -- C:\Windows\RegBootClean.exe
[2013/08/05 07:20:57 | 000,049,072 | ---- | C] () -- C:\Users\ST186026\idea datacard receipt.png
[2013/07/11 06:48:47 | 000,007,345 | ---- | C] () -- C:\Windows\cfgwtp.ini
[2013/05/17 05:19:04 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2013/04/29 09:30:21 | 000,000,000 | ---- | C] () -- C:\Windows\twa.INI
[2012/09/28 05:12:18 | 000,022,095 | ---- | C] () -- C:\Users\ST186026\AppData\Roaming\Comma Separated Values (DOS).ADR
[2012/09/28 05:08:28 | 000,022,099 | ---- | C] () -- C:\Users\ST186026\AppData\Roaming\Comma Separated Values (Windows).ADR
[2012/09/24 09:51:39 | 000,001,527 | ---- | C] () -- C:\Users\ST186026\insert.ouput
[2012/09/24 09:44:02 | 000,001,232 | ---- | C] () -- C:\Users\ST186026\insert2.output
[2012/09/24 09:42:19 | 000,001,232 | ---- | C] () -- C:\Users\ST186026\insert1.output
[2012/09/24 09:27:13 | 000,001,091 | ---- | C] () -- C:\Users\ST186026\sample1.output
[2012/09/24 09:25:52 | 000,001,313 | ---- | C] () -- C:\Users\ST186026\Insert.output
[2012/09/24 08:57:10 | 000,001,091 | ---- | C] () -- C:\Users\ST186026\sample.output
[2012/09/05 21:54:28 | 000,000,600 | ---- | C] () -- C:\Users\ST186026\AppData\Roaming\winscp.rnd
[2012/06/26 04:07:21 | 000,002,130 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/06/14 03:34:38 | 000,000,600 | ---- | C] () -- C:\Users\ST186026\AppData\Local\PUTTY.RND
[2012/06/13 00:36:28 | 000,016,999 | ---- | C] () -- C:\Windows\cfgall.ini
[2012/06/12 21:55:28 | 005,624,032 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/06/12 21:51:00 | 000,003,654 | RHS- | C] () -- C:\Users\ST186026\ntuser.pol
[2012/06/12 20:57:26 | 000,014,998 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012/06/12 17:23:06 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012/06/12 17:23:06 | 000,207,376 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012/06/12 17:23:05 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin

========== ZeroAccess Check ==========

[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009/07/13 17:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009/07/13 17:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 17:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 158 bytes -> C:\ProgramData\TEMP:B755D674

< End of report >

Attached Files

  • Attached File  OTL.Txt   132.08KB   37 downloads

  • 0

Advertisements


#2
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,915 posts
Hi siva thota, :)

:welcome:

My name is Valinorum and I will be your helper today. Before we proceed, please, acknowledge yourself the following(s):

  • Please do not create any new threads on this while we are working on your system as it wastes another volunteer's time. If you are being helped/have solved the issue/no longer wish to continue, notify me in your reply and I will quickly close this thread. Failing to comply will result in denial of future assistance.
  • Please do not install any new software while we are working on this system as it may hinder our process.
  • Malware removal is a complicated process so don't stop following the steps even if the symptoms are not found. Keep up with me until I declare you clean.
  • Please do not try to fix anything without being ask.
  • Please do not attach your logs. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
  • Please print or save the instructions I give you for quick reference. We may be using Safe mode which will cut you off from internet and you will not always be able to access this thread.
  • Back up your data. I will not knowingly suggest your any course that might damage your system but sometimes Malware infections are so severe that only option we have is to re-format and re-install the operating system.
  • If you are confused about any instruction stop and ask. Do not keep on going.
  • Do not repeat the steps if you face any problems.
  • I am not an omniscient. There are things even I cannot foresee. But what I know took years to learn and perfect the skill. This site is run by volunteers who help people in need in their own free time. I would ask you to respect their time and be patient as sometimes real life demands our time and replies to you can be delayed.
  • Privet Message(PM) if and only if I have not responded to your thread within three days or your query is offtopic and personal. Do not PM me under any other circumstances. Your thread is the only medium of communication.
  • The fixes are for your system only. Please refrain from using these fixes on other system as it may do serious damage.

Note: Please, bare in mind that I am still a trainee and my replies need to be reviewed by my teachers before I post them to you which requires time as both teachers and helpers are volunteers here. Take it as a good thing because now you have two people examining your problem. I really hope that we will be able to send you home with a smile on your face. :)

 

Do not attach the logs. Copy and paste the whole contents in your reply. :)
Please post the Extras.txt produced by OTL.exe on its first run. It is located in the same directory as OTL which is in your case C:\Users\ST186026\Downloads.

 

  • Required Log(s):
  • Extras.txt

Regards,
Valinorum
  • 0

#3
siva thota

siva thota

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Thanks for your help.

Here is the extras log file content
--------------------------------------------------------------------------------------------

OTL Extras logfile created on: 11/13/2013 3:44:39 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ST186026\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.88 Gb Total Physical Memory | 4.96 Gb Available Physical Memory | 62.92% Memory free
15.77 Gb Paging File | 12.63 Gb Available in Paging File | 80.14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 464.40 Gb Total Space | 191.55 Gb Free Space | 41.25% Space Free | Partition Type: NTFS
Drive T: | 9748.94 Gb Total Space | 1229.94 Gb Free Space | 12.62% Space Free | Partition Type: NTFS

Computer Name: WINST186026-YA6 | User Name: st186026 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
"PolicyVersion" = 522

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
"EnableFirewall" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\PrivateProfile]
"EnableFirewall" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\PublicProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
"PolicyVersion" = 522

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\PrivateProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\PublicProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\WebEx\Connect\wbxcOIEx.exe" = C:\Program Files (x86)\WebEx\Connect\wbxcOIEx.exe:*:Enabled:wbxcOIEx -- (WebEx)
"C:\Program Files (x86)\WebEx\Connect\widget.exe" = C:\Program Files (x86)\WebEx\Connect\widget.exe:*:Enabled:widget -- ()
"C:\Program Files (x86)\WebEx\Connect\connect.exe" = C:\Program Files (x86)\WebEx\Connect\connect.exe:*:Enabled:WebEx Connect -- (Cisco WebEx)
"C:\Program Files (x86)\WebEx\Connect\wbxcOIEx.exe" = C:\Program Files (x86)\WebEx\Connect\wbxcOIEx.exe:*:Enabled:wbxcOIEx -- (WebEx)
"C:\Program Files (x86)\WebEx\Connect\widget.exe" = C:\Program Files (x86)\WebEx\Connect\widget.exe:*:Enabled:widget -- ()
"C:\Program Files (x86)\WebEx\Connect\connect.exe" = C:\Program Files (x86)\WebEx\Connect\connect.exe:*:Enabled:WebEx Connect -- (Cisco WebEx)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\WebEx\Connect\wbxcOIEx.exe" = C:\Program Files (x86)\WebEx\Connect\wbxcOIEx.exe:*:Enabled:wbxcOIEx -- (WebEx)
"C:\Program Files (x86)\WebEx\Connect\widget.exe" = C:\Program Files (x86)\WebEx\Connect\widget.exe:*:Enabled:widget -- ()
"C:\Program Files (x86)\WebEx\Connect\connect.exe" = C:\Program Files (x86)\WebEx\Connect\connect.exe:*:Enabled:WebEx Connect -- (Cisco WebEx)
"C:\Program Files (x86)\WebEx\Connect\wbxcOIEx.exe" = C:\Program Files (x86)\WebEx\Connect\wbxcOIEx.exe:*:Enabled:wbxcOIEx -- (WebEx)
"C:\Program Files (x86)\WebEx\Connect\widget.exe" = C:\Program Files (x86)\WebEx\Connect\widget.exe:*:Enabled:widget -- ()
"C:\Program Files (x86)\WebEx\Connect\connect.exe" = C:\Program Files (x86)\WebEx\Connect\connect.exe:*:Enabled:WebEx Connect -- (Cisco WebEx)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0FB8979D-3AC3-4649-BD3C-CFD1867E3B1E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{1293A713-B799-4F7D-AF5D-E8374900499E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2DCDBD34-8368-4EB9-B3C0-8587A33DBCD7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{33A0C96B-26FE-4D66-B11E-EFFF24C0F3B8}" = rport=139 | protocol=6 | dir=out | app=system |
"{40138AEE-9DCF-4C2E-8B53-BFEA8D8B8144}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{577160AB-329D-4A00-A9A6-8826D12B1167}" = lport=139 | protocol=6 | dir=in | app=system |
"{5BA39C3C-2899-4AC8-BA86-A5CAB2DE18B8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5BCEDB82-19FE-4233-B6A8-84D51DFC9C92}" = rport=138 | protocol=17 | dir=out | app=system |
"{5D6E7A18-BAF5-44FA-BE6D-499A2982324D}" = lport=445 | protocol=6 | dir=in | app=system |
"{5E4E637F-06C6-49A1-80D5-11DCDA5FC969}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{5ED666F5-B866-4049-9242-65F2CD264BCE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{678B7B56-B5BD-4E5A-A7F7-7587E1C3A5A4}" = rport=445 | protocol=6 | dir=out | app=system |
"{82082931-2B57-42E1-B9C5-BB28C8985A88}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9FF2AF17-B30C-4AE4-8AD9-0805667B700C}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{A1581DAE-E455-4A68-9C42-F061AE6176BD}" = lport=138 | protocol=17 | dir=in | app=system |
"{B23F5AF7-C31C-4DD3-A111-A47C3A4EB320}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{B2764BAB-3B42-4FDC-B0B6-6C31B27A0565}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C7B3E8F9-EA77-44C0-A5F5-AF0579D12860}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{ECC139B1-4963-4163-92ED-18F4FE513A97}" = rport=137 | protocol=17 | dir=out | app=system |
"{EFB045DE-12E3-46C0-A01A-87B0D279ECF5}" = lport=137 | protocol=17 | dir=in | app=system |
"{FDB8CDEC-6A96-4595-96BC-019065398D8D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05FDEDAA-582A-4B0E-9BE7-187A0F6794C4}" = protocol=6 | dir=in | app=c:\program files (x86)\sony mobile\update service\update service.exe |
"{06F39DAD-006B-4D81-8D54-BD831AFC902E}" = protocol=17 | dir=in | app=c:\program files (x86)\mcafee\common framework\frameworkservice.exe |
"{0A9A79E7-B566-4B3C-8D15-9A39DFAF09FE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0AA9F386-8FED-468E-90F6-FE687E6BE30F}" = protocol=17 | dir=in | app=c:\program files (x86)\google\google talk\googletalk.exe |
"{0CCC8603-4662-4ADA-85F2-ED3F78D54221}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{14C9BF2E-9C54-4BCC-B077-232F3C549CC9}" = dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe |
"{1B3C46FA-A959-4BD5-9E67-7C6EC32945EF}" = protocol=6 | dir=in | app=c:\program files (x86)\landesk\ldclient\tmcsvc.exe |
"{1D4AF674-09F2-4AA3-9999-589D42FAB949}" = protocol=17 | dir=in | app=c:\program files (x86)\landesk\ldclient\tmcsvc.exe |
"{244943F1-71B9-4DA6-904E-6DCD1EE5B18E}" = protocol=6 | dir=in | app=c:\program files (x86)\mcafee\common framework\frameworkservice.exe |
"{291E4D01-CA53-467B-9497-74F2B60AA957}" = protocol=6 | dir=in | app=c:\program files\vmware\vmware view\client\bin\vmware-remotemks.exe |
"{298AFA6D-056E-4087-87AC-7266CD8A53F1}" = protocol=6 | dir=in | app=c:\program files (x86)\mcafee\common framework\frameworkservice.exe |
"{2A07784A-F510-4033-80E7-8BF04CCDF2B8}" = protocol=6 | dir=in | app=c:\program files (x86)\landesk\shared files\residentagent.exe |
"{35151A9B-0D0A-4250-BCB3-AB0A64752B02}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{385C0718-3BB6-47DA-B2EB-A3CB7B13C4A6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3D27D691-F926-48FE-9668-20A6BA5E38B7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\live meeting 8\console\pwconsole.exe |
"{4AC03EAB-7B25-4B7A-84E0-EC3C6E938E86}" = protocol=6 | dir=in | app=c:\program files (x86)\google\google talk\googletalk.exe |
"{4D16BA76-B661-4743-A2B0-EC8F3A02272E}" = protocol=17 | dir=in | app=c:\program files (x86)\landesk\shared files\residentagent.exe |
"{4F739EEC-7CC6-4862-A07F-854A7A56736B}" = protocol=17 | dir=in | app=c:\program files (x86)\mcafee\common framework\frameworkservice.exe |
"{504965C8-CF09-4B2E-944A-AA70BF91D5A2}" = protocol=6 | dir=in | app=c:\program files\vmware\vmware view\client\bin\vmware-remotemks.exe |
"{55DABC62-5B3E-4720-A947-2C8E92E04F2D}" = protocol=6 | dir=in | app=c:\program files (x86)\mcafee\common framework\frameworkservice.exe |
"{5E5EA24F-EEC6-4FE0-B4A5-C398A25DD6E7}" = protocol=58 | dir=in | [email protected],-28545 |
"{604E5C14-F872-47A7-BD45-BC003DCFD39C}" = protocol=17 | dir=in | app=c:\program files (x86)\landesk\ldclient\issuser.exe |
"{65AE52F0-8965-4CDA-9486-476230068FB7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{7C3A64F9-964C-45F9-83CC-85E1FBB556B8}" = protocol=6 | dir=in | app=c:\program files\vmware\vmware view\client\bin\wswc.exe |
"{7F491C0B-6CE7-4D9E-A910-B5DFABF21180}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\live meeting 8\console\pwconsole.exe |
"{821C5F35-9EBD-4BA8-8541-420B435E31BE}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{8232A653-54C1-48FD-BD21-25E09343683A}" = protocol=17 | dir=in | app=c:\program files (x86)\sony mobile\update service\update service.exe |
"{86E4FEC8-EC6A-4EDB-96A5-D04C0FC8C23A}" = protocol=17 | dir=in | app=c:\program files (x86)\mcafee\common framework\frameworkservice.exe |
"{88A046CE-8C43-4539-A85B-4F29BAAB30F7}" = protocol=6 | dir=in | app=c:\program files\vmware\vmware view\client\bin\wswc.exe |
"{88E5C3C3-A40F-45A7-A01E-94A573085919}" = protocol=6 | dir=in | app=c:\windows\syswow64\cba\pds.exe |
"{88FE6C50-35FD-4808-BDEA-34AFEA06589B}" = protocol=1 | dir=in | [email protected],-28543 |
"{8A320B81-7BAF-42D7-8F55-7556B5223ED0}" = protocol=6 | dir=in | app=c:\program files (x86)\landesk\ldclient\issuser.exe |
"{90ED491C-08E7-46C0-B65B-0BE716A65064}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{91E63786-586F-43A9-AAF0-11CB08EC0BDA}" = dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe |
"{96002551-9990-44F8-9379-472B621999C3}" = protocol=58 | dir=out | [email protected],-28546 |
"{9AB0E3EE-EBA6-445B-BE3E-5CBABC91B1E3}" = protocol=6 | dir=in | app=c:\program files\vmware\vmware view\client\bin\wswc.exe |
"{9B1FED98-B6C0-428D-B5D7-B3BAC65758E1}" = protocol=17 | dir=in | app=c:\windows\syswow64\cba\pds.exe |
"{A0A2D49C-6E23-4D04-9B74-77C6185F87E2}" = protocol=17 | dir=in | app=c:\program files\vmware\vmware view\client\bin\vmware-remotemks.exe |
"{A722F9B2-FE9E-4020-A7C8-AD840CBAB8BF}" = protocol=17 | dir=in | app=c:\program files\vmware\vmware view\client\bin\vmware-remotemks.exe |
"{B5AD1884-97E6-42B4-A280-562B35105748}" = protocol=6 | dir=in | app=c:\windows\syswow64\msgsys.exe |
"{B71DF8A9-D123-484E-A0CD-6FDC5FA1F782}" = protocol=17 | dir=in | app=c:\program files\vmware\vmware view\client\bin\wswc.exe |
"{B9EBD73C-7F0B-4FB0-968E-2E787313214E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{BB3863FA-28E2-416C-BA58-3933975845AC}" = protocol=6 | dir=in | app=c:\program files\vmware\vmware view\client\bin\vmware-remotemks.exe |
"{CD4F2201-A0F1-4139-BA63-18A6A4B30086}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{CF6AFC4A-6EAD-42FC-9A16-99077CA4786B}" = protocol=1 | dir=out | [email protected],-28544 |
"{DDA86883-EC28-4C4E-AF6C-919A5484324E}" = protocol=17 | dir=in | app=c:\program files\vmware\vmware view\client\bin\vmware-remotemks.exe |
"{DDB8C193-6626-400C-85CA-597D6F30699D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E632FAE6-B5AD-493B-BE97-89E1AE2DEDC4}" = protocol=17 | dir=in | app=c:\program files\vmware\vmware view\client\bin\wswc.exe |
"{E6C25014-9BDD-400E-A46E-2C3C6DFEF854}" = protocol=17 | dir=in | app=c:\windows\syswow64\msgsys.exe |
"{EB68B7C7-032B-4CC8-B674-E56F9D46C2CF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\live meeting 8\console\pwconsole.exe |
"{EC822625-6213-4F2F-8F26-E0840BA46349}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\live meeting 8\console\pwconsole.exe |
"{F8B52591-B939-4F6C-854C-E08FC87F5ACA}" = protocol=17 | dir=in | app=c:\program files\vmware\vmware view\client\bin\wswc.exe |
"{FA7196A4-6DCF-4DDB-A53D-36390A24CE93}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0B392DFA-18CB-4A3E-B0B6-3C82359B86C8}" = McAfee Endpoint Encryption Agent
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F86417011F0}" = Java 7 Update 11 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417017FF}" = Java 7 Update 17 (64-bit)
"{467D5E81-8349-4892-9E81-C3674ED8E451}" = Cisco Systems VPN Client 5.0.07.0290
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{64A3A4F4-B792-11D6-A78A-00B0D0170170}" = Java SE Development Kit 7 Update 17 (64-bit)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8DF73A13-F54C-4CB3-B4AD-4375A2E8F4F8}" = VmciSockets
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{9314BCDF-D90E-4681-B234-3AF183E51402}" = Teradata Studio nt-x8664 14.02
"{B8116E2A-541B-4CC0-9C31-B2A024420390}" = McAfee Endpoint Encryption for PC v6
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{C419D734-28E4-49F2-A112-8911DE931402}" = Teradata Studio Express nt-x8664 14.02
"{D5A1DA10-4A73-49A3-9C8A-C8CE9797DBBE}" = VMware View Client
"{D8CC254C-C671-4664-9A38-FA368D1E2C97}" = SES Driver
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"4CA7CFBB29889F25ACB3DF6E3A42BAE29EB43B20" = Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (01/19/2011 1.0.0009.0)
"DW WLAN Card Utility" = DW WLAN Card Utility
"Juniper_Setup_Client Activex Control" = Juniper Networks, Inc. Setup Client 64-bit Activex Control
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0181978C-81C4-4D49-832D-6F808EA5DB99}" = Teradata GSS Client nt-i386
"{02386A56-080B-485c-941D-AF96B29140DD}_is1" = 7-Data Recovery Suite version 2.3
"{052539AA-A183-4370-B6A5-17B4FDD2CAFB}" = Teradata Parallel Transporter Export Operator 13.10.0.2
"{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}" = Autodesk Content Service
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE 10.3
"{0CDBDB7E-B45C-48C2-BEF1-3F602ED1051A}" = Shared ICU Libraries for Teradata 14.00.0.1
"{0FF96368-A984-40CD-911D-D21407943A58}" = WebSphere Access Module for Teradata 13.10.0.2
"{11E5BE4C-7ED4-4A41-A2C9-AF6F3FE3F5F9}" = Teradata GSS Client nt-i386 14.0.2.7
"{1551F9D6-1B14-4AE1-BABA-70A4319C236A}" = ODBC Driver for Teradata 14.00.0.4
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1C0490F6-6925-4A5C-880C-80D4F53ADED7}" = Teradata Visual Explain 14.00.0.4
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{21B175B2-780D-4298-BBCC-71BC2323C007}" = .NET Data Provider for Teradata 14.00.0.1
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{2282678B-149B-4F9D-890A-07BBBAC0BE83}" = Teradata Visual Explain 13.10.0.4
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java™ 6 Update 30
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45
"{2A83AD05-56E6-3FBD-8752-B4143162EF59}" = Google Talk Plugin
"{2AAB21C2-4CDA-4189-A0EC-5ED666113F84}" = McAfee Agent
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{347A4386-53FB-4E17-8173-EB80C1BA722A}" = Teradata FastLoad 13.10.0.3
"{3FA0CEAC-F036-41D0-A88A-3AF4AF6A9FC4}" = Teradata Parallel Transporter Stream Operator 13.10.0.2
"{403F5D16-B064-499F-8A85-D7BA887E5A9F}" = Teradata System Emulation Tool 13.10.0.7
"{45734758-4041-4EA8-8E62-DE661FC3879C}" = LANDesk® Common Base Agent 8
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.10
"{5095C363-B331-4529-8750-315E74966C06}" = Teradata Administrator 14.00.0.2
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{599EB71F-CFBA-43DF-94F1-385AE832A2D2}" = Cisco WebEx Connect
"{5A717A30-8F97-4B96-900F-3799CEDD743D}" = Teradata SQL Assistant 14.01.0.2
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65420DC9-306E-4371-905F-F4DC3B418E52}" = Autodesk Material Library Base Resolution Image Library 2012
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6BDA2A1F-07EB-497E-BB19-15F8D31E8C48}" = Teradata CLIv2 14.00.0.5
"{6D15FA87-C308-4BCD-8017-FF839A001ED7}" = .NET Data Provider for Teradata 13.01.00.02
"{702EFE95-A12A-44CC-A889-58BF6B0D5641}" = Teradata Data Connector 14.00.0.10
"{7050AED0-8310-4885-9EA7-F2CB8FDDA9D9}" = Teradata Named Pipes Access Module 13.10.0.2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{73F1BDB7-11E1-11D5-9DC6-00C04F2FC33B}" = Teradata Index Wizard 13.10.0.3
"{77B1CB70-9008-4446-803C-0B09AAB7D338}" = Teradata Parallel Transporter Infrastructure 13.10.0.2
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7E8833A1-AF24-4CAE-82DF-CFE14C14B94D}" = LANDesk Advance Agent
"{8322BFFA-C413-4DCC-97B4-27FAB5073A51}" = Teradata OLE DB Access Module 13.10.0.2
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11
"{89E8C6E9-164E-4FAB-8819-0DFE7A63B55F}" = Teradata Parallel Transporter Update Operator 13.10.0.2
"{8D7D49C7-E03A-4F55-AF3D-FAAB0CD599CE}" = Teradata MultiLoad 13.10.0.3
"{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}" = Autodesk Material Library 2012
"{90120000-00D1-0409-0000-0000000FF1CE}" = Microsoft Office Access database engine 2007 (English)
"{90140000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2010
"{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{074D5E7B-205C-478F-9B9B-7C151E997B2E}" =
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.STANDARD_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.STANDARD_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.STANDARD_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.STANDARD_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.STANDARD_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.STANDARD_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.STANDARD_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.STANDARD_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.STANDARD_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{91EFFF4D-3981-49F3-957C-E13985546F2C}" = Teradata C PP2 13.10.0.3
"{93F07369-73BD-4553-8473-83D4FC7F2868}" = Teradata FastExport 13.10.0.3
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A170761C-A844-4E0D-900F-6A432255A1B1}" = Teradata Performance Monitor Object 13.10.0.1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.8) MUI
"{AE010703-007D-11DD-A3C1-001636EEECBD}" = Google App Engine
"{AEEE91F8-0952-4D99-A352-F46A40705615}" = Teradata System Emulation Tool 14.00.0.5
"{B27010F5-EE01-4996-8DF5-E1A48CC5624C}" = X7Magic Setup
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation®Network Downloader
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BB9B94ED-A4E7-4D87-B693-CA265D4A8685}" = Teradata Parallel Transporter Load Operator 13.10.0.2
"{BE59C5A4-D2C2-4EE5-9A12-14C8CDADD64E}" = Teradata Statistics Wizard 14.00.0.3
"{C150929F-C8C3-426B-B9DD-364C1FAB4716}" = Teradata Statistics Wizard 13.10.0.2
"{CD4749EF-AEAB-4B1F-A003-5BD609C9A42D}" = Teradata BTEQ 14.00.0.5
"{E30E7561-A466-4393-B8BF-FD93E733EF3C}" = Microsoft Office Live Meeting 2007
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E452E727-86B8-4233-8CC3-41FD817AFAFF}" = VMware Player
"{EA170654-D006-4745-8E58-2B8ED1ED153F}" = Teradata Parallel Transporter API 13.10.0.2
"{ECD3DD8B-B120-4AB0-8B8A-9DB1332B8B6D}" = WebEx Productivity Tools
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE 10.3
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F6D39677-0E8D-4688-8C6E-74BB4644074C}" = Teradata ARC
"{F76A72C5-8940-4E84-A6EC-185BAFD6097E}" = Teradata Workload Analyzer 14.00.0.2
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{F9784E1D-4455-4BFF-A97A-1B1355A4FFDB}" = WD Drive Utilities
"{F9FBE144-7EEC-43D6-A1A6-1B811C985122}" = Teradata TPump 13.10.0.2
"{FA28CE0C-DD1B-4165-864C-8C49DF86A46F}" = Teradata Index Wizard 14.00.0.4
"{FDB91C93-9C60-472B-81B2-18F4D279A43C}" = Teradata Workload Analyzer 13.10.0.3
"ActiveTouchMeetingClient" = Cisco WebEx Meetings
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"AI RoboForm" = RoboForm 7-9-2-5 (All Users)
"AppInventor Setup" = AppInventor Setup
"AVG SafeGuard toolbar" = AVG SafeGuard toolbar
"Idea Net Setter" = Idea Net Setter
"InstallShield_{F6D39677-0E8D-4688-8C6E-74BB4644074C}" = Teradata ARC 13.10.0.1
"Juniper Network Connect 7.0.0" = Juniper Networks Network Connect 7.0.0
"Juniper Network Connect 7.3.0" = Juniper Networks Network Connect 7.3.0
"Juniper Network Connect 7.3.1" = Juniper Networks Network Connect 7.3.1
"Juniper Network Connect 7.4.0" = Juniper Networks Network Connect 7.4.0
"Juniper_Setup_Client Activex Control" = Juniper Networks Setup Client Activex Control
"Neoteris_Secure_Application_Manager" = Juniper Networks Secure Application Manager
"Office14.STANDARD" = Microsoft Office Standard 2010
"OfficeScanNT" = Trend Micro OfficeScan Client
"Tata Photon+" = Tata Photon+
"TDLicOF14" = _Teradata License for Microsoft Office 2010 Standard
"Teradata ARC" = Teradata ARC 13.10.0.1
"Teradata Screensaver Screensaver" = Teradata Screensaver Screensaver
"Update Engine" = Sony Ericsson Update Engine
"VMware_Player" = VMware Player
"winscp3_is1" = WinSCP 4.2.8

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"4a06891c8267f27e" = Meetings Outlook® Toolbar
"Google Chrome" = Google Chrome
"Juniper_Setup_Client" = Juniper Networks, Inc. Setup Client
"Neoteris_Host_Checker" = Juniper Networks Host Checker

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 8/14/2013 1:54:48 AM | Computer Name = WINST186026-YA6.TD.TERADATA.COM | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 8/14/2013 1:54:48 AM | Computer Name = WINST186026-YA6.TD.TERADATA.COM | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7285

Error - 8/14/2013 1:54:48 AM | Computer Name = WINST186026-YA6.TD.TERADATA.COM | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7285

Error - 8/14/2013 2:18:14 PM | Computer Name = WINST186026-YA6.TD.TERADATA.COM | Source = Inventory Scanner | ID = 25
Description = LDIScn32: Failed to resolve the Host Nam

Error - 8/14/2013 3:54:50 PM | Computer Name = WINST186026-YA6.TD.TERADATA.COM | Source = Application Error | ID = 1000
Description = Faulting application name: rcgui.exe, version: 9.0.3.8, time stamp:
0x4eaa8d81 Faulting module name: ntdll.dll, version: 6.1.7600.16385, time stamp:
0x4a5bdb3b Exception code: 0xc0000005 Fault offset: 0x00038c39 Faulting process id:
0x2898 Faulting application start time: 0x01ce992800ac24c2 Faulting application path:
C:\PROGRA~2\LANDesk\LDClient\rcgui.exe Faulting module path: C:\Windows\SysWOW64\ntdll.dll
Report
Id: 60efae9e-051b-11e3-a0c7-d90984515ca2

Error - 8/14/2013 4:07:12 PM | Computer Name = WINST186026-YA6.TD.TERADATA.COM | Source = Microsoft-Windows-RestartManager | ID = 10007
Description = Application or service 'Cisco Systems, Inc. VPN Service' could not
be restarted.

Error - 8/14/2013 4:12:37 PM | Computer Name = WINST186026-YA6.TD.TERADATA.COM | Source = MsiInstaller | ID = 11721
Description =

Error - 8/14/2013 4:14:27 PM | Computer Name = WINST186026-YA6.TD.TERADATA.COM | Source = MsiInstaller | ID = 11721
Description =

Error - 8/14/2013 4:20:24 PM | Computer Name = WINST186026-YA6.TD.TERADATA.COM | Source = MsiInstaller | ID = 11721
Description =

Error - 8/14/2013 4:26:40 PM | Computer Name = WINST186026-YA6.TD.TERADATA.COM | Source = MsiInstaller | ID = 11721
Description =

[ Broadcom Wireless LAN Events ]
Error - 11/3/2013 10:55:34 AM | Computer Name = WINST186026-YA6.TD.TERADATA.COM | Source = WLAN-Tray | ID = 0
Description = 06:55:34, Sun, Nov 03, 13 Error - Unable to set enhanced country code


Error - 11/3/2013 1:44:06 PM | Computer Name = WINST186026-YA6.TD.TERADATA.COM | Source = WLAN-Tray | ID = 0
Description = 09:44:06, Sun, Nov 03, 13 Error - Unable to gain access to user store


Error - 11/7/2013 7:39:48 AM | Computer Name = WINST186026-YA6.TD.TERADATA.COM | Source = WLAN-Tray | ID = 0
Description = 03:39:48, Thu, Nov 07, 13 Error - Unable to set enhanced country code


Error - 11/7/2013 9:00:38 AM | Computer Name = WINST186026-YA6.TD.TERADATA.COM | Source = WLAN-Tray | ID = 0
Description = 05:00:38, Thu, Nov 07, 13 Error - Unable to set enhanced country code


Error - 11/7/2013 10:08:23 AM | Computer Name = WINST186026-YA6.TD.TERADATA.COM | Source = WLAN-Tray | ID = 0
Description = 06:08:23, Thu, Nov 07, 13 Error - Unable to set enhanced country code


Error - 11/8/2013 3:03:15 AM | Computer Name = WINST186026-YA6.TD.TERADATA.COM | Source = WLAN-Tray | ID = 0
Description = 23:03:15, Thu, Nov 07, 13 Error - Unable to set enhanced country code


Error - 11/8/2013 11:34:29 AM | Computer Name = WINST186026-YA6.TD.TERADATA.COM | Source = WLAN-Tray | ID = 0
Description = 07:34:29, Fri, Nov 08, 13 Error - Unable to set enhanced country code


Error - 11/9/2013 1:05:01 PM | Computer Name = WINST186026-YA6.TD.TERADATA.COM | Source = WLAN-Tray | ID = 0
Description = 09:05:01, Sat, Nov 09, 13 Error - Unable to set enhanced country code


Error - 11/12/2013 1:31:26 AM | Computer Name = WINST186026-YA6.TD.TERADATA.COM | Source = WLAN-Tray | ID = 0
Description = 21:31:26, Mon, Nov 11, 13 Error - Unable to set enhanced country code


Error - 11/13/2013 12:44:59 AM | Computer Name = WINST186026-YA6.TD.TERADATA.COM | Source = WLAN-Tray | ID = 0
Description = 20:44:59, Tue, Nov 12, 13 Error - Unable to set enhanced country code


[ System Events ]
Error - 11/13/2013 6:03:09 AM | Computer Name = WINST186026-YA6.TD.TERADATA.COM | Source = DCOM | ID = 10010
Description =

Error - 11/13/2013 6:08:35 AM | Computer Name = WINST186026-YA6.TD.TERADATA.COM | Source = DCOM | ID = 10010
Description =

Error - 11/13/2013 6:09:36 AM | Computer Name = WINST186026-YA6.TD.TERADATA.COM | Source = Service Control Manager | ID = 7000
Description = The Acronis OS Selector Reinstall Service service failed to start
due to the following error: %%2

Error - 11/13/2013 6:09:41 AM | Computer Name = WINST186026-YA6.TD.TERADATA.COM | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Idea
Net Setter. OUC service to connect.

Error - 11/13/2013 6:09:41 AM | Computer Name = WINST186026-YA6.TD.TERADATA.COM | Source = Service Control Manager | ID = 7000
Description = The Idea Net Setter. OUC service failed to start due to the following
error: %%1053

Error - 11/13/2013 6:18:50 AM | Computer Name = WINST186026-YA6.TD.TERADATA.COM | Source = DCOM | ID = 10010
Description =

Error - 11/13/2013 6:29:18 AM | Computer Name = WINST186026-YA6.TD.TERADATA.COM | Source = DCOM | ID = 10010
Description =

Error - 11/13/2013 6:30:23 AM | Computer Name = WINST186026-YA6.TD.TERADATA.COM | Source = Service Control Manager | ID = 7000
Description = The Acronis OS Selector Reinstall Service service failed to start
due to the following error: %%2

Error - 11/13/2013 6:30:27 AM | Computer Name = WINST186026-YA6.TD.TERADATA.COM | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Idea
Net Setter. OUC service to connect.

Error - 11/13/2013 6:30:27 AM | Computer Name = WINST186026-YA6.TD.TERADATA.COM | Source = Service Control Manager | ID = 7000
Description = The Idea Net Setter. OUC service failed to start due to the following
error: %%1053


< End of report >
  • 0

#4
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,915 posts
Hi siva thota, :)

Do you use the softwares listed below?
  • McAfee Endpoint Encryption for PC v6
  • McAfee Agent
  • Trend Micro OfficeScan Client
If you do not then take necessary backup and remove them as they are not an alternative for an anti-virus. Also, I have seen that you have no anti-virus installed in your system. If you have any choice, pick them and install them. If you want, I can provide a recommendation. But do note that an anti-virus is vital for your PC's security.

Also, uninstall the program below:
  • AVG SafeGuard toolbar

Also, your Hosts file is blocking many sites. Are you on a company network?

 

  • Step #1 Fix with AdwCleaner
    Download : ADWCleaner to your desktop.

    NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.

    Close all programs and click on the AdwCleaner icon.

    Posted Image

    Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

    The report will be saved in the C:\AdwCleaner folder. as AdwCleaner[S0].txt

 

  • Step #2 Scan with OTL
  • Re-run OTL.
  • Copy and Paste the following code inside the Custom Scans/Fixes box;
    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    CREATERESTOREPOINT
  • Click the Quick Scan button;
  • Copy and paste the content of the log in your next reply

 

  • Required Log(s):
  • AdwCleaner log;
  • OTL.txt

Regards,
Valinorum
  • 0

#5
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP