[Brandon Jorgensen]

I was recommended to this site by someone from a different forum, and i was hoping you guys could be of more help.

Well this is my problem,
my browser works fine but all other programs cannot connect to the internet (i.e. Steam, NMM[nexus mod manager], online games etc.) also windows firewall gives me error code 0xd69 and 0x80070424.

ive tried AV scans and windows repairs but none of them worked. i cant get windows to update either.
I tried doing what it says here http://answers.micro...03-4b745fe6e8ee but the BFE file doent show up in regedit so that doesnt really help me unless im missing something.

any help would be greatly appreciated. ill comply with any info requests to the best of my knowledge/ability.

EDIT: A few guys from the other forum have confirmed that its a rootkit. any help in removing it or pointing me in the right direction on learning how to remove it would be a huge help.

Edited by Brandon Jorgensen, 18 February 2012 - 05:47 PM.

[Advertisements]

Hi and welcome to GeeksToGo! Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any queries or you are unsure about anything, just say and I'll help you out

It may well be worth you printing/saving the instructions throughout the fix, so you have them to hand just in case you are unable to access this site.

Please note:

• Remember to post your logs, not attach them. So, any logs from any programs we run, should be just 'copied & pasted' into your reply.
• Please only run the tools that I request. I know malware can be frustrating but running other tools in the meantime and between posts, only makes it harder for us to analyse and fix your PC in the long run.
• Please subscribe to this topic if you have not already done so. Please check back just in case, as the email system can fail at times.
• Just because your machine is running better does not mean it is completely cleaned. Please wait for the 'all clear' from me to say when we are done.
• Please reply within 3 days to be fair to other people asking for help.
• Please tell me if you have your original Windows CD/DVD available
• When in doubt, please stop and ask first. There's no harm in asking questions!

If you have since resolved the original problem you were having, I would appreciate you letting me know. If not please perform the following steps below so I can have a look at the current condition of your machine.

• Please download aswMBR.exe to your desktop.
• Double click the aswMBR.exe to run it.
  
  
  
• When asked if you want to download Avast's virus definitions please select Yes.
• Click the Scan button to start scan.
  
  
  
• On completion of the scan click Save log, save it to your desktop and post in your next reply.
• Also on Desktop there should be a file called MBR.dat after that, zip it and then attach it here

How to add an attachment to a new topic or reply

[Render]

Hi and welcome to GeeksToGo! Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any queries or you are unsure about anything, just say and I'll help you out

It may well be worth you printing/saving the instructions throughout the fix, so you have them to hand just in case you are unable to access this site.

Please note:

• Remember to post your logs, not attach them. So, any logs from any programs we run, should be just 'copied & pasted' into your reply.
• Please only run the tools that I request. I know malware can be frustrating but running other tools in the meantime and between posts, only makes it harder for us to analyse and fix your PC in the long run.
• Please subscribe to this topic if you have not already done so. Please check back just in case, as the email system can fail at times.
• Just because your machine is running better does not mean it is completely cleaned. Please wait for the 'all clear' from me to say when we are done.
• Please reply within 3 days to be fair to other people asking for help.
• Please tell me if you have your original Windows CD/DVD available
• When in doubt, please stop and ask first. There's no harm in asking questions!

If you have since resolved the original problem you were having, I would appreciate you letting me know. If not please perform the following steps below so I can have a look at the current condition of your machine.

• Please download aswMBR.exe to your desktop.
• Double click the aswMBR.exe to run it.
  
  
  
• When asked if you want to download Avast's virus definitions please select Yes.
• Click the Scan button to start scan.
  
  
  
• On completion of the scan click Save log, save it to your desktop and post in your next reply.
• Also on Desktop there should be a file called MBR.dat after that, zip it and then attach it here

How to add an attachment to a new topic or reply

[Brandon Jorgensen]

aswMBR version 0.9.9.1618 Copyright© 2011 AVAST Software
Run date: 2012-02-20 11:06:14
-----------------------------
11:06:14.046 OS Version: Windows x64 6.1.7601 Service Pack 1
11:06:14.046 Number of processors: 4 586 0x100
11:06:14.046 ComputerName: BRANDON-HP UserName: Brandon
11:06:22.299 Initialize success
11:06:31.457 AVAST engine defs: 12022001
11:06:33.829 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000071
11:06:33.829 Disk 0 Vendor: Hitachi_ JEDO Size: 610480MB BusType: 11
11:06:33.907 Disk 0 MBR read successfully
11:06:33.907 Disk 0 MBR scan
11:06:33.922 Disk 0 Windows 7 default MBR code
11:06:33.938 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
11:06:33.969 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 592814 MB offset 409600
11:06:34.016 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17362 MB offset 1214492672
11:06:34.047 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 1250050048
11:06:34.063 Service scanning
11:08:08.019 Modules scanning
11:08:08.019 Disk 0 trace - called modules:
11:08:08.034
11:08:09.875 AVAST engine scan C:\Windows
11:08:14.867 AVAST engine scan C:\Windows\system32
11:15:49.546 AVAST engine scan C:\Windows\system32\drivers
11:16:20.683 AVAST engine scan C:\Users\Brandon
11:21:02.935 File: C:\Users\Brandon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DC62FVQP\ikeses[1].exe **INFECTED** Win32:AutoIt-AMG [Trj]
11:29:26.347 AVAST engine scan C:\ProgramData
11:31:13.925 Scan finished successfully
11:31:31.974 Disk 0 MBR has been saved successfully to "C:\Users\Brandon\Desktop\MBR.dat"
11:31:31.990 The log file has been saved successfully to "C:\Users\Brandon\Desktop\aswMBR.txt"


It wont let me attach the dat file. it says im not permitted to upload this kind of file. i have it in rar format. does it need to be zip?

[Render]

It wont let me attach the dat file. it says im not permitted to upload this kind of file. i have it in rar format. does it need to be zip?

Rename it from *.rar to *.zip and it will allow to upload it.

[Brandon Jorgensen]

ok got it, thanks. and thanks again for getting back to me right away

Attached Files

•  MBR.zip   579bytes   101 downloads

[Render]

Thank you. You are in normal or safe mode with networking? Is this laptop or desktop?

Do the following please (in normal mode if possible):

OTL Custom Scan

• Download OTL to your desktop.
• Double click on the icon to run it.
• Make sure all other windows are closed and to let it run uninterrupted.
• When the window appears, underneath Output at the top, make sure Stadard output is selected.
• Select Scan all users
• Under the Extra Registry section, check Use SafeList
• Check the boxes beside LOP Check and Purity Check.
• Under the Custom Scans/Fixes box copy and paste this in:
  
  

  netsvcs
  %SYSTEMDRIVE%\*.exe
  /md5start
  explorer.exe
  winlogon.exe
  userinit.exe
  svchost.exe
  consrv.dll
  /md5stop
  %systemroot%\*. /mp /s
  hklm\software\clients\startmenuinternet|command /rs
  hklm\software\clients\startmenuinternet|command /64 /rs
  CREATERESTOREPOINT

• Click the button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
• When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

[Brandon Jorgensen]

HP Pavilion dv6 laptop. I'm in normal mode now. but i can switch over if you need me to.

Extras.txt

OTL Extras logfile created on: 2/20/2012 12:45:22 PM - Run 1
OTL by OldTimer - Version 3.2.33.1 Folder = C:\Users\Brandon\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.48 Gb Total Physical Memory | 5.43 Gb Available Physical Memory | 72.63% Memory free
14.96 Gb Paging File | 12.19 Gb Available in Paging File | 81.51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 578.92 Gb Total Space | 252.24 Gb Free Space | 43.57% Space Free | Partition Type: NTFS
Drive D: | 16.96 Gb Total Space | 1.86 Gb Free Space | 10.95% Space Free | Partition Type: NTFS
Drive E: | 255.13 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 4.35 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: BRANDON-HP | User Name: Brandon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1788461633-239288871-556941257-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7BE6B345-6BD9-492E-A440-A32D12AB2EF3}" = AVG 2012
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Runtime 1.10.01
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro™ Titanium™
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C459FF28-B6DB-4C17-B54F-4175BF7F8D5B}" = AVG 2012
"{D050583D-5CEC-47B1-88AA-8B328CAA8621}" = AVG 2012
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager
"AVG" = AVG 2012
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EDEB615-1A60-425E-8306-0E10519C7B55}" = RoxioNow Player
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = HP MovieStore
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"{1CCF681C-C203-49B3-83F4-A54F0F944416}" = ASPCA Reminder by We-Care.com v5.0.5.1
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{210A03F5-B2ED-4947-B27E-516F50CBB292}" = HP Setup
"{2461E016-9FB4-B233-A74D-91D11A664342}" = CCC Help English
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java™ 6 Update 29
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{51002784-18FA-8FF9-9A1A-2468E7FCA096}" = Catalyst Control Center Graphics Previews Common
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{795AADBF-58C2-42D0-B779-E730702A247E}" = HP Connection Manager
"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE1746-9EFF-3C9C-8755-81EA8903AC34}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{872B1C80-38EC-4A31-A25C-980820593900}" = HP Power Manager
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}" = Ralink RT5390 802.11b/g/n WiFi Adapter
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MovieStore
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9368DDD5-CE7F-4BD7-A83A-F00FABE338EC}" = Blio
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B9B8EE4-2EDB-41C2-AF2E-63E75D37CDDF}" = HP On Screen Display
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.2) MUI
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{BCFAA37D-A6DB-43BF-A351-43F183E52D07}" = HP SimplePass 2011
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C1C82DC9-1547-4038-8F0A-C069F0B7F2ED}" = AMD System Monitor
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{C454E7DD-A09A-6D06-7FF9-59753475FC09}" = AMD VISION Engine Control Center
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE23BD08-F6FD-3337-D8BC-5B55E69263A5}" = Catalyst Control Center InstallProxy
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA109884-7CDC-5F21-5F0B-742AA74F84E1}" = Catalyst Control Center Localization All
"{DBCD5E64-7379-4648-9444-8A6558DCB614}" = Recovery Manager
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX
"{E19490CD-5380-4F37-B0A7-624D635605DC}" = Catalyst Control Center - Branding
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E92D47A1-D27D-430A-8368-0BAFD956507D}" = HP Support Assistant
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{EB58480C-0721-483C-B354-9D35A147999F}" = HP Quick Launch
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.2
"{F8070C51-4B1D-430C-8BCF-19696368366F}" = HP Software Framework
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"Battlelog Web Plugins" = Battlelog Web Plugins
"BitTorrent" = BitTorrent
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dynasty Warriors Online" = Dynasty Warriors Online
"EasyBits Magic Desktop" = Magic Desktop
"ESN Sonar-0.70.4" = ESN Sonar
"Game Booster_is1" = Game Booster 3
"Guild Wars" = Guild Wars
"HP DVB-T TV Tuner" = HP DVB-T TV Tuner 8.0.64.43
"HunterBlade" = HunterBlade 0.050413
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"Katawa Shoujo" = Katawa Shoujo
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 10.0.2 (x86 en-US)" = Mozilla Firefox 10.0.2 (x86 en-US)
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"Origin" = Origin
"pcsx2-r4600" = PCSX2 - Playstation 2 Emulator
"PunkBusterSvc" = PunkBuster Services
"Searchqu 421 MediaBar" = Windows Searchqu Toolbar
"Smart Defrag 2_is1" = Smart Defrag 2
"Steam App 201870" = Assassin's Creed Revelations
"Steam App 202480" = Creation Kit
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 8980" = Borderlands
"Trusted Software Assistant_is1" = File Type Assistant
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"WT087328" = Blackhawk Striker 2
"WT087330" = Bounce Symphony
"WT087335" = Build-a-lot 2
"WT087343" = Dora's World Adventure
"WT087393" = Mah Jong Medley
"WT087394" = Penguins!
"WT087395" = Poker Superstars III
"WT087396" = Polar Bowler
"WT087397" = Polar Golfer
"WT087415" = Wheel of Fortune 2
"WT087536" = Diner Dash 2 Restaurant Rescue
"WT089307" = Virtual Villagers 4 - The Tree of Life
"WT089308" = Blasterball 3
"WT089328" = Farm Frenzy
"WT089359" = Cake Mania
"WT089362" = Agatha Christie - Peril at End House
"WT089453" = Bejeweled 2 Deluxe
"WT089454" = Chuzzle Deluxe
"WT089455" = Zuma Deluxe
"WT089457" = Slingo Supreme
"WT089458" = Plants vs. Zombies - Game of the Year
"WT089470" = FATE - The Traitor Soul
"WT089484" = Namco All-Stars PAC-MAN
"WT089496" = Mystery P.I. - Stolen in San Francisco
"WT089498" = Bejeweled 3
"Xfire" = Xfire (remove only)
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1788461633-239288871-556941257-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2/14/2012 1:20:54 PM | Computer Name = Brandon-HP | Source = WinMgmt | ID = 10
Description =

Error - 2/14/2012 1:30:00 PM | Computer Name = Brandon-HP | Source = WinMgmt | ID = 10
Description =

Error - 2/14/2012 4:27:22 PM | Computer Name = Brandon-HP | Source = WinMgmt | ID = 10
Description =

Error - 2/14/2012 4:51:40 PM | Computer Name = Brandon-HP | Source = WinMgmt | ID = 10
Description =

Error - 2/14/2012 5:59:20 PM | Computer Name = Brandon-HP | Source = WinMgmt | ID = 10
Description =

Error - 2/14/2012 6:04:21 PM | Computer Name = Brandon-HP | Source = WinMgmt | ID = 10
Description =

Error - 2/14/2012 6:30:29 PM | Computer Name = Brandon-HP | Source = WinMgmt | ID = 10
Description =

Error - 2/14/2012 6:37:35 PM | Computer Name = Brandon-HP | Source = WinMgmt | ID = 10
Description =

Error - 2/14/2012 8:07:37 PM | Computer Name = Brandon-HP | Source = WinMgmt | ID = 10
Description =

Error - 2/14/2012 9:01:08 PM | Computer Name = Brandon-HP | Source = WinMgmt | ID = 10
Description =

[ HP Connection Manager Events ]
Error - 2/17/2012 6:21:01 PM | Computer Name = Brandon-HP | Source = hpCMSrv | ID = 5
Description = 2012/02/17 16:21:01.199|0000109C|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 2/17/2012 6:38:18 PM | Computer Name = Brandon-HP | Source = hpCMSrv | ID = 5
Description = 2012/02/17 16:38:18.024|000015F8|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 2/17/2012 6:38:24 PM | Computer Name = Brandon-HP | Source = hpCMSrv | ID = 5
Description = 2012/02/17 16:38:24.810|000015F8|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 2/17/2012 6:54:04 PM | Computer Name = Brandon-HP | Source = hpCMSrv | ID = 5
Description = 2012/02/17 16:54:04.610|00001BF4|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 2/17/2012 7:06:52 PM | Computer Name = Brandon-HP | Source = hpCMSrv | ID = 5
Description = 2012/02/17 17:06:52.784|00000B24|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 2/17/2012 7:12:14 PM | Computer Name = Brandon-HP | Source = hpCMSrv | ID = 5
Description = 2012/02/17 17:12:14.947|00001574|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 2/17/2012 7:35:04 PM | Computer Name = Brandon-HP | Source = hpCMSrv | ID = 5
Description = 2012/02/17 17:35:04.901|0000116C|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 2/17/2012 7:35:14 PM | Computer Name = Brandon-HP | Source = hpCMSrv | ID = 5
Description = 2012/02/17 17:35:14.307|0000116C|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 2/18/2012 12:05:25 PM | Computer Name = Brandon-HP | Source = hpCMSrv | ID = 5
Description = 2012/02/18 10:05:25.797|00000BAC|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 2/18/2012 12:05:29 PM | Computer Name = Brandon-HP | Source = hpCMSrv | ID = 5
Description = 2012/02/18 10:05:29.837|00000BAC|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

[ System Events ]
Error - 2/14/2012 8:07:05 PM | Computer Name = Brandon-HP | Source = Service Control Manager | ID = 7003
Description = The IPsec Policy Agent service depends the following service: BFE.
This service might not be installed.

Error - 2/14/2012 8:07:55 PM | Computer Name = Brandon-HP | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.

Error - 2/14/2012 9:00:57 PM | Computer Name = Brandon-HP | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1060

Error - 2/14/2012 9:01:00 PM | Computer Name = Brandon-HP | Source = Service Control Manager | ID = 7003
Description = The IKE and AuthIP IPsec Keying Modules service depends the following
service: BFE. This service might not be installed.

Error - 2/14/2012 9:01:02 PM | Computer Name = Brandon-HP | Source = Service Control Manager | ID = 7003
Description = The IPsec Policy Agent service depends the following service: BFE.
This service might not be installed.

Error - 2/14/2012 9:01:49 PM | Computer Name = Brandon-HP | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.

Error - 2/14/2012 9:18:12 PM | Computer Name = Brandon-HP | Source = Service Control Manager | ID = 7003
Description = The IKE and AuthIP IPsec Keying Modules service depends the following
service: BFE. This service might not be installed.

Error - 2/14/2012 9:18:12 PM | Computer Name = Brandon-HP | Source = Service Control Manager | ID = 7003
Description = The IPsec Policy Agent service depends the following service: BFE.
This service might not be installed.

Error - 2/14/2012 9:18:14 PM | Computer Name = Brandon-HP | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1060

Error - 2/14/2012 9:18:57 PM | Computer Name = Brandon-HP | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.


< End of report >

OLT.txt

OTL Extras logfile created on: 2/20/2012 12:45:22 PM - Run 1
OTL by OldTimer - Version 3.2.33.1 Folder = C:\Users\Brandon\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.48 Gb Total Physical Memory | 5.43 Gb Available Physical Memory | 72.63% Memory free
14.96 Gb Paging File | 12.19 Gb Available in Paging File | 81.51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 578.92 Gb Total Space | 252.24 Gb Free Space | 43.57% Space Free | Partition Type: NTFS
Drive D: | 16.96 Gb Total Space | 1.86 Gb Free Space | 10.95% Space Free | Partition Type: NTFS
Drive E: | 255.13 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 4.35 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: BRANDON-HP | User Name: Brandon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1788461633-239288871-556941257-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7BE6B345-6BD9-492E-A440-A32D12AB2EF3}" = AVG 2012
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Runtime 1.10.01
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro™ Titanium™
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C459FF28-B6DB-4C17-B54F-4175BF7F8D5B}" = AVG 2012
"{D050583D-5CEC-47B1-88AA-8B328CAA8621}" = AVG 2012
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager
"AVG" = AVG 2012
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EDEB615-1A60-425E-8306-0E10519C7B55}" = RoxioNow Player
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = HP MovieStore
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"{1CCF681C-C203-49B3-83F4-A54F0F944416}" = ASPCA Reminder by We-Care.com v5.0.5.1
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{210A03F5-B2ED-4947-B27E-516F50CBB292}" = HP Setup
"{2461E016-9FB4-B233-A74D-91D11A664342}" = CCC Help English
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java™ 6 Update 29
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{51002784-18FA-8FF9-9A1A-2468E7FCA096}" = Catalyst Control Center Graphics Previews Common
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{795AADBF-58C2-42D0-B779-E730702A247E}" = HP Connection Manager
"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE1746-9EFF-3C9C-8755-81EA8903AC34}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{872B1C80-38EC-4A31-A25C-980820593900}" = HP Power Manager
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}" = Ralink RT5390 802.11b/g/n WiFi Adapter
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MovieStore
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9368DDD5-CE7F-4BD7-A83A-F00FABE338EC}" = Blio
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B9B8EE4-2EDB-41C2-AF2E-63E75D37CDDF}" = HP On Screen Display
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.2) MUI
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{BCFAA37D-A6DB-43BF-A351-43F183E52D07}" = HP SimplePass 2011
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C1C82DC9-1547-4038-8F0A-C069F0B7F2ED}" = AMD System Monitor
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{C454E7DD-A09A-6D06-7FF9-59753475FC09}" = AMD VISION Engine Control Center
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE23BD08-F6FD-3337-D8BC-5B55E69263A5}" = Catalyst Control Center InstallProxy
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA109884-7CDC-5F21-5F0B-742AA74F84E1}" = Catalyst Control Center Localization All
"{DBCD5E64-7379-4648-9444-8A6558DCB614}" = Recovery Manager
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX
"{E19490CD-5380-4F37-B0A7-624D635605DC}" = Catalyst Control Center - Branding
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E92D47A1-D27D-430A-8368-0BAFD956507D}" = HP Support Assistant
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{EB58480C-0721-483C-B354-9D35A147999F}" = HP Quick Launch
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.2
"{F8070C51-4B1D-430C-8BCF-19696368366F}" = HP Software Framework
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"Battlelog Web Plugins" = Battlelog Web Plugins
"BitTorrent" = BitTorrent
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dynasty Warriors Online" = Dynasty Warriors Online
"EasyBits Magic Desktop" = Magic Desktop
"ESN Sonar-0.70.4" = ESN Sonar
"Game Booster_is1" = Game Booster 3
"Guild Wars" = Guild Wars
"HP DVB-T TV Tuner" = HP DVB-T TV Tuner 8.0.64.43
"HunterBlade" = HunterBlade 0.050413
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"Katawa Shoujo" = Katawa Shoujo
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 10.0.2 (x86 en-US)" = Mozilla Firefox 10.0.2 (x86 en-US)
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"Origin" = Origin
"pcsx2-r4600" = PCSX2 - Playstation 2 Emulator
"PunkBusterSvc" = PunkBuster Services
"Searchqu 421 MediaBar" = Windows Searchqu Toolbar
"Smart Defrag 2_is1" = Smart Defrag 2
"Steam App 201870" = Assassin's Creed Revelations
"Steam App 202480" = Creation Kit
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 8980" = Borderlands
"Trusted Software Assistant_is1" = File Type Assistant
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"WT087328" = Blackhawk Striker 2
"WT087330" = Bounce Symphony
"WT087335" = Build-a-lot 2
"WT087343" = Dora's World Adventure
"WT087393" = Mah Jong Medley
"WT087394" = Penguins!
"WT087395" = Poker Superstars III
"WT087396" = Polar Bowler
"WT087397" = Polar Golfer
"WT087415" = Wheel of Fortune 2
"WT087536" = Diner Dash 2 Restaurant Rescue
"WT089307" = Virtual Villagers 4 - The Tree of Life
"WT089308" = Blasterball 3
"WT089328" = Farm Frenzy
"WT089359" = Cake Mania
"WT089362" = Agatha Christie - Peril at End House
"WT089453" = Bejeweled 2 Deluxe
"WT089454" = Chuzzle Deluxe
"WT089455" = Zuma Deluxe
"WT089457" = Slingo Supreme
"WT089458" = Plants vs. Zombies - Game of the Year
"WT089470" = FATE - The Traitor Soul
"WT089484" = Namco All-Stars PAC-MAN
"WT089496" = Mystery P.I. - Stolen in San Francisco
"WT089498" = Bejeweled 3
"Xfire" = Xfire (remove only)
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1788461633-239288871-556941257-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2/14/2012 1:20:54 PM | Computer Name = Brandon-HP | Source = WinMgmt | ID = 10
Description =

Error - 2/14/2012 1:30:00 PM | Computer Name = Brandon-HP | Source = WinMgmt | ID = 10
Description =

Error - 2/14/2012 4:27:22 PM | Computer Name = Brandon-HP | Source = WinMgmt | ID = 10
Description =

Error - 2/14/2012 4:51:40 PM | Computer Name = Brandon-HP | Source = WinMgmt | ID = 10
Description =

Error - 2/14/2012 5:59:20 PM | Computer Name = Brandon-HP | Source = WinMgmt | ID = 10
Description =

Error - 2/14/2012 6:04:21 PM | Computer Name = Brandon-HP | Source = WinMgmt | ID = 10
Description =

Error - 2/14/2012 6:30:29 PM | Computer Name = Brandon-HP | Source = WinMgmt | ID = 10
Description =

Error - 2/14/2012 6:37:35 PM | Computer Name = Brandon-HP | Source = WinMgmt | ID = 10
Description =

Error - 2/14/2012 8:07:37 PM | Computer Name = Brandon-HP | Source = WinMgmt | ID = 10
Description =

Error - 2/14/2012 9:01:08 PM | Computer Name = Brandon-HP | Source = WinMgmt | ID = 10
Description =

[ HP Connection Manager Events ]
Error - 2/17/2012 6:21:01 PM | Computer Name = Brandon-HP | Source = hpCMSrv | ID = 5
Description = 2012/02/17 16:21:01.199|0000109C|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 2/17/2012 6:38:18 PM | Computer Name = Brandon-HP | Source = hpCMSrv | ID = 5
Description = 2012/02/17 16:38:18.024|000015F8|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 2/17/2012 6:38:24 PM | Computer Name = Brandon-HP | Source = hpCMSrv | ID = 5
Description = 2012/02/17 16:38:24.810|000015F8|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 2/17/2012 6:54:04 PM | Computer Name = Brandon-HP | Source = hpCMSrv | ID = 5
Description = 2012/02/17 16:54:04.610|00001BF4|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 2/17/2012 7:06:52 PM | Computer Name = Brandon-HP | Source = hpCMSrv | ID = 5
Description = 2012/02/17 17:06:52.784|00000B24|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 2/17/2012 7:12:14 PM | Computer Name = Brandon-HP | Source = hpCMSrv | ID = 5
Description = 2012/02/17 17:12:14.947|00001574|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 2/17/2012 7:35:04 PM | Computer Name = Brandon-HP | Source = hpCMSrv | ID = 5
Description = 2012/02/17 17:35:04.901|0000116C|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 2/17/2012 7:35:14 PM | Computer Name = Brandon-HP | Source = hpCMSrv | ID = 5
Description = 2012/02/17 17:35:14.307|0000116C|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 2/18/2012 12:05:25 PM | Computer Name = Brandon-HP | Source = hpCMSrv | ID = 5
Description = 2012/02/18 10:05:25.797|00000BAC|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 2/18/2012 12:05:29 PM | Computer Name = Brandon-HP | Source = hpCMSrv | ID = 5
Description = 2012/02/18 10:05:29.837|00000BAC|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

[ System Events ]
Error - 2/14/2012 8:07:05 PM | Computer Name = Brandon-HP | Source = Service Control Manager | ID = 7003
Description = The IPsec Policy Agent service depends the following service: BFE.
This service might not be installed.

Error - 2/14/2012 8:07:55 PM | Computer Name = Brandon-HP | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.

Error - 2/14/2012 9:00:57 PM | Computer Name = Brandon-HP | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1060

Error - 2/14/2012 9:01:00 PM | Computer Name = Brandon-HP | Source = Service Control Manager | ID = 7003
Description = The IKE and AuthIP IPsec Keying Modules service depends the following
service: BFE. This service might not be installed.

Error - 2/14/2012 9:01:02 PM | Computer Name = Brandon-HP | Source = Service Control Manager | ID = 7003
Description = The IPsec Policy Agent service depends the following service: BFE.
This service might not be installed.

Error - 2/14/2012 9:01:49 PM | Computer Name = Brandon-HP | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.

Error - 2/14/2012 9:18:12 PM | Computer Name = Brandon-HP | Source = Service Control Manager | ID = 7003
Description = The IKE and AuthIP IPsec Keying Modules service depends the following
service: BFE. This service might not be installed.

Error - 2/14/2012 9:18:12 PM | Computer Name = Brandon-HP | Source = Service Control Manager | ID = 7003
Description = The IPsec Policy Agent service depends the following service: BFE.
This service might not be installed.

Error - 2/14/2012 9:18:14 PM | Computer Name = Brandon-HP | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1060

Error - 2/14/2012 9:18:57 PM | Computer Name = Brandon-HP | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.


< End of report >

[Render]

Hi,

Please post also content of OTL.txt.

AswMBR scan was made in normal or safe mode?

[Brandon Jorgensen]

I did add it in the first. wasnt sure if you meant in seperate replies or not. but the scan was in normal mode


OTL logfile created on: 2/20/2012 12:45:22 PM - Run 1
OTL by OldTimer - Version 3.2.33.1 Folder = C:\Users\Brandon\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.48 Gb Total Physical Memory | 5.43 Gb Available Physical Memory | 72.63% Memory free
14.96 Gb Paging File | 12.19 Gb Available in Paging File | 81.51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 578.92 Gb Total Space | 252.24 Gb Free Space | 43.57% Space Free | Partition Type: NTFS
Drive D: | 16.96 Gb Total Space | 1.86 Gb Free Space | 10.95% Space Free | Partition Type: NTFS
Drive E: | 255.13 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 4.35 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: BRANDON-HP | User Name: Brandon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/02/20 12:37:49 | 000,583,168 | ---- | M] (OldTimer Tools) -- C:\Users\Brandon\Downloads\OTL.exe
PRC - [2012/02/17 22:06:40 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/02/17 17:47:18 | 000,909,152 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
PRC - [2012/02/17 17:47:14 | 000,939,872 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012/02/14 16:38:30 | 000,481,064 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012/02/13 02:06:52 | 002,602,304 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
PRC - [2012/02/09 10:58:28 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2012/02/02 02:44:30 | 003,329,824 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\Brandon\AppData\Local\Akamai\netsession_win.exe
PRC - [2012/01/24 17:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/01/13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/01/04 14:26:46 | 001,606,488 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
PRC - [2012/01/03 05:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/01/02 14:17:50 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/08/23 21:20:18 | 000,887,976 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/03/22 12:42:40 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011/02/28 16:08:30 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/02/25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/02/17 23:48:24 | 000,265,544 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
PRC - [2011/02/17 23:48:12 | 000,642,888 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
PRC - [2011/02/17 23:47:58 | 000,142,664 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
PRC - [2011/02/15 16:48:52 | 001,071,160 | ---- | M] (Hewlett-Packard Development Company L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
PRC - [2011/01/27 13:38:04 | 000,318,520 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2010/11/26 08:09:12 | 000,399,344 | ---- | M] (Roxio) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
PRC - [2010/11/09 16:20:36 | 000,586,296 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010/11/09 16:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2010/04/23 13:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/04/23 13:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/04/23 13:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe


========== Modules (No Company Name) ==========

MOD - [2012/02/17 22:06:39 | 001,911,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/02/17 17:47:14 | 000,939,872 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2012/02/14 16:38:29 | 014,415,144 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/02/14 16:38:28 | 000,914,216 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-52.dll
MOD - [2012/02/14 16:38:28 | 000,857,896 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012/02/14 16:38:28 | 000,155,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-52.dll
MOD - [2012/02/14 16:38:28 | 000,091,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-50.dll
MOD - [2011/11/30 03:39:27 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/08/19 16:33:28 | 000,047,960 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag 2\NtfsData.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/11/09 22:08:52 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011/09/15 18:12:12 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/05/13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2011/03/11 04:23:16 | 000,297,984 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2011/02/16 20:20:04 | 000,256,336 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe -- (Amsp)
SRV:64bit: - [2010/10/11 03:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/03/03 04:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2012/02/17 17:47:18 | 000,909,152 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe -- (vToolbarUpdater)
SRV - [2012/02/14 16:38:30 | 000,481,064 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/02/14 16:37:41 | 003,340,064 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll -- (Akamai)
SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/01/03 05:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/01/02 14:17:50 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/03/07 18:43:30 | 002,375,168 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011/03/01 22:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/28 16:08:30 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011/02/25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/02/17 23:48:24 | 000,265,544 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe -- (FPLService)
SRV - [2011/02/15 16:48:52 | 001,071,160 | ---- | M] (Hewlett-Packard Development Company L.P.) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe -- (hpCMSrv)
SRV - [2010/11/26 08:09:12 | 000,399,344 | ---- | M] (Roxio) [Auto | Running] -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe -- (RoxioNow Service)
SRV - [2010/11/09 16:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010/10/12 11:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/02/19 16:45:54 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/01/30 18:45:27 | 000,564,792 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011/12/10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/10/07 06:23:46 | 000,283,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2011/09/15 18:51:12 | 010,206,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/09/15 17:38:42 | 000,317,952 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/09/13 06:30:08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/08/29 18:58:09 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/08/29 18:58:09 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/08/08 06:08:58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/07/11 01:14:36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011/07/11 01:14:08 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/07/11 01:14:06 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/07/11 01:14:06 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/05/13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011/05/13 03:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/05/13 03:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2011/05/13 03:21:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2011/05/13 03:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:64bit: - [2011/04/15 15:37:50 | 000,079,488 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011/04/15 15:37:50 | 000,040,064 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011/03/24 18:20:36 | 000,337,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011/03/17 23:04:20 | 000,188,544 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdxhc.sys -- (amdxhc)
DRV:64bit: - [2011/03/17 23:04:18 | 000,087,168 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdhub30.sys -- (amdhub30)
DRV:64bit: - [2011/03/11 04:23:16 | 000,521,728 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/03/07 10:55:00 | 001,353,280 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2010/12/16 20:28:38 | 001,403,440 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/12/16 02:06:46 | 000,047,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/11/26 18:02:18 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2010/11/20 21:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 21:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 21:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 21:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/17 11:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/09/17 02:33:02 | 000,144,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:64bit: - [2010/09/17 02:33:02 | 000,105,552 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:64bit: - [2010/09/17 02:33:02 | 000,090,704 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:64bit: - [2010/09/17 02:33:02 | 000,067,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:64bit: - [2010/07/28 10:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/02/18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/08/13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 15:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 15:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 14:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 14:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1788461633-239288871-556941257-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKU\S-1-5-21-1788461633-239288871-556941257-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incre...6PQn1Xl2Ae&i=26
IE - HKU\S-1-5-21-1788461633-239288871-556941257-1001\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1788461633-239288871-556941257-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-1788461633-239288871-556941257-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "http://www.msn.com/"
FF - prefs.js..keyword.URL: "http://isearch.avg.c...7:21&sap=ku&q="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 62667
FF - prefs.js..network.proxy.type: 4


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\4game.com/plugin: File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Brandon\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Brandon\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Brandon\AppData\Local\RewardsArcade\498\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/02/17 17:47:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\10.0.0.7\ [2012/02/17 17:47:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\firefoxextension\ [2012/02/18 10:20:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/17 22:06:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/17 22:06:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/17 22:06:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{EB132DB0-A4CA-11DF-9732-0E29E0D72085}: C:\Program Files (x86)\Object\facetheme

[2012/01/11 20:57:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brandon\AppData\Roaming\Mozilla\Extensions
[2012/01/31 17:13:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\mpynu5gq.default\extensions
[2012/01/31 17:13:19 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\mpynu5gq.default\extensions\[email protected]
[2012/01/31 17:13:25 | 000,002,203 | ---- | M] () -- C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\mpynu5gq.default\searchplugins\MyStart Search.xml
[2012/02/04 20:41:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/01/05 14:46:39 | 000,000,000 | ---D | M] (TrueSuite Website Logon) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2012/02/17 17:47:39 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES (X86)\AVG\AVG2012\FIREFOX4
[2012/02/17 17:47:37 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\10.0.0.7
[2012/02/17 22:06:40 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/02/17 17:47:10 | 000,003,747 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/02/15 10:18:35 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/15 10:18:35 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: MyStart Search ()
CHR - default_search_provider: search_url = http://mystart.incre...6PQn1Xl2Ae&i=26
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Brandon\AppData\Local\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U24 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Brandon\AppData\Local\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Brandon\AppData\Local\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Simple Pass 2011 (Enabled) = C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe\1.0_0\npwebsitelogon.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Brandon\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Website Logon = C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe\1.0_0\
CHR - Extension: YouTube = C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\
CHR - Extension: Google Search = C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: RewardsArcade = C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcmagccbogebndpoodhhhafmofelpffh\1.13.61_0\
CHR - Extension: We-Care Reminder Lite = C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkpmjnommfoljgjbckjmjhkmnhfmcmon\1.2.0.10_0\
CHR - Extension: Yontoo Layers = C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.0_0\
CHR - Extension: Gmail = C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\
CHR - Extension: No name found = C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\plccnhhjonaiagjelpfkclblmlppjcik\

O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1504\6.6.1088\TmIEPlg.dll (Trend Micro Inc.)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll (Trend Micro Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - Reg Error: Value error. File not found
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (no name) - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-1788461633-239288871-556941257-1001\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe (Hewlett-Packard Development Company L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1788461633-239288871-556941257-1001..\Run: [Akamai NetSession Interface] C:\Users\Brandon\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\S-1-5-21-1788461633-239288871-556941257-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1788461633-239288871-556941257-1001..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.196.64.53 68.113.206.10 24.178.162.3
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3C58783B-195C-4B94-9371-C1DBE7B32D56}: DhcpNameServer = 24.196.64.53 68.113.206.10 24.178.162.3
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1504\6.6.1088\TmIEPlg.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/09/17 02:19:38 | 000,746,832 | R--- | M] (Trend Micro Inc.) - E:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2010/06/15 04:07:38 | 000,000,047 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2008/08/07 22:54:03 | 000,000,195 | R--- | M] () - F:\AUTORUN.INF -- [ UDF ]
O32 - AutoRun File - [2008/03/26 22:15:22 | 000,156,056 | R--- | M] () - F:\autorun.bmp -- [ UDF ]
O32 - AutoRun File - [2008/08/31 20:11:43 | 000,288,016 | R--- | M] (KOEI Co., Ltd.) - F:\autorun.exe -- [ UDF ]
O33 - MountPoints2\{2bd6dfc0-4e09-11e1-ab26-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2bd6dfc0-4e09-11e1-ab26-806e6f6e6963}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{2bd6dfc0-4e09-11e1-ab26-806e6f6e6963}\Shell\directx\command - "" = G:\DX9\dxsetup.exe
O33 - MountPoints2\{2bd6dfc0-4e09-11e1-ab26-806e6f6e6963}\Shell\setup\command - "" = G:\autorun.exe
O33 - MountPoints2\{2bd6dfc1-4e09-11e1-ab26-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2bd6dfc1-4e09-11e1-ab26-806e6f6e6963}\Shell\AutoRun\command - "" = H:\setup.exe
O33 - MountPoints2\{359b4e76-0d8a-11e1-bffd-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{359b4e76-0d8a-11e1-bffd-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe -- [2010/09/17 02:19:38 | 000,746,832 | R--- | M] (Trend Micro Inc.)
O33 - MountPoints2\{4f99ebc0-4ba5-11e1-b5e0-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4f99ebc0-4ba5-11e1-b5e0-806e6f6e6963}\Shell\AutoRun\command - "" = F:\autorun.exe -- [2008/08/31 20:11:43 | 000,288,016 | R--- | M] (KOEI Co., Ltd.)
O33 - MountPoints2\{4f99ebc0-4ba5-11e1-b5e0-806e6f6e6963}\Shell\directx\command - "" = F:\DX9\DXSETUP.exe -- [2008/07/01 23:51:25 | 000,502,792 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{4f99ebc0-4ba5-11e1-b5e0-806e6f6e6963}\Shell\setup\command - "" = F:\autorun.exe -- [2008/08/31 20:11:43 | 000,288,016 | R--- | M] (KOEI Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/02/20 11:51:03 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/02/20 10:52:28 | 004,729,344 | ---- | C] (AVAST Software) -- C:\Users\Brandon\Desktop\aswMBR(1).exe
[2012/02/19 16:47:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012/02/19 16:45:54 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012/02/19 16:45:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012/02/19 15:46:56 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HunterBlade
[2012/02/19 15:40:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HunterBlade
[2012/02/17 17:47:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2012
[2012/02/17 17:47:22 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2012/02/17 17:47:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2012/02/17 17:47:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
[2012/02/17 17:46:45 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2012/02/17 17:45:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG
[2012/02/17 17:44:49 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\Malwarebytes
[2012/02/17 17:44:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/02/17 17:44:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/02/17 17:44:40 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/02/17 17:44:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/02/17 17:21:07 | 000,105,552 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmtdi.sys
[2012/02/17 17:20:59 | 000,144,464 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmcomm.sys
[2012/02/17 17:20:59 | 000,090,704 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmactmon.sys
[2012/02/17 17:20:59 | 000,067,664 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmevtmgr.sys
[2012/02/17 15:47:09 | 000,000,000 | ---D | C] -- C:\temp
[2012/02/17 13:00:02 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium
[2012/02/17 11:45:13 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\{0C918B29-F835-457E-971C-AF0C10D197B1}
[2012/02/17 11:44:55 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\{19336F43-D98E-40DC-B96D-E8D00C9A6684}
[2012/02/16 23:44:31 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\{88D650CB-A840-4CD9-93B0-373F3DB7776F}
[2012/02/16 23:44:24 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\{9F33A996-22A0-4FB7-B0B3-913E85D4790B}
[2012/02/16 23:18:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Trend Micro
[2012/02/16 23:18:20 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012/02/16 22:42:35 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012/02/16 22:35:04 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\{682A01C5-4619-425D-AAA4-E42C8DF490B4}
[2012/02/16 22:34:57 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\{37E98ABB-31A7-4FC7-A883-54945D6137FE}
[2012/02/16 22:34:11 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\{F70F46CC-7074-4535-9C17-701C14785A2B}
[2012/02/16 22:33:53 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\{84E36FEE-E0F1-40E2-95C5-D03D9AB78F5B}
[2012/02/16 17:15:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinASO
[2012/02/15 23:45:16 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\{81F59AE4-A7EB-42D1-A564-9B5AB4E4FB6D}
[2012/02/15 23:44:58 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\{B2BC6E11-0727-4B6E-9510-30659CF7B504}
[2012/02/14 16:50:28 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/02/14 16:50:27 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/02/14 16:50:26 | 002,308,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/02/14 16:50:26 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/02/14 16:50:26 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/02/14 16:50:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/02/14 16:50:25 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/02/14 16:50:25 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/02/14 16:50:25 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/02/14 16:50:25 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/02/14 16:50:24 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/02/14 16:44:03 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/02/14 16:44:03 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/02/14 16:44:02 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/02/14 16:43:59 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/02/14 14:40:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Samsung_USB_Drivers
[2012/02/14 14:40:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2012/02/12 16:39:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blade
[2012/02/12 16:39:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HunterBlade
[2012/02/12 05:34:16 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\{281184E4-2492-48DC-BEEB-7064B90DB6AC}
[2012/02/11 22:53:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingdoms of Amalur Reckoning
[2012/02/11 22:18:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kingdoms of Amalur Reckoning
[2012/02/09 00:15:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012/02/09 00:15:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2012/02/08 13:32:21 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\BigHugeEngine
[2012/02/08 12:27:51 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs
[2012/02/07 23:56:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/02/07 23:56:37 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012/02/07 23:56:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/02/07 00:00:46 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\ElevatedDiagnostics
[2012/02/06 13:41:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KOEI
[2012/02/06 12:59:13 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Koei
[2012/02/05 18:20:39 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\RenPy
[2012/02/05 18:18:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Katawa Shoujo
[2012/02/05 15:12:06 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Desktop\KOEI
[2012/02/05 12:44:10 | 001,398,272 | ---- | C] (CheatHappens) -- C:\Users\Brandon\Desktop\Dynasty Warriors 6 Trainer.exe
[2012/02/05 12:26:42 | 001,360,384 | ---- | C] (CheatHappens) -- C:\Users\Brandon\Desktop\Resident Evil 5 Trainer.exe
[2012/02/05 00:07:11 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Desktop\Media
[2012/02/03 19:39:39 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RESIDENT EVIL 5
[2012/02/03 18:41:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Resident Evil 5
[2012/02/02 22:13:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Age of Empires 3
[2012/02/02 22:00:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft Games
[2012/02/02 21:42:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
[2012/02/02 21:24:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games
[2012/02/02 21:23:57 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\AVG
[2012/02/02 21:01:30 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012/02/02 19:56:34 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\AVG2012
[2012/02/02 19:55:12 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2012/02/02 19:49:20 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\4F26B
[2012/02/02 19:44:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\4F26B
[2012/02/02 19:43:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LP
[2012/02/02 19:43:27 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\1464F
[2012/02/02 19:21:51 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Documents\KOEI
[2012/01/31 18:05:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitTorrent
[2012/01/31 18:04:28 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\BitTorrent
[2012/01/31 18:04:28 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\BitTorrent
[2012/01/31 17:11:30 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\QuickPar
[2012/01/31 16:25:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar
[2012/01/31 11:03:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012/01/31 11:03:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012/01/31 11:00:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/01/31 11:00:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2012/01/31 11:00:20 | 000,000,000 | ---D | C] -- C:\Windows\SHELLNEW
[2012/01/31 10:59:49 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\Microsoft Help
[2012/01/31 10:59:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012/01/31 10:59:21 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012/01/31 03:06:18 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/01/31 03:06:18 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/01/31 03:06:18 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/01/31 03:06:18 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/01/31 03:06:18 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/01/31 03:06:17 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/01/30 22:52:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RomStation
[2012/01/30 20:16:47 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Desktop\PCSX2 ISO
[2012/01/30 18:56:34 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2012/01/30 18:45:27 | 000,564,792 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2012/01/30 18:43:46 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\DAEMON Tools Lite
[2012/01/30 18:43:42 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012/01/30 16:58:45 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Documents\PCSX2
[2012/01/30 16:57:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCSX2 0.9.8
[2012/01/30 16:43:18 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Desktop\Game Booster 3
[2012/01/26 23:24:15 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\{B9661B8C-DA1B-49CD-9830-935B8E2C0CEF}
[2012/01/26 22:42:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wajam
[2012/01/25 20:25:11 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Desktop\no$GBA
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Brandon\Desktop\*.tmp files -> C:\Users\Brandon\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/02/20 12:34:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1788461633-239288871-556941257-1001UA.job
[2012/02/20 12:12:19 | 000,000,579 | ---- | M] () -- C:\Users\Brandon\Desktop\MBR.zip
[2012/02/20 11:58:23 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/20 11:58:23 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/20 11:51:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/20 11:50:58 | 1009,831,550 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/02/20 11:50:56 | 1728,237,567 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/20 11:31:31 | 000,000,512 | ---- | M] () -- C:\Users\Brandon\Desktop\MBR.dat
[2012/02/20 10:55:45 | 089,557,944 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/02/20 10:53:05 | 004,729,344 | ---- | M] (AVAST Software) -- C:\Users\Brandon\Desktop\aswMBR(1).exe
[2012/02/19 23:21:16 | 000,808,786 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/02/19 23:21:16 | 000,681,046 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/02/19 23:21:16 | 000,129,436 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/02/19 17:36:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1788461633-239288871-556941257-1001Core.job
[2012/02/19 16:47:12 | 000,001,910 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012/02/19 16:45:54 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012/02/19 15:46:56 | 000,001,970 | ---- | M] () -- C:\Users\Brandon\Desktop\HunterBlade.lnk
[2012/02/17 17:47:40 | 000,000,925 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/02/17 17:46:45 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2012/02/17 17:46:45 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2012/02/17 17:44:44 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/17 17:30:48 | 000,001,441 | ---- | M] () -- C:\Users\Brandon\Desktop\Trend Micro Titanium.lnk
[2012/02/17 16:43:35 | 000,000,036 | ---- | M] () -- C:\Users\Brandon\AppData\Local\housecall.guid.cache
[2012/02/16 18:02:12 | 000,000,017 | ---- | M] () -- C:\Users\Brandon\AppData\Local\resmon.resmoncfg
[2012/02/15 02:02:05 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForBrandon.job
[2012/02/14 18:06:58 | 000,342,368 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/02/09 17:30:07 | 000,000,890 | ---- | M] () -- C:\Users\Public\Desktop\Nexus Mod Manager.lnk
[2012/02/09 00:15:32 | 000,000,877 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2012/02/08 12:57:22 | 000,001,258 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2012/02/08 12:33:59 | 000,000,939 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2012/02/05 18:20:29 | 000,001,067 | ---- | M] () -- C:\Users\Brandon\Desktop\Katawa Shoujo.lnk
[2012/02/05 15:17:53 | 000,001,230 | ---- | M] () -- C:\Users\Brandon\Desktop\Dynasty Warriors 6.lnk
[2012/02/04 20:41:37 | 000,001,090 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/02/02 21:42:59 | 000,002,117 | ---- | M] () -- C:\Users\Public\Desktop\Age of Empires III.lnk
[2012/02/02 20:08:04 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\At1.job
[2012/01/31 18:05:09 | 000,000,923 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2012/01/31 17:13:37 | 000,000,447 | ---- | M] () -- C:\user.js
[2012/01/30 18:45:27 | 000,564,792 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2012/01/30 16:57:25 | 000,001,945 | ---- | M] () -- C:\Users\Public\Desktop\PCSX2 0.9.8 (r4600).lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Brandon\Desktop\*.tmp files -> C:\Users\Brandon\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/02/20 12:12:19 | 000,000,579 | ---- | C] () -- C:\Users\Brandon\Desktop\MBR.zip
[2012/02/20 11:50:58 | 1009,831,550 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/02/20 11:31:31 | 000,000,512 | ---- | C] () -- C:\Users\Brandon\Desktop\MBR.dat
[2012/02/20 10:55:45 | 089,557,944 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/02/19 16:47:12 | 000,001,910 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012/02/19 15:46:56 | 000,001,970 | ---- | C] () -- C:\Users\Brandon\Desktop\HunterBlade.lnk
[2012/02/17 17:47:40 | 000,000,925 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/02/17 17:46:45 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2012/02/17 17:46:45 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2012/02/17 17:44:44 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/17 15:49:41 | 000,000,036 | ---- | C] () -- C:\Users\Brandon\AppData\Local\housecall.guid.cache
[2012/02/17 13:00:02 | 000,001,441 | ---- | C] () -- C:\Users\Brandon\Desktop\Trend Micro Titanium.lnk
[2012/02/16 18:02:12 | 000,000,017 | ---- | C] () -- C:\Users\Brandon\AppData\Local\resmon.resmoncfg
[2012/02/09 17:30:07 | 000,000,890 | ---- | C] () -- C:\Users\Public\Desktop\Nexus Mod Manager.lnk
[2012/02/09 00:15:32 | 000,000,877 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2012/02/08 12:33:59 | 000,000,939 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2012/02/06 12:39:00 | 000,043,008 | ---- | C] () -- C:\Users\Brandon\Desktop\trnAOE3.exe
[2012/02/06 11:02:13 | 001,297,920 | ---- | C] () -- C:\Users\Brandon\Desktop\Samurai Warriors 2 Trainer.exe
[2012/02/05 18:20:29 | 000,001,067 | ---- | C] () -- C:\Users\Brandon\Desktop\Katawa Shoujo.lnk
[2012/02/05 15:17:53 | 000,001,230 | ---- | C] () -- C:\Users\Brandon\Desktop\Dynasty Warriors 6.lnk
[2012/02/04 20:41:37 | 000,001,102 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/02/04 20:41:37 | 000,001,090 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/02/02 21:42:59 | 000,002,117 | ---- | C] () -- C:\Users\Public\Desktop\Age of Empires III.lnk
[2012/02/02 20:07:00 | 000,000,386 | ---- | C] () -- C:\Windows\tasks\At1.job
[2012/01/31 18:05:09 | 000,000,923 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2012/01/31 17:13:37 | 000,000,447 | ---- | C] () -- C:\user.js
[2012/01/30 16:57:25 | 000,001,945 | ---- | C] () -- C:\Users\Public\Desktop\PCSX2 0.9.8 (r4600).lnk
[2012/01/11 21:12:17 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2012/01/02 14:17:49 | 003,123,272 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011/12/18 18:09:04 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/12/18 18:09:03 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/11/13 16:16:08 | 000,000,095 | ---- | C] () -- C:\Users\Brandon\AppData\Local\fusioncache.dat
[2011/11/09 22:39:44 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011/11/09 22:39:32 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/11/09 20:36:06 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011/11/09 20:36:06 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011/10/22 05:17:38 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/10/22 05:13:54 | 000,014,051 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2011/10/22 05:10:04 | 000,787,194 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/10/22 04:57:59 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/10/13 14:30:24 | 000,042,392 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/08/29 19:40:04 | 000,000,068 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2011/05/31 00:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2011/05/31 00:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2011/03/17 17:51:46 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/03/03 22:04:58 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2010/12/16 20:26:22 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll

========== LOP Check ==========

[2012/02/07 11:06:53 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\1464F
[2012/02/07 10:46:22 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\4F26B
[2012/02/02 21:25:50 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\AVG
[2012/02/14 16:35:22 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\AVG2012
[2012/02/08 13:32:21 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\BigHugeEngine
[2012/02/19 17:31:42 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\BitTorrent
[2011/11/12 11:21:23 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\Blio
[2012/01/30 19:10:04 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\DAEMON Tools Lite
[2012/01/01 01:16:38 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\FreeBurner
[2011/11/17 15:06:31 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\IDT
[2012/02/14 16:35:22 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\IObit
[2011/12/19 20:42:33 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\Lionhead Studios
[2011/12/18 17:36:17 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\Origin
[2012/02/05 18:20:39 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\RenPy
[2011/11/12 11:19:58 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\Synaptics
[2012/01/02 19:12:45 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\SystemRequirementsLab
[2011/11/17 18:09:14 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\Tific
[2011/12/11 00:21:33 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\Windows Live Writer
[2012/02/02 20:08:04 | 000,000,386 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2009/07/13 23:08:49 | 000,028,986 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe


< MD5 for: EXPLORER.EXE >
[2011/08/29 18:53:47 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/08/29 18:53:47 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/08/29 18:53:47 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/08/29 18:53:47 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 21:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/08/29 18:53:47 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/08/29 18:53:47 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 21:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 19:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 19:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012/01/13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 19:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 19:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 21:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 21:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 21:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 21:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 21:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 21:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2012/01/13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/02/17 22:06:36 | 000,834,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/02/17 22:06:36 | 000,834,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/02/17 22:06:36 | 000,834,840 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2012/02/17 22:06:40 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2012/02/17 22:06:40 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2012/02/17 22:06:40 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Brandon\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012/02/14 23:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Brandon\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012/02/14 23:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Brandon\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/02/14 23:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Brandon\AppData\Local\Google\Chrome\Application\chrome.exe" [2012/02/14 23:03:37 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/10/22 05:15:33 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/10/22 05:15:33 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/10/22 05:15:33 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2011/10/22 05:15:33 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2011/10/22 05:15:33 | 000,748,336 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2012/02/17 22:06:36 | 000,834,840 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2012/02/17 22:06:36 | 000,834,840 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2012/02/17 22:06:36 | 000,834,840 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE [2012/02/17 22:06:40 | 000,924,632 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2012/02/17 22:06:40 | 000,924,632 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2012/02/17 22:06:40 | 000,924,632 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2012/02/14 23:03:37 | 001,049,072 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2012/02/14 23:03:37 | 001,049,072 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2012/02/14 23:03:37 | 001,049,072 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2012/02/14 23:03:37 | 001,049,072 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011/10/22 05:15:32 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011/10/22 05:15:32 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011/10/22 05:15:32 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2011/10/22 05:15:33 | 000,748,336 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2011/10/22 05:15:33 | 000,748,336 | ---- | M] (Microsoft Corporation)

========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:0B4227B4

< End of report >

[Render]

OK. Please proceed with following steps:

Please download MBRCheck.exe to your Desktop. Run the application.

If no infection is found, it will produce a report on the desktop. Post that report in your next reply.

If an infection is found, you will be presented with the following dialog:

Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Type N and press Enter. A report will be produced on the desktop. Post that report in your next reply.

NEXT....

Download the latest version of TDSSKiller from here and save it to your Desktop.

• Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  
  
  
• Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK button.
  
  
  
• Click the Start Scan button.
  
  
  
• If a suspicious object is detected, the default action will be Skip, click on Continue.
  
  
  
• If malicious objects are found, they will show in the Scan results and offer three (3) options.
• Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
  
  
  
• Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt".
Please copy and paste its contents on your next reply.

[Brandon Jorgensen]

MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: Hewlett-Packard
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP Pavilion dv6 Notebook PC
Logical Drives Mask: 0x000001fc

Kernel Drivers (total 215):
0x02C51000 \SystemRoot\system32\ntoskrnl.exe
0x02C08000 \SystemRoot\system32\hal.dll
0x00B96000 \SystemRoot\system32\kdcom.dll
0x00C7C000 \SystemRoot\system32\mcupdate_AuthenticAMD.dll
0x00C89000 \SystemRoot\system32\PSHED.dll
0x00C9D000 \SystemRoot\system32\CLFS.SYS
0x00CFB000 \SystemRoot\system32\CI.dll
0x00E83000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00F27000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x01077000 \SystemRoot\System32\Drivers\sptd.sys
0x01000000 \SystemRoot\system32\drivers\ACPI.sys
0x01057000 \SystemRoot\system32\drivers\WMILIB.SYS
0x01060000 \SystemRoot\system32\drivers\msisadrv.sys
0x0106A000 \SystemRoot\system32\drivers\vdrvroot.sys
0x00F36000 \SystemRoot\system32\drivers\pci.sys
0x011EB000 \SystemRoot\System32\drivers\partmgr.sys
0x00F69000 \SystemRoot\system32\drivers\compbatt.sys
0x00F72000 \SystemRoot\system32\drivers\BATTC.SYS
0x00F7E000 \SystemRoot\system32\drivers\volmgr.sys
0x00F93000 \SystemRoot\System32\drivers\volmgrx.sys
0x00FEF000 \SystemRoot\system32\drivers\pciide.sys
0x00E00000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x00E10000 \SystemRoot\System32\drivers\mountmgr.sys
0x00E2A000 \SystemRoot\system32\drivers\atapi.sys
0x00E33000 \SystemRoot\system32\drivers\ataport.SYS
0x00E5D000 \SystemRoot\system32\drivers\msahci.sys
0x00E68000 \SystemRoot\system32\DRIVERS\amd_sata.sys
0x00C00000 \SystemRoot\system32\DRIVERS\storport.sys
0x00C63000 \SystemRoot\system32\DRIVERS\amd_xata.sys
0x00C71000 \SystemRoot\system32\drivers\amdxata.sys
0x012FF000 \SystemRoot\system32\drivers\fltmgr.sys
0x0134B000 \SystemRoot\system32\drivers\fileinfo.sys
0x01455000 \SystemRoot\System32\Drivers\Ntfs.sys
0x0135F000 \SystemRoot\System32\Drivers\msrpc.sys
0x01400000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01200000 \SystemRoot\System32\Drivers\cng.sys
0x0141B000 \SystemRoot\System32\drivers\pcw.sys
0x0142C000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x01679000 \SystemRoot\system32\drivers\ndis.sys
0x0176C000 \SystemRoot\system32\drivers\NETIO.SYS
0x017CC000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x018C2000 \SystemRoot\System32\drivers\tcpip.sys
0x01AC6000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01B10000 \SystemRoot\system32\drivers\volsnap.sys
0x01B5C000 \SystemRoot\System32\Drivers\spldr.sys
0x01B64000 \SystemRoot\System32\Drivers\SmartDefragDriver.sys
0x01B6B000 \SystemRoot\System32\drivers\rdyboost.sys
0x01BA5000 \SystemRoot\System32\Drivers\mup.sys
0x01BB7000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01BC0000 \SystemRoot\system32\DRIVERS\hpdskflt.sys
0x01800000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x0183A000 \SystemRoot\system32\drivers\disk.sys
0x01850000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x01880000 \SystemRoot\system32\DRIVERS\avgrkx64.sys
0x0188C000 \SystemRoot\system32\DRIVERS\AVGIDSEH.Sys
0x01600000 \SystemRoot\system32\DRIVERS\dtsoftbus01.sys
0x01649000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x018AE000 \SystemRoot\system32\DRIVERS\avgmfx64.sys
0x01BF4000 \SystemRoot\System32\Drivers\Null.SYS
0x017F7000 \SystemRoot\System32\Drivers\Beep.SYS
0x01436000 \SystemRoot\System32\drivers\vga.sys
0x01272000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x01444000 \SystemRoot\System32\drivers\watchdog.sys
0x01297000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x012A0000 \SystemRoot\system32\drivers\rdpencdd.sys
0x012A9000 \SystemRoot\system32\drivers\rdprefmp.sys
0x012B2000 \SystemRoot\System32\Drivers\Msfs.SYS
0x012BD000 \SystemRoot\System32\Drivers\Npfs.SYS
0x012CE000 \SystemRoot\system32\DRIVERS\tdx.sys
0x012F0000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x02E46000 \SystemRoot\system32\DRIVERS\avgtdia.sys
0x02EA6000 \SystemRoot\System32\DRIVERS\netbt.sys
0x02EEB000 \SystemRoot\system32\drivers\afd.sys
0x02F74000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x02F7D000 \SystemRoot\system32\DRIVERS\pacer.sys
0x02FA3000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x02FB9000 \SystemRoot\system32\DRIVERS\netbios.sys
0x02FC8000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x02FE3000 \SystemRoot\system32\DRIVERS\tmtdi.sys
0x02E00000 \SystemRoot\system32\drivers\termdd.sys
0x06CF3000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x06D44000 \SystemRoot\system32\drivers\nsiproxy.sys
0x06D50000 \SystemRoot\system32\drivers\mssmbios.sys
0x06D5B000 \SystemRoot\System32\drivers\discache.sys
0x06D6A000 \SystemRoot\System32\Drivers\dfsc.sys
0x06D88000 \SystemRoot\system32\drivers\blbdrive.sys
0x06D99000 \SystemRoot\system32\DRIVERS\avgldx64.sys
0x06C00000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x06C26000 \SystemRoot\system32\DRIVERS\amdppm.sys
0x06C3B000 \SystemRoot\system32\DRIVERS\atikmpag.sys
0x074E0000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x07EEE000 \SystemRoot\System32\Drivers\fastfat.SYS
0x06A6A000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x06B5E000 \SystemRoot\System32\drivers\dxgmms1.sys
0x06BA4000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x07F24000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
0x08240000 \SystemRoot\system32\DRIVERS\netr28x.sys
0x08390000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x0839D000 \SystemRoot\system32\DRIVERS\RtsPStor.sys
0x08200000 \SystemRoot\system32\DRIVERS\amdxhc.sys
0x08231000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x06BC8000 \SystemRoot\system32\DRIVERS\usbfilter.sys
0x08233000 \SystemRoot\system32\DRIVERS\usbohci.sys
0x06A00000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x06A56000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x06BD7000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x07FA9000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x08479000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x085D6000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x08400000 \SystemRoot\System32\Drivers\aitbc2rx.SYS
0x07FB8000 \SystemRoot\System32\Drivers\SCSIPORT.SYS
0x08451000 \SystemRoot\system32\drivers\CmBatt.sys
0x08456000 \SystemRoot\system32\DRIVERS\Accelerometer.sys
0x08463000 \SystemRoot\system32\drivers\wmiacpi.sys
0x085E5000 \SystemRoot\system32\drivers\CompositeBus.sys
0x085F5000 \SystemRoot\system32\DRIVERS\clwvd.sys
0x07400000 \SystemRoot\system32\DRIVERS\ks.sys
0x0846C000 \SystemRoot\system32\drivers\ksthunk.sys
0x07443000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x07459000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x083F3000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x0747D000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x074AC000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x06C8E000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x06CAF000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x08472000 \SystemRoot\system32\drivers\swenum.sys
0x074C7000 \SystemRoot\system32\DRIVERS\circlass.sys
0x07FE7000 \SystemRoot\system32\DRIVERS\amdiox64.sys
0x06CC9000 \SystemRoot\system32\DRIVERS\umbus.sys
0x06DE2000 \SystemRoot\system32\DRIVERS\amdhub30.sys
0x09640000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x0969A000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x096AF000 \SystemRoot\system32\drivers\AtihdW76.sys
0x096CF000 \SystemRoot\system32\drivers\portcls.sys
0x0970C000 \SystemRoot\system32\drivers\drmk.sys
0x0972E000 \SystemRoot\system32\DRIVERS\stwrt64.sys
0x00080000 \SystemRoot\System32\win32k.sys
0x097B1000 \SystemRoot\System32\drivers\Dxapi.sys
0x097BD000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x09600000 \SystemRoot\System32\Drivers\usbvideo.sys
0x097DA000 \SystemRoot\system32\DRIVERS\monitor.sys
0x00560000 \SystemRoot\System32\TSDDD.dll
0x007B0000 \SystemRoot\System32\cdd.dll
0x00940000 \SystemRoot\System32\ATMFD.DLL
0x02E14000 \SystemRoot\system32\drivers\luafv.sys
0x01BCA000 \SystemRoot\system32\drivers\WudfPf.sys
0x013BD000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x097E8000 \SystemRoot\System32\Drivers\crashdmp.sys
0x097F6000 \SystemRoot\System32\Drivers\dump_diskdump.sys
0x06CDB000 \SystemRoot\System32\Drivers\dump_amd_sata.sys
0x01896000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x0962E000 \SystemRoot\system32\DRIVERS\WinUSB.sys
0x00DBB000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x013DA000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x0AAD8000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x0AB2B000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x0AB3E000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x0AA00000 \SystemRoot\system32\drivers\HTTP.sys
0x0AAC9000 \SystemRoot\system32\DRIVERS\vwifimp.sys
0x0AB56000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x0AB87000 \SystemRoot\system32\DRIVERS\bowser.sys
0x0ABA5000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x0B62B000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x0B679000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x0B69D000 \SystemRoot\System32\DRIVERS\srv2.sys
0x0B706000 \SystemRoot\System32\DRIVERS\srv.sys
0x0B79E000 \SystemRoot\system32\DRIVERS\tmcomm.sys
0x0B7C5000 \SystemRoot\system32\DRIVERS\tmevtmgr.sys
0x0B7DB000 \SystemRoot\system32\DRIVERS\tmactmon.sys
0x0B600000 \SystemRoot\system32\DRIVERS\AVGIDSFilter.Sys
0x0CAA9000 \SystemRoot\system32\drivers\peauth.sys
0x0CB4F000 \SystemRoot\System32\Drivers\secdrv.SYS
0x0CB5A000 \SystemRoot\System32\drivers\tcpipreg.sys
0x0CB6C000 \SystemRoot\system32\DRIVERS\AVGIDSDriver.Sys
0x0CB97000 \SystemRoot\system32\DRIVERS\udfs.sys
0x0CBEC000 \??\C:\Windows\system32\drivers\mbam.sys
0x777F0000 \Windows\System32\ntdll.dll
0x47F80000 \Windows\System32\smss.exe
0xFFB10000 \Windows\System32\apisetschema.dll
0xFF3F0000 \Windows\System32\autochk.exe
0xFFAA0000 \Windows\System32\Wldap32.dll
0xFFA80000 \Windows\System32\sechost.dll
0xFFA00000 \Windows\System32\difxapi.dll
0xFF9B0000 \Windows\System32\ws2_32.dll
0xFF910000 \Windows\System32\comdlg32.dll
0xFF900000 \Windows\System32\lpk.dll
0xFF8E0000 \Windows\System32\imagehlp.dll
0x776F0000 \Windows\System32\user32.dll
0x779C0000 \Windows\System32\normaliz.dll
0xFF6D0000 \Windows\System32\ole32.dll
0xFF5F0000 \Windows\System32\advapi32.dll
0xFF510000 \Windows\System32\oleaut32.dll
0x775D0000 \Windows\System32\kernel32.dll
0x779B0000 \Windows\System32\psapi.dll
0xFF400000 \Windows\System32\msctf.dll
0xFF360000 \Windows\System32\msvcrt.dll
0xFF230000 \Windows\System32\rpcrt4.dll
0xFF050000 \Windows\System32\setupapi.dll
0xFEFB0000 \Windows\System32\clbcatq.dll
0xFEFA0000 \Windows\System32\nsi.dll
0xFE210000 \Windows\System32\shell32.dll
0x77470000 \Windows\System32\wininet.dll
0xFE140000 \Windows\System32\usp10.dll
0xFE0D0000 \Windows\System32\gdi32.dll
0xFE0A0000 \Windows\System32\imm32.dll
0xFE020000 \Windows\System32\shlwapi.dll
0x77320000 \Windows\System32\urlmon.dll
0x77110000 \Windows\System32\iertutil.dll
0xFE000000 \Windows\System32\devobj.dll
0xFDFC0000 \Windows\System32\cfgmgr32.dll
0xFDF50000 \Windows\System32\KernelBase.dll
0xFDEB0000 \Windows\System32\comctl32.dll
0xFDD40000 \Windows\System32\crypt32.dll
0xFDD00000 \Windows\System32\wintrust.dll
0xFDCF0000 \Windows\System32\msasn1.dll

Processes (total 103):
0 System Idle Process
4 System
300 C:\Windows\System32\smss.exe
452 csrss.exe
528 C:\Windows\System32\wininit.exe
560 csrss.exe
592 C:\Windows\System32\services.exe
620 C:\Windows\System32\lsass.exe
628 C:\Windows\System32\lsm.exe
736 C:\Windows\System32\svchost.exe
796 C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
820 C:\Windows\System32\winlogon.exe
900 C:\Windows\System32\svchost.exe
964 C:\Windows\System32\atiesrxx.exe
120 C:\Windows\System32\svchost.exe
364 C:\Windows\System32\svchost.exe
440 C:\Windows\System32\svchost.exe
752 C:\Program Files\IDT\WDM\stacsv64.exe
1284 C:\Windows\System32\svchost.exe
1336 C:\Windows\System32\hpservice.exe
1380 WUDFHost.exe
1424 C:\Windows\System32\atieclxx.exe
1628 C:\Windows\System32\dwm.exe
1652 C:\Windows\explorer.exe
1716 C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
1752 C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
1812 C:\Windows\System32\svchost.exe
1992 C:\Windows\System32\taskhost.exe
2000 C:\Windows\System32\spoolsv.exe
1148 C:\Windows\System32\svchost.exe
1356 C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
2180 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
2204 C:\Program Files\IDT\WDM\AESTSr64.exe
2232 C:\Windows\SysWOW64\svchost.exe
2260 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
2288 C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
2304 C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
2320 C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
2340 C:\Windows\System32\conhost.exe
2360 C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
2368 C:\Windows\System32\conhost.exe
2404 C:\Windows\System32\svchost.exe
2476 C:\Windows\SysWOW64\ezSharedSvcHost.exe
2512 C:\Windows\System32\svchost.exe
2536 C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
2568 C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
2592 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
2616 C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
2740 C:\Windows\SysWOW64\PnkBstrA.exe
2764 C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
2792 C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
2848 C:\Windows\System32\svchost.exe
2940 C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
2952 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
2976 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
3016 C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
3052 C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
1700 C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
3304 C:\Program Files\IDT\WDM\sttray64.exe
3312 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
3520 C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe
3588 C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
3804 C:\Users\Brandon\AppData\Local\Akamai\netsession_win.exe
3820 C:\Program Files\Windows Sidebar\sidebar.exe
3844 C:\Program Files (x86)\Steam\Steam.exe
3880 C:\Users\Brandon\AppData\Local\Akamai\netsession_win.exe
3968 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
3192 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
1080 C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
3652 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
3812 WmiPrvSE.exe
4236 C:\Windows\System32\taskeng.exe
4248 C:\Program Files (x86)\Ask.com\Updater\Updater.exe
4272 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
4312 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
4340 C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
4352 C:\Program Files (x86)\AVG Secure Search\vprot.exe
4448 C:\Windows\System32\SearchIndexer.exe
4560 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
4568 C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
4580 C:\Windows\System32\wbem\unsecapp.exe
5076 C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
3952 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
5124 C:\Program Files\Windows Media Player\wmpnetwk.exe
5312 C:\Windows\System32\svchost.exe
5336 C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
5536 C:\Program Files (x86)\Common Files\Steam\SteamService.exe
6156 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
6372 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
6744 C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
6352 C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
5160 C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
6768 C:\Program Files (x86)\Internet Explorer\ielowutil.exe
6444 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
5784 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
2816 C:\Users\Brandon\Downloads\OTL.exe
3244 C:\Windows\System32\SearchProtocolHost.exe
5376 C:\Windows\System32\SearchFilterHost.exe
6280 C:\Windows\System32\audiodg.exe
6692 dllhost.exe
6920 dllhost.exe
6600 C:\Users\Brandon\Downloads\MBRCheck.exe
6228 C:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`0c800000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000090`c7600000 (NTFS)

PhysicalDrive0 Model Number: HitachiHTS547564A9E384, Rev: JEDOA50A

Size Device Name MBR Status
--------------------------------------------
596 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


Done!

[Brandon Jorgensen]

13:46:11.0253 6848 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
13:46:11.0647 6848 ============================================================
13:46:11.0648 6848 Current date / time: 2012/02/20 13:46:11.0647
13:46:11.0648 6848 SystemInfo:
13:46:11.0648 6848
13:46:11.0648 6848 OS Version: 6.1.7601 ServicePack: 1.0
13:46:11.0648 6848 Product type: Workstation
13:46:11.0648 6848 ComputerName: BRANDON-HP
13:46:11.0648 6848 UserName: Brandon
13:46:11.0648 6848 Windows directory: C:\Windows
13:46:11.0648 6848 System windows directory: C:\Windows
13:46:11.0648 6848 Running under WOW64
13:46:11.0648 6848 Processor architecture: Intel x64
13:46:11.0648 6848 Number of processors: 4
13:46:11.0648 6848 Page size: 0x1000
13:46:11.0648 6848 Boot type: Normal boot
13:46:11.0648 6848 ============================================================
13:46:12.0918 6848 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:46:12.0926 6848 \Device\Harddisk0\DR0:
13:46:12.0926 6848 MBR used
13:46:12.0926 6848 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
13:46:12.0926 6848 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x485D7000
13:46:12.0926 6848 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x4863B000, BlocksNum 0x21E9000
13:46:12.0926 6848 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x4A824000, BlocksNum 0x33AB0
13:46:13.0001 6848 Initialize success
13:46:13.0001 6848 ============================================================
13:46:15.0264 4916 ============================================================
13:46:15.0264 4916 Scan started
13:46:15.0264 4916 Mode: Manual;
13:46:15.0264 4916 ============================================================
13:46:16.0054 4916 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
13:46:16.0057 4916 1394ohci - ok
13:46:16.0099 4916 Accelerometer (5c368f4b04ed2a923e6afca2d37baff5) C:\Windows\system32\DRIVERS\Accelerometer.sys
13:46:16.0101 4916 Accelerometer - ok
13:46:16.0217 4916 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
13:46:16.0220 4916 ACPI - ok
13:46:16.0265 4916 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
13:46:16.0266 4916 AcpiPmi - ok
13:46:16.0414 4916 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
13:46:16.0419 4916 adp94xx - ok
13:46:16.0529 4916 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
13:46:16.0533 4916 adpahci - ok
13:46:16.0641 4916 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
13:46:16.0644 4916 adpu320 - ok
13:46:16.0764 4916 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
13:46:16.0769 4916 AFD - ok
13:46:16.0892 4916 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
13:46:16.0894 4916 agp440 - ok
13:46:17.0109 4916 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
13:46:17.0110 4916 aliide - ok
13:46:17.0289 4916 amdhub30 (30bfeee0dffd5bd79d29157cf080deed) C:\Windows\system32\DRIVERS\amdhub30.sys
13:46:17.0291 4916 amdhub30 - ok
13:46:17.0393 4916 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
13:46:17.0394 4916 amdide - ok
13:46:17.0490 4916 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
13:46:17.0492 4916 amdiox64 - ok
13:46:17.0602 4916 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
13:46:17.0604 4916 AmdK8 - ok
13:46:17.0897 4916 amdkmdag (42d53daf85f948c39ce1351a8f5b5808) C:\Windows\system32\DRIVERS\atikmdag.sys
13:46:18.0039 4916 amdkmdag - ok
13:46:18.0198 4916 amdkmdap (75182b5784015b271932088551616a96) C:\Windows\system32\DRIVERS\atikmpag.sys
13:46:18.0202 4916 amdkmdap - ok
13:46:18.0311 4916 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
13:46:18.0313 4916 AmdPPM - ok
13:46:18.0419 4916 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
13:46:18.0421 4916 amdsata - ok
13:46:18.0519 4916 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
13:46:18.0521 4916 amdsbs - ok
13:46:18.0634 4916 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
13:46:18.0636 4916 amdxata - ok
13:46:18.0736 4916 amdxhc (321533578132c811ec834a1b741c994c) C:\Windows\system32\DRIVERS\amdxhc.sys
13:46:18.0739 4916 amdxhc - ok
13:46:18.0832 4916 amd_sata (f9d46b6b322708bd5afcc8767ebdc901) C:\Windows\system32\DRIVERS\amd_sata.sys
13:46:18.0834 4916 amd_sata - ok
13:46:18.0921 4916 amd_xata (329cc9c7e20deebcd4cd10816193ef14) C:\Windows\system32\DRIVERS\amd_xata.sys
13:46:18.0922 4916 amd_xata - ok
13:46:19.0052 4916 androidusb (4de0d5d747a73797c95a97dcce5018b5) C:\Windows\system32\Drivers\ssadadb.sys
13:46:19.0054 4916 androidusb - ok
13:46:19.0163 4916 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
13:46:19.0165 4916 AppID - ok
13:46:19.0278 4916 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
13:46:19.0280 4916 arc - ok
13:46:19.0378 4916 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
13:46:19.0380 4916 arcsas - ok
13:46:19.0505 4916 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:46:19.0506 4916 AsyncMac - ok
13:46:19.0601 4916 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
13:46:19.0603 4916 atapi - ok
13:46:19.0754 4916 AtiHDAudioService (4bf5bca6e2608cd8a00bc4a6673a9f47) C:\Windows\system32\drivers\AtihdW76.sys
13:46:19.0756 4916 AtiHDAudioService - ok
13:46:19.0913 4916 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
13:46:19.0915 4916 AVGIDSDriver - ok
13:46:20.0002 4916 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
13:46:20.0003 4916 AVGIDSEH - ok
13:46:20.0080 4916 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
13:46:20.0082 4916 AVGIDSFilter - ok
13:46:20.0182 4916 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
13:46:20.0185 4916 Avgldx64 - ok
13:46:20.0273 4916 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
13:46:20.0275 4916 Avgmfx64 - ok
13:46:20.0377 4916 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
13:46:20.0379 4916 Avgrkx64 - ok
13:46:20.0470 4916 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
13:46:20.0475 4916 Avgtdia - ok
13:46:20.0587 4916 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
13:46:20.0592 4916 b06bdrv - ok
13:46:20.0689 4916 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:46:20.0693 4916 b57nd60a - ok
13:46:20.0834 4916 BCM43XX (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys
13:46:20.0845 4916 BCM43XX - ok
13:46:20.0955 4916 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:46:20.0956 4916 Beep - ok
13:46:21.0059 4916 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
13:46:21.0060 4916 blbdrive - ok
13:46:21.0180 4916 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
13:46:21.0182 4916 bowser - ok
13:46:21.0275 4916 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
13:46:21.0277 4916 BrFiltLo - ok
13:46:21.0373 4916 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
13:46:21.0374 4916 BrFiltUp - ok
13:46:21.0469 4916 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:46:21.0473 4916 Brserid - ok
13:46:21.0562 4916 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:46:21.0564 4916 BrSerWdm - ok
13:46:21.0657 4916 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:46:21.0658 4916 BrUsbMdm - ok
13:46:21.0749 4916 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:46:21.0750 4916 BrUsbSer - ok
13:46:21.0841 4916 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
13:46:21.0843 4916 BTHMODEM - ok
13:46:21.0971 4916 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:46:21.0974 4916 cdfs - ok
13:46:22.0061 4916 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
13:46:22.0064 4916 cdrom - ok
13:46:22.0176 4916 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
13:46:22.0178 4916 circlass - ok
13:46:22.0280 4916 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:46:22.0285 4916 CLFS - ok
13:46:22.0419 4916 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
13:46:22.0420 4916 clwvd - ok
13:46:22.0509 4916 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
13:46:22.0511 4916 CmBatt - ok
13:46:22.0606 4916 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
13:46:22.0607 4916 cmdide - ok
13:46:22.0693 4916 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
13:46:22.0699 4916 CNG - ok
13:46:22.0796 4916 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
13:46:22.0797 4916 Compbatt - ok
13:46:22.0891 4916 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
13:46:22.0893 4916 CompositeBus - ok
13:46:22.0991 4916 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
13:46:22.0992 4916 crcdisk - ok
13:46:23.0121 4916 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
13:46:23.0123 4916 DfsC - ok
13:46:23.0219 4916 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:46:23.0221 4916 discache - ok
13:46:23.0349 4916 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
13:46:23.0350 4916 Disk - ok
13:46:23.0464 4916 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:46:23.0466 4916 drmkaud - ok
13:46:23.0577 4916 dtsoftbus01 (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
13:46:23.0580 4916 dtsoftbus01 - ok
13:46:23.0705 4916 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
13:46:23.0715 4916 DXGKrnl - ok
13:46:23.0790 4916 EagleX64 - ok
13:46:23.0947 4916 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
13:46:24.0018 4916 ebdrv - ok
13:46:24.0130 4916 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
13:46:24.0137 4916 elxstor - ok
13:46:24.0225 4916 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
13:46:24.0226 4916 ErrDev - ok
13:46:24.0327 4916 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:46:24.0329 4916 exfat - ok
13:46:24.0434 4916 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:46:24.0437 4916 fastfat - ok
13:46:24.0536 4916 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
13:46:24.0538 4916 fdc - ok
13:46:24.0630 4916 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:46:24.0632 4916 FileInfo - ok
13:46:24.0718 4916 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:46:24.0720 4916 Filetrace - ok
13:46:24.0804 4916 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
13:46:24.0806 4916 flpydisk - ok
13:46:24.0902 4916 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
13:46:24.0906 4916 FltMgr - ok
13:46:25.0012 4916 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:46:25.0014 4916 FsDepends - ok
13:46:25.0098 4916 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
13:46:25.0099 4916 Fs_Rec - ok
13:46:25.0194 4916 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:46:25.0197 4916 fvevol - ok
13:46:25.0291 4916 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
13:46:25.0292 4916 gagp30kx - ok
13:46:25.0392 4916 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:46:25.0393 4916 hcw85cir - ok
13:46:25.0520 4916 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
13:46:25.0523 4916 HdAudAddService - ok
13:46:25.0626 4916 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:46:25.0629 4916 HDAudBus - ok
13:46:25.0717 4916 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
13:46:25.0719 4916 HidBatt - ok
13:46:25.0810 4916 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
13:46:25.0812 4916 HidBth - ok
13:46:25.0902 4916 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
13:46:25.0904 4916 HidIr - ok
13:46:26.0013 4916 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
13:46:26.0015 4916 HidUsb - ok
13:46:26.0130 4916 hpdskflt (4e0bec0f78096ffd6d3314b497fc49d3) C:\Windows\system32\DRIVERS\hpdskflt.sys
13:46:26.0132 4916 hpdskflt - ok
13:46:26.0222 4916 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
13:46:26.0224 4916 HpSAMD - ok
13:46:26.0354 4916 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
13:46:26.0361 4916 HTTP - ok
13:46:26.0439 4916 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
13:46:26.0440 4916 hwpolicy - ok
13:46:26.0560 4916 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
13:46:26.0562 4916 i8042prt - ok
13:46:26.0669 4916 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
13:46:26.0673 4916 iaStorV - ok
13:46:26.0804 4916 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
13:46:26.0806 4916 iirsp - ok
13:46:26.0901 4916 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
13:46:26.0902 4916 intelide - ok
13:46:27.0002 4916 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
13:46:27.0004 4916 intelppm - ok
13:46:27.0137 4916 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:46:27.0139 4916 IpFilterDriver - ok
13:46:27.0268 4916 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
13:46:27.0270 4916 IPMIDRV - ok
13:46:27.0375 4916 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:46:27.0377 4916 IPNAT - ok
13:46:27.0471 4916 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:46:27.0473 4916 IRENUM - ok
13:46:27.0569 4916 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
13:46:27.0570 4916 isapnp - ok
13:46:27.0681 4916 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
13:46:27.0685 4916 iScsiPrt - ok
13:46:27.0781 4916 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
13:46:27.0783 4916 kbdclass - ok
13:46:27.0878 4916 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
13:46:27.0880 4916 kbdhid - ok
13:46:27.0971 4916 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
13:46:27.0973 4916 KSecDD - ok
13:46:28.0058 4916 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
13:46:28.0060 4916 KSecPkg - ok
13:46:28.0149 4916 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:46:28.0151 4916 ksthunk - ok
13:46:28.0270 4916 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:46:28.0272 4916 lltdio - ok
13:46:28.0385 4916 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
13:46:28.0388 4916 LSI_FC - ok
13:46:28.0478 4916 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
13:46:28.0480 4916 LSI_SAS - ok
13:46:28.0567 4916 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
13:46:28.0569 4916 LSI_SAS2 - ok
13:46:28.0658 4916 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
13:46:28.0661 4916 LSI_SCSI - ok
13:46:28.0773 4916 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:46:28.0776 4916 luafv - ok
13:46:28.0895 4916 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
13:46:28.0897 4916 MBAMProtector - ok
13:46:28.0993 4916 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
13:46:28.0995 4916 megasas - ok
13:46:29.0089 4916 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
13:46:29.0093 4916 MegaSR - ok
13:46:29.0178 4916 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:46:29.0179 4916 Modem - ok
13:46:29.0276 4916 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:46:29.0278 4916 monitor - ok
13:46:29.0371 4916 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
13:46:29.0373 4916 mouclass - ok
13:46:29.0465 4916 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
13:46:29.0467 4916 mouhid - ok
13:46:29.0554 4916 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
13:46:29.0556 4916 mountmgr - ok
13:46:29.0643 4916 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
13:46:29.0646 4916 mpio - ok
13:46:29.0735 4916 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:46:29.0737 4916 mpsdrv - ok
13:46:29.0840 4916 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
13:46:29.0843 4916 MRxDAV - ok
13:46:29.0938 4916 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:46:29.0941 4916 mrxsmb - ok
13:46:30.0052 4916 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:46:30.0055 4916 mrxsmb10 - ok
13:46:30.0162 4916 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:46:30.0164 4916 mrxsmb20 - ok
13:46:30.0245 4916 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
13:46:30.0247 4916 msahci - ok
13:46:30.0341 4916 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
13:46:30.0344 4916 msdsm - ok
13:46:30.0439 4916 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:46:30.0441 4916 Msfs - ok
13:46:30.0508 4916 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:46:30.0509 4916 mshidkmdf - ok
13:46:30.0582 4916 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
13:46:30.0584 4916 msisadrv - ok
13:46:30.0690 4916 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:46:30.0691 4916 MSKSSRV - ok
13:46:30.0790 4916 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:46:30.0791 4916 MSPCLOCK - ok
13:46:30.0915 4916 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:46:30.0917 4916 MSPQM - ok
13:46:31.0010 4916 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
13:46:31.0015 4916 MsRPC - ok
13:46:31.0097 4916 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
13:46:31.0099 4916 mssmbios - ok
13:46:31.0188 4916 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:46:31.0189 4916 MSTEE - ok
13:46:31.0273 4916 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
13:46:31.0274 4916 MTConfig - ok
13:46:31.0357 4916 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:46:31.0359 4916 Mup - ok
13:46:31.0470 4916 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:46:31.0475 4916 NativeWifiP - ok
13:46:31.0577 4916 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
13:46:31.0586 4916 NDIS - ok
13:46:31.0676 4916 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:46:31.0678 4916 NdisCap - ok
13:46:31.0770 4916 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:46:31.0772 4916 NdisTapi - ok
13:46:31.0857 4916 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
13:46:31.0859 4916 Ndisuio - ok
13:46:31.0955 4916 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
13:46:31.0958 4916 NdisWan - ok
13:46:32.0068 4916 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
13:46:32.0070 4916 NDProxy - ok
13:46:32.0194 4916 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:46:32.0196 4916 NetBIOS - ok
13:46:32.0261 4916 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
13:46:32.0264 4916 NetBT - ok
13:46:32.0421 4916 netr28x (813b7c722ba97e703d375aba170e16cc) C:\Windows\system32\DRIVERS\netr28x.sys
13:46:32.0434 4916 netr28x - ok
13:46:32.0547 4916 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
13:46:32.0549 4916 nfrd960 - ok
13:46:32.0646 4916 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:46:32.0648 4916 Npfs - ok
13:46:32.0737 4916 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:46:32.0738 4916 nsiproxy - ok
13:46:32.0844 4916 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
13:46:32.0859 4916 Ntfs - ok
13:46:32.0944 4916 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:46:32.0946 4916 Null - ok
13:46:33.0087 4916 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
13:46:33.0092 4916 NVENETFD - ok
13:46:33.0182 4916 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
13:46:33.0185 4916 nvraid - ok
13:46:33.0269 4916 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
13:46:33.0271 4916 nvstor - ok
13:46:33.0354 4916 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
13:46:33.0356 4916 nv_agp - ok
13:46:33.0450 4916 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
13:46:33.0452 4916 ohci1394 - ok
13:46:33.0566 4916 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
13:46:33.0568 4916 Parport - ok
13:46:33.0656 4916 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
13:46:33.0658 4916 partmgr - ok
13:46:33.0747 4916 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
13:46:33.0750 4916 pci - ok
13:46:33.0831 4916 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
13:46:33.0833 4916 pciide - ok
13:46:33.0921 4916 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
13:46:33.0924 4916 pcmcia - ok
13:46:34.0017 4916 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:46:34.0019 4916 pcw - ok
13:46:34.0127 4916 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:46:34.0135 4916 PEAUTH - ok
13:46:34.0337 4916 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
13:46:34.0340 4916 PptpMiniport - ok
13:46:34.0422 4916 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
13:46:34.0425 4916 Processor - ok
13:46:34.0521 4916 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
13:46:34.0524 4916 Psched - ok
13:46:34.0637 4916 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
13:46:34.0650 4916 ql2300 - ok
13:46:34.0748 4916 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
13:46:34.0751 4916 ql40xx - ok
13:46:34.0831 4916 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:46:34.0832 4916 QWAVEdrv - ok
13:46:34.0928 4916 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:46:34.0929 4916 RasAcd - ok
13:46:35.0030 4916 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:46:35.0032 4916 RasAgileVpn - ok
13:46:35.0124 4916 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:46:35.0127 4916 Rasl2tp - ok
13:46:35.0256 4916 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:46:35.0259 4916 RasPppoe - ok
13:46:35.0346 4916 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:46:35.0348 4916 RasSstp - ok
13:46:35.0441 4916 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
13:46:35.0444 4916 rdbss - ok
13:46:35.0528 4916 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
13:46:35.0530 4916 rdpbus - ok
13:46:35.0609 4916 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:46:35.0611 4916 RDPCDD - ok
13:46:35.0716 4916 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:46:35.0718 4916 RDPENCDD - ok
13:46:35.0811 4916 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:46:35.0813 4916 RDPREFMP - ok
13:46:35.0901 4916 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
13:46:35.0903 4916 RDPWD - ok
13:46:36.0007 4916 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
13:46:36.0011 4916 rdyboost - ok
13:46:36.0109 4916 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
13:46:36.0110 4916 RimUsb - ok
13:46:36.0236 4916 RSPCIESTOR (9d21618e7a3b2c75cf1a2ecbbe723730) C:\Windows\system32\DRIVERS\RtsPStor.sys
13:46:36.0240 4916 RSPCIESTOR - ok
13:46:36.0346 4916 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:46:36.0348 4916 rspndr - ok
13:46:36.0453 4916 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
13:46:36.0459 4916 RTL8167 - ok
13:46:36.0550 4916 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
13:46:36.0552 4916 sbp2port - ok
13:46:36.0644 4916 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
13:46:36.0645 4916 scfilter - ok
13:46:36.0748 4916 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
13:46:36.0750 4916 sdbus - ok
13:46:36.0857 4916 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:46:36.0858 4916 secdrv - ok
13:46:36.0957 4916 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
13:46:36.0958 4916 Serenum - ok
13:46:37.0044 4916 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
13:46:37.0046 4916 Serial - ok
13:46:37.0181 4916 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
13:46:37.0183 4916 sermouse - ok
13:46:37.0293 4916 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
13:46:37.0295 4916 sffdisk - ok
13:46:37.0381 4916 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
13:46:37.0383 4916 sffp_mmc - ok
13:46:37.0469 4916 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
13:46:37.0470 4916 sffp_sd - ok
13:46:37.0564 4916 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
13:46:37.0565 4916 sfloppy - ok
13:46:37.0662 4916 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
13:46:37.0664 4916 SiSRaid2 - ok
13:46:37.0751 4916 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
13:46:37.0754 4916 SiSRaid4 - ok
13:46:37.0869 4916 SmartDefragDriver (dd0443bc6cc78a19fd399817f8c51401) C:\Windows\system32\Drivers\SmartDefragDriver.sys
13:46:37.0871 4916 SmartDefragDriver - ok
13:46:37.0969 4916 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:46:37.0971 4916 Smb - ok
13:46:38.0083 4916 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:46:38.0084 4916 spldr - ok
13:46:38.0230 4916 sptd (dfc4e2081324e505ca479e473a78d893) C:\Windows\System32\Drivers\sptd.sys
13:46:38.0235 4916 sptd - ok
13:46:38.0332 4916 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
13:46:38.0337 4916 srv - ok
13:46:38.0451 4916 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
13:46:38.0456 4916 srv2 - ok
13:46:38.0548 4916 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
13:46:38.0552 4916 SrvHsfHDA - ok
13:46:38.0665 4916 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
13:46:38.0678 4916 SrvHsfV92 - ok
13:46:38.0898 4916 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
13:46:38.0905 4916 SrvHsfWinac - ok
13:46:38.0990 4916 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
13:46:38.0993 4916 srvnet - ok
13:46:39.0093 4916 ssadbus (8f8324ed1de63ffc7b1a02cd2d963c72) C:\Windows\system32\DRIVERS\ssadbus.sys
13:46:39.0095 4916 ssadbus - ok
13:46:39.0181 4916 ssadmdfl (58221efcb74167b73667f0024c661ce0) C:\Windows\system32\DRIVERS\ssadmdfl.sys
13:46:39.0183 4916 ssadmdfl - ok
13:46:39.0272 4916 ssadmdm (4da7c71bfac5ad71255b7e4cab980163) C:\Windows\system32\DRIVERS\ssadmdm.sys
13:46:39.0275 4916 ssadmdm - ok
13:46:39.0467 4916 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
13:46:39.0468 4916 stexstor - ok
13:46:39.0615 4916 STHDA (74387b34b43f94e380608888c56a5ccd) C:\Windows\system32\DRIVERS\stwrt64.sys
13:46:39.0621 4916 STHDA - ok
13:46:39.0726 4916 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
13:46:39.0728 4916 swenum - ok
13:46:39.0859 4916 SynTP (33e6a285daa5134d8ea2247914c86c09) C:\Windows\system32\DRIVERS\SynTP.sys
13:46:39.0872 4916 SynTP - ok
13:46:40.0019 4916 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
13:46:40.0035 4916 Tcpip - ok
13:46:40.0186 4916 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
13:46:40.0203 4916 TCPIP6 - ok
13:46:40.0302 4916 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
13:46:40.0304 4916 tcpipreg - ok
13:46:40.0390 4916 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:46:40.0391 4916 TDPIPE - ok
13:46:40.0479 4916 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
13:46:40.0481 4916 TDTCP - ok
13:46:40.0570 4916 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
13:46:40.0572 4916 tdx - ok
13:46:40.0670 4916 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
13:46:40.0672 4916 TermDD - ok
13:46:40.0779 4916 tmactmon (73aaffdd2ac3c8814b26c440e5dd9dd4) C:\Windows\system32\DRIVERS\tmactmon.sys
13:46:40.0781 4916 tmactmon - ok
13:46:40.0891 4916 tmcomm (360e61217d4e1e333583d0c721057f70) C:\Windows\system32\DRIVERS\tmcomm.sys
13:46:40.0894 4916 tmcomm - ok
13:46:41.0011 4916 tmevtmgr (699d34eb7c670139ca23a65372bd5743) C:\Windows\system32\DRIVERS\tmevtmgr.sys
13:46:41.0013 4916 tmevtmgr - ok
13:46:41.0121 4916 tmtdi (262198efb734012bfcd17e7479ae4a09) C:\Windows\system32\DRIVERS\tmtdi.sys
13:46:41.0124 4916 tmtdi - ok
13:46:41.0228 4916 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:46:41.0230 4916 tssecsrv - ok
13:46:41.0328 4916 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
13:46:41.0330 4916 TsUsbFlt - ok
13:46:41.0408 4916 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
13:46:41.0410 4916 TsUsbGD - ok
13:46:41.0520 4916 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
13:46:41.0522 4916 tunnel - ok
13:46:41.0617 4916 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
13:46:41.0619 4916 uagp35 - ok
13:46:41.0764 4916 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
13:46:41.0768 4916 udfs - ok
13:46:41.0869 4916 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
13:46:41.0871 4916 uliagpkx - ok
13:46:41.0953 4916 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
13:46:41.0955 4916 umbus - ok
13:46:42.0037 4916 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
13:46:42.0039 4916 UmPass - ok
13:46:42.0167 4916 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
13:46:42.0169 4916 usbaudio - ok
13:46:42.0268 4916 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
13:46:42.0270 4916 usbccgp - ok
13:46:42.0365 4916 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
13:46:42.0367 4916 usbcir - ok
13:46:42.0455 4916 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
13:46:42.0457 4916 usbehci - ok
13:46:42.0568 4916 usbfilter (573d192e268f0c5b486b7e96f661e538) C:\Windows\system32\DRIVERS\usbfilter.sys
13:46:42.0570 4916 usbfilter - ok
13:46:42.0672 4916 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
13:46:42.0676 4916 usbhub - ok
13:46:42.0785 4916 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
13:46:42.0787 4916 usbohci - ok
13:46:42.0896 4916 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
13:46:42.0898 4916 usbprint - ok
13:46:43.0001 4916 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
13:46:43.0003 4916 usbscan - ok
13:46:43.0124 4916 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:46:43.0126 4916 USBSTOR - ok
13:46:43.0244 4916 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
13:46:43.0245 4916 usbuhci - ok
13:46:43.0367 4916 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
13:46:43.0370 4916 usbvideo - ok
13:46:43.0497 4916 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
13:46:43.0499 4916 vdrvroot - ok
13:46:43.0673 4916 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:46:43.0675 4916 vga - ok
13:46:43.0817 4916 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:46:43.0819 4916 VgaSave - ok
13:46:43.0990 4916 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
13:46:43.0993 4916 vhdmp - ok
13:46:44.0116 4916 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
13:46:44.0117 4916 viaide - ok
13:46:44.0238 4916 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
13:46:44.0240 4916 volmgr - ok
13:46:44.0337 4916 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
13:46:44.0341 4916 volmgrx - ok
13:46:44.0423 4916 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
13:46:44.0427 4916 volsnap - ok
13:46:44.0521 4916 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
13:46:44.0524 4916 vsmraid - ok
13:46:44.0616 4916 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
13:46:44.0618 4916 vwifibus - ok
13:46:44.0719 4916 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
13:46:44.0721 4916 vwififlt - ok
13:46:44.0829 4916 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
13:46:44.0830 4916 vwifimp - ok
13:46:44.0924 4916 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
13:46:44.0926 4916 WacomPen - ok
13:46:45.0029 4916 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:46:45.0031 4916 WANARP - ok
13:46:45.0049 4916 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:46:45.0052 4916 Wanarpv6 - ok
13:46:45.0157 4916 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
13:46:45.0159 4916 Wd - ok
13:46:45.0261 4916 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:46:45.0268 4916 Wdf01000 - ok
13:46:45.0446 4916 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:46:45.0448 4916 WfpLwf - ok
13:46:45.0561 4916 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:46:45.0562 4916 WIMMount - ok
13:46:45.0732 4916 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
13:46:45.0734 4916 WinUsb - ok
13:46:45.0856 4916 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
13:46:45.0858 4916 WmiAcpi - ok
13:46:45.0984 4916 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:46:45.0986 4916 ws2ifsl - ok
13:46:46.0130 4916 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
13:46:46.0132 4916 WudfPf - ok
13:46:46.0299 4916 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:46:46.0302 4916 WUDFRd - ok
13:46:46.0433 4916 X6va005 - ok
13:46:46.0589 4916 xusb21 (2ee48cfce7ca8e0db4c44c7476c0943b) C:\Windows\system32\DRIVERS\xusb21.sys
13:46:46.0592 4916 xusb21 - ok
13:46:46.0631 4916 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:46:46.0717 4916 \Device\Harddisk0\DR0 - ok
13:46:46.0722 4916 Boot (0x1200) (026434ad3394220051ddfcc64528e07c) \Device\Harddisk0\DR0\Partition0
13:46:46.0743 4916 \Device\Harddisk0\DR0\Partition0 - ok
13:46:46.0764 4916 Boot (0x1200) (dcdd5ca462294455ea97a6bdd11e4802) \Device\Harddisk0\DR0\Partition1
13:46:46.0766 4916 \Device\Harddisk0\DR0\Partition1 - ok
13:46:46.0799 4916 Boot (0x1200) (a14a95ea042e994ed64c9bffa3c1d451) \Device\Harddisk0\DR0\Partition2
13:46:46.0801 4916 \Device\Harddisk0\DR0\Partition2 - ok
13:46:46.0822 4916 Boot (0x1200) (61c682abf52910b29bd622bd23606514) \Device\Harddisk0\DR0\Partition3
13:46:46.0845 4916 \Device\Harddisk0\DR0\Partition3 - ok
13:46:46.0846 4916 ============================================================
13:46:46.0846 4916 Scan finished
13:46:46.0846 4916 ============================================================
13:46:46.0860 2684 Detected object count: 0
13:46:46.0860 2684 Actual detected object count: 0
13:46:59.0146 4692 ============================================================
13:46:59.0146 4692 Scan started
13:46:59.0146 4692 Mode: Manual; SigCheck; TDLFS;
13:46:59.0146 4692 ============================================================
13:46:59.0689 4692 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
13:46:59.0811 4692 1394ohci - ok
13:46:59.0889 4692 Accelerometer (5c368f4b04ed2a923e6afca2d37baff5) C:\Windows\system32\DRIVERS\Accelerometer.sys
13:46:59.0965 4692 Accelerometer - ok
13:47:00.0051 4692 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
13:47:00.0075 4692 ACPI - ok
13:47:00.0166 4692 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
13:47:00.0194 4692 AcpiPmi - ok
13:47:00.0282 4692 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
13:47:00.0309 4692 adp94xx - ok
13:47:00.0397 4692 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
13:47:00.0420 4692 adpahci - ok
13:47:00.0509 4692 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
13:47:00.0530 4692 adpu320 - ok
13:47:00.0653 4692 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
13:47:00.0685 4692 AFD - ok
13:47:00.0793 4692 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
13:47:00.0811 4692 agp440 - ok
13:47:00.0910 4692 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
13:47:00.0926 4692 aliide - ok
13:47:01.0023 4692 amdhub30 (30bfeee0dffd5bd79d29157cf080deed) C:\Windows\system32\DRIVERS\amdhub30.sys
13:47:01.0039 4692 amdhub30 - ok
13:47:01.0127 4692 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
13:47:01.0144 4692 amdide - ok
13:47:01.0235 4692 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
13:47:01.0251 4692 amdiox64 - ok
13:47:01.0337 4692 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
13:47:01.0362 4692 AmdK8 - ok
13:47:01.0631 4692 amdkmdag (42d53daf85f948c39ce1351a8f5b5808) C:\Windows\system32\DRIVERS\atikmdag.sys
13:47:01.0809 4692 amdkmdag - ok
13:47:01.0923 4692 amdkmdap (75182b5784015b271932088551616a96) C:\Windows\system32\DRIVERS\atikmpag.sys
13:47:01.0953 4692 amdkmdap - ok
13:47:02.0035 4692 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
13:47:02.0061 4692 AmdPPM - ok
13:47:02.0166 4692 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
13:47:02.0184 4692 amdsata - ok
13:47:02.0277 4692 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
13:47:02.0297 4692 amdsbs - ok
13:47:02.0381 4692 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
13:47:02.0397 4692 amdxata - ok
13:47:02.0483 4692 amdxhc (321533578132c811ec834a1b741c994c) C:\Windows\system32\DRIVERS\amdxhc.sys
13:47:02.0500 4692 amdxhc - ok
13:47:02.0634 4692 amd_sata (f9d46b6b322708bd5afcc8767ebdc901) C:\Windows\system32\DRIVERS\amd_sata.sys
13:47:02.0649 4692 amd_sata - ok
13:47:02.0734 4692 amd_xata (329cc9c7e20deebcd4cd10816193ef14) C:\Windows\system32\DRIVERS\amd_xata.sys
13:47:02.0748 4692 amd_xata - ok
13:47:02.0843 4692 androidusb (4de0d5d747a73797c95a97dcce5018b5) C:\Windows\system32\Drivers\ssadadb.sys
13:47:02.0858 4692 androidusb - ok
13:47:02.0943 4692 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
13:47:02.0999 4692 AppID - ok
13:47:03.0092 4692 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
13:47:03.0110 4692 arc - ok
13:47:03.0192 4692 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
13:47:03.0210 4692 arcsas - ok
13:47:03.0307 4692 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:47:03.0362 4692 AsyncMac - ok
13:47:03.0448 4692 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
13:47:03.0464 4692 atapi - ok
13:47:03.0556 4692 AtiHDAudioService (4bf5bca6e2608cd8a00bc4a6673a9f47) C:\Windows\system32\drivers\AtihdW76.sys
13:47:03.0573 4692 AtiHDAudioService - ok
13:47:03.0670 4692 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
13:47:03.0686 4692 AVGIDSDriver - ok
13:47:03.0759 4692 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
13:47:03.0774 4692 AVGIDSEH - ok
13:47:03.0849 4692 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
13:47:03.0863 4692 AVGIDSFilter - ok
13:47:03.0939 4692 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
13:47:03.0959 4692 Avgldx64 - ok
13:47:04.0097 4692 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
13:47:04.0112 4692 Avgmfx64 - ok
13:47:04.0201 4692 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
13:47:04.0216 4692 Avgrkx64 - ok
13:47:04.0306 4692 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
13:47:04.0327 4692 Avgtdia - ok
13:47:04.0422 4692 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
13:47:04.0456 4692 b06bdrv - ok
13:47:04.0547 4692 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:47:04.0575 4692 b57nd60a - ok
13:47:04.0692 4692 BCM43XX (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys
13:47:04.0740 4692 BCM43XX - ok
13:47:04.0835 4692 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:47:04.0890 4692 Beep - ok
13:47:04.0983 4692 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
13:47:05.0008 4692 blbdrive - ok
13:47:05.0093 4692 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
13:47:05.0117 4692 bowser - ok
13:47:05.0244 4692 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
13:47:05.0273 4692 BrFiltLo - ok
13:47:05.0364 4692 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
13:47:05.0392 4692 BrFiltUp - ok
13:47:05.0483 4692 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:47:05.0516 4692 Brserid - ok
13:47:05.0609 4692 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:47:05.0637 4692 BrSerWdm - ok
13:47:05.0726 4692 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:47:05.0754 4692 BrUsbMdm - ok
13:47:05.0840 4692 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:47:05.0865 4692 BrUsbSer - ok
13:47:05.0966 4692 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
13:47:05.0995 4692 BTHMODEM - ok
13:47:06.0085 4692 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:47:06.0143 4692 cdfs - ok
13:47:06.0219 4692 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
13:47:06.0247 4692 cdrom - ok
13:47:06.0400 4692 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
13:47:06.0429 4692 circlass - ok
13:47:06.0505 4692 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:47:06.0529 4692 CLFS - ok
13:47:06.0621 4692 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
13:47:06.0636 4692 clwvd - ok
13:47:06.0722 4692 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
13:47:06.0747 4692 CmBatt - ok
13:47:06.0841 4692 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
13:47:06.0858 4692 cmdide - ok
13:47:06.0951 4692 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
13:47:06.0984 4692 CNG - ok
13:47:07.0065 4692 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
13:47:07.0082 4692 Compbatt - ok
13:47:07.0227 4692 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
13:47:07.0256 4692 CompositeBus - ok
13:47:07.0359 4692 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
13:47:07.0375 4692 crcdisk - ok
13:47:07.0501 4692 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
13:47:07.0559 4692 DfsC - ok
13:47:07.0666 4692 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:47:07.0723 4692 discache - ok
13:47:07.0795 4692 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
13:47:07.0813 4692 Disk - ok
13:47:07.0911 4692 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:47:07.0940 4692 drmkaud - ok
13:47:08.0034 4692 dtsoftbus01 (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
13:47:08.0055 4692 dtsoftbus01 - ok
13:47:08.0163 4692 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
13:47:08.0199 4692 DXGKrnl - ok
13:47:08.0270 4692 EagleX64 - ok
13:47:08.0426 4692 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
13:47:08.0499 4692 ebdrv - ok
13:47:08.0609 4692 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
13:47:08.0637 4692 elxstor - ok
13:47:08.0749 4692 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
13:47:08.0773 4692 ErrDev - ok
13:47:08.0884 4692 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:47:08.0944 4692 exfat - ok
13:47:09.0036 4692 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:47:09.0095 4692 fastfat - ok
13:47:09.0183 4692 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
13:47:09.0207 4692 fdc - ok
13:47:09.0299 4692 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:47:09.0316 4692 FileInfo - ok
13:47:09.0398 4692 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:47:09.0455 4692 Filetrace - ok
13:47:09.0539 4692 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
13:47:09.0564 4692 flpydisk - ok
13:47:09.0660 4692 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
13:47:09.0683 4692 FltMgr - ok
13:47:09.0781 4692 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:47:09.0798 4692 FsDepends - ok
13:47:09.0911 4692 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
13:47:09.0928 4692 Fs_Rec - ok
13:47:10.0019 4692 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:47:10.0043 4692 fvevol - ok
13:47:10.0126 4692 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
13:47:10.0144 4692 gagp30kx - ok
13:47:10.0238 4692 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:47:10.0281 4692 hcw85cir - ok
13:47:10.0377 4692 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
13:47:10.0410 4692 HdAudAddService - ok
13:47:10.0495 4692 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:47:10.0524 4692 HDAudBus - ok
13:47:10.0620 4692 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
13:47:10.0645 4692 HidBatt - ok
13:47:10.0735 4692 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
13:47:10.0764 4692 HidBth - ok
13:47:10.0849 4692 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
13:47:10.0878 4692 HidIr - ok
13:47:11.0004 4692 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
13:47:11.0028 4692 HidUsb - ok
13:47:11.0143 4692 hpdskflt (4e0bec0f78096ffd6d3314b497fc49d3) C:\Windows\system32\DRIVERS\hpdskflt.sys
13:47:11.0159 4692 hpdskflt - ok
13:47:11.0247 4692 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
13:47:11.0264 4692 HpSAMD - ok
13:47:11.0367 4692 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
13:47:11.0434 4692 HTTP - ok
13:47:11.0519 4692 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
13:47:11.0535 4692 hwpolicy - ok
13:47:11.0628 4692 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
13:47:11.0655 4692 i8042prt - ok
13:47:11.0738 4692 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
13:47:11.0762 4692 iaStorV - ok
13:47:11.0851 4692 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
13:47:11.0868 4692 iirsp - ok
13:47:11.0958 4692 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
13:47:11.0975 4692 intelide - ok
13:47:12.0059 4692 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
13:47:12.0085 4692 intelppm - ok
13:47:12.0205 4692 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:47:12.0261 4692 IpFilterDriver - ok
13:47:12.0458 4692 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
13:47:12.0504 4692 IPMIDRV - ok
13:47:12.0598 4692 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:47:12.0657 4692 IPNAT - ok
13:47:12.0750 4692 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:47:12.0781 4692 IRENUM - ok
13:47:12.0870 4692 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
13:47:12.0886 4692 isapnp - ok
13:47:12.0972 4692 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
13:47:12.0994 4692 iScsiPrt - ok
13:47:13.0083 4692 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
13:47:13.0099 4692 kbdclass - ok
13:47:13.0235 4692 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
13:47:13.0258 4692 kbdhid - ok
13:47:13.0361 4692 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
13:47:13.0380 4692 KSecDD - ok
13:47:13.0470 4692 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
13:47:13.0491 4692 KSecPkg - ok
13:47:13.0584 4692 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:47:13.0641 4692 ksthunk - ok
13:47:13.0738 4692 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:47:13.0796 4692 lltdio - ok
13:47:13.0897 4692 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
13:47:13.0916 4692 LSI_FC - ok
13:47:14.0001 4692 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
13:47:14.0019 4692 LSI_SAS - ok
13:47:14.0102 4692 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
13:47:14.0119 4692 LSI_SAS2 - ok
13:47:14.0226 4692 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
13:47:14.0245 4692 LSI_SCSI - ok
13:47:14.0386 4692 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:47:14.0465 4692 luafv - ok
13:47:14.0552 4692 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
13:47:14.0567 4692 MBAMProtector - ok
13:47:14.0649 4692 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
13:47:14.0667 4692 megasas - ok
13:47:14.0757 4692 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
13:47:14.0779 4692 MegaSR - ok
13:47:14.0868 4692 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:47:14.0924 4692 Modem - ok
13:47:14.0999 4692 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:47:15.0028 4692 monitor - ok
13:47:15.0116 4692 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
13:47:15.0135 4692 mouclass - ok
13:47:15.0222 4692 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
13:47:15.0246 4692 mouhid - ok
13:47:15.0333 4692 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
13:47:15.0351 4692 mountmgr - ok
13:47:15.0502 4692 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
13:47:15.0521 4692 mpio - ok
13:47:15.0614 4692 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:47:15.0671 4692 mpsdrv - ok
13:47:15.0764 4692 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
13:47:15.0796 4692 MRxDAV - ok
13:47:15.0883 4692 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:47:15.0909 4692 mrxsmb - ok
13:47:15.0986 4692 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:47:16.0014 4692 mrxsmb10 - ok
13:47:16.0097 4692 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:47:16.0122 4692 mrxsmb20 - ok
13:47:16.0235 4692 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
13:47:16.0252 4692 msahci - ok
13:47:16.0342 4692 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
13:47:16.0361 4692 msdsm - ok
13:47:16.0452 4692 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:47:16.0509 4692 Msfs - ok
13:47:16.0598 4692 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:47:16.0654 4692 mshidkmdf - ok
13:47:16.0728 4692 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
13:47:16.0744 4692 msisadrv - ok
13:47:16.0835 4692 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:47:16.0892 4692 MSKSSRV - ok
13:47:16.0980 4692 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:47:17.0034 4692 MSPCLOCK - ok
13:47:17.0128 4692 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:47:17.0183 4692 MSPQM - ok
13:47:17.0278 4692 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
13:47:17.0302 4692 MsRPC - ok
13:47:17.0387 4692 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
13:47:17.0405 4692 mssmbios - ok
13:47:17.0489 4692 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:47:17.0546 4692 MSTEE - ok
13:47:17.0674 4692 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
13:47:17.0698 4692 MTConfig - ok
13:47:17.0781 4692 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:47:17.0798 4692 Mup - ok
13:47:17.0894 4692 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:47:17.0929 4692 NativeWifiP - ok
13:47:18.0033 4692 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
13:47:18.0068 4692 NDIS - ok
13:47:18.0155 4692 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:47:18.0212 4692 NdisCap - ok
13:47:18.0305 4692 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:47:18.0361 4692 NdisTapi - ok
13:47:18.0447 4692 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
13:47:18.0502 4692 Ndisuio - ok
13:47:18.0590 4692 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
13:47:18.0644 4692 NdisWan - ok
13:47:18.0780 4692 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
13:47:18.0834 4692 NDProxy - ok
13:47:18.0973 4692 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:47:19.0030 4692 NetBIOS - ok
13:47:19.0128 4692 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
13:47:19.0185 4692 NetBT - ok
13:47:19.0300 4692 netr28x (813b7c722ba97e703d375aba170e16cc) C:\Windows\system32\DRIVERS\netr28x.sys
13:47:19.0344 4692 netr28x - ok
13:47:19.0438 4692 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
13:47:19.0455 4692 nfrd960 - ok
13:47:19.0548 4692 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:47:19.0604 4692 Npfs - ok
13:47:19.0694 4692 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:47:19.0751 4692 nsiproxy - ok
13:47:19.0858 4692 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
13:47:19.0909 4692 Ntfs - ok
13:47:19.0991 4692 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:47:20.0047 4692 Null - ok
13:47:20.0155 4692 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
13:47:20.0186 4692 NVENETFD - ok
13:47:20.0273 4692 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
13:47:20.0293 4692 nvraid - ok
13:47:20.0382 4692 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
13:47:20.0403 4692 nvstor - ok
13:47:20.0489 4692 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
13:47:20.0509 4692 nv_agp - ok
13:47:20.0597 4692 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
13:47:20.0622 4692 ohci1394 - ok
13:47:20.0724 4692 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
13:47:20.0750 4692 Parport - ok
13:47:20.0836 4692 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
13:47:20.0853 4692 partmgr - ok
13:47:20.0939 4692 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
13:47:20.0959 4692 pci - ok
13:47:21.0056 4692 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
13:47:21.0073 4692 pciide - ok
13:47:21.0156 4692 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
13:47:21.0177 4692 pcmcia - ok
13:47:21.0286 4692 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:47:21.0304 4692 pcw - ok
13:47:21.0418 4692 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:47:21.0483 4692 PEAUTH - ok
13:47:21.0617 4692 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
13:47:21.0673 4692 PptpMiniport - ok
13:47:21.0758 4692 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
13:47:21.0783 4692 Processor - ok
13:47:21.0868 4692 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
13:47:21.0924 4692 Psched - ok
13:47:22.0040 4692 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
13:47:22.0088 4692 ql2300 - ok
13:47:22.0184 4692 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
13:47:22.0203 4692 ql40xx - ok
13:47:22.0300 4692 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:47:22.0331 4692 QWAVEdrv - ok
13:47:22.0508 4692 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:47:22.0563 4692 RasAcd - ok
13:47:22.0643 4692 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:47:22.0702 4692 RasAgileVpn - ok
13:47:22.0793 4692 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:47:22.0848 4692 Rasl2tp - ok
13:47:22.0936 4692 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:47:22.0993 4692 RasPppoe - ok
13:47:23.0081 4692 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:47:23.0140 4692 RasSstp - ok
13:47:23.0232 4692 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
13:47:23.0289 4692 rdbss - ok
13:47:23.0364 4692 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
13:47:23.0391 4692 rdpbus - ok
13:47:23.0500 4692 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:47:23.0557 4692 RDPCDD - ok
13:47:23.0652 4692 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:47:23.0709 4692 RDPENCDD - ok
13:47:23.0802 4692 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:47:23.0857 4692 RDPREFMP - ok
13:47:23.0958 4692 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
13:47:24.0015 4692 RDPWD - ok
13:47:24.0109 4692 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
13:47:24.0131 4692 rdyboost - ok
13:47:24.0233 4692 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
13:47:24.0259 4692 RimUsb - ok
13:47:24.0371 4692 RSPCIESTOR (9d21618e7a3b2c75cf1a2ecbbe723730) C:\Windows\system32\DRIVERS\RtsPStor.sys
13:47:24.0393 4692 RSPCIESTOR - ok
13:47:24.0504 4692 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:47:24.0561 4692 rspndr - ok
13:47:24.0655 4692 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
13:47:24.0680 4692 RTL8167 - ok
13:47:24.0774 4692 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
13:47:24.0793 4692 sbp2port - ok
13:47:24.0880 4692 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
13:47:24.0934 4692 scfilter - ok
13:47:25.0028 4692 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
13:47:25.0057 4692 sdbus - ok
13:47:25.0148 4692 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:47:25.0205 4692 secdrv - ok
13:47:25.0303 4692 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
13:47:25.0328 4692 Serenum - ok
13:47:25.0412 4692 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
13:47:25.0439 4692 Serial - ok
13:47:25.0539 4692 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
13:47:25.0564 4692 sermouse - ok
13:47:25.0650 4692 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
13:47:25.0678 4692 sffdisk - ok
13:47:25.0761 4692 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
13:47:25.0788 4692 sffp_mmc - ok
13:47:25.0871 4692 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
13:47:25.0900 4692 sffp_sd - ok
13:47:25.0999 4692 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
13:47:26.0024 4692 sfloppy - ok
13:47:26.0108 4692 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
13:47:26.0126 4692 SiSRaid2 - ok
13:47:26.0231 4692 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
13:47:26.0249 4692 SiSRaid4 - ok
13:47:26.0338 4692 SmartDefragDriver (dd0443bc6cc78a19fd399817f8c51401) C:\Windows\system32\Drivers\SmartDefragDriver.sys
13:47:26.0354 4692 SmartDefragDriver - ok
13:47:26.0460 4692 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:47:26.0518 4692 Smb - ok
13:47:26.0651 4692 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:47:26.0671 4692 spldr - ok
13:47:26.0776 4692 sptd (dfc4e2081324e505ca479e473a78d893) C:\Windows\System32\Drivers\sptd.sys
13:47:26.0802 4692 sptd - ok
13:47:26.0901 4692 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
13:47:26.0932 4692 srv - ok
13:47:27.0020 4692 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
13:47:27.0050 4692 srv2 - ok
13:47:27.0139 4692 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
13:47:27.0168 4692 SrvHsfHDA - ok
13:47:27.0289 4692 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
13:47:27.0334 4692 SrvHsfV92 - ok
13:47:27.0434 4692 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
13:47:27.0470 4692 SrvHsfWinac - ok
13:47:27.0559 4692 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
13:47:27.0585 4692 srvnet - ok
13:47:27.0684 4692 ssadbus (8f8324ed1de63ffc7b1a02cd2d963c72) C:\Windows\system32\DRIVERS\ssadbus.sys
13:47:27.0701 4692 ssadbus - ok
13:47:27.0783 4692 ssadmdfl (58221efcb74167b73667f0024c661ce0) C:\Windows\system32\DRIVERS\ssadmdfl.sys
13:47:27.0796 4692 ssadmdfl - ok
13:47:27.0874 4692 ssadmdm (4da7c71bfac5ad71255b7e4cab980163) C:\Windows\system32\DRIVERS\ssadmdm.sys
13:47:27.0891 4692 ssadmdm - ok
13:47:27.0991 4692 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
13:47:28.0008 4692 stexstor - ok
13:47:28.0106 4692 STHDA (74387b34b43f94e380608888c56a5ccd) C:\Windows\system32\DRIVERS\stwrt64.sys
13:47:28.0141 4692 STHDA - ok
13:47:28.0240 4692 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
13:47:28.0256 4692 swenum - ok
13:47:28.0372 4692 SynTP (33e6a285daa5134d8ea2247914c86c09) C:\Windows\system32\DRIVERS\SynTP.sys
13:47:28.0416 4692 SynTP - ok
13:47:28.0555 4692 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
13:47:28.0611 4692 Tcpip - ok
13:47:28.0765 4692 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
13:47:28.0820 4692 TCPIP6 - ok
13:47:28.0915 4692 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
13:47:28.0971 4692 tcpipreg - ok
13:47:29.0059 4692 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:47:29.0113 4692 TDPIPE - ok
13:47:29.0203 4692 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
13:47:29.0260 4692 TDTCP - ok
13:47:29.0350 4692 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
13:47:29.0407 4692 tdx - ok
13:47:29.0483 4692 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
13:47:29.0501 4692 TermDD - ok
13:47:29.0592 4692 tmactmon (73aaffdd2ac3c8814b26c440e5dd9dd4) C:\Windows\system32\DRIVERS\tmactmon.sys
13:47:29.0608 4692 tmactmon - ok
13:47:29.0727 4692 tmcomm (360e61217d4e1e333583d0c721057f70) C:\Windows\system32\DRIVERS\tmcomm.sys
13:47:29.0744 4692 tmcomm - ok
13:47:29.0825 4692 tmevtmgr (699d34eb7c670139ca23a65372bd5743) C:\Windows\system32\DRIVERS\tmevtmgr.sys
13:47:29.0841 4692 tmevtmgr - ok
13:47:29.0935 4692 tmtdi (262198efb734012bfcd17e7479ae4a09) C:\Windows\system32\DRIVERS\tmtdi.sys
13:47:29.0951 4692 tmtdi - ok
13:47:30.0053 4692 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:47:30.0108 4692 tssecsrv - ok
13:47:30.0208 4692 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
13:47:30.0236 4692 TsUsbFlt - ok
13:47:30.0322 4692 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
13:47:30.0348 4692 TsUsbGD - ok
13:47:30.0444 4692 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
13:47:30.0500 4692 tunnel - ok
13:47:30.0586 4692 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
13:47:30.0605 4692 uagp35 - ok
13:47:30.0700 4692 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
13:47:30.0758 4692 udfs - ok
13:47:30.0860 4692 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
13:47:30.0878 4692 uliagpkx - ok
13:47:30.0955 4692 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
13:47:30.0981 4692 umbus - ok
13:47:31.0062 4692 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
13:47:31.0086 4692 UmPass - ok
13:47:31.0180 4692 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
13:47:31.0210 4692 usbaudio - ok
13:47:31.0292 4692 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
13:47:31.0320 4692 usbccgp - ok
13:47:31.0400 4692 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
13:47:31.0429 4692 usbcir - ok
13:47:31.0535 4692 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
13:47:31.0558 4692 usbehci - ok
13:47:31.0648 4692 usbfilter (573d192e268f0c5b486b7e96f661e538) C:\Windows\system32\DRIVERS\usbfilter.sys
13:47:31.0663 4692 usbfilter - ok
13:47:31.0751 4692 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
13:47:31.0780 4692 usbhub - ok
13:47:31.0876 4692 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
13:47:31.0899 4692 usbohci - ok
13:47:31.0976 4692 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
13:47:32.0003 4692 usbprint - ok
13:47:32.0092 4692 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
13:47:32.0120 4692 usbscan - ok
13:47:32.0204 4692 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:47:32.0233 4692 USBSTOR - ok
13:47:32.0313 4692 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
13:47:32.0337 4692 usbuhci - ok
13:47:32.0524 4692 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
13:47:32.0556 4692 usbvideo - ok
13:47:32.0644 4692 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
13:47:32.0661 4692 vdrvroot - ok
13:47:32.0752 4692 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:47:32.0780 4692 vga - ok
13:47:32.0897 4692 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:47:32.0954 4692 VgaSave - ok
13:47:33.0037 4692 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
13:47:33.0057 4692 vhdmp - ok
13:47:33.0151 4692 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
13:47:33.0169 4692 viaide - ok
13:47:33.0251 4692 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
13:47:33.0269 4692 volmgr - ok
13:47:33.0361 4692 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
13:47:33.0385 4692 volmgrx - ok
13:47:33.0469 4692 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
13:47:33.0491 4692 volsnap - ok
13:47:33.0578 4692 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
13:47:33.0598 4692 vsmraid - ok
13:47:33.0706 4692 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
13:47:33.0735 4692 vwifibus - ok
13:47:33.0831 4692 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
13:47:33.0863 4692 vwififlt - ok
13:47:34.0008 4692 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
13:47:34.0041 4692 vwifimp - ok
13:47:34.0136 4692 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
13:47:34.0161 4692 WacomPen - ok
13:47:34.0252 4692 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:47:34.0308 4692 WANARP - ok
13:47:34.0313 4692 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:47:34.0368 4692 Wanarpv6 - ok
13:47:34.0469 4692 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
13:47:34.0486 4692 Wd - ok
13:47:34.0584 4692 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:47:34.0618 4692 Wdf01000 - ok
13:47:34.0725 4692 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:47:34.0783 4692 WfpLwf - ok
13:47:34.0873 4692 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:47:34.0890 4692 WIMMount - ok
13:47:35.0022 4692 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
13:47:35.0051 4692 WinUsb - ok
13:47:35.0146 4692 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
13:47:35.0171 4692 WmiAcpi - ok
13:47:35.0274 4692 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:47:35.0332 4692 ws2ifsl - ok
13:47:35.0431 4692 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
13:47:35.0488 4692 WudfPf - ok
13:47:35.0578 4692 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:47:35.0633 4692 WUDFRd - ok
13:47:35.0701 4692 X6va005 - ok
13:47:35.0790 4692 xusb21 (2ee48cfce7ca8e0db4c44c7476c0943b) C:\Windows\system32\DRIVERS\xusb21.sys
13:47:35.0818 4692 xusb21 - ok
13:47:35.0843 4692 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:47:35.0965 4692 \Device\Harddisk0\DR0 - ok
13:47:35.0973 4692 Boot (0x1200) (026434ad3394220051ddfcc64528e07c) \Device\Harddisk0\DR0\Partition0
13:47:35.0975 4692 \Device\Harddisk0\DR0\Partition0 - ok
13:47:35.0988 4692 Boot (0x1200) (dcdd5ca462294455ea97a6bdd11e4802) \Device\Harddisk0\DR0\Partition1
13:47:35.0989 4692 \Device\Harddisk0\DR0\Partition1 - ok
13:47:36.0023 4692 Boot (0x1200) (a14a95ea042e994ed64c9bffa3c1d451) \Device\Harddisk0\DR0\Partition2
13:47:36.0052 4692 \Device\Harddisk0\DR0\Partition2 - ok
13:47:36.0079 4692 Boot (0x1200) (61c682abf52910b29bd622bd23606514) \Device\Harddisk0\DR0\Partition3
13:47:36.0079 4692 \Device\Harddisk0\DR0\Partition3 - ok
13:47:36.0080 4692 ============================================================
13:47:36.0080 4692 Scan finished
13:47:36.0080 4692 ============================================================
13:47:36.0094 5992 Detected object count: 0
13:47:36.0095 5992 Actual detected object count: 0

[Render]

Please unplug your USB memory stick and take CD/DVD media from your optical drive.

I noticed you are using P2P programs. Please either uninstall, or do not use them while we are working to clean your computer as P2P programs are known to bring malware to computer.

It appears from your logs you've two antivirus programs running simultaneously (Trend Micro Titanium and AVG 2012), which is not a safe practice at all, as you're more likely to get infected and have other performance issues with your computer. Please unistall one of them.

Your ISP is Charter Communications?

We need to run an OTL Fix

Warning This fix is only relevant for this system and no other, using on another computer may cause problems.

• Please double click on on your Desktop (If running Vista or Windows 7, right click on it and select "Run as an Administrator")
• Under the Custom Scans/Fixes box copy and paste this in (Please carefully select all text in code box beginning with : ):
  
  

  :OTL
  IE - HKU\S-1-5-21-1788461633-239288871-556941257-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incre...6PQn1Xl2Ae&i=26
  IE - HKU\S-1-5-21-1788461633-239288871-556941257-1001\..\URLSearchHook: - No CLSID value found
  IE - HKU\S-1-5-21-1788461633-239288871-556941257-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
  IE - HKU\S-1-5-21-1788461633-239288871-556941257-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421
  FF - prefs.js..network.proxy.http: "127.0.0.1"
  FF - prefs.js..network.proxy.http_port: 62667
  FF - prefs.js..network.proxy.type: 4
  FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{EB132DB0-A4CA-11DF-9732-0E29E0D72085}: C:\Program Files (x86)\Object\facetheme
  O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - Reg Error: Value error. File not found
  O3:64bit: - HKLM\..\Toolbar: (no name) - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
  O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
  O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - Reg Error: Value error. File not found
  O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
  O3 - HKU\S-1-5-21-1788461633-239288871-556941257-1001\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
  [2012/02/07 11:06:53 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\1464F
  [2012/02/07 10:46:22 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\4F26B
    	
  :Files
  C:\Windows\tasks\At*.job
  ipconfig /flushdns /c
  xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C
  xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C
  xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C
  xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C
  
  :Reg
  
  :Commands
  [purity]
  [resethosts]
  [emptytemp]
  [EMPTYJAVA]
  [emptyflash]
  [createrestorepoint]
  [reboot]

• Make sure all other windows are closed and to let it run uninterrupted.
• Click on button.
• OTL may ask to reboot the machine. Please do so if asked.
• Click on button.
• A report will open. Copy and Paste that report in your next reply.
• If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run.
• Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

[Brandon Jorgensen]

I only had 1 AV program but some guys trying to help me on a different forum asked me to try another program to see if anything came up.
And yes, my ISP is Charter

All processes killed
========== OTL ==========
HKU\S-1-5-21-1788461633-239288871-556941257-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1788461633-239288871-556941257-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
HKU\S-1-5-21-1788461633-239288871-556941257-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-21-1788461633-239288871-556941257-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: "127.0.0.1" removed from network.proxy.http
Prefs.js: 62667 removed from network.proxy.http_port
Prefs.js: 4 removed from network.proxy.type
File HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{EB132DB0-A4CA-11DF-9732-0E29E0D72085}: C:\Program Files (x86)\Object\facetheme not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1788461633-239288871-556941257-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}\ deleted successfully.
C:\Users\Brandon\AppData\Roaming\1464F folder moved successfully.
C:\Users\Brandon\AppData\Roaming\4F26B folder moved successfully.
========== FILES ==========
C:\Windows\tasks\At1.job moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Brandon\Downloads\cmd.bat deleted successfully.
C:\Users\Brandon\Downloads\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C >
0 File(s) copied
C:\Users\Brandon\Downloads\cmd.bat deleted successfully.
C:\Users\Brandon\Downloads\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C >
0 File(s) copied
C:\Users\Brandon\Downloads\cmd.bat deleted successfully.
C:\Users\Brandon\Downloads\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C >
0 File(s) copied
C:\Users\Brandon\Downloads\cmd.bat deleted successfully.
C:\Users\Brandon\Downloads\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C >
0 File(s) copied
C:\Users\Brandon\Downloads\cmd.bat deleted successfully.
C:\Users\Brandon\Downloads\cmd.txt deleted successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Brandon
->Temp folder emptied: 4961664428 bytes
->Temporary Internet Files folder emptied: 351193197 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 52074987 bytes
->Google Chrome cache emptied: 405259440 bytes
->Flash cache emptied: 28302 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 88465139 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67563 bytes
RecycleBin emptied: 4616853 bytes

Total Files Cleaned = 5,592.00 mb


[EMPTYJAVA]

User: All Users

User: Brandon
->Java cache emptied: 0 bytes

User: Default

User: Default User

User: Public

Total Java Files Cleaned = 0.00 mb


[EMPTYFLASH]

User: All Users

User: Brandon
->Flash cache emptied: 0 bytes

User: Default

User: Default User

User: Public

Total Flash Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.33.1 log created on 02202012_144133

Files\Folders moved on Reboot...
C:\Users\Brandon\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

[Brandon Jorgensen]

OTL logfile created on: 2/20/2012 2:50:45 PM - Run 2
OTL by OldTimer - Version 3.2.33.1 Folder = C:\Users\Brandon\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.48 Gb Total Physical Memory | 5.62 Gb Available Physical Memory | 75.10% Memory free
14.96 Gb Paging File | 12.81 Gb Available in Paging File | 85.67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 578.92 Gb Total Space | 257.60 Gb Free Space | 44.50% Space Free | Partition Type: NTFS
Drive D: | 16.96 Gb Total Space | 1.86 Gb Free Space | 10.95% Space Free | Partition Type: NTFS

Computer Name: BRANDON-HP | User Name: Brandon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/02/20 12:37:49 | 000,583,168 | ---- | M] (OldTimer Tools) -- C:\Users\Brandon\Downloads\OTL.exe
PRC - [2012/02/17 22:06:40 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/02/14 16:38:30 | 000,481,064 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012/02/13 02:06:52 | 002,602,304 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
PRC - [2012/02/09 10:58:28 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2012/02/02 02:44:30 | 003,329,824 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\Brandon\AppData\Local\Akamai\netsession_win.exe
PRC - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/01/13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/01/04 14:26:46 | 001,606,488 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
PRC - [2012/01/03 05:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/01/02 14:17:50 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/08/23 21:20:18 | 000,887,976 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2011/03/22 12:42:40 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011/02/28 16:08:30 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/02/25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/02/17 23:48:24 | 000,265,544 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
PRC - [2011/02/17 23:48:12 | 000,642,888 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
PRC - [2011/02/17 23:47:58 | 000,142,664 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
PRC - [2011/01/27 13:38:04 | 000,318,520 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2010/11/26 08:09:12 | 000,399,344 | ---- | M] (Roxio) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
PRC - [2010/11/09 16:20:36 | 000,586,296 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010/11/09 16:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2010/04/23 13:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/04/23 13:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/04/23 13:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe


========== Modules (No Company Name) ==========

MOD - [2012/02/17 22:06:39 | 001,911,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/02/14 16:38:29 | 014,415,144 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/02/14 16:38:28 | 000,914,216 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-52.dll
MOD - [2012/02/14 16:38:28 | 000,857,896 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012/02/14 16:38:28 | 000,155,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-52.dll
MOD - [2012/02/14 16:38:28 | 000,091,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-50.dll
MOD - [2011/11/30 03:39:27 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/08/19 16:33:28 | 000,047,960 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag 2\NtfsData.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/11/09 22:08:52 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011/09/15 18:12:12 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/05/13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2011/03/11 04:23:16 | 000,297,984 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2011/02/16 20:20:04 | 000,256,336 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe -- (Amsp)
SRV:64bit: - [2010/10/11 03:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/03/03 04:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2012/02/14 16:38:30 | 000,481,064 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/02/14 16:37:41 | 003,340,064 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll -- (Akamai)
SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/01/03 05:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/01/02 14:17:50 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/03/07 18:43:30 | 002,375,168 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011/03/01 22:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/28 16:08:30 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011/02/25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/02/17 23:48:24 | 000,265,544 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe -- (FPLService)
SRV - [2011/02/15 16:48:52 | 001,071,160 | ---- | M] (Hewlett-Packard Development Company L.P.) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe -- (hpCMSrv)
SRV - [2010/11/26 08:09:12 | 000,399,344 | ---- | M] (Roxio) [Auto | Running] -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe -- (RoxioNow Service)
SRV - [2010/11/09 16:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010/10/12 11:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/02/19 16:45:54 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/01/30 18:45:27 | 000,564,792 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011/12/10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/09/15 18:51:12 | 010,206,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/09/15 17:38:42 | 000,317,952 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/08/29 18:58:09 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/08/29 18:58:09 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/05/13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011/05/13 03:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/05/13 03:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2011/05/13 03:21:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2011/05/13 03:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:64bit: - [2011/04/15 15:37:50 | 000,079,488 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011/04/15 15:37:50 | 000,040,064 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011/03/24 18:20:36 | 000,337,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011/03/17 23:04:20 | 000,188,544 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdxhc.sys -- (amdxhc)
DRV:64bit: - [2011/03/17 23:04:18 | 000,087,168 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdhub30.sys -- (amdhub30)
DRV:64bit: - [2011/03/11 04:23:16 | 000,521,728 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/03/07 10:55:00 | 001,353,280 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2010/12/16 20:28:38 | 001,403,440 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/12/16 02:06:46 | 000,047,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/11/26 18:02:18 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2010/11/20 21:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 21:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 21:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 21:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/17 11:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/09/17 02:33:02 | 000,144,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:64bit: - [2010/09/17 02:33:02 | 000,105,552 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:64bit: - [2010/09/17 02:33:02 | 000,090,704 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:64bit: - [2010/09/17 02:33:02 | 000,067,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:64bit: - [2010/07/28 10:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/02/18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/08/13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 15:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 15:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 14:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 14:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "http://www.msn.com/"
FF - prefs.js..keyword.URL: "http://isearch.avg.c...7:21&sap=ku&q="


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\4game.com/plugin: File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Brandon\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Brandon\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Brandon\AppData\Local\RewardsArcade\498\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\firefoxextension\ [2012/02/18 10:20:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/17 22:06:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/17 22:06:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/17 22:06:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{EB132DB0-A4CA-11DF-9732-0E29E0D72085}: C:\Program Files (x86)\Object\facetheme

[2012/01/11 20:57:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brandon\AppData\Roaming\Mozilla\Extensions
[2012/01/31 17:13:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\mpynu5gq.default\extensions
[2012/01/31 17:13:19 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\mpynu5gq.default\extensions\[email protected]
[2012/01/31 17:13:25 | 000,002,203 | ---- | M] () -- C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\mpynu5gq.default\searchplugins\MyStart Search.xml
[2012/02/04 20:41:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/01/05 14:46:39 | 000,000,000 | ---D | M] (TrueSuite Website Logon) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2012/02/17 22:06:40 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/02/17 17:47:10 | 000,003,747 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/02/15 10:18:35 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/15 10:18:35 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: MyStart Search ()
CHR - default_search_provider: search_url = http://mystart.incre...6PQn1Xl2Ae&i=26
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Brandon\AppData\Local\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U24 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Brandon\AppData\Local\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Brandon\AppData\Local\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Simple Pass 2011 (Enabled) = C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe\1.0_0\npwebsitelogon.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Brandon\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Website Logon = C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe\1.0_0\
CHR - Extension: YouTube = C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\
CHR - Extension: Google Search = C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: RewardsArcade = C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcmagccbogebndpoodhhhafmofelpffh\1.13.61_0\
CHR - Extension: We-Care Reminder Lite = C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkpmjnommfoljgjbckjmjhkmnhfmcmon\1.2.0.10_0\
CHR - Extension: Yontoo Layers = C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.0_0\
CHR - Extension: Gmail = C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\
CHR - Extension: No name found = C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\plccnhhjonaiagjelpfkclblmlppjcik\

O1 HOSTS File: ([2012/02/20 14:41:42 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1504\6.6.1088\TmIEPlg.dll (Trend Micro Inc.)
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll (Trend Micro Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe (Hewlett-Packard Development Company L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Brandon\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.196.64.53 68.113.206.10 24.178.162.3
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3C58783B-195C-4B94-9371-C1DBE7B32D56}: DhcpNameServer = 24.196.64.53 68.113.206.10 24.178.162.3
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe64.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1504\6.6.1088\TmIEPlg.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll (Trend Micro Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2bd6dfc0-4e09-11e1-ab26-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2bd6dfc0-4e09-11e1-ab26-806e6f6e6963}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{2bd6dfc0-4e09-11e1-ab26-806e6f6e6963}\Shell\directx\command - "" = G:\DX9\dxsetup.exe
O33 - MountPoints2\{2bd6dfc0-4e09-11e1-ab26-806e6f6e6963}\Shell\setup\command - "" = G:\autorun.exe
O33 - MountPoints2\{2bd6dfc1-4e09-11e1-ab26-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2bd6dfc1-4e09-11e1-ab26-806e6f6e6963}\Shell\AutoRun\command - "" = H:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/02/20 14:41:33 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/02/20 14:29:35 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/02/20 11:51:03 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/02/20 10:52:28 | 004,729,344 | ---- | C] (AVAST Software) -- C:\Users\Brandon\Desktop\aswMBR(1).exe
[2012/02/19 16:47:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012/02/19 16:45:54 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012/02/19 16:45:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012/02/19 15:46:56 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HunterBlade
[2012/02/19 15:40:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HunterBlade
[2012/02/17 17:44:49 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\Malwarebytes
[2012/02/17 17:44:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/02/17 17:44:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/02/17 17:44:40 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/02/17 17:44:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/02/17 17:21:07 | 000,105,552 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmtdi.sys
[2012/02/17 17:20:59 | 000,144,464 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmcomm.sys
[2012/02/17 17:20:59 | 000,090,704 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmactmon.sys
[2012/02/17 17:20:59 | 000,067,664 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmevtmgr.sys
[2012/02/17 15:47:09 | 000,000,000 | ---D | C] -- C:\temp
[2012/02/17 13:00:02 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium
[2012/02/17 11:45:13 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\{0C918B29-F835-457E-971C-AF0C10D197B1}
[2012/02/17 11:44:55 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\{19336F43-D98E-40DC-B96D-E8D00C9A6684}
[2012/02/16 23:44:31 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\{88D650CB-A840-4CD9-93B0-373F3DB7776F}
[2012/02/16 23:44:24 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\{9F33A996-22A0-4FB7-B0B3-913E85D4790B}
[2012/02/16 23:18:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Trend Micro
[2012/02/16 23:18:20 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012/02/16 22:42:35 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012/02/16 22:35:04 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\{682A01C5-4619-425D-AAA4-E42C8DF490B4}
[2012/02/16 22:34:57 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\{37E98ABB-31A7-4FC7-A883-54945D6137FE}
[2012/02/16 22:34:11 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\{F70F46CC-7074-4535-9C17-701C14785A2B}
[2012/02/16 22:33:53 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\{84E36FEE-E0F1-40E2-95C5-D03D9AB78F5B}
[2012/02/16 17:15:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinASO
[2012/02/15 23:45:16 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\{81F59AE4-A7EB-42D1-A564-9B5AB4E4FB6D}
[2012/02/15 23:44:58 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\{B2BC6E11-0727-4B6E-9510-30659CF7B504}
[2012/02/14 14:40:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Samsung_USB_Drivers
[2012/02/14 14:40:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2012/02/12 16:39:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blade
[2012/02/12 16:39:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HunterBlade
[2012/02/12 05:34:16 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\{281184E4-2492-48DC-BEEB-7064B90DB6AC}
[2012/02/11 22:53:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingdoms of Amalur Reckoning
[2012/02/11 22:18:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kingdoms of Amalur Reckoning
[2012/02/09 00:15:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012/02/09 00:15:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2012/02/08 13:32:21 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\BigHugeEngine
[2012/02/08 12:27:51 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs
[2012/02/07 23:56:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/02/07 23:56:37 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012/02/07 23:56:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/02/07 00:00:46 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\ElevatedDiagnostics
[2012/02/06 13:41:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KOEI
[2012/02/06 12:59:13 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Koei
[2012/02/05 18:20:39 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\RenPy
[2012/02/05 18:18:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Katawa Shoujo
[2012/02/05 15:12:06 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Desktop\KOEI
[2012/02/05 12:44:10 | 001,398,272 | ---- | C] (CheatHappens) -- C:\Users\Brandon\Desktop\Dynasty Warriors 6 Trainer.exe
[2012/02/05 12:26:42 | 001,360,384 | ---- | C] (CheatHappens) -- C:\Users\Brandon\Desktop\Resident Evil 5 Trainer.exe
[2012/02/05 00:07:11 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Desktop\Media
[2012/02/03 19:39:39 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RESIDENT EVIL 5
[2012/02/03 18:41:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Resident Evil 5
[2012/02/02 22:13:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Age of Empires 3
[2012/02/02 22:00:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft Games
[2012/02/02 21:42:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
[2012/02/02 21:24:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games
[2012/02/02 21:23:57 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\AVG
[2012/02/02 21:01:30 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012/02/02 19:56:34 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\AVG2012
[2012/02/02 19:55:12 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2012/02/02 19:44:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\4F26B
[2012/02/02 19:43:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LP
[2012/02/02 19:21:51 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Documents\KOEI
[2012/01/31 18:05:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitTorrent
[2012/01/31 18:04:28 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\BitTorrent
[2012/01/31 18:04:28 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\BitTorrent
[2012/01/31 17:11:30 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\QuickPar
[2012/01/31 16:25:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar
[2012/01/31 11:03:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012/01/31 11:03:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012/01/31 11:00:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/01/31 11:00:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2012/01/31 11:00:20 | 000,000,000 | ---D | C] -- C:\Windows\SHELLNEW
[2012/01/31 10:59:49 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\Microsoft Help
[2012/01/31 10:59:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012/01/31 10:59:21 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012/01/30 22:52:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RomStation
[2012/01/30 20:16:47 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Desktop\PCSX2 ISO
[2012/01/30 18:56:34 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2012/01/30 18:45:27 | 000,564,792 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2012/01/30 18:43:46 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\DAEMON Tools Lite
[2012/01/30 18:43:42 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012/01/30 16:58:45 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Documents\PCSX2
[2012/01/30 16:57:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCSX2 0.9.8
[2012/01/30 16:43:18 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Desktop\Game Booster 3
[2012/01/26 23:24:15 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\{B9661B8C-DA1B-49CD-9830-935B8E2C0CEF}
[2012/01/26 22:42:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wajam
[2012/01/25 20:25:11 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Desktop\no$GBA
[1 C:\Users\Brandon\Desktop\*.tmp files -> C:\Users\Brandon\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/02/20 14:55:24 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/20 14:55:24 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/20 14:48:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/20 14:48:00 | 1728,237,567 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/20 14:41:42 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012/02/20 14:34:04 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1788461633-239288871-556941257-1001UA.job
[2012/02/20 12:12:19 | 000,000,579 | ---- | M] () -- C:\Users\Brandon\Desktop\MBR.zip
[2012/02/20 11:50:58 | 1009,831,550 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/02/20 11:31:31 | 000,000,512 | ---- | M] () -- C:\Users\Brandon\Desktop\MBR.dat
[2012/02/20 10:53:05 | 004,729,344 | ---- | M] (AVAST Software) -- C:\Users\Brandon\Desktop\aswMBR(1).exe
[2012/02/19 23:21:16 | 000,808,786 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/02/19 23:21:16 | 000,681,046 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/02/19 23:21:16 | 000,129,436 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/02/19 17:36:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1788461633-239288871-556941257-1001Core.job
[2012/02/19 16:47:12 | 000,001,910 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012/02/19 16:45:54 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012/02/19 15:46:56 | 000,001,970 | ---- | M] () -- C:\Users\Brandon\Desktop\HunterBlade.lnk
[2012/02/17 17:44:44 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/17 17:30:48 | 000,001,441 | ---- | M] () -- C:\Users\Brandon\Desktop\Trend Micro Titanium.lnk
[2012/02/17 16:43:35 | 000,000,036 | ---- | M] () -- C:\Users\Brandon\AppData\Local\housecall.guid.cache
[2012/02/16 18:02:12 | 000,000,017 | ---- | M] () -- C:\Users\Brandon\AppData\Local\resmon.resmoncfg
[2012/02/15 02:02:05 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForBrandon.job
[2012/02/14 18:06:58 | 000,342,368 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/02/09 17:30:07 | 000,000,890 | ---- | M] () -- C:\Users\Public\Desktop\Nexus Mod Manager.lnk
[2012/02/09 00:15:32 | 000,000,877 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2012/02/08 12:57:22 | 000,001,258 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2012/02/08 12:33:59 | 000,000,939 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2012/02/05 18:20:29 | 000,001,067 | ---- | M] () -- C:\Users\Brandon\Desktop\Katawa Shoujo.lnk
[2012/02/05 15:17:53 | 000,001,230 | ---- | M] () -- C:\Users\Brandon\Desktop\Dynasty Warriors 6.lnk
[2012/02/04 20:41:37 | 000,001,090 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/02/02 21:42:59 | 000,002,117 | ---- | M] () -- C:\Users\Public\Desktop\Age of Empires III.lnk
[2012/01/31 18:05:09 | 000,000,923 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2012/01/31 17:13:37 | 000,000,447 | ---- | M] () -- C:\user.js
[2012/01/30 18:45:27 | 000,564,792 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2012/01/30 16:57:25 | 000,001,945 | ---- | M] () -- C:\Users\Public\Desktop\PCSX2 0.9.8 (r4600).lnk
[1 C:\Users\Brandon\Desktop\*.tmp files -> C:\Users\Brandon\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/02/20 12:12:19 | 000,000,579 | ---- | C] () -- C:\Users\Brandon\Desktop\MBR.zip
[2012/02/20 11:50:58 | 1009,831,550 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/02/20 11:31:31 | 000,000,512 | ---- | C] () -- C:\Users\Brandon\Desktop\MBR.dat
[2012/02/19 16:47:12 | 000,001,910 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012/02/19 15:46:56 | 000,001,970 | ---- | C] () -- C:\Users\Brandon\Desktop\HunterBlade.lnk
[2012/02/17 17:44:44 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/17 15:49:41 | 000,000,036 | ---- | C] () -- C:\Users\Brandon\AppData\Local\housecall.guid.cache
[2012/02/17 13:00:02 | 000,001,441 | ---- | C] () -- C:\Users\Brandon\Desktop\Trend Micro Titanium.lnk
[2012/02/16 18:02:12 | 000,000,017 | ---- | C] () -- C:\Users\Brandon\AppData\Local\resmon.resmoncfg
[2012/02/09 17:30:07 | 000,000,890 | ---- | C] () -- C:\Users\Public\Desktop\Nexus Mod Manager.lnk
[2012/02/09 00:15:32 | 000,000,877 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2012/02/08 12:33:59 | 000,000,939 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2012/02/06 12:39:00 | 000,043,008 | ---- | C] () -- C:\Users\Brandon\Desktop\trnAOE3.exe
[2012/02/06 11:02:13 | 001,297,920 | ---- | C] () -- C:\Users\Brandon\Desktop\Samurai Warriors 2 Trainer.exe
[2012/02/05 18:20:29 | 000,001,067 | ---- | C] () -- C:\Users\Brandon\Desktop\Katawa Shoujo.lnk
[2012/02/05 15:17:53 | 000,001,230 | ---- | C] () -- C:\Users\Brandon\Desktop\Dynasty Warriors 6.lnk
[2012/02/04 20:41:37 | 000,001,102 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/02/04 20:41:37 | 000,001,090 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/02/02 21:42:59 | 000,002,117 | ---- | C] () -- C:\Users\Public\Desktop\Age of Empires III.lnk
[2012/01/31 18:05:09 | 000,000,923 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2012/01/31 17:13:37 | 000,000,447 | ---- | C] () -- C:\user.js
[2012/01/30 16:57:25 | 000,001,945 | ---- | C] () -- C:\Users\Public\Desktop\PCSX2 0.9.8 (r4600).lnk
[2012/01/11 21:12:17 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2012/01/02 14:17:49 | 003,123,272 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011/12/18 18:09:04 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/12/18 18:09:03 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/11/13 16:16:08 | 000,000,095 | ---- | C] () -- C:\Users\Brandon\AppData\Local\fusioncache.dat
[2011/11/09 22:39:44 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011/11/09 22:39:32 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/11/09 20:36:06 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011/11/09 20:36:06 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011/10/22 05:17:38 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/10/22 05:13:54 | 000,014,051 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2011/10/22 05:10:04 | 000,787,194 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/10/22 04:57:59 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/10/13 14:30:24 | 000,042,392 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/08/29 19:40:04 | 000,000,068 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2011/05/31 00:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2011/05/31 00:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2011/03/17 17:51:46 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/03/03 22:04:58 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2010/12/16 20:26:22 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll

========== LOP Check ==========

[2012/02/02 21:25:50 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\AVG
[2012/02/14 16:35:22 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\AVG2012
[2012/02/08 13:32:21 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\BigHugeEngine
[2012/02/19 17:31:42 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\BitTorrent
[2011/11/12 11:21:23 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\Blio
[2012/01/30 19:10:04 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\DAEMON Tools Lite
[2012/01/01 01:16:38 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\FreeBurner
[2011/11/17 15:06:31 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\IDT
[2012/02/14 16:35:22 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\IObit
[2011/12/19 20:42:33 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\Lionhead Studios
[2011/12/18 17:36:17 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\Origin
[2012/02/05 18:20:39 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\RenPy
[2011/11/12 11:19:58 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\Synaptics
[2012/01/02 19:12:45 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\SystemRequirementsLab
[2011/11/17 18:09:14 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\Tific
[2011/12/11 00:21:33 | 000,000,000 | ---D | M] -- C:\Users\Brandon\AppData\Roaming\Windows Live Writer
[2009/07/13 23:08:49 | 000,029,736 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:0B4227B4

< End of report >