I have discovered a rootkit in my system from an avast antivirus scan, but it wouldn't let me delete it. Then I tried different scans (GMER, McAffee, AVG, Malwarebytes) to see if I could find it again, but none on them have come up with anything. I am currently in 'Safe Mod with Networking', because if I boot normally my screen goes black once I log in. Any and all help is much appreciated.
Here are the logs from the OTL scan.
OTL logfile created on: 2/4/2012 9:09:57 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Eddie Sanchez\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
15.91 Gb Total Physical Memory | 14.56 Gb Available Physical Memory | 91.48% Memory free
31.83 Gb Paging File | 30.52 Gb Available in Paging File | 95.89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 643.29 Gb Free Space | 69.07% Space Free | Partition Type: NTFS
Computer Name: BLACKWATER | User Name: Eddie Sanchez | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/02/04 21:02:40 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Eddie Sanchez\Desktop\OTL.exe
========== Modules (No Company Name) ==========
MOD - [2012/01/19 23:35:35 | 000,411,120 | ---- | M] () -- C:\Users\Eddie Sanchez\AppData\Local\Google\Chrome\Application\16.0.912.77\ppgooglenaclpluginchrome.dll
MOD - [2012/01/19 23:35:34 | 003,767,792 | ---- | M] () -- C:\Users\Eddie Sanchez\AppData\Local\Google\Chrome\Application\16.0.912.77\pdf.dll
MOD - [2012/01/19 23:34:10 | 000,122,880 | ---- | M] () -- C:\Users\Eddie Sanchez\AppData\Local\Google\Chrome\Application\16.0.912.77\avutil-51.dll
MOD - [2012/01/19 23:34:09 | 000,222,208 | ---- | M] () -- C:\Users\Eddie Sanchez\AppData\Local\Google\Chrome\Application\16.0.912.77\avformat-53.dll
MOD - [2012/01/19 23:34:07 | 001,746,432 | ---- | M] () -- C:\Users\Eddie Sanchez\AppData\Local\Google\Chrome\Application\16.0.912.77\avcodec-53.dll
MOD - [2012/01/19 20:14:40 | 008,593,056 | ---- | M] () -- C:\Users\Eddie Sanchez\AppData\Local\Google\Chrome\Application\16.0.912.77\gcswf32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011/11/28 12:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/11/09 21:11:32 | 000,204,288 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/01/14 05:28:08 | 000,076,888 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/01/05 00:11:32 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/05/20 12:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2011/02/22 14:14:40 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2011/02/22 14:14:34 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/12/14 18:17:12 | 000,128,928 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2010/09/14 05:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/09/14 05:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/03/18 15:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011/12/10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/11/28 11:54:06 | 000,591,192 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011/11/28 11:53:58 | 000,304,472 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011/11/28 11:52:22 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011/11/28 11:52:20 | 000,058,712 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011/11/28 11:52:11 | 000,066,904 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011/11/28 11:51:53 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011/11/09 21:45:30 | 010,567,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2011/11/09 21:45:30 | 010,567,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/11/09 20:12:44 | 000,325,632 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/10/17 11:40:50 | 000,093,712 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/10/07 06:23:46 | 000,283,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2011/09/13 06:30:08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/08/08 06:08:58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/07/11 01:14:36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011/07/11 01:14:08 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/07/11 01:14:06 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/07/11 01:14:06 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011/05/20 11:53:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/04/14 21:08:26 | 012,228,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/04/08 05:00:06 | 000,312,624 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mvs91xx.sys -- (mvs91xx)
DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/14 21:19:56 | 000,412,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink
DRV:64bit: - [2011/02/07 23:30:52 | 000,064,512 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011/02/07 23:30:52 | 000,039,936 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2010/11/20 21:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 21:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 21:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/19 18:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010/09/14 05:45:52 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010/09/14 05:45:50 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010/09/14 05:45:48 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010/09/14 05:45:44 | 000,760,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2009/11/17 17:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 14:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/06/10 14:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/02/04 20:42:05 | 000,061,440 | ---- | M] () [Kernel | Boot | Stopped] -- C:\Windows\system32\drivers\nzjn.sys -- (dykmi)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Eddie Sanchez\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Eddie Sanchez\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/02/04 12:49:56 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Eddie Sanchez\AppData\Local\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Eddie Sanchez\AppData\Local\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Eddie Sanchez\AppData\Local\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Eddie Sanchez\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: AVG Safe Search = C:\Users\Eddie Sanchez\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\
CHR - Extension: Bitdefender QuickScan = C:\Users\Eddie Sanchez\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.106_0\
O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [Cleanup] C:\cleanup.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5F6CE47A-88F7-429B-9588-EF5A5177210F}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/02/04 21:02:15 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Eddie Sanchez\Desktop\OTL.exe
[2012/02/04 15:50:01 | 000,000,000 | -HSD | C] -- C:\found.002
[2012/02/04 15:23:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/02/04 15:01:06 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\AppData\Roaming\Malwarebytes
[2012/02/04 15:01:04 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/02/04 15:01:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/02/04 15:01:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/02/04 15:01:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/02/04 14:40:13 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\Pavark
[2012/02/04 14:23:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\stinger
[2012/02/04 14:17:52 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\AppData\Local\ElevatedDiagnostics
[2012/02/04 12:50:29 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/02/04 12:50:29 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\AppData\Roaming\AVG2012
[2012/02/04 12:49:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2012
[2012/02/04 12:49:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2012/02/04 12:49:53 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2012/02/04 12:49:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG
[2012/02/04 12:49:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2012/02/04 12:47:33 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012/02/04 12:43:24 | 000,000,000 | -HSD | C] -- C:\found.001
[2012/02/04 12:40:11 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\AppData\Roaming\QuickScan
[2012/02/04 11:45:07 | 000,591,192 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/02/04 11:45:07 | 000,304,472 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/02/04 11:45:07 | 000,066,904 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/02/04 11:45:07 | 000,058,712 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/02/04 11:45:07 | 000,042,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2012/02/04 11:45:07 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/02/04 11:45:04 | 000,199,816 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/02/04 11:45:04 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/02/04 11:05:20 | 000,000,000 | -HSD | C] -- C:\found.000
[2012/01/30 20:25:39 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\AppData\Local\THQ
[2012/01/30 00:48:48 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\Desktop\wp101
[2012/01/27 17:19:42 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\Documents\SavedGames
[2012/01/27 17:19:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2012/01/26 22:28:26 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\Desktop\wp100
[2012/01/25 22:28:16 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\Documents\Dust
[2012/01/25 22:24:54 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\AppData\Local\Ubisoft Game Launcher
[2012/01/25 22:24:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2012/01/24 22:43:07 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\Documents\4A Games
[2012/01/24 22:41:06 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\AppData\Local\4A Games
[2012/01/24 08:59:09 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\AppData\Local\ArmA 2 OA
[2012/01/24 08:58:37 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\Documents\ArmA 2
[2012/01/24 08:58:37 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\AppData\Local\ArmA 2
[2012/01/24 08:58:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bohemia Interactive
[2012/01/24 08:54:38 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
[2012/01/24 08:54:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
[2012/01/23 22:26:11 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\Documents\Orcs Must Die
[2012/01/17 16:44:36 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\AppData\Local\ESN Sonar
[2012/01/16 03:49:26 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\Documents\Criterion Games
[2012/01/14 17:42:04 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\AppData\Local\Fallout3
[2012/01/14 17:08:41 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012/01/14 05:23:36 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\Documents\Battlefield 3
[2012/01/14 05:23:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins
[2012/01/14 05:21:52 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2012/01/14 04:40:48 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[2012/01/14 00:37:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2012/01/14 00:37:14 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\AppData\Roaming\Origin
[2012/01/14 00:37:14 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\AppData\Local\Origin
[2012/01/14 00:37:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2012/01/14 00:36:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2012/01/14 00:36:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2012/01/14 00:36:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2012/01/13 22:20:46 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\AppData\Local\PunkBuster
[2012/01/13 22:20:42 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\Documents\BFBC2
[2012/01/10 15:47:23 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\AppData\Roaming\gtk-2.0
[2012/01/10 15:47:19 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\.thumbnails
[2012/01/10 15:45:39 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\Documents\gegl-0.0
[2012/01/10 15:45:39 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\.gimp-2.6
[2012/01/10 15:45:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP
[2012/01/10 15:45:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIMP-2.0
[2012/01/09 22:56:45 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012/01/09 16:51:36 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\AppData\Roaming\WinRAR
[2012/01/09 16:51:36 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/01/09 16:51:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/01/09 16:51:24 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012/01/09 16:48:39 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\Documents\LOLReplay
[2012/01/09 16:48:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LOLReplay
[2012/01/07 14:31:29 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012/01/07 14:29:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012/01/07 14:29:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2012/01/07 14:29:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2012/01/07 14:29:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2012/01/07 14:28:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2012/01/07 14:28:26 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012/01/07 14:28:21 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012/01/07 11:56:01 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\riotsGamesLogs
[2012/01/07 11:55:27 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\AppData\Roaming\LolClient
[2012/01/07 07:17:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/01/07 07:16:07 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\AppData\Roaming\fltk.org
[2012/01/07 07:16:07 | 000,000,000 | ---D | C] -- C:\ProgramData\fltk.org
[2012/01/07 07:16:06 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\Documents\Amnesia
[2012/01/07 03:07:27 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/01/06 21:38:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012/01/06 19:28:52 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\AppData\Local\dxhr
[2012/01/06 19:26:38 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\AppData\Local\28050
[2012/01/06 19:12:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
[2012/01/06 19:12:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2012/01/06 19:12:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2012/01/06 18:07:10 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\stalker-shoc
[2012/01/06 03:34:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)
[2012/01/05 23:43:04 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications
[2012/01/05 21:32:55 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\AppData\Roaming\SoftGrid Client
[2012/01/05 21:32:55 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\AppData\Local\SoftGrid Client
[2012/01/05 21:32:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/01/05 21:32:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Application Virtualization Client
[2012/01/05 21:32:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012/01/05 21:32:21 | 000,000,000 | ---D | C] -- C:\Users\Eddie Sanchez\AppData\Roaming\TP
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/02/04 21:02:40 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Eddie Sanchez\Desktop\OTL.exe
[2012/02/04 20:47:21 | 001,451,602 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/02/04 20:47:21 | 000,384,588 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/02/04 20:47:21 | 000,005,372 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/02/04 20:43:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/04 20:43:08 | 4226,158,590 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/04 20:42:05 | 000,135,168 | ---- | M] () -- C:\zip.exe
[2012/02/04 20:42:05 | 000,061,440 | ---- | M] () -- C:\Windows\SysWow64\drivers\nzjn.sys
[2012/02/04 20:42:05 | 000,019,286 | ---- | M] () -- C:\cleanup.exe
[2012/02/04 20:42:05 | 000,000,574 | ---- | M] () -- C:\cleanup.bat
[2012/02/04 15:23:26 | 000,001,841 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/02/04 15:23:26 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/02/04 15:01:04 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/04 12:50:01 | 000,000,234 | ---- | M] () -- C:\Windows\tasks\SidebarExecute.job
[2012/02/04 12:49:56 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/02/04 12:49:55 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2012/02/04 12:49:55 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2012/02/04 12:49:54 | 000,450,379 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/02/04 11:26:34 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/04 11:26:34 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/04 11:05:57 | 000,010,672 | ---- | M] () -- C:\bootsqm.dat
[2012/02/04 02:44:37 | 000,000,221 | ---- | M] () -- C:\Users\Eddie Sanchez\Desktop\Dead Island.url
[2012/02/04 02:40:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1317652663-3508349408-3952027041-1001UA.job
[2012/02/04 00:40:41 | 000,000,221 | ---- | M] () -- C:\Users\Eddie Sanchez\Desktop\Section 8 Prejudice.url
[2012/02/01 14:54:02 | 000,001,997 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
[2012/01/31 22:40:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1317652663-3508349408-3952027041-1001Core.job
[2012/01/31 17:52:25 | 000,282,864 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/01/31 17:52:25 | 000,282,864 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/01/31 17:52:05 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/01/29 04:12:47 | 003,095,993 | ---- | M] () -- C:\Users\Eddie Sanchez\Desktop\[bleep] Everything.gif
[2012/01/28 01:58:34 | 000,013,064 | ---- | M] () -- C:\Users\Eddie Sanchez\.recently-used.xbel
[2012/01/27 17:11:15 | 000,000,221 | ---- | M] () -- C:\Users\Eddie Sanchez\Desktop\DETOUR.url
[2012/01/27 15:05:37 | 002,093,767 | ---- | M] () -- C:\Users\Eddie Sanchez\Desktop\WhichSeat.gif
[2012/01/26 22:35:17 | 001,158,388 | ---- | M] () -- C:\Users\Eddie Sanchez\Desktop\HorrorList.jpg
[2012/01/24 12:35:32 | 000,002,443 | ---- | M] () -- C:\Users\Eddie Sanchez\Desktop\Google Chrome.lnk
[2012/01/23 21:27:19 | 000,000,222 | ---- | M] () -- C:\Users\Eddie Sanchez\Desktop\Orcs Must Die! Demo.url
[2012/01/23 19:24:54 | 000,503,572 | ---- | M] () -- C:\Users\Eddie Sanchez\Desktop\Cocaine.gif
[2012/01/23 19:06:19 | 000,769,688 | ---- | M] () -- C:\Users\Eddie Sanchez\Desktop\Colors.jpg
[2012/01/23 18:23:50 | 000,064,275 | ---- | M] () -- C:\Users\Eddie Sanchez\Desktop\Nipples.jpg
[2012/01/23 00:27:05 | 000,066,790 | ---- | M] () -- C:\Users\Eddie Sanchez\Desktop\Lol.jpg
[2012/01/22 11:58:13 | 001,938,290 | ---- | M] () -- C:\Users\Eddie Sanchez\Desktop\replay_12-01-22_11-40-18.lrf
[2012/01/22 11:31:20 | 000,242,565 | ---- | M] () -- C:\Users\Eddie Sanchez\Desktop\Real Hero.jpg
[2012/01/14 05:28:08 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/01/14 04:40:48 | 000,001,174 | ---- | M] () -- C:\Users\Eddie Sanchez\Desktop\Battlefield 3.lnk
[2012/01/13 22:19:58 | 002,434,856 | ---- | M] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2012/01/07 03:07:30 | 000,743,066 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/02/04 20:42:05 | 000,135,168 | ---- | C] () -- C:\zip.exe
[2012/02/04 20:42:05 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\nzjn.sys
[2012/02/04 20:42:05 | 000,019,286 | ---- | C] () -- C:\cleanup.exe
[2012/02/04 20:42:05 | 000,000,574 | ---- | C] () -- C:\cleanup.bat
[2012/02/04 15:01:04 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/04 12:50:01 | 000,000,234 | ---- | C] () -- C:\Windows\tasks\SidebarExecute.job
[2012/02/04 12:49:56 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/02/04 12:49:55 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2012/02/04 12:49:55 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2012/02/04 11:45:07 | 000,001,841 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/02/04 11:05:57 | 000,010,672 | ---- | C] () -- C:\bootsqm.dat
[2012/02/04 02:44:37 | 000,000,221 | ---- | C] () -- C:\Users\Eddie Sanchez\Desktop\Dead Island.url
[2012/02/04 00:40:41 | 000,000,221 | ---- | C] () -- C:\Users\Eddie Sanchez\Desktop\Section 8 Prejudice.url
[2012/01/29 04:12:50 | 003,095,993 | ---- | C] () -- C:\Users\Eddie Sanchez\Desktop\[bleep] Everything.gif
[2012/01/28 01:58:34 | 000,013,064 | ---- | C] () -- C:\Users\Eddie Sanchez\.recently-used.xbel
[2012/01/27 17:11:15 | 000,000,221 | ---- | C] () -- C:\Users\Eddie Sanchez\Desktop\DETOUR.url
[2012/01/27 15:05:43 | 002,093,767 | ---- | C] () -- C:\Users\Eddie Sanchez\Desktop\WhichSeat.gif
[2012/01/27 10:52:34 | 000,450,379 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/01/26 22:35:26 | 001,158,388 | ---- | C] () -- C:\Users\Eddie Sanchez\Desktop\HorrorList.jpg
[2012/01/23 21:27:19 | 000,000,222 | ---- | C] () -- C:\Users\Eddie Sanchez\Desktop\Orcs Must Die! Demo.url
[2012/01/23 19:25:01 | 000,503,572 | ---- | C] () -- C:\Users\Eddie Sanchez\Desktop\Cocaine.gif
[2012/01/23 19:06:26 | 000,769,688 | ---- | C] () -- C:\Users\Eddie Sanchez\Desktop\Colors.jpg
[2012/01/23 18:23:59 | 000,064,275 | ---- | C] () -- C:\Users\Eddie Sanchez\Desktop\Nipples.jpg
[2012/01/23 00:27:08 | 000,066,790 | ---- | C] () -- C:\Users\Eddie Sanchez\Desktop\Lol.jpg
[2012/01/22 11:58:13 | 001,938,290 | ---- | C] () -- C:\Users\Eddie Sanchez\Desktop\replay_12-01-22_11-40-18.lrf
[2012/01/22 11:31:22 | 000,242,565 | ---- | C] () -- C:\Users\Eddie Sanchez\Desktop\Real Hero.jpg
[2012/01/14 04:40:48 | 000,001,174 | ---- | C] () -- C:\Users\Eddie Sanchez\Desktop\Battlefield 3.lnk
[2012/01/13 22:20:51 | 000,282,864 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/01/13 22:20:00 | 000,282,864 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/01/13 22:20:00 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/01/13 22:19:58 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2012/01/13 22:19:58 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/01/09 16:48:38 | 000,001,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
[2012/01/05 21:32:30 | 000,743,066 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/12/24 05:34:03 | 013,359,616 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/12/24 05:34:03 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/12/24 05:34:03 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/12/24 05:34:03 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/12/24 05:34:03 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/11/09 22:39:44 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011/11/09 22:39:32 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/11/09 20:36:06 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011/11/09 20:36:06 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011/10/25 23:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011/09/12 17:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/03/01 16:29:29 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/08/07 19:51:34 | 000,178,430 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009/07/13 23:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 20:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 20:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 18:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 17:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 15:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 15:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
========== LOP Check ==========
[2012/02/04 12:50:29 | 000,000,000 | ---D | M] -- C:\Users\Eddie Sanchez\AppData\Roaming\AVG2012
[2012/01/07 07:16:07 | 000,000,000 | ---D | M] -- C:\Users\Eddie Sanchez\AppData\Roaming\fltk.org
[2012/01/28 01:58:34 | 000,000,000 | ---D | M] -- C:\Users\Eddie Sanchez\AppData\Roaming\gtk-2.0
[2012/01/07 11:55:27 | 000,000,000 | ---D | M] -- C:\Users\Eddie Sanchez\AppData\Roaming\LolClient
[2012/01/14 01:02:23 | 000,000,000 | ---D | M] -- C:\Users\Eddie Sanchez\AppData\Roaming\Origin
[2012/02/04 15:21:30 | 000,000,000 | ---D | M] -- C:\Users\Eddie Sanchez\AppData\Roaming\QuickScan
[2012/01/10 00:03:45 | 000,000,000 | ---D | M] -- C:\Users\Eddie Sanchez\AppData\Roaming\SoftGrid Client
[2012/01/05 21:32:59 | 000,000,000 | ---D | M] -- C:\Users\Eddie Sanchez\AppData\Roaming\TP
[2012/01/04 00:17:28 | 000,000,000 | ---D | M] -- C:\Users\Eddie Sanchez\AppData\Roaming\TS3Client
[2012/01/03 11:06:21 | 000,000,000 | ---D | M] -- C:\Users\Eddie Sanchez\AppData\Roaming\ts3overlay
[2012/01/20 20:48:49 | 000,029,314 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/02/04 12:50:01 | 000,000,234 | ---- | M] () -- C:\Windows\Tasks\SidebarExecute.job
========== Purity Check ==========
< End of report >
Extras:
OTL Extras logfile created on: 2/4/2012 9:09:57 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Eddie Sanchez\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
15.91 Gb Total Physical Memory | 14.56 Gb Available Physical Memory | 91.48% Memory free
31.83 Gb Paging File | 30.52 Gb Available in Paging File | 95.89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 643.29 Gb Free Space | 69.07% Space Free | Partition Type: NTFS
Computer Name: BLACKWATER | User Name: Eddie Sanchez | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0BD776F3-057D-4C11-020C-4FA9B13D04F9}" = AMD Catalyst Install Manager
"{463FB535-67FB-17C9-6FD6-164BC60462F6}" = ccc-utility64
"{4D533F05-A3F6-F8A9-F1F6-FA6812089D36}" = AMD Drag and Drop Transcoding
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7BE6B345-6BD9-492E-A440-A32D12AB2EF3}" = AVG 2012
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A6FE29A0-622B-2763-88AA-D1E084F77CD9}" = AMD Media Foundation Decoders
"{C91DCB72-F5BB-410D-A91A-314F5D1B4284}" = Broadcom Gigabit NetLink Controller
"{D050583D-5CEC-47B1-88AA-8B328CAA8621}" = AVG 2012
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"AVG" = AVG 2012
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"WinRAR archiver" = WinRAR 4.01 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}" = Microsoft Games for Windows - LIVE Redistributable
"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{347151C4-7F16-B275-8865-CC6B64056D3F}" = Catalyst Control Center Graphics Previews Common
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{62AEBBB6-8314-7902-B3DA-1690F97DFA74}" = CCC Help English
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C01AE05C-3C8C-75B3-C9F0-1B525DD3697C}" = Catalyst Control Center InstallProxy
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F112F66E-25CA-42DD-983C-6118EB38F606}" = Microsoft Games for Windows - LIVE
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F865B0B5-0D43-2704-0B22-35C5F721374B}" = Catalyst Control Center
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"avast" = avast! Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"BattlEye for A2" = BattlEye Uninstall
"BattlEye for OA" = BattlEye for OA Uninstall
"ESN Sonar-0.70.4" = ESN Sonar
"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"LOLReplay" = LOLReplay
"MagniDriver" = marvell 91xx driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Steam App 102610" = Orcs Must Die! Demo
"Steam App 105600" = Terraria
"Steam App 1250" = Killing Floor
"Steam App 12900" = Audiosurf
"Steam App 15620" = Warhammer® 40,000™: Dawn of War® II
"Steam App 17410" = Mirror's Edge
"Steam App 202710" = Demigod
"Steam App 20500" = Red Faction: Guerrilla
"Steam App 20570" = Warhammer® 40,000™: Dawn of War® II – Chaos Rising™
"Steam App 220" = Half-Life 2
"Steam App 22120" = Penumbra: Black Plague
"Steam App 22140" = Penumbra: Requiem
"Steam App 22230" = Rock of Ages
"Steam App 22300" = Fallout 3
"Steam App 240" = Counter-Strike: Source
"Steam App 24960" = Battlefield: Bad Company 2
"Steam App 28050" = Deus Ex: Human Revolution
"Steam App 33460" = From Dust
"Steam App 33900" = ARMA 2
"Steam App 33930" = ARMA 2: Operation Arrowhead
"Steam App 380" = Half-Life 2: Episode One
"Steam App 39800" = Nation Red
"Steam App 4000" = Garry's Mod
"Steam App 40100" = Supreme Commander 2
"Steam App 420" = Half-Life 2: Episode Two
"Steam App 42910" = Magicka
"Steam App 43110" = Metro 2033
"Steam App 440" = Team Fortress 2
"Steam App 4500" = S.T.A.L.K.E.R.: Shadow of Chernobyl
"Steam App 4540" = Titan Quest
"Steam App 4550" = Titan Quest: Immortal Throne
"Steam App 47870" = Need for Speed: Hot Pursuit
"Steam App 500" = Left 4 Dead
"Steam App 50620" = Darksiders
"Steam App 550" = Left 4 Dead 2
"Steam App 55100" = Homefront
"Steam App 55150" = Warhammer 40,000 Space Marine
"Steam App 56400" = Warhammer® 40,000®: Dawn of War® II – Retribution™
"Steam App 57300" = Amnesia: The Dark Descent
"Steam App 65800" = Dungeon Defenders
"Steam App 8980" = Borderlands
"Steam App 91310" = Dead Island
"Steam App 91600" = Sanctum
"Steam App 92100" = DETOUR
"Steam App 9350" = Supreme Commander
"Steam App 9420" = Supreme Commander: Forged Alliance
"Steam App 9480" = Saints Row 2
"Steam App 95900" = Air Conflicts - Secret Wars
"Steam App 97100" = Section 8: Prejudice
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >