My laptop is taking very long time to boot up from several days. Even it takes long time to connect to the internet through google chrome(in the starting). Can you please help me on this.
PFA the log of OTL tool.
OTL logfile created on: 11/13/2013 3:44:38 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ST186026\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.88 Gb Total Physical Memory | 4.96 Gb Available Physical Memory | 62.92% Memory free
15.77 Gb Paging File | 12.63 Gb Available in Paging File | 80.14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 464.40 Gb Total Space | 191.55 Gb Free Space | 41.25% Space Free | Partition Type: NTFS
Drive T: | 9748.94 Gb Total Space | 1229.94 Gb Free Space | 12.62% Space Free | Partition Type: NTFS
Computer Name: WINST186026-YA6 | User Name: st186026 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found --
PRC - [2013/11/13 03:42:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ST186026\Downloads\OTL.exe
PRC - [2013/11/13 02:33:57 | 002,163,224 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_1013b.exe
PRC - [2013/11/13 02:33:57 | 002,163,224 | ---- | M] (AVG Secure Search) -- C:\Windows\Temp\{5D00E547-D059-42CA-AA70-8348F9BA4537}.exe
PRC - [2013/10/31 01:41:13 | 002,404,376 | ---- | M] () -- C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
PRC - [2013/10/09 09:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/10/03 01:55:07 | 001,734,680 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
PRC - [2013/10/03 01:55:07 | 000,159,768 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe
PRC - [2013/07/24 10:32:50 | 000,688,232 | ---- | M] (Juniper Networks) -- C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
PRC - [2013/07/10 14:25:18 | 000,270,704 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
PRC - [2013/05/09 23:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/10/01 15:01:08 | 000,458,936 | ---- | M] (Trend Micro Inc.) -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
PRC - [2012/08/10 02:31:16 | 000,218,624 | ---- | M] () -- C:\ProgramData\Idea Net Setter\OnlineUpdate\ouc.exe
PRC - [2012/05/03 19:57:48 | 000,857,704 | ---- | M] (WebEx Communications Inc.) -- C:\Program Files (x86)\WebEx\Connect\apUpdate.exe
PRC - [2011/11/13 10:12:54 | 000,354,416 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2011/11/13 10:12:52 | 000,433,264 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2011/11/13 08:19:40 | 000,079,872 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
PRC - [2011/10/28 04:09:54 | 000,399,872 | ---- | M] (LANDesk Software, Inc. and its affiliates.) -- C:\Program Files (x86)\LANDesk\LDClient\rcgui.exe
PRC - [2011/10/20 04:22:30 | 001,459,200 | ---- | M] (LANDesk Software, Inc. and its affiliates.) -- C:\Program Files (x86)\LANDesk\LDClient\issuser.exe
PRC - [2011/10/19 04:49:24 | 000,403,632 | ---- | M] (LANDesk Software, Inc. and its affiliates.) -- C:\Program Files (x86)\LANDesk\LDClient\SoftMon.exe
PRC - [2011/10/19 04:23:28 | 000,179,200 | ---- | M] (LANDesk Software, Inc. and its affiliates.) -- C:\Program Files (x86)\LANDesk\LDClient\tmcsvc.exe
PRC - [2011/10/14 04:49:50 | 001,058,304 | ---- | M] (LANDesk Software, Inc. and its affiliates.) -- C:\Program Files (x86)\LANDesk\LDClient\amtmon.exe
PRC - [2011/10/14 04:38:50 | 000,189,952 | ---- | M] (LANDesk Software, Inc. and its affiliates.) -- C:\Program Files (x86)\LANDesk\LDClient\LocalSch.EXE
PRC - [2011/09/29 04:30:26 | 000,207,872 | ---- | M] (LANDesk Software, Inc. and its affiliates.) -- C:\Program Files (x86)\LANDesk\LDClient\policy.client.invoker.exe
PRC - [2011/09/07 18:39:52 | 000,494,192 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe
PRC - [2011/08/01 12:30:36 | 000,147,456 | ---- | M] (Avocent Corporation) -- C:\Program Files (x86)\LANDesk\Shared Files\residentAgent.exe
PRC - [2011/07/21 08:23:58 | 000,496,128 | ---- | M] (LANDesk Software, Inc. and its affiliates ) -- C:\Program Files (x86)\LANDesk\LDClient\collector.exe
PRC - [2011/06/08 10:34:16 | 000,237,568 | ---- | M] () -- C:\Program Files\McAfee\Endpoint Encryption for PC v6\EpePcMonitor.exe
PRC - [2011/06/08 10:09:40 | 001,630,208 | ---- | M] () -- C:\Program Files\McAfee\Endpoint Encryption Agent\MfeEpeHost.exe
PRC - [2011/02/02 13:08:16 | 000,018,656 | ---- | M] () -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
PRC - [2011/01/12 02:35:00 | 000,185,664 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe
PRC - [2011/01/12 02:35:00 | 000,161,088 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe
PRC - [2011/01/12 02:35:00 | 000,120,128 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
PRC - [2011/01/12 02:35:00 | 000,075,072 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\Common Framework\McTray.exe
PRC - [2010/12/15 09:46:50 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
PRC - [2010/11/16 05:37:30 | 000,230,912 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2010/03/23 12:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2007/08/31 06:13:00 | 000,032,825 | ---- | M] (LANDesk Software Ltd.) -- C:\Windows\SysWOW64\cba\pds.exe
PRC - [2007/01/01 13:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Google Talk\googletalk.exe
========== Modules (No Company Name) ==========
MOD - [2013/10/31 01:41:13 | 002,404,376 | ---- | M] () -- C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
MOD - [2013/10/08 16:02:43 | 000,415,184 | ---- | M] () -- C:\Users\ST186026\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
MOD - [2013/10/08 16:02:42 | 013,584,336 | ---- | M] () -- C:\Users\ST186026\AppData\Local\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
MOD - [2013/10/08 16:02:41 | 004,055,504 | ---- | M] () -- C:\Users\ST186026\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll
MOD - [2013/10/08 16:01:50 | 000,698,832 | ---- | M] () -- C:\Users\ST186026\AppData\Local\Google\Chrome\Application\30.0.1599.101\libglesv2.dll
MOD - [2013/10/08 16:01:49 | 000,099,792 | ---- | M] () -- C:\Users\ST186026\AppData\Local\Google\Chrome\Application\30.0.1599.101\libegl.dll
MOD - [2013/10/08 16:01:47 | 001,604,560 | ---- | M] () -- C:\Users\ST186026\AppData\Local\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
MOD - [2013/10/03 01:55:08 | 000,519,704 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\log4cplusU.dll
MOD - [2013/10/03 01:55:08 | 000,142,360 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\SiteSafety.dll
MOD - [2011/06/08 10:34:16 | 000,237,568 | ---- | M] () -- C:\Program Files\McAfee\Endpoint Encryption for PC v6\EpePcMonitor.exe
MOD - [2011/06/08 10:08:26 | 000,126,976 | ---- | M] () -- C:\Program Files\McAfee\Endpoint Encryption Agent\MfeEpeHostInterface.dll
MOD - [2011/03/16 10:41:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/12/20 11:45:30 | 001,041,248 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
MOD - [2010/12/15 09:46:50 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
MOD - [2007/04/18 06:00:46 | 000,471,040 | ---- | M] () -- C:\Program Files (x86)\McAfee\Common Framework\ccme_base.dll
MOD - [2007/04/18 06:00:46 | 000,393,216 | ---- | M] () -- C:\Program Files (x86)\McAfee\Common Framework\cryptocme2.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013/05/17 05:18:36 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2011/09/07 18:43:26 | 001,125,488 | ---- | M] (VMware, Inc.) [Disabled | Running] -- C:\Program Files\VMware\VMware View\Client\bin\wsnm_usbctrl.exe -- (wsnm_usbctrl)
SRV:64bit: - [2011/09/07 18:39:52 | 000,494,192 | ---- | M] (VMware, Inc.) [Disabled | Running] -- C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe -- (wsnm)
SRV:64bit: - [2011/06/08 10:09:40 | 001,630,208 | ---- | M] () [Disabled | Running] -- C:\Program Files\McAfee\Endpoint Encryption Agent\MfeEpeHost.exe -- (McAfee Endpoint Encryption Agent)
SRV:64bit: - [2011/01/18 09:50:02 | 000,048,128 | ---- | M] (Dell Inc.) [Disabled | Running] -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2010/12/07 14:43:40 | 000,275,968 | ---- | M] (IDT, Inc.) [Disabled | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/02/10 17:50:50 | 000,072,296 | ---- | M] (O2Micro International) [Disabled | Running] -- C:\Windows\SysNative\drivers\o2flash.exe -- (O2FLASH)
SRV:64bit: - [2009/07/13 17:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 17:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/03/02 21:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Disabled | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2013/10/09 09:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) [Disabled | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/10/03 01:55:07 | 001,734,680 | ---- | M] (AVG Secure Search) [Disabled | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe -- (vToolbarUpdater17.0.12)
SRV - [2013/09/05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/07/24 10:32:50 | 000,688,232 | ---- | M] (Juniper Networks) [Disabled | Running] -- C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe -- (dsNcService)
SRV - [2013/07/10 14:25:18 | 000,270,704 | R--- | M] (Western Digital Technologies, Inc.) [Disabled | Running] -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe -- (WDDriveService)
SRV - [2013/05/09 23:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Disabled | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/06 16:00:48 | 003,116,160 | ---- | M] (Trend Micro Inc.) [Disabled | Running] -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmListen.exe -- (tmlisten)
SRV - [2012/12/06 15:55:44 | 003,015,992 | ---- | M] (Trend Micro Inc.) [Disabled | Running] -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\Ntrtscan.exe -- (ntrtscan)
SRV - [2012/11/20 13:08:32 | 000,919,192 | ---- | M] (VMware, Inc.) [Disabled | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
SRV - [2012/10/30 08:15:40 | 000,572,464 | ---- | M] (Trend Micro Inc.) [Disabled | Running] -- C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe -- (TMBMServer)
SRV - [2012/08/10 02:31:16 | 000,218,624 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Idea Net Setter\UpdateDog\ouc.exe -- (Idea Net Setter. RunOuc)
SRV - [2012/08/08 15:26:42 | 000,918,064 | ---- | M] (Trend Micro Inc.) [Disabled | Running] -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmProxy.exe -- (TmProxy)
SRV - [2012/05/03 19:57:48 | 000,857,704 | ---- | M] (WebEx Communications Inc.) [Disabled | Running] -- C:\Program Files (x86)\WebEx\Connect\apUpdate.exe -- (Cisco WebEx Connect Upgrade Service)
SRV - [2011/11/13 10:12:54 | 000,354,416 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2011/11/13 10:12:52 | 000,433,264 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2011/11/13 08:19:40 | 000,079,872 | ---- | M] (VMware, Inc.) [Disabled | Running] -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService)
SRV - [2011/10/20 04:22:30 | 001,459,200 | ---- | M] (LANDesk Software, Inc. and its affiliates.) [Auto | Running] -- C:\Program Files (x86)\LANDesk\LDClient\issuser.exe -- (ISSUSER)
SRV - [2011/10/19 04:49:24 | 000,403,632 | ---- | M] (LANDesk Software, Inc. and its affiliates.) [Auto | Running] -- C:\Program Files (x86)\LANDesk\LDClient\SoftMon.exe -- (Softmon)
SRV - [2011/10/19 04:23:28 | 000,179,200 | ---- | M] (LANDesk Software, Inc. and its affiliates.) [Auto | Running] -- C:\Program Files (x86)\LANDesk\LDClient\tmcsvc.exe -- (LANDesk Targeted Multicast)
SRV - [2011/10/19 04:23:22 | 000,143,872 | ---- | M] (LANDesk Software, Inc. and its affiliates.) [Disabled | Stopped] -- C:\Program Files (x86)\LANDesk\LDClient\ProcTriggerSvc.exe -- (ProcTrigger)
SRV - [2011/10/19 04:22:34 | 000,066,560 | ---- | M] (LANDesk Software, Inc. and its affiliates.) [Disabled | Stopped] -- C:\Program Files (x86)\LANDesk\LDClient\tracksvc.exe -- (tracksvc)
SRV - [2011/10/14 04:49:50 | 001,058,304 | ---- | M] (LANDesk Software, Inc. and its affiliates.) [Disabled | Running] -- C:\Program Files (x86)\LANDesk\LDClient\amtmon.exe -- (LANDesk®
SRV - [2011/10/14 04:38:50 | 000,189,952 | ---- | M] (LANDesk Software, Inc. and its affiliates.) [Auto | Running] -- C:\Program Files (x86)\LANDesk\LDClient\LocalSch.EXE -- (Intel Local Scheduler Service)
SRV - [2011/09/29 04:30:26 | 000,207,872 | ---- | M] (LANDesk Software, Inc. and its affiliates.) [Auto | Running] -- C:\Program Files (x86)\LANDesk\LDClient\policy.client.invoker.exe -- (LANDesk Policy Invoker)
SRV - [2011/08/01 12:30:36 | 000,147,456 | ---- | M] (Avocent Corporation) [Auto | Running] -- C:\Program Files (x86)\LANDesk\Shared Files\residentAgent.exe -- (CBA8)
SRV - [2011/04/15 08:27:06 | 000,596,736 | ---- | M] (Trend Micro Inc.) [Disabled | Running] -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPfw.exe -- (TmPfw)
SRV - [2011/02/02 13:08:16 | 000,018,656 | ---- | M] () [Disabled | Running] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2011/01/12 02:35:00 | 000,120,128 | ---- | M] (McAfee, Inc.) [Disabled | Running] -- C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe -- (McAfeeFramework)
SRV - [2010/11/16 05:38:16 | 000,339,456 | ---- | M] () [Disabled | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe)
SRV - [2010/03/23 12:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) [Disabled | Running] -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/08/31 06:13:00 | 000,032,825 | ---- | M] (LANDesk Software Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\cba\pds.exe -- (Intel PDS)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/10/03 01:55:08 | 000,046,368 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/07/24 10:04:34 | 000,036,816 | ---- | M] (Juniper Networks) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dsNcAdpt.sys -- (dsNcAdpt)
DRV:64bit: - [2012/11/20 13:08:36 | 000,052,376 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2012/11/13 16:33:12 | 000,174,016 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:64bit: - [2012/10/30 08:08:48 | 000,082,840 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:64bit: - [2012/10/30 08:08:10 | 000,065,872 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:64bit: - [2012/10/21 21:31:24 | 000,027,760 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2012/10/21 21:31:24 | 000,014,448 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2012/08/20 23:31:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/10 02:31:17 | 000,421,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbwwan.sys -- (ewusbmbb)
DRV:64bit: - [2012/08/10 02:31:17 | 000,221,312 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2012/08/10 02:31:17 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2012/08/10 02:31:17 | 000,086,016 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2012/07/09 00:12:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/06/21 13:50:12 | 000,197,432 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmlwf.sys -- (TmLwf)
DRV:64bit: - [2012/06/21 12:51:00 | 000,338,232 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmwfp.sys -- (tmWfp)
DRV:64bit: - [2012/03/26 01:20:12 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2012/02/29 22:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/11/13 10:13:36 | 000,063,088 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2011/11/13 10:13:30 | 000,031,344 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\VMparport.sys -- (VMparport)
DRV:64bit: - [2011/11/13 10:12:40 | 000,032,880 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2011/11/13 10:12:12 | 000,030,320 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2011/11/13 08:03:56 | 000,045,680 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2011/11/13 08:03:56 | 000,020,080 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2011/09/07 17:43:26 | 000,048,240 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmwvusb.sys -- (vmwvusb)
DRV:64bit: - [2011/08/29 08:31:10 | 000,037,680 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmusb.sys -- (vmusb)
DRV:64bit: - [2011/08/16 20:34:34 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2011/08/16 20:34:28 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2011/08/16 20:28:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011/08/16 20:28:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011/08/16 20:28:20 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011/08/16 20:28:16 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011/08/08 01:29:12 | 000,116,336 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2011/06/08 10:44:04 | 000,167,368 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\MfeEpePc.sys -- (MfeEpePc)
DRV:64bit: - [2011/05/13 03:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/05/13 03:21:04 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2011/05/13 03:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011/05/13 03:21:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2011/05/13 03:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011/03/17 14:27:04 | 000,138,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2011/03/17 14:27:04 | 000,021,416 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2011/02/16 17:53:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2011/01/18 09:50:00 | 000,022,592 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2011/01/18 09:49:54 | 004,719,680 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011/01/04 13:31:16 | 000,075,240 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2sdjw7x64.sys -- (O2SDJRDR)
DRV:64bit: - [2011/01/03 14:19:56 | 000,074,984 | ---- | M] (O2Micro ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\O2MDRw7x64.sys -- (O2MDRRDR)
DRV:64bit: - [2011/01/03 12:04:44 | 000,072,808 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2mdfw7x64.sys -- (O2MDFRDR)
DRV:64bit: - [2010/12/16 20:39:10 | 012,256,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/12/16 11:43:26 | 000,097,912 | ---- | M] (Juniper Networks) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NEOFLTR_700_17289.SYS -- (NEOFLTR_700_17289)
DRV:64bit: - [2010/12/13 08:34:14 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler)
DRV:64bit: - [2010/12/07 14:43:40 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/12/07 11:58:38 | 000,108,624 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:64bit: - [2010/11/05 18:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iastor)
DRV:64bit: - [2010/10/28 07:42:32 | 000,315,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2010/10/19 05:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/15 03:28:18 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/08/24 14:46:02 | 000,038,440 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cvusbdrv.sys -- (cvusbdrv)
DRV:64bit: - [2010/08/20 10:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)
DRV:64bit: - [2010/03/23 12:29:46 | 000,304,784 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV:64bit: - [2010/02/26 18:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/07 19:02:00 | 000,014,992 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVirtA64.sys -- (CVirtA)
DRV:64bit: - [2009/07/13 17:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 17:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 16:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009/06/10 12:35:02 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1k60x64.sys -- (e1kexpress)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/04/17 07:51:02 | 000,017,048 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tcm.sys -- (tcm)
DRV:64bit: - [2008/11/16 05:09:44 | 000,157,968 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dne64x.sys -- (DNE)
DRV:64bit: - [2007/11/13 13:30:00 | 000,053,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV - [2012/07/17 09:37:44 | 000,344,376 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmXPFlt.sys -- (TmFilter)
DRV - [2012/07/17 09:37:16 | 000,042,808 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmpreflt.sys -- (TmPreFilter)
DRV - [2012/07/17 09:28:46 | 002,224,952 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\vsapiNT.sys -- (VSApiNt)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.teradata.com [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {D07C580A-FEC3-4996-89CE-923CF2341B7F}
IE - HKCU\..\SearchScopes\{D07C580A-FEC3-4996-89CE-923CF2341B7F}: "URL" = http://www.google.co...1I7MXGB_enUS562
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\ST186026\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\ST186026\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\ST186026\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ST186026\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ST186026\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.0.2.13 [2013/10/31 01:41:34 | 000,000,000 | ---D | M]
[2012/12/05 14:17:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ST186026\AppData\Roaming\mozilla\Extensions
[2013/05/16 23:12:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ST186026\AppData\Roaming\mozilla\Firefox\extensions
[2013/05/16 23:12:04 | 000,000,000 | ---D | M] (uTorrentControl_v6) -- C:\Users\ST186026\AppData\Roaming\mozilla\Firefox\extensions\{96f454ea-9d38-474f-b504-56193e00c1a5}
[2012/12/05 14:17:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/11/29 00:27:12 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/11/29 00:27:12 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http:\/\/start.roboform.com
CHR - homepage: http:\/\/start.roboform.com
CHR - Extension: Skype Click to Call = C:\Users\ST186026\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_1\
CHR - Extension: AVG SafeGuard = C:\Users\ST186026\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\17.0.2.13_0\
CHR - Extension: Google Wallet = C:\Users\ST186026\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
O1 HOSTS File: ([2013/11/12 10:04:03 | 000,002,398 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost localtdcop1
O1 - Hosts: Prod(LIvenation1)
O1 - Hosts: ------
O1 - Hosts: Dev: (Livenation2)
O1 - Hosts: ------
O1 - Hosts: TDDEVCOP2.DW.BIZSYS.TMCS 10.74.6.33
O1 - Hosts: TDDEVCOP3.DW.BIZSYS.TMCS 10.74.6.35
O1 - Hosts: TDDEVCOP4.DW.BIZSYS.TMCS 10.74.6.36
O1 - Hosts: 10.74.6.31 (SWS NODE)
O1 - Hosts: 10.74.6.34 (VIEWPOINT NODE)
O1 - Hosts: 192.168.190.129 localTDcop1
O1 - Hosts: 10.73.12.98 jira.tm.tmcs
O1 - Hosts: 10.73.12.99 confluence.tm.tmcs
O1 - Hosts: 10.7.29.61 aegdbc aegdbccop1
O1 - Hosts: 10.7.29.64 sc_teradata
O1 - Hosts: 153.64.112.181
O1 - Hosts: 153.64.112.182
O1 - Hosts: 153.64.112.184
O1 - Hosts: 172.21.25.51 benpview
O1 - Hosts: 172.21.27.10 csbenpvmsec1
O1 - Hosts: 172.21.27.11 csbenpvmsec2
O1 - Hosts: 74.208.10.249 gs.apple.com
O2:64bit: - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O2:64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (WebEx Productivity Tools) - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli64.dll (Cisco WebEx LLC)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (WebEx Productivity Tools) - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli.dll (Cisco WebEx LLC)
O2 - BHO: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.0.2.13\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3:64bit: - HKLM\..\Toolbar: (WebEx Productivity Tools) - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli64.dll (Cisco WebEx LLC)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (WebEx Productivity Tools) - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli.dll (Cisco WebEx LLC)
O3 - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.0.2.13\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [OfficeScanNT Monitor] C:\Program Files (x86)\Trend Micro\OfficeScan Client\pccntmon.exe (Trend Micro Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Security present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\SQM present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPublishingWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMSAppLogo5ChannelNotify = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disablecad = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\kerberos\parameters: supportedencryptiontypes = 2147483647
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\SQM present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowCpl = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 1 = Microsoft.WindowsUpdate
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 2 = Microsoft.WindowsFirewall
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 3 = Microsoft.BitLockerDriveEncryption
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 4 = Microsoft.WindowsDefender
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 5 = Microsoft.ActionCenter
O8:64bit: - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8:64bit: - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8:64bit: - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8:64bit: - Extra context menu item: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9:64bit: - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: Teradata.com ([]http in Local intranet)
O15 - HKLM\..Trusted Domains: Teradata.com ([]https in Local intranet)
O15 - HKCU\..Trusted Domains: Teradata.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: Teradata.com ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: Teradata.com ([]https in Local intranet)
O16:64bit: - DPF: {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/...tupClient64.cab (JuniperSetupClientControl64 Class)
O16 - DPF: {0B0F4127-1B3E-467A-B6C8-571807562DDC} http://web.teradata..../validateTD.cab (AuthenticationTD.Authenticate)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://akamaicdn.we...81/ieatgpc1.cab (GpcContainer Class)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/...SetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = TD.TERADATA.COM
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2A5C652D-0D33-470D-9C1C-E80A3B909F87}: DhcpNameServer = 153.65.2.111 153.65.2.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{97599168-8333-4578-988C-A8260F24609E}: DhcpNameServer = 10.168.36.132 10.168.36.133
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll (AVG Secure Search)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30:64bit: - LSA: Security Packages - (wsauth) - C:\Windows\SysNative\wsauth.dll (VMware, Inc.)
O30 - LSA: Security Packages - (wsauth) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/05/17 03:47:48 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O33 - MountPoints2\{1d6787c4-e132-11e1-b5cb-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{1d6787c4-e132-11e1-b5cb-005056c00008}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{1d6787c9-e132-11e1-b5cb-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{1d6787c9-e132-11e1-b5cb-005056c00008}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{46e5cf26-2264-11e2-a255-824fef64c7bb}\Shell - "" = AutoRun
O33 - MountPoints2\{46e5cf26-2264-11e2-a255-824fef64c7bb}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{895223ab-1a8e-11e2-a0c7-c3dee8875ca0}\Shell - "" = AutoRun
O33 - MountPoints2\{895223ab-1a8e-11e2-a0c7-c3dee8875ca0}\Shell\AutoRun\command - "" = E:\Startme.exe
O33 - MountPoints2\{977064aa-e206-11e1-ae05-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{977064aa-e206-11e1-ae05-005056c00008}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{977064c4-e206-11e1-ae05-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{977064c4-e206-11e1-ae05-005056c00008}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{b180fe94-e2d2-11e1-bb56-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{b180fe94-e2d2-11e1-bb56-005056c00008}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{b180feab-e2d2-11e1-bb56-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{b180feab-e2d2-11e1-bb56-005056c00008}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{d37ff086-f7d7-11e1-aec9-c1857f4398a6}\Shell - "" = AutoRun
O33 - MountPoints2\{d37ff086-f7d7-11e1-aec9-c1857f4398a6}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{ee560768-24a4-11e2-9c4a-f19cb65667a2}\Shell - "" = AutoRun
O33 - MountPoints2\{ee560768-24a4-11e2-9c4a-f19cb65667a2}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/11/13 02:29:11 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013/11/13 02:05:03 | 000,000,000 | ---D | C] -- C:\Program Files\VMware
[2013/11/13 01:43:04 | 000,000,000 | ---D | C] -- C:\Users\ST186026\AppData\Roaming\Google
[2013/11/13 01:42:35 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013/11/13 01:42:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2013/11/12 09:32:51 | 000,000,000 | ---D | C] -- C:\Users\ST186026\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Juniper Networks
[2013/11/12 05:49:41 | 000,000,000 | ---D | C] -- C:\Users\ST186026\AppData\Roaming\RoboForm
[2013/11/12 05:48:32 | 000,000,000 | ---D | C] -- C:\ProgramData\RoboForm
[2013/11/12 05:48:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm
[2013/11/12 05:48:07 | 000,000,000 | ---D | C] -- C:\Users\ST186026\Documents\My RoboForm Data
[2013/11/12 05:47:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Siber Systems
[2013/11/12 01:35:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013/11/12 01:35:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/11/12 01:35:23 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/11/12 01:35:18 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/11/12 01:35:18 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/11/12 01:35:18 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/11/12 01:34:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
[2013/11/12 01:34:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013/11/11 02:38:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HDD Regenerator
[2013/11/11 02:28:00 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloads
[2013/11/11 02:27:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
[2013/11/11 02:26:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Western Digital
[2013/11/11 02:26:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Western Digital
[2013/11/08 20:05:36 | 000,000,000 | ---D | C] -- C:\Users\ST186026\Desktop\interview
[2013/11/07 05:05:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Data Recovery Suite
[2013/11/07 05:05:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Data Recovery Suite
[2013/11/04 13:04:47 | 000,198,944 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\snapman.sys
[2013/11/04 12:13:51 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2013/11/04 12:13:40 | 000,000,000 | ---D | C] -- C:\Program Files\WDCSAM
[2013/10/23 03:20:10 | 000,000,000 | -HSD | C] -- C:\found.002
[2013/10/15 08:27:52 | 000,000,000 | ---D | C] -- C:\Users\ST186026\Desktop\Shashi
[2 C:\Users\ST186026\Desktop\*.tmp files -> C:\Users\ST186026\Desktop\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/11/13 03:52:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/13 03:50:03 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1396450758-1786167332-1027482587-105274UA.job
[2013/11/13 03:45:13 | 000,007,614 | ---- | M] () -- C:\Users\ST186026\AppData\Local\resmon.resmoncfg
[2013/11/13 02:52:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/13 02:37:47 | 000,013,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/13 02:37:47 | 000,013,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/13 02:34:48 | 000,000,420 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_1013b_rmv.job
[2013/11/13 02:34:47 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_1013b_rel.job
[2013/11/13 02:34:21 | 000,014,998 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2013/11/13 02:30:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/13 02:30:08 | 2053,799,935 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/13 02:13:55 | 000,003,654 | RHS- | M] () -- C:\Users\ST186026\ntuser.pol
[2013/11/13 02:05:16 | 000,001,323 | ---- | M] () -- C:\Users\Public\Desktop\VMware View Client.lnk
[2013/11/13 01:42:02 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/11/13 01:42:02 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/11/12 20:56:32 | 005,646,644 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/11/12 20:56:32 | 000,761,436 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2013/11/12 20:56:32 | 000,761,280 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
[2013/11/12 20:56:32 | 000,712,720 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013/11/12 20:56:32 | 000,678,328 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/11/12 20:56:32 | 000,445,356 | ---- | M] () -- C:\Windows\SysNative\perfh012.dat
[2013/11/12 20:56:32 | 000,433,762 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2013/11/12 20:56:32 | 000,418,188 | ---- | M] () -- C:\Windows\SysNative\prfh0404.dat
[2013/11/12 20:56:32 | 000,401,086 | ---- | M] () -- C:\Windows\SysNative\prfh0804.dat
[2013/11/12 20:56:32 | 000,163,150 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
[2013/11/12 20:56:32 | 000,154,118 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2013/11/12 20:56:32 | 000,153,608 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013/11/12 20:56:32 | 000,127,020 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2013/11/12 20:56:32 | 000,127,020 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/11/12 20:56:32 | 000,125,308 | ---- | M] () -- C:\Windows\SysNative\perfc012.dat
[2013/11/12 20:56:32 | 000,124,880 | ---- | M] () -- C:\Windows\SysNative\prfc0804.dat
[2013/11/12 20:56:32 | 000,119,966 | ---- | M] () -- C:\Windows\SysNative\prfc0404.dat
[2013/11/12 10:41:30 | 000,001,998 | -H-- | M] () -- C:\Users\ST186026\Documents\Default.rdp
[2013/11/12 10:15:59 | 000,001,024 | ---- | M] () -- C:\.rnd
[2013/11/12 09:50:05 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1396450758-1786167332-1027482587-105274Core.job
[2013/11/12 09:46:50 | 000,016,999 | ---- | M] () -- C:\Windows\cfgall.ini
[2013/11/12 07:03:56 | 000,050,251 | ---- | M] () -- C:\Users\ST186026\Desktop\vmware.png
[2013/11/11 21:26:15 | 747,174,879 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/11/07 05:05:50 | 000,001,125 | ---- | M] () -- C:\Users\Public\Desktop\7-Data Recovery Suite.lnk
[2013/11/06 09:18:31 | 000,162,816 | ---- | M] () -- C:\Users\ST186026\Desktop\FW Conveyance sheet for Oct-2013.msg
[2013/11/04 13:04:47 | 000,198,944 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\snapman.sys
[2013/11/04 10:47:22 | 000,000,600 | ---- | M] () -- C:\Users\ST186026\AppData\Local\PUTTY.RND
[2013/10/24 20:55:09 | 000,001,988 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2 C:\Users\ST186026\Desktop\*.tmp files -> C:\Users\ST186026\Desktop\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/11/13 02:34:07 | 000,000,420 | ---- | C] () -- C:\Windows\tasks\AVG-Secure-Search-Update_1013b_rmv.job
[2013/11/13 02:34:07 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\AVG-Secure-Search-Update_1013b_rel.job
[2013/11/13 02:05:16 | 000,001,323 | ---- | C] () -- C:\Users\Public\Desktop\VMware View Client.lnk
[2013/11/13 01:42:17 | 000,000,902 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/13 01:42:17 | 000,000,898 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/12 07:03:56 | 000,050,251 | ---- | C] () -- C:\Users\ST186026\Desktop\vmware.png
[2013/11/07 05:05:50 | 000,001,125 | ---- | C] () -- C:\Users\Public\Desktop\7-Data Recovery Suite.lnk
[2013/11/06 09:18:31 | 000,162,816 | ---- | C] () -- C:\Users\ST186026\Desktop\FW Conveyance sheet for Oct-2013.msg
[2013/11/04 12:21:12 | 000,007,614 | ---- | C] () -- C:\Users\ST186026\AppData\Local\resmon.resmoncfg
[2013/09/27 11:57:59 | 000,186,460 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2013/08/08 21:08:01 | 000,201,629 | ---- | C] () -- C:\Users\ST186026\ticket.png
[2013/08/05 08:19:44 | 000,181,808 | ---- | C] () -- C:\Windows\RegBootClean.exe
[2013/08/05 07:20:57 | 000,049,072 | ---- | C] () -- C:\Users\ST186026\idea datacard receipt.png
[2013/07/11 06:48:47 | 000,007,345 | ---- | C] () -- C:\Windows\cfgwtp.ini
[2013/05/17 05:19:04 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2013/04/29 09:30:21 | 000,000,000 | ---- | C] () -- C:\Windows\twa.INI
[2012/09/28 05:12:18 | 000,022,095 | ---- | C] () -- C:\Users\ST186026\AppData\Roaming\Comma Separated Values (DOS).ADR
[2012/09/28 05:08:28 | 000,022,099 | ---- | C] () -- C:\Users\ST186026\AppData\Roaming\Comma Separated Values (Windows).ADR
[2012/09/24 09:51:39 | 000,001,527 | ---- | C] () -- C:\Users\ST186026\insert.ouput
[2012/09/24 09:44:02 | 000,001,232 | ---- | C] () -- C:\Users\ST186026\insert2.output
[2012/09/24 09:42:19 | 000,001,232 | ---- | C] () -- C:\Users\ST186026\insert1.output
[2012/09/24 09:27:13 | 000,001,091 | ---- | C] () -- C:\Users\ST186026\sample1.output
[2012/09/24 09:25:52 | 000,001,313 | ---- | C] () -- C:\Users\ST186026\Insert.output
[2012/09/24 08:57:10 | 000,001,091 | ---- | C] () -- C:\Users\ST186026\sample.output
[2012/09/05 21:54:28 | 000,000,600 | ---- | C] () -- C:\Users\ST186026\AppData\Roaming\winscp.rnd
[2012/06/26 04:07:21 | 000,002,130 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/06/14 03:34:38 | 000,000,600 | ---- | C] () -- C:\Users\ST186026\AppData\Local\PUTTY.RND
[2012/06/13 00:36:28 | 000,016,999 | ---- | C] () -- C:\Windows\cfgall.ini
[2012/06/12 21:55:28 | 005,624,032 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/06/12 21:51:00 | 000,003,654 | RHS- | C] () -- C:\Users\ST186026\ntuser.pol
[2012/06/12 20:57:26 | 000,014,998 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012/06/12 17:23:06 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012/06/12 17:23:06 | 000,207,376 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012/06/12 17:23:05 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
========== ZeroAccess Check ==========
[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009/07/13 17:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009/07/13 17:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 17:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Alternate Data Streams ==========
@Alternate Data Stream - 158 bytes -> C:\ProgramData\TEMP:B755D674
< End of report >