. so I have this issue that when I start windows, it will state that volume is dirty, I then run chkdsk by opening cmd prompt, type chkdsk c: /f /r then tell it to scan on next restart. Then I reset the computer. Chkdsk reports nothing is wrong with the drive. Therefore, I start windows back up. After the restart I do an inquire of dirty on c: and results are great. However, I will start running programs and such and some programs that I open up states that the volume is dirty and the application can't run.I have a TB HDD with 2 partitions. one is for storage and the other is for Windows 8 operating system. Any help with this issue would be most appreciated. I am almost to the point of reformat or going to buy a new HDD but I figured why not let the professionals here try to see if they can fix it without spending a lot of money. OTL scan is below. I don't have Windows 8 CD so I would have to go and buy a copy to reformat and that is expensive as well. If there is any programs or anything that you see I shouldn't have please have them removed as well. Thank you so much for your time.
OTL logfile created on: 4/22/2013 10:26:28 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Christopher\Downloads
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
12.00 Gb Total Physical Memory | 9.48 Gb Available Physical Memory | 79.03% Memory free
24.00 Gb Paging File | 20.98 Gb Available in Paging File | 87.43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100.05 Gb Total Space | 50.08 Gb Free Space | 50.06% Space Free | Partition Type: NTFS
Drive E: | 831.11 Gb Total Space | 773.47 Gb Free Space | 93.07% Space Free | Partition Type: exFAT
Drive K: | 1.14 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: CHRIS-PC | User Name: Christopher | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/04/22 10:26:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Christopher\Downloads\OTL.exe
PRC - [2013/04/21 22:26:43 | 004,295,312 | ---- | M] (H.D.S. Hungary) -- C:\Program Files (x86)\DEKSI Hard Disk Manager\hdsentinel.exe
PRC - [2013/04/11 08:28:08 | 002,730,784 | ---- | M] (Conduit) -- C:\Users\Christopher\AppData\Roaming\SearchProtect\bin\cltmng.exe
PRC - [2013/04/11 08:28:08 | 000,093,984 | ---- | M] (Conduit) -- C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
PRC - [2013/04/09 02:57:09 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/04/05 13:25:26 | 004,688,896 | ---- | M] () -- C:\Program Files (x86)\VodBurner\vodburner.exe
PRC - [2013/04/04 16:41:44 | 025,863,280 | ---- | M] (Dropbox, Inc.) -- C:\Users\Christopher\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/04/04 14:50:32 | 000,887,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2013/03/30 10:20:01 | 000,109,784 | ---- | M] (Siber Systems) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2013/02/28 14:37:14 | 000,188,760 | ---- | M] () -- C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe
PRC - [2013/02/26 01:32:22 | 001,260,320 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/01/18 09:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
========== Modules (No Company Name) ==========
MOD - [2013/04/09 02:57:07 | 000,390,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll
MOD - [2013/04/09 02:57:06 | 013,130,704 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
MOD - [2013/04/09 02:57:05 | 004,050,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
MOD - [2013/04/09 02:56:15 | 000,598,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libglesv2.dll
MOD - [2013/04/09 02:56:14 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libegl.dll
MOD - [2013/04/09 02:56:13 | 001,606,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
MOD - [2013/04/05 13:25:26 | 004,688,896 | ---- | M] () -- C:\Program Files (x86)\VodBurner\vodburner.exe
MOD - [2013/03/29 09:17:06 | 000,070,536 | ---- | M] () -- C:\Program Files\TortoiseSVN\bin\libsasl32.dll
MOD - [2013/03/13 14:48:52 | 024,978,944 | ---- | M] () -- C:\Users\Christopher\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2012/11/13 17:32:50 | 003,558,400 | ---- | M] () -- C:\Users\Christopher\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013/03/01 20:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/03/01 20:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/02/28 14:37:14 | 000,188,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe -- (Updater By SweetPacks)
SRV:64bit: - [2013/02/02 02:21:45 | 000,467,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/01/28 19:57:14 | 000,014,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/01/09 17:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/01/09 17:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012/11/05 22:17:41 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2012/09/20 03:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012/09/20 00:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/09/20 00:30:41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2012/07/25 21:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/07/25 21:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/25 21:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012/07/25 21:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/25 21:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/25 21:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/25 21:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/25 21:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/25 21:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/25 21:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/25 21:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2012/07/25 21:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/25 21:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/25 21:05:04 | 000,187,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV - [2013/04/11 08:28:08 | 000,093,984 | ---- | M] (Conduit) [Auto | Running] -- C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2013/02/26 01:32:22 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/01/18 09:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/07/25 21:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/07/25 21:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/03/02 04:57:48 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/03/02 04:57:46 | 000,283,880 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/03/02 04:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/03/02 04:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/03/02 04:45:19 | 000,194,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/03/02 04:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/02/21 09:32:54 | 002,477,840 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2013/02/18 10:22:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/02/02 05:19:44 | 000,446,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/02/02 01:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/01/28 19:57:05 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/01/28 17:08:22 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/01/09 19:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012/11/26 21:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/11/19 22:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/11/08 02:52:06 | 000,077,040 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\FLxHCIh.sys -- (FLxHCIh)
DRV:64bit: - [2012/11/08 02:42:06 | 000,249,584 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\FLxHCIc.sys -- (FLxHCIc)
DRV:64bit: - [2012/11/05 21:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/10/12 02:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/10/11 01:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/10/11 01:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012/09/20 01:55:33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2012/09/20 01:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012/09/20 01:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/09/20 01:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/07/25 23:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/25 23:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/25 23:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/25 23:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/25 23:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/25 23:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/25 23:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/25 23:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/25 23:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/25 23:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/25 23:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/25 23:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/25 23:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/25 23:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/25 23:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/25 23:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/25 23:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/25 22:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/25 22:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012/07/25 22:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/25 21:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/25 20:29:47 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2012/07/25 20:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/25 20:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/25 20:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/25 20:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/25 20:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/25 20:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/25 20:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/25 20:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/25 20:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/25 20:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/25 20:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/25 20:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/25 20:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/25 20:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/25 20:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/25 20:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/25 20:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/25 20:25:26 | 000,203,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Vid.sys -- (Vid)
DRV:64bit: - [2012/07/25 20:25:22 | 000,067,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\storvsp.sys -- (storvsp)
DRV:64bit: - [2012/07/25 20:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/25 20:25:12 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmbusr.sys -- (vmbusr)
DRV:64bit: - [2012/07/25 20:25:12 | 000,066,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpcivsp.sys -- (vpcivsp)
DRV:64bit: - [2012/07/25 20:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/25 20:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/25 20:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/06/02 08:31:56 | 000,589,824 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2009/07/31 03:40:32 | 000,025,600 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WRfiltv.sys -- (WRfiltv)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wdcsam64.sys -- (WDC_SAM)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files (x86)\WhiteSmoke_New\prxtbWhit.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...9-0025228E51B1}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...8A-BA49DA2D35E1
IE - HKCU\..\URLSearchHook: {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files (x86)\WhiteSmoke_New\prxtbWhit.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...9-0025228E51B1}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX [2013/04/07 22:06:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox [2013/04/07 22:06:04 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - default_search_provider: Conduit (Enabled)
CHR - default_search_provider: search_url = http://search.condui...=CT3289847&UM=2
CHR - default_search_provider: suggest_url = http://suggest.searc...4526500111&UM=2
CHR - homepage: http://search.condui...4526500111&UM=2
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - Extension: Google Docs = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Updater By SweetPacks = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.566_0\
CHR - Extension: WhiteSmoke New = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi\10.15.2.523_0\
CHR - Extension: SweetPacks Chrome Extension = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.3_0\
CHR - Extension: Gmail = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Utopia Detailed Menu = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppbgibkggekkelfmddlplmhhlfhjdikk\1.1_0\
CHR - Extension: Google Docs = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Updater By SweetPacks = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.566_0\
CHR - Extension: WhiteSmoke New = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi\10.15.2.523_0\
CHR - Extension: SweetPacks Chrome Extension = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.3_0\
CHR - Extension: Gmail = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Utopia Detailed Menu = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppbgibkggekkelfmddlplmhhlfhjdikk\1.1_0\
O1 HOSTS File: ([2012/07/25 23:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O2:64bit: - BHO: (Updater By SweetPacks) - {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} - C:\Program Files\Updater By SweetPacks\Extension64.dll ()
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (WhiteSmoke New Toolbar) - {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files (x86)\WhiteSmoke_New\prxtbWhit.dll (Conduit Ltd.)
O2 - BHO: (Updater By SweetPacks) - {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} - C:\Program Files\Updater By SweetPacks\Extension32.dll ()
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3:64bit: - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (WhiteSmoke New Toolbar) - {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files (x86)\WhiteSmoke_New\prxtbWhit.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (WhiteSmoke New Toolbar) - {739DF940-C5EE-4BAB-9D7E-270894AE687A} - C:\Program Files (x86)\WhiteSmoke_New\prxtbWhit.dll (Conduit Ltd.)
O4 - HKLM..\Run: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKCU..\Run: [AppVodBurner] C:\Program Files (x86)\VodBurner\vodburner.exe ()
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKCU..\Run: [SearchProtect] C:\Users\Christopher\AppData\Roaming\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKCU..\Run: [Utopia Angel] C:\Utopia\Angel\Angel.exe ()
O4 - HKCU..\Run: [uTorrent] C:\Users\Christopher\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O4 - Startup: C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Christopher\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TimeLeft.lnk = C:\Program Files (x86)\TimeLeft3\TimeLeft.exe (NesterSoft Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8:64bit: - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8:64bit: - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8:64bit: - Extra context menu item: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9:64bit: - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7FE8985F-0E72-4E67-B004-D87C051D1BC0}: DhcpNameServer = 24.220.0.10 24.220.0.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B41D6C61-D0F8-4884-A619-B837912CCB0F}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\belarc - No CLSID value found
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1a616e9e-96e1-11e2-be66-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1a616e9e-96e1-11e2-be66-806e6f6e6963}\Shell\AutoRun\command - "" = "D:\LaunchU3.exe" -a
O33 - MountPoints2\{b6d3ffd4-9a29-11e2-be6f-0025228e51b1}\Shell - "" = AutoRun
O33 - MountPoints2\{b6d3ffd4-9a29-11e2-be6f-0025228e51b1}\Shell\AutoRun\command - "" = "D:\LaunchU3.exe" -a
O33 - MountPoints2\{f9d7e418-a86a-11e2-be8f-0025228e51b1}\Shell - "" = AutoRun
O33 - MountPoints2\{f9d7e418-a86a-11e2-be8f-0025228e51b1}\Shell\AutoRun\command - "" = "D:\MotoCastSetup.exe" -a
O33 - MountPoints2\{f9d7e448-a86a-11e2-be8f-0025228e51b1}\Shell - "" = AutoRun
O33 - MountPoints2\{f9d7e448-a86a-11e2-be8f-0025228e51b1}\Shell\AutoRun\command - "" = "N:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/04/22 10:15:58 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\Malwarebytes
[2013/04/22 10:15:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/04/22 10:15:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/04/22 10:15:47 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/04/22 10:15:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/04/21 22:57:33 | 000,000,000 | ---D | C] -- C:\Users\Christopher\Documents\VodBurner
[2013/04/21 22:51:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VodBurner
[2013/04/21 22:51:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VodBurner
[2013/04/21 22:28:25 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\Hard Disk Sentinel
[2013/04/21 22:24:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DEKSI Hard Disk Manager
[2013/04/21 22:24:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DEKSI Hard Disk Manager
[2013/04/21 22:23:13 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\SwvUpdater
[2013/04/21 22:23:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2013/04/21 22:22:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WhiteSmoke_New
[2013/04/21 22:22:56 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\Conduit
[2013/04/21 22:22:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchProtect
[2013/04/21 22:22:35 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\SearchProtect
[2013/04/21 22:22:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flobo Hard Disk Repair
[2013/04/21 22:22:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Flobo Hard Disk Repair
[2013/04/21 22:22:32 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\CRE
[2013/04/21 21:33:54 | 000,000,000 | ---D | C] -- C:\Users\Christopher\Desktop\language
[2013/04/21 14:20:48 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ventrilo
[2013/04/21 14:20:47 | 000,000,000 | ---D | C] -- C:\Program Files\Ventrilo
[2013/04/21 14:20:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013/04/20 23:26:54 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\HonorbuddyMeshes
[2013/04/20 23:09:47 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\TSVNCache
[2013/04/20 22:49:28 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\Curse Advertising
[2013/04/20 22:38:44 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\TortoiseSVN
[2013/04/20 22:38:32 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\Subversion
[2013/04/20 22:38:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TortoiseSVN
[2013/04/20 22:38:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TortoiseOverlays
[2013/04/20 22:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\TortoiseSVN
[2013/04/20 22:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\TortoiseOverlays
[2013/04/20 22:24:01 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
[2013/04/20 22:23:05 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\Deployment
[2013/04/20 22:23:05 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\Apps
[2013/04/20 22:02:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2013/04/20 22:02:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2013/04/20 22:01:54 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2013/04/20 22:01:53 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2013/04/20 21:06:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TimeLeft 3
[2013/04/20 21:06:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TimeLeft3
[2013/04/20 21:06:49 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\NesterSoft
[2013/04/20 20:33:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2013/04/20 20:33:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2013/04/20 20:33:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2013/04/20 20:32:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2013/04/18 15:06:26 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\Yahoo!
[2013/04/18 14:52:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
[2013/04/18 14:52:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2013/04/18 14:51:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2013/04/10 06:41:08 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\mIRC
[2013/04/10 06:41:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC
[2013/04/10 06:41:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mIRC
[2013/04/07 22:06:03 | 000,000,000 | ---D | C] -- C:\Program Files\Updater By SweetPacks
[2013/04/07 22:06:03 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\Programs
[2013/04/07 22:05:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SweetIM
[2013/04/06 19:33:12 | 000,000,000 | ---D | C] -- C:\Users\Christopher\Documents\My Cheat Tables
[2013/04/06 19:33:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.2
[2013/04/06 19:33:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheat Engine 6.2
[2013/04/01 21:37:18 | 000,000,000 | ---D | C] -- C:\Users\Christopher\Desktop\Pictures
[2013/03/31 21:54:54 | 000,000,000 | R--D | C] -- C:\Users\Christopher\Dropbox
[2013/03/31 21:53:53 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2013/03/31 21:52:04 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\Dropbox
[2013/03/31 14:36:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnInTest
[2013/03/31 14:36:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\temp
[2013/03/31 14:36:28 | 000,000,000 | ---D | C] -- C:\ProgramData\PassMark
[2013/03/31 14:36:27 | 000,000,000 | ---D | C] -- C:\Users\Christopher\Documents\PassMark
[2013/03/31 14:36:26 | 000,000,000 | ---D | C] -- C:\Program Files\BurnInTest
[2013/03/31 14:31:55 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\NVIDIA
[2013/03/31 14:31:36 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\JAM Software
[2013/03/31 14:31:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HeavyLoad
[2013/03/31 14:31:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JAM Software
[2013/03/31 13:49:36 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\ImgBurn
[2013/03/31 13:43:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
[2013/03/31 13:43:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ImgBurn
[2013/03/31 13:34:59 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView
[2013/03/31 13:34:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NirSoft
[2013/03/31 13:19:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/03/31 13:19:56 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/03/31 13:19:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/03/31 13:19:02 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\Google
[2013/03/31 13:19:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013/03/31 12:03:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Belarc
[2013/03/31 12:00:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
[2013/03/31 12:00:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavalys
[2013/03/30 12:19:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/03/30 12:19:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/03/30 12:19:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013/03/30 10:20:38 | 000,000,000 | ---D | C] -- C:\ProgramData\RoboForm
[2013/03/30 10:20:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm
[2013/03/30 10:20:22 | 000,000,000 | ---D | C] -- C:\Users\Christopher\Documents\My RoboForm Data
[2013/03/30 10:20:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Siber Systems
[2013/03/27 12:04:55 | 000,106,496 | ---- | C] (windowsforum.kr) -- C:\Windows\SysNative\SLCHook.dll
[2013/03/27 12:04:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013/03/27 09:33:38 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013/03/27 08:20:06 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2013/03/27 08:15:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Utopia Angel
[2013/03/27 08:15:45 | 000,000,000 | ---D | C] -- C:\Utopia
[2013/03/27 08:08:38 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\uTorrent
[2013/03/27 08:06:18 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\Macromedia
[2013/03/27 08:05:09 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2013/03/27 08:04:41 | 000,061,216 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013/03/27 08:04:41 | 000,053,024 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013/03/27 08:04:28 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013/03/27 08:04:19 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013/03/27 08:04:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2013/03/27 07:59:42 | 000,000,000 | R--D | C] -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/03/27 07:59:42 | 000,000,000 | R--D | C] -- C:\Users\Christopher\Searches
[2013/03/27 07:59:42 | 000,000,000 | R--D | C] -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/03/27 07:59:42 | 000,000,000 | -H-D | C] -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013/03/27 07:59:39 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\Adobe
[2013/03/27 07:59:38 | 000,000,000 | R--D | C] -- C:\Users\Christopher\Contacts
[2013/03/27 07:59:02 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2013/03/27 07:58:58 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\VirtualStore
[2013/03/27 07:58:48 | 000,000,000 | ---D | C] -- C:\ProgramData\PRICache
[2013/03/27 07:58:48 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\Packages
[2013/03/27 07:58:36 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/03/27 07:58:27 | 000,000,000 | --SD | C] -- C:\Users\Christopher\AppData\Roaming\Microsoft
[2013/03/27 07:58:27 | 000,000,000 | R--D | C] -- C:\Users\Christopher\Videos
[2013/03/27 07:58:27 | 000,000,000 | R--D | C] -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2013/03/27 07:58:27 | 000,000,000 | R--D | C] -- C:\Users\Christopher\Saved Games
[2013/03/27 07:58:27 | 000,000,000 | R--D | C] -- C:\Users\Christopher\Pictures
[2013/03/27 07:58:27 | 000,000,000 | R--D | C] -- C:\Users\Christopher\Music
[2013/03/27 07:58:27 | 000,000,000 | R--D | C] -- C:\Users\Christopher\Links
[2013/03/27 07:58:27 | 000,000,000 | R--D | C] -- C:\Users\Christopher\Favorites
[2013/03/27 07:58:27 | 000,000,000 | R--D | C] -- C:\Users\Christopher\Downloads
[2013/03/27 07:58:27 | 000,000,000 | R--D | C] -- C:\Users\Christopher\Documents
[2013/03/27 07:58:27 | 000,000,000 | R--D | C] -- C:\Users\Christopher\Desktop
[2013/03/27 07:58:27 | 000,000,000 | R--D | C] -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/03/27 07:58:27 | 000,000,000 | R--D | C] -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2013/03/27 07:58:27 | 000,000,000 | -HSD | C] -- C:\Users\Christopher\AppData\Local\Temporary Internet Files
[2013/03/27 07:58:27 | 000,000,000 | -HSD | C] -- C:\Users\Christopher\Templates
[2013/03/27 07:58:27 | 000,000,000 | -HSD | C] -- C:\Users\Christopher\Start Menu
[2013/03/27 07:58:27 | 000,000,000 | -HSD | C] -- C:\Users\Christopher\SendTo
[2013/03/27 07:58:27 | 000,000,000 | -HSD | C] -- C:\Users\Christopher\Recent
[2013/03/27 07:58:27 | 000,000,000 | -HSD | C] -- C:\Users\Christopher\PrintHood
[2013/03/27 07:58:27 | 000,000,000 | -HSD | C] -- C:\Users\Christopher\NetHood
[2013/03/27 07:58:27 | 000,000,000 | -HSD | C] -- C:\Users\Christopher\Documents\My Videos
[2013/03/27 07:58:27 | 000,000,000 | -HSD | C] -- C:\Users\Christopher\Documents\My Pictures
[2013/03/27 07:58:27 | 000,000,000 | -HSD | C] -- C:\Users\Christopher\Documents\My Music
[2013/03/27 07:58:27 | 000,000,000 | -HSD | C] -- C:\Users\Christopher\My Documents
[2013/03/27 07:58:27 | 000,000,000 | -HSD | C] -- C:\Users\Christopher\Local Settings
[2013/03/27 07:58:27 | 000,000,000 | -HSD | C] -- C:\Users\Christopher\AppData\Local\History
[2013/03/27 07:58:27 | 000,000,000 | -HSD | C] -- C:\Users\Christopher\Cookies
[2013/03/27 07:58:27 | 000,000,000 | -HSD | C] -- C:\Users\Christopher\Application Data
[2013/03/27 07:58:27 | 000,000,000 | -HSD | C] -- C:\Users\Christopher\AppData\Local\Application Data
[2013/03/27 07:58:27 | 000,000,000 | -H-D | C] -- C:\Users\Christopher\AppData
[2013/03/27 07:58:27 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\Temp
[2013/03/27 07:58:27 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\Microsoft
[2013/03/27 07:58:27 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/03/27 07:23:16 | 000,000,000 | -HSD | C] -- C:\Recovery
[2013/03/27 07:21:11 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013/03/27 07:20:40 | 000,000,000 | -HSD | C] -- C:\System Volume Information
========== Files - Modified Within 30 Days ==========
[2013/04/22 10:29:00 | 000,000,926 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/04/22 10:15:53 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/04/22 10:04:27 | 000,848,230 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/04/22 10:04:27 | 000,718,176 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/04/22 10:04:27 | 000,132,542 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/04/22 10:02:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/22 10:01:44 | 000,000,380 | ---- | M] () -- C:\Windows\tasks\AmiUpdXp.job
[2013/04/22 10:01:09 | 000,000,048 | ---- | M] () -- C:\Users\Christopher\Documents\dovodprep.bat
[2013/04/22 10:00:51 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/04/22 10:00:12 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/04/22 10:00:04 | 828,441,511 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/04/22 10:00:01 | 1717,346,302 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/21 22:24:46 | 000,001,048 | ---- | M] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\DEKSI Hard Disk Manager.lnk
[2013/04/21 22:24:46 | 000,001,024 | ---- | M] () -- C:\Users\Christopher\Desktop\DEKSI Hard Disk Manager.lnk
[2013/04/21 22:23:08 | 000,000,009 | ---- | M] () -- C:\END
[2013/04/21 22:22:35 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Flobo Hard Disk Repair.lnk
[2013/04/21 21:33:55 | 000,655,872 | ---- | M] () -- C:\Users\Christopher\Desktop\checkDisk.exe
[2013/04/21 14:20:48 | 000,000,909 | ---- | M] () -- C:\Users\Christopher\Desktop\Ventrilo.lnk
[2013/04/21 14:20:48 | 000,000,262 | ---- | M] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2013/04/21 07:46:55 | 000,000,810 | ---- | M] () -- C:\Users\Christopher\Desktop\Honorbuddy - Shortcut.lnk
[2013/04/21 07:46:41 | 000,000,822 | ---- | M] () -- C:\Users\Christopher\Desktop\Wow - Shortcut.lnk
[2013/04/20 22:24:07 | 000,000,000 | ---- | M] () -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2013/04/20 22:24:01 | 000,000,318 | ---- | M] () -- C:\Users\Christopher\Desktop\Curse Client.appref-ms
[2013/04/20 21:06:50 | 000,001,046 | ---- | M] () -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TimeLeft.lnk
[2013/04/20 21:06:50 | 000,001,010 | ---- | M] () -- C:\Users\Christopher\Desktop\TimeLeft.lnk
[2013/04/18 14:58:36 | 000,281,088 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/04/18 14:52:57 | 000,001,157 | ---- | M] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2013/04/18 14:52:57 | 000,001,133 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2013/04/10 06:41:08 | 000,000,947 | ---- | M] () -- C:\Users\Public\Desktop\mIRC.lnk
[2013/04/10 01:29:13 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/04/06 19:33:09 | 000,001,081 | ---- | M] () -- C:\Users\Christopher\Desktop\Cheat Engine.lnk
[2013/04/06 07:16:28 | 000,001,055 | ---- | M] () -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/04/06 07:16:06 | 000,001,035 | ---- | M] () -- C:\Users\Christopher\Desktop\Dropbox.lnk
[2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/03/31 14:36:29 | 000,000,795 | ---- | M] () -- C:\Users\Christopher\Desktop\BurnInTest.lnk
[2013/03/31 13:44:29 | 001,193,984 | ---- | M] () -- C:\Users\Christopher\Desktop\Memtest86-4.2.0.iso
[2013/03/31 13:43:39 | 000,001,885 | ---- | M] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
[2013/03/31 13:43:39 | 000,001,861 | ---- | M] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2013/03/31 13:33:56 | 000,000,816 | ---- | M] () -- C:\Users\Christopher\Desktop\033113-17484-01.dmp - Shortcut.lnk
[2013/03/31 13:24:31 | 000,002,275 | ---- | M] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/03/31 13:19:57 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/03/31 12:03:07 | 000,002,140 | ---- | M] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk
[2013/03/31 12:03:07 | 000,002,116 | ---- | M] () -- C:\Users\Public\Desktop\Belarc Advisor.lnk
[2013/03/31 12:00:25 | 000,001,098 | ---- | M] () -- C:\Users\Christopher\Desktop\EVEREST Home Edition.lnk
[2013/03/27 12:04:24 | 000,002,061 | ---- | M] () -- C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
[2013/03/27 08:15:49 | 000,000,705 | ---- | M] () -- C:\Users\Christopher\Desktop\Utopia Angel.lnk
[2013/03/27 08:09:18 | 000,000,887 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2013/03/27 08:09:18 | 000,000,837 | ---- | M] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2013/03/27 08:05:31 | 000,001,420 | ---- | M] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/03/27 07:22:17 | 000,040,858 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013/03/27 07:22:17 | 000,040,858 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013/03/27 07:21:29 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
========== Files Created - No Company Name ==========
[2013/04/22 10:15:53 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/04/22 10:00:04 | 828,441,511 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013/04/21 22:57:03 | 000,000,048 | ---- | C] () -- C:\Users\Christopher\Documents\dovodprep.bat
[2013/04/21 22:24:46 | 000,001,048 | ---- | C] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\DEKSI Hard Disk Manager.lnk
[2013/04/21 22:24:46 | 000,001,024 | ---- | C] () -- C:\Users\Christopher\Desktop\DEKSI Hard Disk Manager.lnk
[2013/04/21 22:23:14 | 000,000,380 | ---- | C] () -- C:\Windows\tasks\AmiUpdXp.job
[2013/04/21 22:22:35 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Flobo Hard Disk Repair.lnk
[2013/04/21 22:22:15 | 000,000,009 | ---- | C] () -- C:\END
[2013/04/21 14:20:48 | 000,000,909 | ---- | C] () -- C:\Users\Christopher\Desktop\Ventrilo.lnk
[2013/04/21 14:20:47 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2013/04/21 07:46:55 | 000,000,810 | ---- | C] () -- C:\Users\Christopher\Desktop\Honorbuddy - Shortcut.lnk
[2013/04/21 07:46:41 | 000,000,822 | ---- | C] () -- C:\Users\Christopher\Desktop\Wow - Shortcut.lnk
[2013/04/20 22:24:07 | 000,000,000 | ---- | C] () -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2013/04/20 22:24:01 | 000,000,318 | ---- | C] () -- C:\Users\Christopher\Desktop\Curse Client.appref-ms
[2013/04/20 21:06:50 | 000,001,046 | ---- | C] () -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TimeLeft.lnk
[2013/04/20 21:06:50 | 000,001,010 | ---- | C] () -- C:\Users\Christopher\Desktop\TimeLeft.lnk
[2013/04/18 14:58:21 | 000,281,088 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/04/18 14:52:57 | 000,001,157 | ---- | C] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2013/04/18 14:52:57 | 000,001,133 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2013/04/12 06:46:15 | 000,387,867 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013/04/10 06:41:08 | 000,000,947 | ---- | C] () -- C:\Users\Public\Desktop\mIRC.lnk
[2013/04/06 19:33:09 | 000,001,081 | ---- | C] () -- C:\Users\Christopher\Desktop\Cheat Engine.lnk
[2013/03/31 21:54:54 | 000,001,035 | ---- | C] () -- C:\Users\Christopher\Desktop\Dropbox.lnk
[2013/03/31 21:54:17 | 000,001,055 | ---- | C] () -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/03/31 14:36:29 | 000,000,795 | ---- | C] () -- C:\Users\Christopher\Desktop\BurnInTest.lnk
[2013/03/31 13:43:39 | 000,001,885 | ---- | C] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
[2013/03/31 13:43:39 | 000,001,861 | ---- | C] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2013/03/31 13:43:38 | 000,001,873 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
[2013/03/31 13:33:56 | 000,000,816 | ---- | C] () -- C:\Users\Christopher\Desktop\033113-17484-01.dmp - Shortcut.lnk
[2013/03/31 13:19:57 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/03/31 13:19:29 | 000,002,275 | ---- | C] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/03/31 13:19:29 | 000,002,183 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/03/31 13:19:05 | 000,000,926 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/31 13:19:04 | 000,000,922 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/31 12:12:44 | 000,000,291 | ---- | C] () -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Computer.lnk
[2013/03/31 12:03:07 | 000,002,140 | ---- | C] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk
[2013/03/31 12:03:07 | 000,002,128 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk
[2013/03/31 12:03:07 | 000,002,116 | ---- | C] () -- C:\Users\Public\Desktop\Belarc Advisor.lnk
[2013/03/31 12:00:25 | 000,001,098 | ---- | C] () -- C:\Users\Christopher\Desktop\EVEREST Home Edition.lnk
[2013/03/28 10:59:36 | 000,110,592 | ---- | C] () -- C:\Windows\SysNative\OEMLicense.dll
[2013/03/28 10:59:36 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/03/27 12:04:24 | 000,002,061 | ---- | C] () -- C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
[2013/03/27 08:15:49 | 000,000,705 | ---- | C] () -- C:\Users\Christopher\Desktop\Utopia Angel.lnk
[2013/03/27 08:09:18 | 000,000,887 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2013/03/27 08:09:18 | 000,000,837 | ---- | C] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2013/03/27 08:05:31 | 000,001,420 | ---- | C] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/03/27 08:05:03 | 002,953,448 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2013/03/27 07:59:39 | 000,001,426 | ---- | C] () -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/03/27 07:58:27 | 000,000,352 | ---- | C] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/03/27 07:58:27 | 000,000,334 | ---- | C] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/03/27 07:22:57 | 1717,346,302 | -HS- | C] () -- C:\hiberfil.sys
[2013/03/27 07:21:29 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2013/03/27 07:20:42 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2012/07/26 02:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012/07/26 02:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012/07/26 01:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012/07/25 19:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012/07/25 14:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012/07/25 14:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012/06/02 08:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
========== ZeroAccess Check ==========
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/03/01 20:45:01 | 019,748,864 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/03/02 02:23:07 | 017,560,576 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/25 21:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/25 21:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/25 21:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/04/20 22:50:07 | 000,000,000 | ---D | M] -- C:\Users\Christopher\AppData\Roaming\Curse Advertising
[2013/04/22 10:01:42 | 000,000,000 | ---D | M] -- C:\Users\Christopher\AppData\Roaming\Dropbox
[2013/04/21 22:28:26 | 000,000,000 | ---D | M] -- C:\Users\Christopher\AppData\Roaming\Hard Disk Sentinel
[2013/03/31 13:49:36 | 000,000,000 | ---D | M] -- C:\Users\Christopher\AppData\Roaming\ImgBurn
[2013/03/31 14:31:36 | 000,000,000 | ---D | M] -- C:\Users\Christopher\AppData\Roaming\JAM Software
[2013/04/20 21:06:49 | 000,000,000 | ---D | M] -- C:\Users\Christopher\AppData\Roaming\NesterSoft
[2013/04/21 22:28:06 | 000,000,000 | ---D | M] -- C:\Users\Christopher\AppData\Roaming\SearchProtect
[2013/04/20 22:38:32 | 000,000,000 | ---D | M] -- C:\Users\Christopher\AppData\Roaming\Subversion
[2013/04/22 10:01:12 | 000,000,000 | ---D | M] -- C:\Users\Christopher\AppData\Roaming\uTorrent
========== Purity Check ==========
< End of report >
OTL Extras logfile created on: 4/22/2013 10:26:28 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Christopher\Downloads
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
12.00 Gb Total Physical Memory | 9.48 Gb Available Physical Memory | 79.03% Memory free
24.00 Gb Paging File | 20.98 Gb Available in Paging File | 87.43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100.05 Gb Total Space | 50.08 Gb Free Space | 50.06% Space Free | Partition Type: NTFS
Drive E: | 831.11 Gb Total Space | 773.47 Gb Free Space | 93.07% Space Free | Partition Type: exFAT
Drive K: | 1.14 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: CHRIS-PC | User Name: Christopher | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{051624E6-93D1-4069-84E3-87509F44E103}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{0AFE21DF-A598-441F-A371-CEEF381CD926}" = lport=137 | protocol=17 | dir=in | app=system |
"{0BDA22E7-95DC-4686-941B-3BF03EDB0A46}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{246CCC9F-891A-45D9-B44C-91368EFA2BE9}" = lport=139 | protocol=6 | dir=in | app=system |
"{397FDC99-17FA-454D-9F87-41F35A4F322F}" = lport=445 | protocol=6 | dir=in | app=system |
"{3B375130-4043-4206-9A8C-20A456FF5337}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3BECB604-A34F-43FC-A631-8CCC3AC6E98D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{46CAE24C-3623-4EED-999D-B2A197A90FE8}" = lport=138 | protocol=17 | dir=in | app=system |
"{54522BDE-A65B-4FCF-8B5B-879368BF0A1C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5EABEFDB-A124-418D-856D-96281BAE2105}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{607A196A-5E56-4ECC-B073-659B364026A3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{76EA88C9-11B5-427D-BDBC-1F256A298CFA}" = rport=137 | protocol=17 | dir=out | app=system |
"{78BE801B-6BE0-4FEF-B82D-4DCBC83CA6DA}" = rport=139 | protocol=6 | dir=out | app=system |
"{7ABD3A3D-4D62-44E7-9922-C515E66A3850}" = rport=445 | protocol=6 | dir=out | app=system |
"{9A127177-FB02-42EE-8E90-DE8278CDF493}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9AFB72F5-BE95-426D-9D40-751D9EF44BD2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AD6712B4-0676-4102-9164-A8E9A1E5DBB8}" = rport=138 | protocol=17 | dir=out | app=system |
"{B7407B64-BF99-4A21-BDAC-D9179938F4D3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C2AE211D-9BC8-432E-84FF-FF394B89FB37}" = lport=10243 | protocol=6 | dir=in | app=system |
"{CDF4717E-1FAC-4D12-91D9-CACC47FC9554}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D6B66914-9BDB-45E0-9468-E7D57ABEFEA3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D7A8F090-A93D-40FD-98B0-C249666EF872}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DB3C8841-E970-42B1-A077-E1362E7FD4F3}" = rport=10243 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F087B56-AE00-4241-8404-9FB9CDBB6D3F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{1117C19E-0588-460B-8278-CE4B0844182B}" = dir=out | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{127F506A-AB05-4838-BF6D-3238763F188F}" = protocol=1 | dir=in | [email protected],-28543 |
"{1395B151-29FB-4A90-990F-188FDEE08A49}" = dir=out | name=@{microsoft.bingmaps_1.6.1528.2509_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{1606D576-3D5D-45CD-A6B6-8AE1C6482EB2}" = dir=out | name=onenote |
"{20161677-05AB-4C17-8304-B6704A3FA636}" = protocol=58 | dir=in | [email protected],-28545 |
"{202D2202-67D4-493B-8891-CD8BBED1B765}" = dir=out | name=@{microsoft.zunevideo_1.2.150.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{2627BA6C-8F71-4348-BC53-7F4431D29D0D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2E5A2C84-99FC-423D-BAB8-3F18B006BE50}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{2FF41ED3-F267-4664-BEFC-22CDD0E2C2FC}" = protocol=6 | dir=in | app=c:\users\christopher\appdata\roaming\dropbox\bin\dropbox.exe |
"{38F11C2C-1F2B-4A88-AB8F-86F836B10783}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3B03B3B4-1B7F-481B-AF67-791368DEC2D1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3B681FFF-5074-4AE3-9571-9D02576E8ABD}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{3EDE865C-BAE8-4881-9F97-092434088584}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{42B787EC-8971-4CE5-8479-8F0C025CC58C}" = protocol=58 | dir=out | [email protected],-503 |
"{43DB6442-1B6F-4647-A768-1CB8EA8E2B54}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{4460199B-7513-4329-817E-F6C31E72FC76}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{4AF4FB62-9F54-4A43-AE6C-585BDD80AC80}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{4DC740EB-9B62-4CD5-A4F4-232299EEE7F2}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{513D599E-3FD2-4DFD-8735-A03D6B5FA9D3}" = protocol=17 | dir=in | app=c:\users\christopher\appdata\roaming\dropbox\bin\dropbox.exe |
"{5F066822-F7E5-48A5-910D-329F82FB15EA}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{60B3F4D3-2795-40C1-BBA7-08DE42DC68FA}" = dir=out | name=@{microsoft.bingtravel_2.0.0.274_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{6110C2E9-3762-49C8-8BED-B7ACFA075165}" = dir=out | name=@{microsoft.zunemusic_1.2.150.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{6619FDE4-1085-47B3-99D6-82571FD06A91}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{663F39AF-D765-4344-8CF4-4B5415D51040}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{68292E15-C08B-4308-A936-A759174EC27E}" = dir=in | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{6A2F7E05-B1C2-48BE-8B48-C179E4FB9E99}" = dir=in | name=@{microsoft.xboxcompanion_1.2.160.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |
"{75B7C0B7-4DBB-40E6-9783-183FBC87105D}" = protocol=58 | dir=in | app=system |
"{7BAD482F-D931-43A4-A145-6AA974F04AD3}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{92804AF9-6A4C-4839-85DF-880033B5E2C2}" = dir=out | name=@{microsoft.bingfinance_2.0.0.275_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{956EBAF7-FBB0-47C1-93A0-E80B86DB1323}" = dir=out | name=@{microsoft.xboxlivegames_1.2.143.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{9649EEA1-7701-4C57-9083-E540F107001D}" = dir=out | name=@{microsoft.bingweather_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{97571A74-891E-4F6B-AD6A-578230695016}" = protocol=1 | dir=out | [email protected],-28544 |
"{98BB9E63-F848-409D-B21E-3D783728D46A}" = dir=out | name=netflix |
"{AD47E8BA-6B4C-471F-8FF9-7FDCCAC04E28}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{B114234E-AC81-4301-98FA-9F5AF5AA6BC5}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{B151ACDF-7DF3-4697-8104-6BAD1C01348F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B723DBEF-4B2F-4FFC-8695-C0D10193D010}" = protocol=6 | dir=in | app=c:\users\christopher\appdata\roaming\utorrent\utorrent.exe |
"{BC4CF58C-DC3E-4A45-B94F-B009E06C597A}" = dir=in | name=onenote |
"{BCB5F2C1-FA5A-4B4A-B42A-9F632646384D}" = dir=out | name=@{microsoft.xboxcompanion_1.2.160.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |
"{BEBF3187-A15C-42F8-9AA6-797CE84E9A8E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BED3B9ED-8E49-4E5B-A067-01E9CA94E0CD}" = dir=out | name=@{microsoft.bing_1.5.1.259_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{C8276065-C0B4-4E8E-AD6F-39CA3B5046C0}" = protocol=17 | dir=in | app=c:\users\christopher\appdata\roaming\utorrent\utorrent.exe |
"{D312AD41-3687-41C3-9681-970DA950CF0A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D3637233-068F-410F-B168-55CDC3274320}" = dir=out | name=@{microsoft.skypeapp_1.6.0.115_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{D9BA4E17-CFA3-4DB5-9039-9DBC07D8E9A5}" = dir=out | name=@{microsoft.bingsports_2.0.0.273_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{E471C721-EE05-4DB9-B051-3B112FA5B30B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E51ECF7D-88E1-4EC3-87B5-C9380408FF9A}" = protocol=58 | dir=out | [email protected],-28546 |
"{E6F03CC4-F96D-4045-B11B-559F542A386E}" = dir=out | name=@{microsoft.bingnews_2.0.0.273_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E9217C9B-117A-4D40-9C48-4F3E57CD87F5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E94D8271-4D50-4CAA-A4BD-4FFDD4D1C3F3}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{EA8A7C6A-82BD-44C4-B727-4C1E3F78FAD4}" = protocol=6 | dir=out | app=system |
"{EEC72B1A-3F25-417C-BE07-339A0275686C}" = dir=in | name=@{microsoft.skypeapp_1.6.0.115_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{EEFC4BEA-D790-4CE7-932F-872C25B6EAF5}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{EF6EC872-F928-412B-BB44-0BDE0B437CAF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F0FA5527-E279-4C4C-8F80-11CAA8C954B3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FBC4932B-42A8-47D3-9509-44B9CAB63310}" = dir=out | name=toolbox for windows 8 |
"{FD6AAA4E-E0F3-4967-8DF6-52E6768AC25F}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{FDEBD910-D7AE-482E-83B3-BB0E368D802A}" = dir=out | name=gethired |
"TCP Query User{7C82905F-CF98-415D-AC28-996994095AF4}E:\honorbuddy\honorbuddy.exe" = protocol=6 | dir=in | app=e:\honorbuddy\honorbuddy.exe |
"TCP Query User{A1BA9AC9-A4AE-49AE-8E65-0D137CF56744}C:\program files (x86)\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"TCP Query User{D8D88AAF-37D2-4C59-B357-83C861D80866}C:\program files (x86)\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"UDP Query User{2648989E-DEA6-41C9-B48E-1E1B3152569C}C:\program files (x86)\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"UDP Query User{6D39492A-7B90-4EC1-BB4A-9CB326F30F56}E:\honorbuddy\honorbuddy.exe" = protocol=17 | dir=in | app=e:\honorbuddy\honorbuddy.exe |
"UDP Query User{C7A4DD81-8FF8-4288-A926-1969474FC8BA}C:\program files (x86)\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{B2DCF07D-0F89-4818-8B41-50DABC1A310D}" = TortoiseSVN 1.7.12.24070 (64 bit)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1" = Updater By SweetPacks 2.0.0.566
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"CCleaner" = CCleaner
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E05549B-B52F-410E-845D-5498AAAE31BE}_is1" = Flobo Hard Disk Repair 4.1
"{656957B8-41DB-4E43-AAA1-B128C2213D50}" = VodBurner
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{80F3F10B-A177-4494-93CE-98090D819093}" = Internet Explorer Toolbar 4.7 by SweetPacks
"{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}" = Software Version Updater
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"AI RoboForm" = RoboForm 7-8-8-5 (All Users)
"Belarc Advisor" = Belarc Advisor 8.3
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"DEKSI Hard Disk Manager_is1" = DEKSI Hard Disk Manager PRO
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Google Chrome" = Google Chrome
"HeavyLoad_is1" = HeavyLoad V3.2
"ImgBurn" = ImgBurn
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"mIRC" = mIRC
"NirSoft BlueScreenView" = NirSoft BlueScreenView
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"SearchProtect" = Search Protect by conduit
"TIMELEFT3_is1" = TimeLeft
"uTorrent" = µTorrent
"WhiteSmoke_New Toolbar" = WhiteSmoke New Toolbar
"World of Warcraft" = World of Warcraft
"Yahoo! Messenger" = Yahoo! Messenger
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"101a9f93b8f0bb6f" = Curse Client
"Dropbox" = Dropbox
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 4/22/2013 9:16:13 AM | Computer Name = Chris-PC | Source = Perflib | ID = 1008
Description =
Error - 4/22/2013 9:16:13 AM | Computer Name = Chris-PC | Source = Perflib | ID = 1008
Description =
Error - 4/22/2013 9:16:13 AM | Computer Name = Chris-PC | Source = Perflib | ID = 1008
Description =
Error - 4/22/2013 9:16:13 AM | Computer Name = Chris-PC | Source = Perflib | ID = 1008
Description =
Error - 4/22/2013 9:42:47 AM | Computer Name = Chris-PC | Source = .NET Runtime | ID = 1023
Description =
Error - 4/22/2013 9:42:47 AM | Computer Name = Chris-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Honorbuddy.exe, version: 2.5.6948.557,
time stamp: 0x5165f789 Faulting module name: clr.dll, version: 4.0.30319.18033, time
stamp: 0x50b5a638 Exception code: 0xc0000005 Fault offset: 0x000293f0 Faulting process
id: 0x808 Faulting application start time: 0x01ce3f5869a9e708 Faulting application
path: E:\Honorbuddy\Honorbuddy.exe Faulting module path: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
Report
Id: 8448931e-ab52-11e2-be94-0025228e51b1 Faulting package full name: Faulting package-relative
application ID:
Error - 4/22/2013 10:10:02 AM | Computer Name = Chris-PC | Source = .NET Runtime | ID = 1023
Description =
Error - 4/22/2013 10:10:03 AM | Computer Name = Chris-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Honorbuddy.exe, version: 2.5.6948.557,
time stamp: 0x5165f789 Faulting module name: clr.dll, version: 4.0.30319.18033, time
stamp: 0x50b5a638 Exception code: 0xc0000005 Fault offset: 0x000e353f Faulting process
id: 0x3c Faulting application start time: 0x01ce3f5f4ce53088 Faulting application
path: E:\Honorbuddy\Honorbuddy.exe Faulting module path: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
Report
Id: 52da4417-ab56-11e2-be94-0025228e51b1 Faulting package full name: Faulting package-relative
application ID:
Error - 4/22/2013 11:32:33 AM | Computer Name = Chris-PC | Source = .NET Runtime | ID = 1023
Description =
Error - 4/22/2013 11:32:34 AM | Computer Name = Chris-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Honorbuddy.exe, version: 2.5.6948.557,
time stamp: 0x5165f789 Faulting module name: clr.dll, version: 4.0.30319.18033, time
stamp: 0x50b5a638 Exception code: 0xc0000005 Fault offset: 0x000e353f Faulting process
id: 0x12dc Faulting application start time: 0x01ce3f63995c45d5 Faulting application
path: E:\Honorbuddy\Honorbuddy.exe Faulting module path: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
Report
Id: d9e5f876-ab61-11e2-be94-0025228e51b1 Faulting package full name: Faulting package-relative
application ID:
[ System Events ]
Error - 4/18/2013 4:45:36 PM | Computer Name = Chris-PC | Source = DCOM | ID = 10016
Description =
Error - 4/18/2013 4:58:41 PM | Computer Name = Chris-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 2:50:43 PM on ?4/?18/?2013 was unexpected.
Error - 4/18/2013 4:58:49 PM | Computer Name = Chris-PC | Source = BugCheck | ID = 1001
Description =
Error - 4/19/2013 12:01:43 AM | Computer Name = Chris-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 7:40:44 PM on ?4/?18/?2013 was unexpected.
Error - 4/21/2013 1:54:19 AM | Computer Name = Chris-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:21:43 PM on ?4/?20/?2013 was unexpected.
Error - 4/21/2013 1:54:20 AM | Computer Name = CHRIS-PC | Source = BugCheck | ID = 1001
Description =
Error - 4/21/2013 4:53:45 PM | Computer Name = Chris-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 2:34:19 PM on ?4/?21/?2013 was unexpected.
Error - 4/21/2013 4:53:46 PM | Computer Name = CHRIS-PC | Source = BugCheck | ID = 1001
Description =
Error - 4/22/2013 12:00:07 PM | Computer Name = Chris-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 9:22:12 AM on ?4/?22/?2013 was unexpected.
Error - 4/22/2013 12:00:12 PM | Computer Name = Chris-PC | Source = BugCheck | ID = 1001
Description =
< End of report >
Sign In
Create Account
