OK here are OTL .txt and Extras.txt thank you,
---------------------------------------------------------------
OTL logfile created on: 10/23/2014 8:00:08 AM - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lido\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.80 Gb Total Physical Memory | 2.26 Gb Available Physical Memory | 59.53% Memory free
7.60 Gb Paging File | 5.29 Gb Available in Paging File | 69.66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.70 Gb Total Space | 271.94 Gb Free Space | 60.07% Space Free | Partition Type: NTFS
Drive E: | 931.48 Gb Total Space | 298.85 Gb Free Space | 32.08% Space Free | Partition Type: NTFS
Computer Name: LIDO-PC | User Name: Lido | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/10/23 07:52:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lido\Desktop\OTL.exe
PRC - [2014/10/02 16:14:56 | 000,265,040 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe
PRC - [2014/09/12 05:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/07/22 15:25:38 | 001,042,808 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
PRC - [2014/07/22 15:15:46 | 005,562,736 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
PRC - [2014/07/22 15:13:52 | 000,296,312 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
PRC - [2014/07/14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014/07/14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2014/06/16 16:02:24 | 000,579,584 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
PRC - [2014/06/16 15:59:40 | 001,537,536 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
PRC - [2014/06/12 07:58:07 | 001,465,616 | ---- | M] (SanDisk Corporation) -- C:\Users\Lido\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
PRC - [2014/04/01 14:38:18 | 002,007,392 | ---- | M] (Wondershare) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
PRC - [2014/03/26 18:41:12 | 001,723,760 | ---- | M] (NDS Technologies) -- C:\Users\Lido\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
PRC - [2014/03/26 18:41:08 | 001,523,560 | ---- | M] () -- C:\Users\Lido\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
PRC - [2013/11/20 16:43:14 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2013/08/14 16:19:24 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/02/24 00:00:34 | 000,127,384 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\PC Checkup\PCCU.exe
PRC - [2012/11/29 00:00:21 | 000,453,944 | ---- | M] (Khrona LLC) -- C:\Program Files (x86)\PC Checkup\AwesomiumProcess
PRC - [2012/06/06 16:31:56 | 003,076,096 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
PRC - [2012/06/05 16:56:28 | 000,266,240 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe
PRC - [2012/01/18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/08/02 16:49:24 | 000,030,568 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
PRC - [2011/08/02 16:47:26 | 000,145,256 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
PRC - [2010/03/05 20:11:30 | 000,636,192 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
PRC - [2010/02/24 04:54:48 | 002,454,840 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
PRC - [2009/08/24 18:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.6.22\ccSvcHst.exe
PRC - [2009/05/05 16:06:06 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
PRC - [2009/05/05 16:06:02 | 001,152,288 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\agent.exe
========== Modules (No Company Name) ==========
MOD - [2014/10/16 11:24:14 | 000,399,872 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\7ab3e68c2e523f60bfc4f222cbd1c1d0\System.Xml.Linq.ni.dll
MOD - [2014/10/15 17:13:56 | 018,813,440 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\3646375313dd2b8e3afecbf945960336\PresentationFramework.ni.dll
MOD - [2014/10/15 17:13:44 | 011,025,920 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\006d28e7c86f3e70db90ce06ea2f33fb\PresentationCore.ni.dll
MOD - [2014/10/15 17:13:37 | 001,870,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\db9cd60ed9ff9585b54d446f37392e8f\System.Web.Services.ni.dll
MOD - [2014/10/15 17:13:34 | 007,409,664 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Data\5d2c01ae1ca8c40ed74cdfd7b7b7dcb1\System.Data.ni.dll
MOD - [2014/10/15 17:13:34 | 000,241,664 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Comp46f2b404#\6c97a46aff5154a7217a528e86698ab3\System.ComponentModel.DataAnnotations.ni.dll
MOD - [2014/10/15 17:13:33 | 001,889,792 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\8b133e0d94535a7534719f70873ca7fe\System.Xaml.ni.dll
MOD - [2014/10/15 17:13:32 | 003,950,080 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\94bbd298ec8575f3c6151a59538a109c\WindowsBase.ni.dll
MOD - [2014/10/15 17:13:29 | 000,470,528 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\7971f3a1c08c4043cf981f457855b4d4\PresentationFramework.Aero.ni.dll
MOD - [2014/10/15 17:13:27 | 012,894,208 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\db563d596d76daed04e9b5d25b2f4cb9\System.Windows.Forms.ni.dll
MOD - [2014/10/15 17:13:27 | 001,046,016 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Compba577418#\cc7bb025e7cca401787cec5893c2cb67\System.ComponentModel.Composition.ni.dll
MOD - [2014/10/15 17:13:23 | 007,668,736 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\7147fa233a070283dba824da40089bf1\System.Xml.ni.dll
MOD - [2014/10/15 17:13:23 | 006,990,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\691c1ad89d16f49d80e84fa06a79089a\System.Core.ni.dll
MOD - [2014/10/15 17:13:21 | 000,794,112 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\35d3a1b878542de59cb4fc0593992404\System.ServiceModel.Internals.ni.dll
MOD - [2014/10/15 17:13:21 | 000,122,880 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\046058f81b039ab6fd839e03e67595f8\SMDiagnostics.ni.dll
MOD - [2014/10/15 17:13:20 | 002,822,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll
MOD - [2014/10/15 17:13:17 | 001,644,544 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b4c08872c259018b17b2801da33ac80f\System.Drawing.ni.dll
MOD - [2014/10/15 17:13:16 | 000,976,384 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\0648dbecb7e3fb9523565107e04a5caf\System.Configuration.ni.dll
MOD - [2014/10/15 17:13:15 | 010,100,736 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\17a393b77ae757f0768501fb95ff5af6\System.ni.dll
MOD - [2014/07/31 12:16:44 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/07/31 12:16:12 | 001,044,776 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/04/01 14:37:56 | 000,371,712 | ---- | M] () -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
MOD - [2014/03/26 18:42:08 | 000,091,976 | ---- | M] () -- C:\Users\Lido\AppData\Local\DIRECTV Player\z.dll
MOD - [2014/03/26 18:42:00 | 000,338,784 | ---- | M] () -- C:\Users\Lido\AppData\Local\DIRECTV Player\ndsLogStore.dll
MOD - [2014/03/26 18:41:58 | 001,403,224 | ---- | M] () -- C:\Users\Lido\AppData\Local\DIRECTV Player\libxml2-2.dll
MOD - [2014/03/26 18:41:48 | 000,043,880 | ---- | M] () -- C:\Users\Lido\AppData\Local\DIRECTV Player\libgstvideo-0.10.dll
MOD - [2014/03/26 18:41:46 | 000,689,000 | ---- | M] () -- C:\Users\Lido\AppData\Local\DIRECTV Player\libgstreamer-0.10.dll
MOD - [2014/03/26 18:41:44 | 000,060,272 | ---- | M] () -- C:\Users\Lido\AppData\Local\DIRECTV Player\libgstinterfaces-0.10.dll
MOD - [2014/03/26 18:41:36 | 000,205,672 | ---- | M] () -- C:\Users\Lido\AppData\Local\DIRECTV Player\libgstbase-0.10.dll
MOD - [2014/03/26 18:41:24 | 007,730,016 | ---- | M] () -- C:\Users\Lido\AppData\Local\DIRECTV Player\gsttspplugin.dll
MOD - [2014/03/26 18:41:10 | 005,979,488 | ---- | M] () -- C:\Users\Lido\AppData\Local\DIRECTV Player\PCShowServer.dll
MOD - [2014/03/26 18:41:08 | 001,523,560 | ---- | M] () -- C:\Users\Lido\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
MOD - [2014/03/26 18:41:02 | 003,261,280 | ---- | M] () -- C:\Users\Lido\AppData\Local\DIRECTV Player\DrmSingleton.dll
MOD - [2014/03/26 18:41:02 | 002,229,096 | ---- | M] () -- C:\Users\Lido\AppData\Local\DIRECTV Player\DiscoveryManager.dll
MOD - [2014/02/28 11:18:37 | 000,190,976 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75b6a68103e1b76063d9f69b8275ae61\UIAutomationTypes.ni.dll
MOD - [2014/02/26 12:53:23 | 016,953,856 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2013/09/14 02:51:02 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
MOD - [2013/09/14 02:50:36 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
MOD - [2013/07/24 09:24:52 | 000,137,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
MOD - [2009/02/27 17:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014/09/18 21:25:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/02/27 11:14:00 | 001,008,344 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2012/08/08 22:36:10 | 000,390,672 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe -- (RichVideo64)
SRV:64bit: - [2010/09/28 15:30:28 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2010/04/06 17:53:14 | 000,258,928 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2010/02/23 20:57:42 | 000,835,952 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2010/02/05 20:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/11/23 19:53:58 | 000,127,784 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\WTouch\WTouchService.exe -- (WTouchService)
SRV:64bit: - [2009/11/23 19:53:54 | 005,556,520 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Windows\SysNative\Pen_Tablet.exe -- (TabletServicePen)
SRV:64bit: - [2009/07/28 18:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV - [2014/10/02 16:14:56 | 000,265,040 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\N360.exe -- (N360)
SRV - [2014/09/25 14:31:57 | 000,114,288 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/09/12 05:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/09/02 08:45:30 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/07/22 15:25:38 | 001,042,808 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe -- (WDBackup)
SRV - [2014/07/22 15:13:52 | 000,296,312 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe -- (WDDriveService)
SRV - [2014/07/14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/07/14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014/03/20 18:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/08/14 16:19:24 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013/02/28 21:48:58 | 000,118,520 | ---- | M] (Riverbed Technology, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2012/12/28 11:40:08 | 000,101,376 | ---- | M] (Freemake) [Disabled | Stopped] -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver)
SRV - [2012/11/29 00:00:41 | 000,132,056 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
SRV - [2012/06/05 16:56:28 | 000,266,240 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2012/01/18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/11/23 22:21:24 | 000,025,704 | R--- | M] (Amazon.com) [Auto | Stopped] -- C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe -- (ADVService)
SRV - [2011/08/02 16:47:26 | 000,145,256 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP)
SRV - [2011/02/11 13:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/08/24 17:56:04 | 001,104,656 | ---- | M] (TiVo Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\TiVo\Desktop\TiVoBeacon.exe -- (TivoBeacon2)
SRV - [2010/03/03 17:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/03/03 17:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/08/24 18:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.6.22\ccSvcHst.exe -- (PCCUJobMgr)
SRV - [2007/07/24 14:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007/01/04 22:48:50 | 000,112,152 | ---- | M] (InterVideo) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/08/25 22:26:58 | 000,593,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\symnets.sys -- (SymNetS)
DRV:64bit: - [2014/08/25 22:26:57 | 001,148,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\symefa64.sys -- (SymEFA)
DRV:64bit: - [2014/08/25 22:20:22 | 000,876,248 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2014/08/25 22:20:22 | 000,037,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2014/08/06 15:48:16 | 000,266,968 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\ironx64.sys -- (SymIRON)
DRV:64bit: - [2014/06/03 08:15:10 | 000,165,688 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
DRV:64bit: - [2014/06/03 08:15:07 | 000,598,808 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2014/06/03 08:15:07 | 000,210,984 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2014/06/03 08:15:07 | 000,184,144 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2014/06/03 08:15:07 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2014/06/03 08:15:07 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2013/12/02 19:22:00 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013/09/25 22:50:25 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\ccsetx64.sys -- (ccSet_N360)
DRV:64bit: - [2013/09/09 22:47:43 | 000,078,936 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SymIMV.sys -- (SymIM)
DRV:64bit: - [2013/09/09 22:47:26 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\symds64.sys -- (SymDS)
DRV:64bit: - [2013/08/20 07:32:48 | 000,021,872 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BrUsbSib.sys -- (BrUsbSIb)
DRV:64bit: - [2013/08/20 07:32:46 | 000,095,344 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BrSerIb.sys -- (BrSerIb)
DRV:64bit: - [2013/06/02 05:56:58 | 000,031,920 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice)
DRV:64bit: - [2013/02/28 21:49:12 | 000,036,600 | ---- | M] (Riverbed Technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2013/02/05 23:06:06 | 000,057,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/18 06:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012/01/18 06:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011/08/04 07:19:50 | 000,089,640 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwdpan.sys -- (BTWDPAN)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/07/29 08:10:42 | 010,610,400 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/06/21 20:45:56 | 000,287,232 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/04/28 14:32:20 | 000,932,384 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2010/02/27 10:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/01/15 15:22:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/01/12 17:37:34 | 000,325,152 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/01/07 12:05:46 | 000,232,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/01/06 18:41:42 | 000,235,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CxPlrCap.sys -- (CXPLRCAP)
DRV:64bit: - [2009/09/17 15:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/31 00:02:36 | 000,044,912 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/13 17:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/06/22 20:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009/06/19 22:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/20 14:54:06 | 000,015,656 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2007/04/17 14:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV:64bit: - [2007/02/16 14:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2014/10/03 15:19:31 | 001,587,416 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20141016.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2014/09/09 10:19:54 | 000,487,216 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2014/09/09 10:19:54 | 000,142,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2014/08/29 14:31:43 | 000,633,560 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20141022.002\IDSviA64.sys -- (IDSVia64)
DRV - [2014/08/21 16:28:27 | 002,137,304 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20141022.017\ex64.sys -- (NAVEX15)
DRV - [2014/08/21 16:28:26 | 000,129,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20141022.017\eng64.sys -- (NAVENG)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007/04/17 23:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\regi.sys -- (regi)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{24714634-4714-4F24-AB36-D070CE465A52}: "URL" = http://www.google.co...ng}&rlz=1I7TSNF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=21.5.0.19
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0225C32A-3BEF-4466-B270-EA8806138865}: "URL" = http://www.google.co...ng}&rlz=1I7TSNF
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=21.5.0.19
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=21.5.0.19
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=21.5.0.19
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=21.5.0.19
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1135327352-3689979529-191883833-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1135327352-3689979529-191883833-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1135327352-3689979529-191883833-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=21.5.0.19
IE - HKU\S-1-5-21-1135327352-3689979529-191883833-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1135327352-3689979529-191883833-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1135327352-3689979529-191883833-1001\..\SearchScopes,DefaultScope = {E9EA38DC-E736-4FCB-9544-3F9FBEAF538E}
IE - HKU\S-1-5-21-1135327352-3689979529-191883833-1001\..\SearchScopes\{0225C32A-3BEF-4466-B270-EA8806138865}: "URL" = http://www.google.co...&rlz=1I7TSNF_en
IE - HKU\S-1-5-21-1135327352-3689979529-191883833-1001\..\SearchScopes\{212D1EE6-E1B8-419A-8C84-EA046D4D3FFA}: "URL" = http://www.google.co...&rlz=1I7TSNF_en
IE - HKU\S-1-5-21-1135327352-3689979529-191883833-1001\..\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}: "URL" = http://search.condui...1501405022&UM=2
IE - HKU\S-1-5-21-1135327352-3689979529-191883833-1001\..\SearchScopes\{A867B985-CC43-404D-B808-9D3466AE3ACB}: "URL" = http://www.google.co...&rlz=1I7TSNF_en
IE - HKU\S-1-5-21-1135327352-3689979529-191883833-1001\..\SearchScopes\{BFDA9747-DAE3-4C18-9D77-C3A203BA56B5}: "URL" = http://www.bing.com/...Box&FORM=IESR02
IE - HKU\S-1-5-21-1135327352-3689979529-191883833-1001\..\SearchScopes\{E9EA38DC-E736-4FCB-9544-3F9FBEAF538E}: "URL" = http://astromenda.co...=1715490871&ir=
IE - HKU\S-1-5-21-1135327352-3689979529-191883833-1001\..\SearchScopes\0D110202C5D0481BB698C74B24C2428C: "URL" = http://search.condui...q={searchTerms}
IE - HKU\S-1-5-21-1135327352-3689979529-191883833-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1135327352-3689979529-191883833-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Astromenda"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Astromenda"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://groups.google...oup/oceanaires"
FF - prefs.js..extensions.enabledAddons: %7BFCAB6FDD-5585-425b-95C1-5ED856F3FD08%7D:6.10
FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:6.1.2
FF - prefs.js..extensions.enabledAddons: %7Bfef7f75c-f985-4250-96f9-8183cd04238b%7D:1.0.1
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.24
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.9.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:32.0.3
FF - prefs.js..keyword.URL: "http://www.google.co...-8&oe=UTF-8&q="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@nds.com/PlayerPlugin: C:\Users\Lido\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (DIRECTV)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Lido\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Lido\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Lido\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Lido\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Users\Lido\Desktop\Voice\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
FF - HKCU\Software\MozillaPlugins\NDS.com/PlayerPlugin: C:\Users\Lido\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (DIRECTV)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [2014/10/17 13:03:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/12/02 18:36:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/12/02 18:36:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2014/01/27 15:01:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lido\AppData\Roaming\Mozilla\Extensions
[2014/10/20 11:45:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lido\AppData\Roaming\Mozilla\Firefox\Profiles\awdmrlgc.default\extensions
[2014/09/07 15:23:50 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Lido\AppData\Roaming\Mozilla\Firefox\Profiles\awdmrlgc.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014/07/31 14:46:24 | 000,000,000 | ---D | M] ("Flash Video Downloader - YouTube Full HD Download") -- C:\Users\Lido\AppData\Roaming\Mozilla\Firefox\Profiles\awdmrlgc.default\extensions\[email protected]
[2014/10/20 11:45:50 | 000,542,741 | ---- | M] () (No name found) -- C:\Users\Lido\AppData\Roaming\Mozilla\Firefox\Profiles\awdmrlgc.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013/05/10 17:30:22 | 000,280,941 | ---- | M] () (No name found) -- C:\Users\Lido\AppData\Roaming\Mozilla\Firefox\Profiles\awdmrlgc.default\extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}.xpi
[2014/08/20 10:31:22 | 000,008,654 | ---- | M] () (No name found) -- C:\Users\Lido\AppData\Roaming\Mozilla\Firefox\Profiles\awdmrlgc.default\extensions\{fef7f75c-f985-4250-96f9-8183cd04238b}.xpi
[2014/08/19 17:40:52 | 000,002,827 | ---- | M] () -- C:\Users\Lido\AppData\Roaming\Mozilla\Firefox\Profiles\awdmrlgc.default\searchplugins\Astromenda.xml
[2013/07/01 16:49:15 | 000,001,793 | ---- | M] () -- C:\Users\Lido\AppData\Roaming\Mozilla\Firefox\Profiles\awdmrlgc.default\searchplugins\Bing.xml
[2013/04/23 09:24:58 | 000,001,110 | ---- | M] () -- C:\Users\Lido\AppData\Roaming\Mozilla\Firefox\Profiles\awdmrlgc.default\searchplugins\utorrentcontrolv6-customized-web-search.xml
[2014/07/24 13:27:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/09/25 14:31:58 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Lido\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_2\
CHR - Extension: No name found = C:\Users\Lido\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Lido\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_2\
CHR - Extension: No name found = C:\Users\Lido\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif\1.0.5_0\
CHR - Extension: No name found = C:\Users\Lido\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.3.16540.9015_0\
CHR - Extension: No name found = C:\Users\Lido\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.7.6.17_0\
CHR - Extension: No name found = C:\Users\Lido\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Lido\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae\0.3.6_0\
O1 HOSTS File: ([2012/06/18 09:10:20 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coieplg.dll (Symantec Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2:64bit: - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll File not found
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll (Zeon Corporation)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll File not found
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll File not found
O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll" File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-1135327352-3689979529-191883833-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Western Digital Technologies, Inc.)
O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Wondershare)
O4 - HKU\S-1-5-21-1135327352-3689979529-191883833-1001..\Run: [Driver Support] C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe (PC Drivers Headquarters)
O4 - HKU\S-1-5-21-1135327352-3689979529-191883833-1001..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-1135327352-3689979529-191883833-1001..\Run: [PCShowServer] C:\Users\Lido\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe (NDS Technologies)
O4 - HKU\S-1-5-21-1135327352-3689979529-191883833-1001..\RunOnce: [FlashPlayerUpdate] C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_14_0_0_179_Plugin.exe (Adobe Systems Incorporated)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1135327352-3689979529-191883833-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1135327352-3689979529-191883833-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1135327352-3689979529-191883833-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\SysWow64\GPhotos.scr (Google Inc.)
O9:64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{489208A3-43DB-4783-BF18-0C187AED2C3E}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/10/23 07:52:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Lido\Desktop\OTL.exe
[2014/10/16 10:38:18 | 000,000,000 | ---D | C] -- C:\Users\Lido\AppData\Local\Citrix
[2014/10/15 09:25:33 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2014/10/15 09:25:33 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2014/10/15 09:25:33 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2014/10/15 09:25:33 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014/10/15 09:25:32 | 000,710,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2014/10/15 09:25:32 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2014/10/15 09:25:32 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/10/15 09:25:32 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2014/10/15 09:25:32 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2014/10/15 09:25:31 | 002,017,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2014/10/15 09:25:31 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014/10/15 09:25:30 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2014/10/15 09:25:30 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2014/10/15 09:25:29 | 000,731,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014/10/15 09:25:29 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2014/10/15 09:25:29 | 000,440,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2014/10/15 09:25:29 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2014/10/15 09:25:28 | 002,108,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2014/10/15 09:25:28 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2014/10/15 09:25:28 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2014/10/15 09:25:27 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2014/10/15 09:25:27 | 000,289,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2014/10/15 09:25:27 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014/10/15 09:25:27 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2014/10/15 09:25:26 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2014/10/15 09:25:26 | 000,595,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2014/10/15 09:25:26 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2014/10/15 09:25:25 | 005,829,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2014/10/15 09:25:25 | 000,775,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2014/10/15 09:25:25 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2014/10/15 09:25:25 | 000,547,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2014/10/15 09:25:25 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2014/10/15 09:25:24 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014/10/15 09:25:24 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2014/10/15 09:25:23 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2014/10/15 09:23:31 | 001,131,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dfshim.dll
[2014/10/15 09:23:31 | 000,156,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscorier.dll
[2014/10/15 09:23:31 | 000,156,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscorier.dll
[2014/10/15 09:23:30 | 001,943,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dfshim.dll
[2014/10/15 09:23:30 | 000,081,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscories.dll
[2014/10/15 09:23:30 | 000,073,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscories.dll
[2014/10/15 09:23:13 | 001,202,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drmv2clt.dll
[2014/10/15 09:23:13 | 000,988,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drmv2clt.dll
[2014/10/15 09:23:13 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\blackbox.dll
[2014/10/15 09:23:13 | 000,744,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\blackbox.dll
[2014/10/15 09:23:11 | 014,632,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmp.dll
[2014/10/15 09:23:09 | 004,120,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mf.dll
[2014/10/15 09:23:08 | 000,782,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmdrmsdk.dll
[2014/10/15 09:23:07 | 011,411,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmp.dll
[2014/10/15 09:23:07 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmdrmsdk.dll
[2014/10/15 09:23:07 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AUDIOKSE.dll
[2014/10/15 09:23:06 | 003,208,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mf.dll
[2014/10/15 09:23:06 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drmmgrtn.dll
[2014/10/15 09:23:05 | 001,574,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\quartz.dll
[2014/10/15 09:23:05 | 000,693,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.efi
[2014/10/15 09:23:05 | 000,619,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.exe
[2014/10/15 09:23:05 | 000,616,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.efi
[2014/10/15 09:23:05 | 000,532,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.exe
[2014/10/15 09:23:05 | 000,457,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ci.dll
[2014/10/15 09:23:05 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AUDIOKSE.dll
[2014/10/15 09:23:05 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioEng.dll
[2014/10/15 09:23:05 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drmmgrtn.dll
[2014/10/15 09:23:05 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wintrust.dll
[2014/10/15 09:23:04 | 005,551,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2014/10/15 09:23:04 | 003,970,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2014/10/15 09:23:04 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\evr.dll
[2014/10/15 09:23:03 | 003,914,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2014/10/15 09:23:03 | 001,480,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\crypt32.dll
[2014/10/15 09:23:03 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptui.dll
[2014/10/15 09:23:03 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioSes.dll
[2014/10/15 09:23:03 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EncDump.dll
[2014/10/15 09:23:02 | 001,329,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\quartz.dll
[2014/10/15 09:23:02 | 001,005,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cryptui.dll
[2014/10/15 09:23:02 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srcore.dll
[2014/10/15 09:23:02 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\evr.dll
[2014/10/15 09:23:02 | 000,432,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfplat.dll
[2014/10/15 09:23:02 | 000,354,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfplat.dll
[2014/10/15 09:23:01 | 000,641,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msscp.dll
[2014/10/15 09:23:01 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msscp.dll
[2014/10/15 09:23:01 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msnetobj.dll
[2014/10/15 09:23:01 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rstrui.exe
[2014/10/15 09:23:01 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\audiodg.exe
[2014/10/15 09:23:01 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptsp.dll
[2014/10/15 09:23:01 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appidapi.dll
[2014/10/15 09:23:00 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msnetobj.dll
[2014/10/15 09:23:00 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfps.dll
[2014/10/15 09:23:00 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfps.dll
[2014/10/15 09:23:00 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rrinstaller.exe
[2014/10/15 09:23:00 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\appidapi.dll
[2014/10/15 09:23:00 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rrinstaller.exe
[2014/10/15 09:22:59 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appidpolicyconverter.exe
[2014/10/15 09:22:59 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setbcdlocale.dll
[2014/10/15 09:22:59 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srclient.dll
[2014/10/15 09:22:59 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfpmp.exe
[2014/10/15 09:22:59 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfpmp.exe
[2014/10/15 09:22:59 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appidcertstorecheck.exe
[2014/10/15 09:22:55 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spwmp.dll
[2014/10/15 09:22:55 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spwmp.dll
[2014/10/15 09:22:55 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdxm.ocx
[2014/10/15 09:22:55 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxmasf.dll
[2014/10/15 09:22:55 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dxmasf.dll
[2014/10/15 09:22:54 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmploc.DLL
[2014/10/15 09:22:54 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmploc.DLL
[2014/10/15 09:22:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msdxm.ocx
[2014/10/15 09:22:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mferror.dll
[2014/10/15 09:22:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mferror.dll
[2014/10/15 09:22:02 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2014/10/15 09:22:02 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2014/10/15 09:22:02 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\generaltel.dll
[2014/10/15 09:17:28 | 003,241,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msi.dll
[2014/10/15 09:17:09 | 001,050,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstsc.exe
[2014/10/15 09:17:09 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\aaclient.dll
[2014/10/15 09:17:09 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tsgqec.dll
[2014/10/15 09:17:09 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tsgqec.dll
[2014/10/15 09:17:08 | 005,780,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstscax.dll
[2014/10/15 09:17:08 | 004,922,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstscax.dll
[2014/10/15 09:17:08 | 001,125,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstsc.exe
[2014/10/15 09:17:08 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aaclient.dll
[2014/10/15 09:17:07 | 003,179,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorets.dll
[2014/10/15 09:16:47 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rastls.dll
[2014/10/15 09:16:47 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rastls.dll
[2014/10/15 09:16:35 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winlogon.exe
[2014/10/15 09:16:35 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsta.dll
[2014/10/15 09:16:35 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorekmts.dll
[2014/10/15 09:15:35 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\packager.dll
[2014/10/15 09:15:35 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\packager.dll
[2014/10/08 14:00:39 | 000,000,000 | ---D | C] -- C:\Financial
[2014/10/01 09:33:04 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll
[2014/10/01 09:33:04 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll
[2014/09/30 11:52:45 | 000,000,000 | ---D | C] -- C:\Users\Lido\Desktop\IndexC
[2014/09/28 10:41:01 | 000,000,000 | ---D | C] -- C:\Users\Lido\AppData\Local\Astromenda
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Users\Lido\*.tmp files -> C:\Users\Lido\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/10/23 08:04:01 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/10/23 07:52:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lido\Desktop\OTL.exe
[2014/10/23 07:41:02 | 000,000,288 | ---- | M] () -- C:\windows\tasks\WSE_Astromenda.job
[2014/10/23 07:41:02 | 000,000,120 | ---- | M] () -- C:\Users\Lido\AppData\Roaming\WB.CFG
[2014/10/23 07:41:00 | 000,000,288 | ---- | M] () -- C:\windows\tasks\UpdaterEX.job
[2014/10/23 07:27:00 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/10/23 07:26:01 | 000,000,904 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1135327352-3689979529-191883833-1001UA.job
[2014/10/23 07:10:19 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/10/22 17:13:25 | 000,001,595 | ---- | M] () -- C:\Users\Lido\Desktop\GEEKS.lnk
[2014/10/22 15:27:00 | 000,000,890 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/10/22 14:34:48 | 000,786,578 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014/10/22 14:34:48 | 000,665,554 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014/10/22 14:34:48 | 000,123,330 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014/10/21 09:26:00 | 000,000,852 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1135327352-3689979529-191883833-1001Core.job
[2014/10/17 13:19:37 | 000,019,248 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/10/17 13:19:37 | 000,019,248 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/10/17 12:57:07 | 000,008,192 | ---- | M] () -- C:\windows\SysWow64\WDPABKP.dat
[2014/10/17 12:54:22 | 3059,748,864 | -HS- | M] () -- C:\hiberfil.sys
[2014/10/16 09:09:26 | 000,002,411 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Suite.lnk
[2014/10/16 09:08:57 | 000,440,328 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2014/10/16 09:05:53 | 003,075,180 | ---- | M] () -- C:\windows\SysNative\drivers\N360x64\1506000.020\Cat.DB
[2014/10/16 09:05:01 | 000,048,844 | ---- | M] () -- C:\windows\SysNative\drivers\N360x64\1506000.020\VT20141014.006
[2014/10/09 22:05:59 | 000,276,480 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\generaltel.dll
[2014/10/09 22:05:42 | 000,507,392 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2014/10/09 22:00:38 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2014/10/02 16:14:26 | 000,000,172 | ---- | M] () -- C:\windows\SysNative\drivers\N360x64\1506000.020\isolate.ini
[2014/09/25 18:46:19 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2014/09/25 18:32:04 | 002,017,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2014/09/25 18:31:02 | 002,108,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2014/09/24 22:08:38 | 000,371,712 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll
[2014/09/24 21:40:50 | 000,519,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Users\Lido\*.tmp files -> C:\Users\Lido\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/10/22 17:09:02 | 000,001,595 | ---- | C] () -- C:\Users\Lido\Desktop\GEEKS.lnk
[2014/09/23 14:34:54 | 000,008,192 | ---- | C] () -- C:\windows\SysWow64\WDPABKP.dat
[2014/08/25 09:41:01 | 000,000,120 | ---- | C] () -- C:\Users\Lido\AppData\Roaming\WB.CFG
[2014/08/01 11:48:00 | 000,055,922 | ---- | C] () -- C:\Users\Lido\P7300586.JPG
[2014/08/01 11:48:00 | 000,054,710 | ---- | C] () -- C:\Users\Lido\P7300588.JPG
[2014/08/01 11:48:00 | 000,048,198 | ---- | C] () -- C:\Users\Lido\P7300587.JPG
[2014/08/01 11:47:00 | 000,054,661 | ---- | C] () -- C:\Users\Lido\P7300585.JPG
[2014/07/01 08:56:50 | 000,000,204 | ---- | C] () -- C:\Users\Lido\AppData\Local\singandsee.ini
[2014/06/26 15:07:59 | 003,574,576 | ---- | C] () -- C:\Users\Lido\FaithQuartet.pdf
[2014/04/18 14:15:31 | 000,001,471 | ---- | C] () -- C:\Users\Lido\AppData\Local\recently-used.xbel
[2014/03/17 18:24:35 | 000,151,552 | ---- | C] () -- C:\windows\SysWow64\ThumbExtract.dll
[2014/03/17 18:24:34 | 000,372,736 | ---- | C] () -- C:\windows\SysWow64\GTTunerCard.dll
[2014/03/17 18:24:34 | 000,175,104 | ---- | C] () -- C:\windows\SysWow64\lame_enc.dll
[2014/02/03 19:02:50 | 000,000,232 | ---- | C] () -- C:\windows\Brpfx04a.ini
[2014/02/03 19:02:50 | 000,000,092 | ---- | C] () -- C:\windows\brpcfx.ini
[2014/02/03 19:02:12 | 000,026,119 | ---- | C] () -- C:\windows\BRRBCOM.INI
[2014/02/03 18:51:14 | 000,000,066 | ---- | C] () -- C:\windows\Brfaxrx.ini
[2014/01/24 10:43:40 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2014/01/24 10:43:40 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2014/01/24 10:43:40 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2014/01/24 10:43:40 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2014/01/24 10:43:40 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2013/12/02 18:29:59 | 000,000,034 | ---- | C] () -- C:\windows\cdplayer.ini
[2013/08/20 07:32:46 | 000,000,114 | ---- | C] () -- C:\windows\SysWow64\BRLMW03A.INI
[2013/08/20 07:32:34 | 000,045,056 | ---- | C] () -- C:\windows\SysWow64\BRTCPCON.DLL
[2013/08/14 07:05:52 | 000,000,258 | RHS- | C] () -- C:\Users\Lido\ntuser.pol
[2013/02/28 21:47:36 | 000,053,299 | ---- | C] () -- C:\windows\SysWow64\pthreadVC.dll
[2012/08/13 14:55:32 | 000,001,055 | ---- | C] () -- C:\Users\Lido\Music - Shortcut.lnk
[2012/01/20 14:12:27 | 000,007,605 | ---- | C] () -- C:\Users\Lido\AppData\Local\Resmon.ResmonCfg
[2011/11/13 08:55:25 | 000,044,074 | ---- | C] () -- C:\Users\Lido\AirForce.JPG
[2011/11/13 08:53:56 | 000,035,052 | ---- | C] () -- C:\Users\Lido\CoastGuard.jpg
[2011/11/13 08:51:54 | 001,696,055 | ---- | C] () -- C:\Users\Lido\US Coast Guard - Marching Song.mp4
[2011/11/10 17:01:06 | 001,547,413 | ---- | C] () -- C:\Users\Lido\US Air Force Song - _Off We Go_..flv
[2011/11/10 16:59:33 | 001,429,265 | ---- | C] () -- C:\Users\Lido\US Coast Guard - Marching Song.flv
[2011/09/14 09:30:47 | 000,158,236 | ---- | C] () -- C:\Users\Lido\DowJones.pdf
[2011/08/04 18:53:45 | 001,110,476 | ---- | C] () -- C:\Program Files (x86)\7-Zip.exe
[2011/06/27 20:58:48 | 000,015,360 | ---- | C] () -- C:\Users\Lido\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/26 19:24:18 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
========== ZeroAccess Check ==========
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/24 22:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 21:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report >
--------------------------------------------------------
OTL Extras logfile created on: 10/23/2014 8:00:08 AM - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lido\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.80 Gb Total Physical Memory | 2.26 Gb Available Physical Memory | 59.53% Memory free
7.60 Gb Paging File | 5.29 Gb Available in Paging File | 69.66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.70 Gb Total Space | 271.94 Gb Free Space | 60.07% Space Free | Partition Type: NTFS
Drive E: | 931.48 Gb Total Space | 298.85 Gb Free Space | 32.08% Space Free | Partition Type: NTFS
Computer Name: LIDO-PC | User Name: Lido | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\windows\SysNative\WScript.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\windows\SysWow64\WScript.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1135327352-3689979529-191883833-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1" (Applian Technologies Inc)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1" (Applian Technologies Inc)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1" (Applian Technologies Inc)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1" (Applian Technologies Inc)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1264F3D9-9BF2-4DD5-89D6-A22BFABB11D2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1665CD9E-3E25-4202-AC52-95F1F5DEF5DB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{17FB897B-A577-4C22-871F-1A9EAA5CBC33}" = lport=5353 | protocol=17 | dir=in | name=mdns-sd/bonjour |
"{1B8860F4-CE48-4BE2-8D4B-63C3C9B24CEC}" = lport=139 | protocol=6 | dir=in | app=system |
"{1DBC5723-14B7-4FDD-A8E6-56635A98283F}" = rport=445 | protocol=6 | dir=out | app=system |
"{2155D6AB-6AB3-494C-B7F9-A651A3D3BA11}" = rport=10243 | protocol=6 | dir=out | app=system |
"{427AC1A8-284A-458A-90E5-2690F2BE76EC}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{430AD430-C6F9-45BD-AA80-05FDA7FBAAA2}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{5A68A5E7-FB3B-4841-AFE3-9421ABA68ECD}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |
"{5D7E7B0D-A821-4B34-A7ED-BD874318F1B3}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{5F1140EC-602D-4219-9AA1-572FDA4E5076}" = lport=138 | protocol=17 | dir=in | app=system |
"{625F70ED-C019-4F48-8D8F-CA73A3302B5E}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{634D9BDB-1312-42CA-AAC6-06471EF0F0B2}" = lport=10243 | protocol=6 | dir=in | app=system |
"{6BAF04B7-9A70-4054-99DD-7ACA339578A2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6D130EA8-70BE-4FF9-8366-EB7E44675127}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{73104FBB-7635-414F-84E8-19BF92B88003}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{7643A10C-70D3-4BB1-A618-427EEC70438C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7CFB57D4-97C4-4A43-8D70-888AFD50D767}" = lport=7288 | protocol=6 | dir=in | name=tivo hme host: port %d |
"{879303AB-332F-435C-A9A6-965F3EE99F77}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8A22ED8D-380A-4486-8A92-AA6C85A07BCD}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{90CF258E-8453-4047-901F-9F86C2099412}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9653264C-478F-425A-8417-64D7848A93A7}" = rport=2869 | protocol=6 | dir=out | app=system |
"{A3914FAC-37DE-462C-8A85-B97A85A2A326}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A392F087-AB9C-4551-AE34-088C057BE1D4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A9C49C79-AE6E-44F1-AAA6-65BE1853031C}" = rport=139 | protocol=6 | dir=out | app=system |
"{AFC47C13-15B5-4EE6-91C3-ECC939D3B122}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{B22D92C8-0E2F-408E-BD8B-C182774644B2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C4009B2E-14AB-4E1B-A914-04C0A9B7E67B}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{CDF5AFC1-7C27-4B42-A98C-4B4F82D1FA00}" = rport=138 | protocol=17 | dir=out | app=system |
"{D5D7792F-7744-4A19-81F8-A11C624D748B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DF12BAE1-EC1F-423A-A190-AF5DF6A0CBFC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E857C915-985C-4A7A-860E-19A0B7D6A534}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{E94EFD18-3926-4826-B29B-7F1F4BC7AAB4}" = lport=445 | protocol=6 | dir=in | app=system |
"{EB23E1C2-3B9C-4C53-93F3-099DDEA51346}" = rport=137 | protocol=17 | dir=out | app=system |
"{F571ECF0-DB5E-4F07-BA53-8E8E386EF5B5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F6933F75-898B-4A13-8D02-ED1D582573B4}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{F6F08D66-B2F7-4679-AC63-3987778A3866}" = lport=137 | protocol=17 | dir=in | app=system |
"{F7B965C3-73F9-4F56-8606-76C12A5C5360}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04623B74-F144-4715-9A8A-19BD52B07A15}" = protocol=6 | dir=in | app=c:\program files (x86)\tivo\desktop\tivoserver.exe |
"{06F06F1D-9FF9-47F6-A943-F0F1816F5084}" = protocol=6 | dir=in | app=c:\program files (x86)\applian technologies\replay media catcher 5\ffmpeg.exe |
"{16732C66-3169-415B-99AC-1976E40C1C59}" = protocol=1 | dir=in | [email protected],-28543 |
"{17A9BB73-7AB8-415C-8508-78F634EEBB16}" = dir=in | app=c:\program files (x86)\apowersoft\video download capture\apowersoftplayer.dll |
"{182FCF89-7FB1-417F-B331-C3F679524EEB}" = dir=out | app=c:\program files (x86)\apowersoft\video download capture\video download capture.exe |
"{1AF3FB3D-042F-4F30-A0C8-8ECCED87634F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1B3F62C8-E8FE-455F-B3D1-7B618AF253EE}" = dir=in | app=c:\program files (x86)\apowersoft\video download capture\apowersoftdump.dll |
"{1C00B485-08BB-4FE6-A841-0167E1721788}" = protocol=17 | dir=in | app=c:\program files (x86)\tivo\desktop\tivodesktop.exe |
"{1C6B58F1-7DB8-4DC4-8D9F-587001DA3575}" = dir=out | app=c:\program files (x86)\apowersoft\video download capture\apowersoftplayer.dll |
"{267BA7EB-8602-4C9A-A6BF-455B6FC4EC2F}" = protocol=17 | dir=in | app=c:\program files (x86)\tivo\desktop\tivodiag.exe |
"{27BDFFB3-FC26-46E3-BAF0-BF2665EE8461}" = protocol=6 | dir=out | app=system |
"{281606B8-CA1A-4315-9AAE-0E7AB973EC3F}" = protocol=17 | dir=in | app=c:\program files (x86)\tivo\desktop\tivoserver.exe |
"{28EA7403-8B5F-49E4-B21B-B2EB2D0AFDFD}" = protocol=17 | dir=in | app=c:\program files (x86)\windows ilivid toolbar\datamngr\toolbar\dtuser.exe |
"{2919C2D4-620C-4B99-8B77-F704CA322515}" = protocol=6 | dir=in | app=c:\program files (x86)\applian technologies\replay media catcher 5\jwmpp.exe |
"{2B383C67-919D-43B8-A223-26EBFAF95557}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2B891517-4403-4E81-BFBD-54196A5A4253}" = protocol=58 | dir=in | [email protected],-28545 |
"{2F0C1D16-7417-4273-B8FB-50CD073534D5}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{318DBBAD-B3EC-4F24-BD7A-15F572905B0F}" = protocol=6 | dir=in | app=c:\program files (x86)\tivo\desktop\tivobeacon.exe |
"{32C52348-92BD-469E-80AC-AECCD3D1E3B3}" = protocol=6 | dir=in | app=c:\program files (x86)\brother\brmfl12b\faxrx.exe |
"{3B263836-876F-464B-8BBD-5DE732B7D976}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{3B698D77-741C-430B-AC3C-81DCB5C6F30A}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{3DCE7AA9-A5E2-4B3F-ADCF-A566E864CF2F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4CCF79FA-51CC-47D5-AABF-2392A986CA58}" = dir=out | app=c:\program files (x86)\apowersoft\video download capture\apowersoftdownloaderhelp.dll |
"{51EC95E8-0D32-4AAB-9BA4-262BEF096E04}" = protocol=6 | dir=in | app=c:\program files (x86)\tivo\desktop\tivodesktop.exe |
"{59E52A9C-4EB1-4405-A452-492270AE18FE}" = dir=out | app=c:\program files (x86)\apowersoft\video download capture\apowersoftac.dll |
"{5B497204-A63D-42AA-8951-B36977F932FD}" = protocol=6 | dir=in | app=c:\program files (x86)\tivo\desktop\tivotransfer.exe |
"{5B763A1D-0588-4A7C-A0DF-CDD27E2EE3D8}" = protocol=6 | dir=in | app=c:\program files (x86)\applian technologies\replay media catcher 5\jbp.exe |
"{5C137762-EB9F-42E8-A8D2-F8E19D0E947B}" = dir=in | app=c:\program files (x86)\apowersoft\video download capture\apowersoftac.dll |
"{5CD77BD6-0FD0-448B-806A-9478DEBFF952}" = dir=in | app=c:\program files\widcomm\bluetooth software\easybits games\tictactoe.exe |
"{5E33417F-FF9D-494D-ABB5-C0BDAAB5C5DF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5E338398-E5C3-4676-BFF8-6848AF223A45}" = dir=out | app=c:\program files (x86)\apowersoft\video download capture\apowersoftdump.dll |
"{655731A3-B19D-42E3-A1D1-65233123CC39}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6746C7D5-7DCD-4ED1-9356-8A2BA53E36EC}" = protocol=58 | dir=out | [email protected],-28546 |
"{67989843-E83D-4E7C-B144-6A11D2BA5B34}" = protocol=6 | dir=in | app=c:\users\lido\appdata\local\temp\7zs04c3\hpdiagnosticcoreui.exe |
"{690CF7DC-031D-4AB6-951A-DD37BF682717}" = protocol=6 | dir=in | app=c:\program files (x86)\applian technologies\replay media catcher 5\jrmcp.exe |
"{6C5FF16A-A1C0-43C4-834B-884BF93305E3}" = protocol=17 | dir=in | app=c:\program files (x86)\applian technologies\replay media catcher 5\jbp.exe |
"{6CCB6E33-BA13-4545-B74E-64FFE6848CDE}" = dir=in | app=c:\program files\widcomm\bluetooth software\easybits games\easychat.exe |
"{6D9ABE3A-2130-421A-AFC0-1B1E6D0418EA}" = protocol=17 | dir=in | app=c:\program files (x86)\applian technologies\replay media catcher 5\jwmpp.exe |
"{7041A103-8E6B-40E3-B229-3A95EFE7303B}" = protocol=17 | dir=in | app=c:\program files (x86)\tivo\desktop\curl.exe |
"{763C09E3-1081-4BCB-997E-6E995FB592D2}" = protocol=17 | dir=in | app=c:\program files (x86)\applian technologies\replay media catcher 5\aria2c.exe |
"{7779FB03-E74A-4506-80F1-C27AA1F71192}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{77FE11AE-37DF-45AE-A395-922B221BE358}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{7B6E9D4B-BD36-4BDA-BF30-1B4ECD113F31}" = protocol=17 | dir=in | app=c:\program files (x86)\applian technologies\replay media catcher 5\ffmpeg.exe |
"{7CF75506-DE86-49BF-8046-A1F697C57C1C}" = protocol=17 | dir=in | app=c:\program files (x86)\brother\brmfl12b\faxrx.exe |
"{881456F6-693E-41F1-8C30-6803B0462043}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8DF27ADC-1A64-46E7-BCB7-F8AC9A2122CC}" = dir=in | app=c:\program files (x86)\apowersoft\video download capture\video download capture.exe |
"{8EB55570-915E-434B-960D-07F0E85DE33E}" = protocol=6 | dir=in | app=c:\program files (x86)\tivo\desktop\tivodiag.exe |
"{8EC34B28-7EF0-43F6-811F-79B20B089A9E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9429DB71-DEB5-4FE4-ACE8-1245458BCEC8}" = protocol=17 | dir=in | app=c:\users\lido\appdata\local\temp\7zs04c3\hpdiagnosticcoreui.exe |
"{9CCCB966-60EE-4D43-A466-86BD87F62716}" = dir=in | app=c:\program files\cyberlink\powerdirector12\pdr10.exe |
"{A0732DEA-F4F1-4BAB-B24A-BFBF6D6F15CF}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A12C7C59-F10E-4979-94DD-8280E5D9D862}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A1F14727-26D8-428E-B55B-A13E831B776C}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{A2D95625-19AA-4173-8B78-209C69E87173}" = dir=in | app=c:\program files\widcomm\bluetooth software\easybits games\seabattle.exe |
"{A8DEC19F-6B68-4C0D-BDD1-5A33EB9ACB84}" = dir=in | app=c:\program files (x86)\apowersoft\video download capture\apowersoftdownloaderhelp.dll |
"{ACD316AA-F5A6-4D83-9E3C-74942CFEC5FB}" = protocol=6 | dir=in | app=c:\program files (x86)\windows ilivid toolbar\datamngr\toolbar\dtuser.exe |
"{AF32D4BC-2BE0-4EC4-A332-40F7CFAAD258}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B14E6AC3-1903-4FC3-AA60-05C25B24E73D}" = dir=in | app=c:\users\lido\appdata\local\microsoft\skydrive\skydrive.exe |
"{B2289804-ADBC-4CD1-9B97-7E63033CFD5E}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{B53FBE75-013F-4E01-BE54-FD1062A9A2F5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B6D70ED5-5847-4242-A6D4-6DE63BE3873C}" = protocol=17 | dir=in | app=c:\program files (x86)\tivo\desktop\tivotransfer.exe |
"{B6E57F54-C508-4218-BF3B-C11308DEB1F7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B7B2C7D8-B416-47CC-9DEE-9017451FE749}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{B807B997-4A7B-434F-B2DB-C261EE91DB6D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B8C7B568-BEA4-4A19-B794-0521F5EE97BE}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{BA082C1F-01FB-4382-88FE-69959F3DE83B}" = protocol=58 | dir=in | [email protected],-148 |
"{BABC85A7-1358-4393-B61E-904917C001AA}" = protocol=17 | dir=in | app=c:\program files (x86)\applian technologies\replay media catcher 5\qtcopy.exe |
"{BF9F24A6-E97C-4A3A-8FFE-6E9384220ED9}" = protocol=1 | dir=out | [email protected],-28544 |
"{C5123772-CAD7-4122-9EE4-72C717B0FBC8}" = protocol=6 | dir=in | app=c:\program files (x86)\tivo\desktop\curl.exe |
"{C763CB80-7C91-4C5E-8348-D467B90FD157}" = dir=out | app=c:\program files (x86)\apowersoft\video download capture\apowersoftsrv.dll |
"{CA3C220F-6150-45A3-BB91-22EBE6FFBD43}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CB10E7E4-0426-48BE-83D3-D89CE7524366}" = protocol=17 | dir=in | app=c:\program files (x86)\applian technologies\replay media catcher 5\jrmcp.exe |
"{CE3E45B3-0BB9-4C17-87ED-4A7AB95255F5}" = protocol=6 | dir=in | app=c:\program files (x86)\applian technologies\replay media catcher 5\aria2c.exe |
"{D0017144-327F-429B-98A3-27D673D29099}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D5183A98-0625-4222-AF89-2A6CA95C07CF}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{D96E2747-8027-44EB-898A-20CA0398BBF2}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{DC6A99DC-0328-4C02-A943-310E39B531BC}" = protocol=6 | dir=in | app=c:\program files (x86)\applian technologies\replay media catcher 5\qtcopy.exe |
"{DDD1CABA-8365-4590-8CB1-66C3E82A0C9C}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{DF236A01-1C9A-4EF5-A2AF-CEE82A267A72}" = protocol=17 | dir=in | app=c:\program files (x86)\tivo\desktop\tivobeacon.exe |
"{DF324EF7-6E91-4D99-8170-290CB2F30FE6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E2E58E54-A8DF-4F5B-9467-CD443F6E5AFD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E526E6ED-4151-42B3-9BE8-332B0957C8B8}" = dir=in | app=c:\program files\widcomm\bluetooth software\easybits games\chess.exe |
"{E72EAB89-B5D5-4E2E-AB5B-7C379B8A7CB1}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{E954FA64-2BD5-48EA-8A9F-EADDD8A6882C}" = dir=in | app=c:\program files\widcomm\bluetooth software\easybits games\backgammon.exe |
"{ED5EFBD4-8857-4501-829B-27A7F2F84B6A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F1AD3B6F-7191-4960-8B01-5AF9F8DCB711}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{F25E0346-5956-4B0A-A6E9-E8CB883F41AF}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{F4B0D424-0C18-4767-88DE-CE0733CE1707}" = dir=in | app=c:\program files\widcomm\bluetooth software\easybits games\checkers.exe |
"{F5EB62DC-4B58-4857-9EBC-7B303E7C2110}" = dir=in | app=c:\program files (x86)\apowersoft\video download capture\apowersoftsrv.dll |
"{F70C3E86-4709-4A5B-8CFB-A584D9265847}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FC9B2BBC-4688-4989-B810-A08429820D40}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FD632606-8E5C-44D2-9A13-AA7683A520C4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{A826021A-FC87-430C-A8B1-6D1BA535CD37}C:\program files (x86)\tivo\desktop\tivoserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tivo\desktop\tivoserver.exe |
"UDP Query User{11001FE7-841E-40C5-AA14-167365EC9CF3}C:\program files (x86)\tivo\desktop\tivoserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tivo\desktop\tivoserver.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{2FD0FA0A-7A21-4C4A-B268-1142B54E035E}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5EEC477F-8E9B-4420-8829-16E7426227DB}" = Windows Live MIME IFilter
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}" = Apple Mobile Device Support
"{6BB4E4E8-17B9-4534-8A8E-89E53F12769C}" = WD SmartWare
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}" = PaperPort Image Printer 64-bit
"{77DE5105-D05E-448C-96CB-7FA381903753}" = iTunes
"{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}_is1" = Updater By SweetPacks 2.0.0.586
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{81E20D41-C277-4526-934D-F2380AF91B78}" = iCloud
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime
"{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}" = WIDCOMM Bluetooth Software
"{ac225167-00fc-452d-94c5-bb93600e7d9a}" = Buzzdock
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E1646825-D391-42A0-93AA-27FA810DA093}" = CyberLink PowerDirector 12
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"CCleaner" = CCleaner
"GIMP-2_is1" = GIMP 2.8.10
"SunriseBrowse" = SunriseBrowse
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0138F525-6C8A-333F-A105-14AE030B9A54}" = Visual C++ 9.0 CRT (x86) WinSXS MSM
"{03D562B5-C4E2-4846-A920-33178788BE00}" = Windows Live Communications Platform
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}" = Scansoft PDF Professional
"{0F929651-F516-4956-90F2-FFBD2CD5D30E}" = Photo Gallery
"{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}" = Windows Live SOXE Definitions
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}" = iSEEK AnswerWorks English Runtime
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = TOSHIBA Assist
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{28656860-4728-433C-8AD4-D1A930437BC8}" = Nuance PDF Viewer Plus
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2AC01935-3774-4981-98C8-14E93C14372C}" = Windows Live UX Platform Language Pack
"{2D0D4A16-6486-48B5-A9AA-92C93BE62802}" = Inkling Sketch Manager
"{2d588de7-f4f6-4d6d-8719-32cbb9637e9e}" = WD SmartWare Installer
"{3135D885-9D9A-4B4D-8D45-9DB05DA115CA}" = Amazon Links
"{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor 2
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{45898170-E68C-4F02-AA35-C2186BF347A3}" = Movie Maker
"{4E839090-3B68-436A-B3CF-A2A08C38DD26}" = TiVo Desktop 2.8.3
"{50FC30FE-9758-3B08-B886-7BAABC047B61}" = Visual C++ 9.0 CRT (x86) WinSXS MSM
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{54A4839E-87F8-4BD1-9682-A349E9943F0A}" = Amazon Unbox Video
"{597FB4A5-DD86-4316-A410-7E8074CC2CCE}" = Driver Support
"{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}" = Windows Live Installer
"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{5E094C92-6288-4F43-AA9A-D452D0218F3F}" = Windows Live Essentials
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{5FE545A1-D215-4216-9189-E7B39C9D1CC1}" = Quicken 2011
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{6389F199-1D6C-4974-9557-693F9DD48736}" = Windows Live Writer Resources
"{64AEB598-E518-4AD0-B02B-99F365B8054C}" = Serif PanoramaPlus Starter Edition
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6B6923B9-8719-425B-916C-CD2908F31AAF}" = Windows Live SOXE
"{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7196E6BD-4B65-43F9-9D30-73A8E58D0E84}" = Avery Wizard 4.0
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{78002155-F025-4070-85B3-7C0453561701}" = Apple Application Support
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14
"{7C6F0282-3DCD-4A80-95AC-BB298E821C44}" = Windows Live Writer
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8543A572-5993-4101-BACC-C83884E183A4}" = EZ Grabber
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{88B5FBDC-967D-4B1F-B291-39284AE12201}" = Nuance PaperPort 12
"{89870E0D-9602-41F8-9E83-14F6849346A4}" = Windows Live Mail
"{89C7E0A7-4D9D-4DCC-8834-A9A2B92D7EBB}" = Photo Gallery
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{95140000-0081-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application Installer
"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C6D5C94-386A-4DE7-B99F-523D3F167B9A}" = Windows Live Messenger
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center
"{9D3D8C60-A55F-4fed-B2B9-173001290E16}" = Realtek WLAN Driver
"{A14962A7-2B7D-456E-BFCD-F54E3A88D41F}" = Toshiba Book Place
"{A50DE037-B5C0-4C8A-8049-B0C576B313D1}" = Google+ Auto Backup
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA107568-1B58-407E-9867-D51F71C9F446}" = Driver Install 64-Bit
"{AAA94EAA-40A4-458C-9D86-D1DA765B51D5}" = Windows Live Writer
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AAF91344-2808-4D6B-9242-FBE5AF79D60A}" = Windows Live Family Safety
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.09)
"{B286BAC3-CBE6-4854-BF68-EB72A34CEA56}" = Windows Live Messenger
"{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}" = Movie Maker
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}" = Google Talk Plugin
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Toshiba Online Backup
"{C6640705-7479-4EE5-BC86-879F05F65E74}" = Google Drive
"{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}" = Windows Live Photo Common
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}" = RealDownloader
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{D0A3A97D-7918-4B0B-B91E-775E00C36122}" = WD Quick View
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D604900F-A275-416C-AF9D-CDEDF58B72DB}" = Windows Live Mail
"{DA84ECBF-4B79-47F2-B34C-95C38484C058}" = Skype Launcher
"{dbaba6a3-366e-43a7-8f4e-b0a868c06ab3}" = DIRECTV Player
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{DD7C5FC1-DCA5-487A-AF23-658B1C00243F}" = Photo Common
"{DD98C438-D769-4677-AA87-3481FA32D20C}" = Brother MFL-Pro Suite MFC-J4510DW
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3445598-4424-4EE2-B71C-C23325F7FB71}" = Windows Live PIMT Platform
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application
"{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}" = Toshiba App Place
"{EFBCA571-617D-484A-9ECA-E301BB6D0750}" = Windows Live Writer
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}" = Windows Live UX Platform
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
"{F6F30C28-38AA-4DBA-AE0B-7E30238E61BB}" = Junk Mail filter update
"7-Zip" = 7-Zip 9.20
"Acoustic Labs Multitrack Recorder (Demo)" = Acoustic Labs Multitrack Recorder (Demo)
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.17
"Astromenda" = WSE_Astromenda
"Audacity_is1" = Audacity 2.0.3
"AudibleDownloadManager" = Audible Download Manager
"AudibleManager" = AudibleManager
"Audiograbber" = Audiograbber 1.83 SE
"Audiograbber-Lame" = Audiograbber MP3 Plugin
"Canta" = Canta 1.11
"Direct MIDI to MP3 Converter_is1" = Direct MIDI to MP3 Converter version 6.2.2.46
"DVD Shrink_is1" = DVD Shrink 3.2
"EdiView Finder Utility_is1" = EdiView Finder v1.0.7
"FFmpeg for Audacity on Windows_is1" = FFmpeg for Audacity on Windows
"FFmpeg for Audacity_is1" = FFmpeg v0.6.2 for Audacity
"FLV and Media Player" = FLV and Media Player 4.2.1.1
"Freemake Audio Converter_is1" = Freemake Audio Converter version 1.1.0
"Google Chrome" = Google Chrome
"HandBrake" = HandBrake 0.9.6
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor 2
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{54A4839E-87F8-4BD1-9682-A349E9943F0A}" = Amazon Unbox Video
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime
"InstallShield_{AA107568-1B58-407E-9867-D51F71C9F446}" = Driver Install 64-Bit
"InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}" = CyberLink PowerDirector 12
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"IPCam Surveillance Software_is1" = IPCam Surveillance Software 3.0.5.7
"LAME_is1" = LAME v3.99.3 (for Windows)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Firefox 32.0.3 (x86 en-US)" = Mozilla Firefox 32.0.3 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"N360" = Norton Security Suite
"Norton PC Checkup_is1" = Norton PC Checkup
"NortonPCCheckup" = Toshiba Laptop Checkup
"Office14.SingleImage" = Microsoft Office Professional 2010
"Pen Tablet Driver" = Bamboo
"Picasa 3" = Picasa 3
"Quicken WillMaker Plus 2010" = Quicken WillMaker Plus 2010
"RealPlayer 16.0" = RealPlayer
"Replay Media Catcher 5" = Replay Media Catcher 5 (5.0.1.54)
"SING & SEE STUDENT_is1" = Cantovation Sing & See Student v1.5.4
"Switch" = Switch Sound File Converter
"TreeSize Free_is1" = TreeSize Free V3.0.1
"VLC media player" = VLC media player 1.1.7
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"WavePad" = WavePad Sound Editor
"What's Running_is1" = What's Running 3.0
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.3
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1135327352-3689979529-191883833-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google+ Auto Backup" = Google+ Auto Backup
"Sansa Updater" = Sansa Updater
"SkyDriveSetup.exe" = Microsoft SkyDrive
"UpdaterEX" = Extended Update
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 10/15/2014 8:53:17 AM | Computer Name = Lido-PC | Source = TabletServicePen | ID = 0
Description =
Error - 10/15/2014 2:54:48 PM | Computer Name = Lido-PC | Source = Application Error | ID = 1000
Description = Faulting application name: plugin-container.exe, version: 32.0.3.5379,
time stamp: 0x54224e6b Faulting module name: mozalloc.dll, version: 32.0.3.5379,
time stamp: 0x54221b67 Exception code: 0x80000003 Fault offset: 0x0000141b Faulting
process id: 0x9c0 Faulting application start time: 0x01cfe8a377b9f7bd Faulting application
path: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Faulting module
path: C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll Report Id: bc4772f2-549c-11e4-bb4b-b870f4585bca
Error - 10/16/2014 9:16:48 AM | Computer Name = Lido-PC | Source = TabletServicePen | ID = 0
Description =
Error - 10/16/2014 11:41:09 AM | Computer Name = Lido-PC | Source = TabletServicePen | ID = 0
Description =
Error - 10/17/2014 12:57:25 PM | Computer Name = Lido-PC | Source = TabletServicePen | ID = 0
Description =
Error - 10/17/2014 4:50:58 PM | Computer Name = Lido-PC | Source = Application Error | ID = 1000
Description = Faulting application name: plugin-container.exe, version: 32.0.3.5379,
time stamp: 0x54224e6b Faulting module name: mozalloc.dll, version: 32.0.3.5379,
time stamp: 0x54221b67 Exception code: 0x80000003 Fault offset: 0x0000141b Faulting
process id: 0x1638 Faulting application start time: 0x01cfea4bd1b312be Faulting application
path: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Faulting module
path: C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll Report Id: 4b30bee5-563f-11e4-a53f-b870f4585bca
Error - 10/18/2014 9:31:51 AM | Computer Name = Lido-PC | Source = TestWorker | ID = 131073
Description =
Error - 10/22/2014 7:28:51 PM | Computer Name = Lido-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 10/22/2014 7:28:51 PM | Computer Name = Lido-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15569
Error - 10/22/2014 7:28:51 PM | Computer Name = Lido-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15569
[ Media Center Events ]
Error - 5/6/2013 1:01:48 PM | Computer Name = Lido-PC | Source = MCUpdate | ID = 0
Description = 1:01:44 PM - Failed to retrieve SportsSchedule-2.enc (Error: BITS
0x80080005)
Error - 5/17/2013 12:24:14 AM | Computer Name = Lido-PC | Source = MCUpdate | ID = 0
Description = 12:24:14 AM - Failed to retrieve NetTV (Error: The request failed
with HTTP status 403: Forbidden.)
Error - 5/17/2013 12:24:22 AM | Computer Name = Lido-PC | Source = MCUpdate | ID = 0
Description = 12:24:21 AM - Failed to retrieve SportsV2 (Error: The request failed
with HTTP status 403: Forbidden.)
Error - 5/17/2013 1:24:26 AM | Computer Name = Lido-PC | Source = MCUpdate | ID = 0
Description = 1:24:25 AM - Failed to retrieve NetTV (Error: The request failed with
HTTP status 403: Forbidden.)
Error - 5/17/2013 1:24:28 AM | Computer Name = Lido-PC | Source = MCUpdate | ID = 0
Description = 1:24:27 AM - Failed to retrieve SportsV2 (Error: Invalid security
token.)
Error - 5/17/2013 2:24:41 AM | Computer Name = Lido-PC | Source = MCUpdate | ID = 0
Description = 2:24:37 AM - Failed to retrieve SportsV2 (Error: The request failed
with HTTP status 403: Forbidden.)
Error - 5/17/2013 12:34:40 PM | Computer Name = Lido-PC | Source = MCUpdate | ID = 0
Description = 12:34:36 PM - Failed to retrieve SportsSchedule (Error: The request
failed with HTTP status 403: Forbidden.)
Error - 5/17/2013 1:34:42 PM | Computer Name = Lido-PC | Source = MCUpdate | ID = 0
Description = 1:34:41 PM - Failed to retrieve SportsSchedule (Error: The request
failed with HTTP status 403: Forbidden.)
Error - 5/31/2013 10:42:22 AM | Computer Name = Lido-PC | Source = MCUpdate | ID = 0
Description = 10:42:22 AM - Error connecting to the internet. 10:42:22 AM - Unable
to contact server..
Error - 5/31/2013 10:42:39 AM | Computer Name = Lido-PC | Source = MCUpdate | ID = 0
Description = 10:42:28 AM - Error connecting to the internet. 10:42:28 AM - Unable
to contact server..
[ System Events ]
Error - 10/20/2014 4:21:26 PM | Computer Name = Lido-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the ShellHWDetection service.
Error - 10/21/2014 7:08:55 AM | Computer Name = Lido-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR7.
Error - 10/21/2014 8:00:04 PM | Computer Name = Lido-PC | Source = ipnathlp | ID = 31004
Description =
Error - 10/21/2014 8:00:06 PM | Computer Name = Lido-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR3.
Error - 10/21/2014 10:00:33 PM | Computer Name = Lido-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR3.
Error - 10/22/2014 11:25:43 AM | Computer Name = Lido-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR3.
Error - 10/22/2014 2:31:12 PM | Computer Name = Lido-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk3\DR9.
Error - 10/22/2014 4:13:38 PM | Computer Name = Lido-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the LanmanServer service.
Error - 10/22/2014 4:14:08 PM | Computer Name = Lido-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the ShellHWDetection service.
Error - 10/23/2014 7:10:25 AM | Computer Name = Lido-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR3.
< End of report >