as when I ran rkill it had a line of code saying something about SysWOW I don't know what this meant.
so I downloaded and ran OTL below is the log.
Please help me by letting me know if there is a malaware/virus and if so what I need to do to get rid of it.
Many thanks!
OTL logfile created on: 3/14/2012 10:46:58 PM - Run 1
OTL by OldTimer - Version 3.2.37.0 Folder = C:\Users\Ryan\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
3.75 Gb Total Physical Memory | 1.72 Gb Available Physical Memory | 45.86% Memory free
7.49 Gb Paging File | 5.10 Gb Available in Paging File | 68.15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 275.67 Gb Total Space | 39.69 Gb Free Space | 14.40% Space Free | Partition Type: NTFS
Drive D: | 22.12 Gb Total Space | 3.23 Gb Free Space | 14.58% Space Free | Partition Type: NTFS
Drive E: | 99.34 Mb Total Space | 89.18 Mb Free Space | 89.78% Space Free | Partition Type: FAT32
Computer Name: RYAN-PC | User Name: Ryan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/03/14 22:46:24 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Users\Ryan\Downloads\OTL.exe
PRC - [2012/02/23 11:30:49 | 000,489,256 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2011/12/28 23:08:33 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2011/11/15 20:38:13 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/09/27 03:45:40 | 000,646,232 | ---- | M] () -- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
PRC - [2011/08/02 10:07:25 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2011/07/01 14:36:48 | 000,247,760 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe
PRC - [2011/07/01 14:36:44 | 000,337,872 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe
PRC - [2011/06/14 13:29:22 | 000,587,320 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2011/06/14 13:29:22 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011/05/21 15:52:16 | 000,103,992 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/01/13 10:29:06 | 000,840,000 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
PRC - [2011/01/13 10:28:44 | 000,377,152 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2010/09/15 11:30:08 | 000,739,664 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
PRC - [2010/03/06 04:12:48 | 000,338,168 | -H-- | M] (DeviceVM, Inc.) -- C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
PRC - [2010/01/25 19:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
========== Modules (No Company Name) ==========
MOD - [2012/03/10 09:21:42 | 000,429,040 | ---- | M] () -- C:\Users\Ryan\AppData\Local\Google\Chrome\Application\17.0.963.79\ppgooglenaclpluginchrome.dll
MOD - [2012/03/10 09:21:41 | 003,772,912 | ---- | M] () -- C:\Users\Ryan\AppData\Local\Google\Chrome\Application\17.0.963.79\pdf.dll
MOD - [2012/03/10 09:20:17 | 000,122,880 | ---- | M] () -- C:\Users\Ryan\AppData\Local\Google\Chrome\Application\17.0.963.79\avutil-51.dll
MOD - [2012/03/10 09:20:16 | 000,220,672 | ---- | M] () -- C:\Users\Ryan\AppData\Local\Google\Chrome\Application\17.0.963.79\avformat-53.dll
MOD - [2012/03/10 09:20:15 | 001,747,456 | ---- | M] () -- C:\Users\Ryan\AppData\Local\Google\Chrome\Application\17.0.963.79\avcodec-53.dll
MOD - [2012/03/10 05:56:11 | 008,593,056 | ---- | M] () -- C:\Users\Ryan\AppData\Local\Google\Chrome\Application\17.0.963.79\gcswf32.dll
MOD - [2012/02/27 23:16:10 | 000,036,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
MOD - [2012/02/23 11:30:47 | 014,415,144 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/02/23 11:30:46 | 000,914,216 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-52.dll
MOD - [2012/02/23 11:30:46 | 000,857,896 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012/02/23 11:30:46 | 000,155,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-52.dll
MOD - [2012/02/23 11:30:46 | 000,091,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-50.dll
MOD - [2012/02/16 11:06:51 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\cb5bd98ffa4c82327b0e4db02bb58d2d\System.Management.ni.dll
MOD - [2012/02/15 21:13:33 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\74fcc0f56435d0396f9524cd4293d3e5\PresentationFramework.Aero.ni.dll
MOD - [2012/02/15 21:12:47 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a1c4a635721f85bef0ea4194b888b871\System.Runtime.Remoting.ni.dll
MOD - [2012/02/15 21:12:42 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\eedf95f16a7e81ca43dd8accf11498a3\System.Data.ni.dll
MOD - [2012/02/15 21:11:33 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\02f7846cbc5c02a5dbf50fd34325eb61\PresentationFramework.ni.dll
MOD - [2012/02/15 21:10:39 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f4b2424c1b32fbd11130482bb899b7ae\PresentationCore.ni.dll
MOD - [2012/02/15 21:10:15 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll
MOD - [2012/02/15 21:09:46 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll
MOD - [2012/02/15 21:09:34 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
MOD - [2012/02/15 21:09:27 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
MOD - [2011/11/01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/10/13 13:15:56 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/09/27 03:45:40 | 000,646,232 | ---- | M] () -- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
MOD - [2010/11/05 01:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/02/10 01:58:30 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2010/02/10 01:58:28 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
MOD - [2010/02/10 01:58:24 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2010/02/10 01:58:24 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2010/02/10 01:58:22 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2010/02/10 01:58:22 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2010/02/10 01:58:18 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2010/02/10 01:58:14 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
MOD - [2010/01/22 17:30:00 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2010/01/22 17:29:58 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2010/01/22 17:29:58 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011/09/08 17:48:36 | 006,583,160 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV:64bit: - [2011/09/08 17:48:36 | 000,528,760 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV:64bit: - [2011/08/11 23:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2011/04/27 17:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011/04/27 17:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010/09/15 11:30:34 | 000,440,144 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV:64bit: - [2010/04/16 14:09:00 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/02/01 09:29:34 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/01/29 01:04:38 | 000,920,352 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2010/01/27 21:01:04 | 000,102,968 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2010/01/06 08:14:28 | 002,184,496 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2009/07/14 01:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/08 20:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2009/03/03 10:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\AESTSr64.exe -- (AESTFilters)
SRV - [2012/02/28 12:11:23 | 000,131,912 | ---- | M] (Desura Pty Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Desura\desura_service.exe -- (Desura Install Service)
SRV - [2012/02/23 11:30:49 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/11/15 20:38:13 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/09/09 17:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/07/01 14:36:44 | 000,337,872 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2011/06/14 13:29:22 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2011/05/21 15:52:16 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011/04/06 15:53:36 | 001,117,144 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/02/18 10:14:04 | 000,371,472 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2011/01/20 12:27:12 | 000,070,928 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Tools Security\TFEngine\TFService.exe -- (ThreatFire)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/06 04:12:48 | 000,338,168 | -H-- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2010/02/01 09:29:34 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\STacSV64.exe -- (STacSV)
SRV - [2010/01/06 07:53:54 | 001,791,280 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2010/01/04 18:03:42 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/06/10 21:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/03 10:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_471277d5d45019ea\AESTSr64.exe -- (AESTFilters)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011/10/16 15:16:40 | 001,390,640 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/09/08 17:49:26 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV:64bit: - [2011/09/08 17:49:24 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)
DRV:64bit: - [2011/07/22 16:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 21:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/07/11 11:02:34 | 000,282,440 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PCTCore64.sys -- (PCTCore)
DRV:64bit: - [2011/07/11 08:07:46 | 000,092,896 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pctplsg64.sys -- (pctplsg)
DRV:64bit: - [2011/07/11 08:05:44 | 000,337,048 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pctgntdi64.sys -- (pctgntdi)
DRV:64bit: - [2011/05/10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/27 15:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011/03/11 06:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 06:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/10 08:08:22 | 000,279,344 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\PCTSD64.sys -- (PCTSD)
DRV:64bit: - [2011/03/01 22:28:18 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/01/20 12:27:12 | 000,074,824 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TfSysMon.sys -- (TFSysMon)
DRV:64bit: - [2011/01/20 12:27:12 | 000,065,072 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TfFsMon.sys -- (TfFsMon)
DRV:64bit: - [2011/01/20 12:27:12 | 000,041,888 | --S- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TfNetMon.sys -- (TfNetMon)
DRV:64bit: - [2010/11/20 13:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 11:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 09:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/09/01 23:52:50 | 003,065,408 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/07/16 13:53:32 | 000,816,016 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pctEFA64.sys -- (pctEFA)
DRV:64bit: - [2010/06/29 09:35:34 | 000,452,872 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pctDS64.sys -- (pctDS)
DRV:64bit: - [2010/06/24 12:46:14 | 000,033,888 | ---- | M] (Applian Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\appliand.sys -- (appliandMP)
DRV:64bit: - [2010/06/24 12:46:14 | 000,033,888 | ---- | M] (Applian Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appliand.sys -- (appliand)
DRV:64bit: - [2010/04/16 14:19:34 | 006,403,584 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/04/16 13:11:18 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/02/09 05:57:22 | 000,239,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/02/04 00:05:32 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010/02/04 00:05:32 | 000,102,440 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010/02/04 00:05:32 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010/02/04 00:05:32 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010/02/04 00:05:30 | 000,328,232 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010/02/01 09:29:34 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/01/28 18:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/12/22 09:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/11/28 01:45:06 | 000,295,424 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/11/11 20:09:32 | 000,020,056 | -H-- | M] (DeviceVM, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dvmio.sys -- (DVMIO)
DRV:64bit: - [2009/08/24 01:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009/08/13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/14 01:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 01:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 01:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/14 01:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/08 20:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2009/07/08 20:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2009/06/10 21:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 21:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 21:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 20:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 20:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 20:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel®
DRV:64bit: - [2009/06/10 20:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 20:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 20:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 20:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/07/14 01:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2003/04/19 00:32:04 | 000,004,736 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\tandpl.sys -- (tandpl)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT/2
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPNOT/2
IE - HKLM\..\SearchScopes,DefaultScope = {FC48357F-270F-4F22-81F5-37F820EB85E3}
IE - HKLM\..\SearchScopes\{FC48357F-270F-4F22-81F5-37F820EB85E3}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT/2
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPNOT/2
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {FC48357F-270F-4F22-81F5-37F820EB85E3}
IE - HKCU\..\SearchScopes\{88D42C37-ABBD-49C9-BC80-74381FEB78F3}: "URL" = http://search.avg.co...e}&iy=&ychte=us
IE - HKCU\..\SearchScopes\{FC48357F-270F-4F22-81F5-37F820EB85E3}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.order.2: "Google"
FF - prefs.js..browser.startup.homepage: "http://uk.foxstart.c.../?rls=en:uk:mq"
FF - prefs.js..extensions.enabledItems: [email protected]:1.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:5.0.0.4248
FF - prefs.js..extensions.enabledItems: {cb84136f-9c44-433a-9048-c5cd9df1dc16}:3.0.0.300
FF - prefs.js..extensions.enabledItems: {E6C93316-271E-4b3d-8D7E-FE11B4350AEB}:1.5.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "chrome://browser-region/locale/region.properties"
FF - prefs.js..network.proxy.type: 0
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@fileplanet.com/fpdlm: C:\Program Files (x86)\Download Manager\npfpdlm.dll (IGN Entertainment)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Ryan\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Ryan\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files (x86)\PC Tools Security\BDT\Firefox\ [2011/12/10 16:44:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/12/28 23:09:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2012/02/19 14:48:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/10 12:06:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/02/10 20:21:16 | 000,000,000 | ---D | M]
[2011/02/05 14:59:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ryan\AppData\Roaming\Mozilla\Extensions
[2012/03/06 16:16:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ryan\AppData\Roaming\Mozilla\Firefox\Profiles\ou4sxl24.default\extensions
[2011/11/12 15:26:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\RYAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OU4SXL24.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\RYAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OU4SXL24.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI
() (No name found) -- C:\USERS\RYAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OU4SXL24.DEFAULT\EXTENSIONS\{E0204BD5-9D31-402B-A99D-A6AA8FFEBDCA}.XPI
() (No name found) -- C:\USERS\RYAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OU4SXL24.DEFAULT\EXTENSIONS\{E6C93316-271E-4B3D-8D7E-FE11B4350AEB}.XPI
() (No name found) -- C:\USERS\RYAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OU4SXL24.DEFAULT\EXTENSIONS\[email protected]
[2012/03/10 12:06:23 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/03/10 12:06:15 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/03/10 12:06:15 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/03/10 12:06:15 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/03/10 12:06:15 | 000,001,180 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/03/10 12:06:15 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Ryan\AppData\Local\Google\Chrome\Application\17.0.963.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Ryan\AppData\Local\Google\Chrome\Application\17.0.963.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Ryan\AppData\Local\Google\Chrome\Application\17.0.963.79\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U24 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: IGN Download Manager Plug-in (Enabled) = C:\Program Files (x86)\Download Manager\npfpdlm.dll
CHR - plugin: WacomTabletPlugin (Enabled) = C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: QUAKE LIVE (Enabled) = C:\ProgramData\id Software\QuakeLive\npquakezero.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Ryan\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Adblock Plus (Beta) = C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: Google Search = C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Gmail = C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009/06/10 21:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe ()
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [ISTray] C:\Program Files (x86)\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKCU..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe ()
O4 - HKCU..\Run: [igndlm.exe] C:\Program Files (x86)\Download Manager\DLM.exe (IGN Entertainment)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Acresso Corporation)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000018 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF310657-0F2D-4789-9883-745CCE7B48EF}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe) - C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe (DigitalPersona, Inc.)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{43198a7a-444e-11e0-b39d-002713dcec30}\Shell - "" = AutoRun
O33 - MountPoints2\{43198a7a-444e-11e0-b39d-002713dcec30}\Shell\AutoRun\command - "" = G:\aoesetup.exe /autorun
O33 - MountPoints2\{43198a7a-444e-11e0-b39d-002713dcec30}\Shell\directx\command - "" = G:\DirectX\dxsetup.exe
O33 - MountPoints2\{43198a7a-444e-11e0-b39d-002713dcec30}\Shell\dplay\command - "" = G:\DirectX\dplay61a.exe
O33 - MountPoints2\{43198a7a-444e-11e0-b39d-002713dcec30}\Shell\dxdiag\command - "" = G:\goodies\ar40eng.exe
O33 - MountPoints2\{43198a7a-444e-11e0-b39d-002713dcec30}\Shell\dxinfo\command - "" = G:\goodies\DirectX\dxinfo.exe
O33 - MountPoints2\{43198a7a-444e-11e0-b39d-002713dcec30}\Shell\dxtest\command - "" = G:\DirectX\dxdiag.exe
O33 - MountPoints2\{43198a7a-444e-11e0-b39d-002713dcec30}\Shell\dxtool\command - "" = G:\goodies\DirectX\dxtool.exe
O33 - MountPoints2\{43198a7a-444e-11e0-b39d-002713dcec30}\Shell\log\command - "" = G:\goodies\machine\machine.exe -l
O33 - MountPoints2\{43198a7a-444e-11e0-b39d-002713dcec30}\Shell\machine\command - "" = G:\goodies\machine\machine.exe
O33 - MountPoints2\{43198a7a-444e-11e0-b39d-002713dcec30}\Shell\setup\command - "" = G:\aoesetup.exe /autorun
O33 - MountPoints2\{43198a7a-444e-11e0-b39d-002713dcec30}\Shell\zone\command - "" = G:\goodies\mszone\zoneA600.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/03/14 12:35:01 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{7177218B-313E-4521-A9A4-589CC7E522BD}
[2012/03/14 12:34:48 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{FFF11F06-7374-4D4C-B881-6C98E9D99E8C}
[2012/03/14 00:14:31 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{6916CE7E-0547-4511-BA82-2406341D9E78}
[2012/03/14 00:14:20 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{21A5F5FC-9ED4-49AD-A8E4-748D32B1B4A7}
[2012/03/13 14:28:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefly Studios
[2012/03/13 14:28:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Firefly Studios
[2012/03/13 12:13:48 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{18C82B29-2301-4ECE-9958-8F625AEF1349}
[2012/03/13 12:13:17 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{00BAD07E-0025-4116-9EA0-01378DF016F0}
[2012/03/13 00:11:31 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{0B5FED00-D833-4DF2-9539-126784470903}
[2012/03/13 00:11:21 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{BA09B235-1222-477B-81EB-8A6CFEB70F7E}
[2012/03/13 00:11:09 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{3E8FB1D5-53C1-4685-B0A4-2424A519B0C8}
[2012/03/13 00:10:57 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{C4102894-4DC7-4B5A-952F-C7928949A9D8}
[2012/03/12 12:10:27 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{E026F1BE-41E3-4E18-8C11-90AF706D7FB9}
[2012/03/12 12:10:16 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{09E19A13-B75E-4196-8E6B-CC060804CAF0}
[2012/03/12 00:09:44 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{C9E55888-29E3-433F-9933-79ABC3DFFB0A}
[2012/03/12 00:09:32 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{56C1E18A-06C3-4E46-B60F-6A959DF4C566}
[2012/03/11 14:46:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Payne
[2012/03/11 14:46:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Max Payne
[2012/03/11 12:08:45 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{3EABB6F8-A629-4767-8B46-1B269E97642C}
[2012/03/11 12:08:30 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{441B15DB-826B-4EB1-B255-A692C210DC5C}
[2012/03/11 00:07:08 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{EE85B8D3-85B1-48B9-881D-03E203158990}
[2012/03/11 00:06:58 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{C743B064-003E-4188-B5D4-442DBA455D42}
[2012/03/10 12:05:46 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{DFC8AE9D-D723-46C4-8919-750E32C49F2A}
[2012/03/10 12:05:23 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{C710BF5F-8D80-4700-8D8E-9F1021CF905B}
[2012/03/09 13:02:30 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{F551BC1D-6755-4ED7-A918-728110A0354E}
[2012/03/09 13:02:19 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{83DCD1C1-8F70-4C8C-AD37-C828309F849A}
[2012/03/09 01:01:48 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{D5C43FEB-0DF1-4B79-B4E8-8822EDE53610}
[2012/03/09 01:01:37 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{63734FD0-9CAE-45E2-A9A1-B72AACEFF1E7}
[2012/03/08 13:01:09 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{52DF22DC-F92D-42C5-BCD2-329BA70D89A9}
[2012/03/08 13:00:58 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{FA729160-21F0-482F-9E73-46497F6ADF0E}
[2012/03/08 01:00:31 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{C7A719CB-0120-4B37-8082-87D641E49417}
[2012/03/08 01:00:21 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{60E26E80-ADD5-4BC1-9083-5366C759AA57}
[2012/03/07 12:59:52 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{275531BF-1C1F-4D21-B0F8-9F6EB7B9847E}
[2012/03/07 12:59:41 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{9B33CD46-8054-46A1-9D9A-259F4FAE105F}
[2012/03/07 00:59:15 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{1B8AD782-FEDF-429E-8C1E-02940B352A48}
[2012/03/07 00:59:06 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{CEB3D2D3-1258-45DA-8D12-12498E5508B3}
[2012/03/07 00:58:55 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{28847815-C784-428E-8A13-218FF85EA851}
[2012/03/07 00:58:45 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{A3610699-D43A-47CD-9CA9-F471643AF4A7}
[2012/03/06 12:57:37 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{9C77D765-CAED-4271-8AB9-BB0FCE56BED8}
[2012/03/06 12:57:15 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{26B17071-3ED2-4EC5-8730-998BD2EF9D3A}
[2012/03/06 00:52:58 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{7876C1AC-757E-42FD-81F4-952A4FE223C9}
[2012/03/06 00:52:48 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{42DC9DDB-D0B2-42C9-B8D6-326DAB6BD413}
[2012/03/06 00:52:38 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{8ACDA5F0-BED8-4607-9DD5-D242259A3290}
[2012/03/06 00:52:27 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{1AF573BF-149B-4986-9025-E11837BE6C99}
[2012/03/05 12:52:02 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{9B56ADC3-3820-4F9A-B153-257ED1719C4E}
[2012/03/05 12:51:52 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{77615A78-567A-469E-B3E0-179E799C8E33}
[2012/03/05 12:51:42 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{D28F21D7-4CC6-4B3C-BACF-E61648D6A3B4}
[2012/03/05 12:51:31 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{6896C1E7-B6D7-4589-96E2-2BDD2AB7BD98}
[2012/03/05 00:51:04 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{B27D53C3-470F-42C5-AA26-0875957C0447}
[2012/03/05 00:50:53 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{239D3DE4-49FD-4E59-A022-1B886649D656}
[2012/03/05 00:07:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fox
[2012/03/04 12:50:21 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{7DD92898-7739-480D-BBEE-22F9059208EC}
[2012/03/04 12:50:08 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{CCCF05A1-764E-4536-A727-C48302A43DDF}
[2012/03/04 00:49:40 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{493EF4F3-703B-476A-A4DA-E9E771897791}
[2012/03/04 00:49:28 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{DDB8AF4B-FFF3-4448-915D-2FF0CD8F062D}
[2012/03/03 12:49:01 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{DBA41141-022D-4406-A9FA-1F72F946CA15}
[2012/03/03 12:48:50 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{6488AE2E-3692-4E7B-8E9C-1CF9CEBFC16C}
[2012/03/03 00:19:41 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{671ACFD6-82A1-4E31-A558-96E8C613822E}
[2012/03/03 00:19:01 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{083A024F-4B2E-4227-B323-FE10BA1A5A98}
[2012/03/02 12:04:54 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{6BA28DB8-B997-48ED-AA12-D3FFDDF2776C}
[2012/03/02 12:04:32 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{2F94DCA8-E293-492D-9256-A5341359311C}
[2012/03/01 11:58:30 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{1E222647-BE3B-4D0B-8CCA-DC857CA0CE7A}
[2012/03/01 11:58:19 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{3C7C8C2A-6410-4B8D-998C-D178DDECDE29}
[2012/02/29 23:57:50 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{7BEDE63F-6307-4487-8D25-4FF2E8C902CA}
[2012/02/29 23:28:32 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Roaming\HandBrake
[2012/02/29 23:27:58 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
[2012/02/29 23:27:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
[2012/02/29 23:27:56 | 000,000,000 | ---D | C] -- C:\Program Files\Handbrake
[2012/02/29 11:57:14 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{F9A5521F-3540-4E60-8621-5EBECC41FDDC}
[2012/02/29 11:56:56 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{F2583668-7318-4873-9245-CE183CA61B83}
[2012/02/28 23:47:37 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{A1D46E1A-3561-42A9-A010-FFE07D02BACF}
[2012/02/28 12:11:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Desura
[2012/02/28 12:10:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Desura
[2012/02/28 12:09:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desura
[2012/02/28 12:09:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Desura
[2012/02/28 11:46:54 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{71B3424F-6F68-4D28-86A6-A4F7AC956C58}
[2012/02/28 11:46:14 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{7717B804-6953-4B2D-9234-12AFD296D3E4}
[2012/02/27 23:16:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
[2012/02/27 23:14:09 | 000,000,000 | ---D | C] -- C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
[2012/02/27 23:02:27 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{D695FAF0-5E0C-4CF8-ACFF-BD77AA72A8A4}
[2012/02/27 23:02:17 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{6EEAE368-78D7-47B3-9F46-2C9BA2612FBF}
[2012/02/27 11:01:45 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{0CABA3AA-8955-4B03-A915-A62D413D597F}
[2012/02/27 11:01:26 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{1E1479F5-5263-4CE1-B2D8-24A15A784B3A}
[2012/02/27 02:18:49 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{00B5613F-5F0D-4BAA-9858-9C005B194EEE}
[2012/02/26 14:18:07 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{3BA54372-02E8-40F5-AA36-08E58E066C00}
[2012/02/26 14:17:52 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{582FC726-5419-4960-B2A8-02EBB321B202}
[2012/02/26 02:17:13 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{8BEB2798-E80F-4085-9172-C7E798BECC82}
[2012/02/26 02:16:58 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{13713CD0-3F7D-44B5-BCA3-5868A8155BAA}
[2012/02/26 02:16:36 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{14AE0969-745F-4E45-9213-AC0869DFBC85}
[2012/02/26 02:16:09 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{B4CAB18C-FBA1-40B5-B7DB-7D2297F88282}
[2012/02/26 00:59:07 | 000,000,000 | ---D | C] -- C:\Users\Ryan\Documents\Solveig Multimedia
[2012/02/26 00:58:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Solveig Multimedia
[2012/02/25 14:15:36 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{D9C9A5F0-D6F2-451B-AA5E-B7EBC0321EEF}
[2012/02/25 14:15:22 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{0B5FCAD3-ED30-4092-BA96-FB67CD7688A6}
[2012/02/25 14:12:06 | 000,000,000 | ---D | C] -- C:\dcrisisdemo
[2012/02/25 02:14:51 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{A65E831A-9EE2-4C19-909A-5B47EFC580A2}
[2012/02/25 02:14:38 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{0D7335A0-D3EC-44A7-9BB0-1EE8EFBCB2D1}
[2012/02/24 14:14:12 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{3A05CA45-5D3C-45F9-A814-558C517E3CEE}
[2012/02/24 14:14:01 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{CF2515CF-9234-4AE3-8A8B-9C883B087406}
[2012/02/24 02:14:41 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/02/24 02:12:52 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{88088D7B-B520-4B75-B4C2-1D68ED3E462E}
[2012/02/24 02:12:33 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{6464F809-FDCF-41A1-8B59-2A2B0BCD4986}
[2012/02/23 21:31:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Croteam
[2012/02/23 21:31:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serious Sam - The Second Encounter Demo
[2012/02/23 13:46:52 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{BF0E4E0F-97D5-441F-A670-7A6C3809E664}
[2012/02/23 13:46:39 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{372846E8-3BAF-40CD-9504-CF64C6BE87DB}
[2012/02/23 01:45:55 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{3F56E644-34D8-40BB-8F64-9A1A78C6B4E7}
[2012/02/23 01:45:28 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{DEDAA52A-4B18-4933-B263-C254009544DE}
[2012/02/23 01:44:59 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{F229AC94-2DEF-4FFD-ACDE-1359F7CF0E9F}
[2012/02/23 01:44:38 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{81B07D91-0BB5-46E2-9FEB-1BA9B4D30FE3}
[2012/02/22 13:43:36 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{4D774F59-B4DD-4185-A2C6-6A1D73FC2175}
[2012/02/22 13:43:05 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{783D52AD-51B5-4C2D-89B7-A3E933E3635B}
[2012/02/21 17:37:21 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{998CB94E-D357-4139-8AAB-FECFE125ADD6}
[2012/02/21 17:36:50 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{4C5FDFB9-1973-450A-BA51-17B75E9DBFA6}
[2012/02/20 11:30:53 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{780A375D-E7B3-489C-8DE3-91F2CEF4C124}
[2012/02/20 11:30:40 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{A3CE8EC9-315C-44B8-83D0-2FB77AF0A445}
[2012/02/19 23:30:12 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{F48F2857-40A6-404D-B286-45A2FD78E451}
[2012/02/19 23:30:01 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{ABAE7760-D2CB-429C-A35B-46DD3A9FBD43}
[2012/02/19 16:38:54 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Roaming\Macrovision
[2012/02/19 14:48:14 | 000,000,000 | ---D | C] -- C:\Windows\DPDrv
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\zh-Hant
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\zh-Hant
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\zh-Hans
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\zh-Hans
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\tr
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\tr
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sv
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sv
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sl
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sl
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ru
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ru
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ro
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ro
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\pl
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\pl
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\no
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\no
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\nl
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\nl
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ko
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ko
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ja
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ja
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\it
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\it
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\hu
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\hu
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\gl-ES
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\gl-ES
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\fr
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\fr
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\fi
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\fi
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\eu-ES
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\eu-ES
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\es
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\es
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\el
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\de
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\da
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\cs
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ca-ES
[2012/02/19 14:47:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\bg
[2012/02/19 14:47:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\el
[2012/02/19 14:47:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DigitalPersona
[2012/02/19 14:47:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\de
[2012/02/19 14:47:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\da
[2012/02/19 14:47:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\cs
[2012/02/19 14:47:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ca-ES
[2012/02/19 14:47:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\bg
[2012/02/19 14:47:15 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\Programs
[2012/02/19 11:29:33 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{4813FC1B-96B5-4B29-9052-7CAFADF2AB60}
[2012/02/19 11:29:21 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{6CE8F054-70B2-4105-8601-DA3AB8BFBFB4}
[2012/02/19 01:01:23 | 000,000,000 | ---D | C] -- C:\Users\Ryan\Documents\Max Payne 2 Demo Savegames
[2012/02/19 00:30:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2012/02/19 00:29:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games
[2012/02/18 23:28:52 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{73ADA4E0-751F-4F60-A40A-CD4847161EEC}
[2012/02/18 23:28:38 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{8E5410E3-E277-4AFC-8184-6FE9DBBBF9D5}
[2012/02/18 20:26:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Postal 2 Demo
[2012/02/18 20:26:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Postal 2 Demo
[2012/02/18 20:15:22 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Raven Software
[2012/02/18 20:15:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raven Software
[2012/02/18 20:15:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Soldier of Fortune II - SP Demo
[2012/02/18 15:55:14 | 000,000,000 | ---D | C] -- C:\Users\Ryan\Documents\Max Payne Demo Savegames
[2012/02/18 15:32:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Payne Demo
[2012/02/18 15:32:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Max Payne Demo
[2012/02/18 11:50:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
[2012/02/18 11:50:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xvid
[2012/02/18 10:47:22 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{7A91B395-1035-43A1-9EC7-A2F6D43C4ECA}
[2012/02/18 10:47:11 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{A21784D0-D4A4-4A13-A4C2-CFE08DCBC85A}
[2012/02/18 01:23:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unreal Tournament 2004 Demo
[2012/02/18 01:21:52 | 000,000,000 | ---D | C] -- C:\UT2004Demo
[2012/02/17 22:46:44 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{B0FCF2B3-7BC6-4410-A1A8-26B2C762125B}
[2012/02/17 22:46:34 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{92CAD7E5-474F-413F-BA1F-C2C172CEBAB7}
[2012/02/17 17:31:44 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
[2012/02/17 17:21:11 | 000,000,000 | ---D | C] -- C:\Fraps
[2012/02/17 10:45:17 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{06D7C00C-8679-43A5-8D6B-63EEDE54C815}
[2012/02/17 10:44:49 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{62D662A7-F25C-4A55-837A-FFA7722FEA72}
[2012/02/16 23:35:24 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Roaming\RealNetworks
[2012/02/16 22:44:11 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{2B8D1A2E-C3A1-40C0-9C5E-FF12ED544064}
[2012/02/16 22:44:00 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{EA1521E6-3E0B-4A62-B6A4-AB97CB09923F}
[2012/02/16 10:43:11 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{C67667F5-3594-483C-9406-20F05918C1E3}
[2012/02/16 10:42:45 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{A093B134-F210-4D18-B4DC-226121AC7360}
[2012/02/15 12:08:24 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{E4152E5C-07DA-4582-A1D7-6D399A85014D}
[2012/02/15 12:07:41 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{C5EF4A94-C74A-4B62-AF6C-6A8C7003284A}
[2012/02/14 11:57:02 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{41641D6E-B45B-4A26-9C23-83E601B123BF}
[2012/02/14 11:56:32 | 000,000,000 | ---D | C] -- C:\Users\Ryan\AppData\Local\{3396FD70-D4C6-4D87-9A6E-29AA0A9F0F1F}
[2011/02/12 11:10:20 | 000,445,440 | ---- | C] (Dino Chiesa) -- C:\Users\Ryan\AppData\Roaming\Ionic.Zip.dll
[2011/02/12 11:10:20 | 000,133,632 | ---- | C] (Wandering Samurai Studios) -- C:\Users\Ryan\AppData\Roaming\MWLL.AutoUpdater.exe
[2011/02/12 11:10:20 | 000,020,480 | ---- | C] (Wandering Samurai Studios) -- C:\Users\Ryan\AppData\Roaming\MwllTorrent.dll
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/03/14 22:29:04 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/14 22:29:04 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/14 22:19:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/03/14 22:19:22 | 3015,888,896 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/14 22:17:00 | 000,424,240 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/03/14 17:40:25 | 001,905,432 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2012/03/14 17:14:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3410793288-241452426-2043411025-1001UA.job
[2012/03/14 16:14:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3410793288-241452426-2043411025-1001Core.job
[2012/03/14 01:49:37 | 000,058,798 | ---- | M] () -- C:\Users\Ryan\.recently-used.xbel
[2012/03/13 15:01:34 | 000,001,235 | ---- | M] () -- C:\Users\Public\Desktop\Space Colony.lnk
[2012/03/12 17:15:37 | 000,002,391 | ---- | M] () -- C:\Users\Ryan\Desktop\Google Chrome.lnk
[2012/03/11 20:34:07 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRyan.job
[2012/03/11 17:23:45 | 002,899,066 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/03/11 17:23:45 | 001,260,386 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/03/11 17:23:45 | 000,005,376 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/03/11 14:56:50 | 000,001,870 | ---- | M] () -- C:\Users\Public\Desktop\Max Payne.lnk
[2012/03/09 01:30:06 | 000,111,928 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/03/05 00:07:05 | 000,002,022 | ---- | M] () -- C:\Users\Public\Desktop\Aliens vs. Predator 2 Single-Player Demo.lnk
[2012/02/29 23:27:58 | 000,000,824 | ---- | M] () -- C:\Users\Ryan\Desktop\Handbrake.lnk
[2012/02/28 12:09:59 | 000,001,859 | ---- | M] () -- C:\Users\Public\Desktop\Desura.lnk
[2012/02/27 23:16:28 | 000,002,179 | ---- | M] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
[2012/02/19 00:30:18 | 000,002,145 | ---- | M] () -- C:\Users\Public\Desktop\Max Payne 2 Demo.lnk
[2012/02/18 21:43:57 | 000,002,218 | ---- | M] () -- C:\Users\Public\Desktop\Postal 2 Apocalypse Weekend Expansion Pack.lnk
[2012/02/18 21:43:57 | 000,002,034 | ---- | M] () -- C:\Users\Public\Desktop\Postal 2 Share The Pain.lnk
[2012/02/18 20:15:23 | 000,001,162 | ---- | M] () -- C:\Users\Ryan\Desktop\SOF II Single Player Demo.lnk
[2012/02/18 20:15:23 | 000,000,347 | ---- | M] () -- C:\Windows\SOF2.INI
[2012/02/18 15:33:09 | 000,001,933 | ---- | M] () -- C:\Users\Public\Desktop\Max Payne Demo.lnk
[2012/02/18 01:28:46 | 000,001,328 | ---- | M] () -- C:\Users\Ryan\Desktop\Launch Painkiller!.lnk
[2012/02/17 17:31:44 | 000,000,572 | ---- | M] () -- C:\Users\Ryan\Desktop\Fraps.lnk
[2012/02/17 01:06:07 | 000,270,776 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/02/17 01:06:07 | 000,270,776 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/02/16 15:12:52 | 000,046,363 | ---- | M] () -- C:\Users\Ryan\.recently-used.xbel.9G1K9V
[2012/02/16 15:11:42 | 000,045,732 | ---- | M] () -- C:\Users\Ryan\.recently-used.xbel.BSBJ9V
[2012/02/16 15:10:17 | 000,046,363 | ---- | M] () -- C:\Users\Ryan\.recently-used.xbel.YGRC9V
[2012/02/16 15:09:13 | 000,045,732 | ---- | M] () -- C:\Users\Ryan\.recently-used.xbel.K9XF9V
[2012/02/16 15:07:25 | 000,045,732 | ---- | M] () -- C:\Users\Ryan\.recently-used.xbel.VB1K9V
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/03/14 01:49:37 | 000,058,798 | ---- | C] () -- C:\Users\Ryan\.recently-used.xbel
[2012/03/13 15:01:34 | 000,001,235 | ---- | C] () -- C:\Users\Public\Desktop\Space Colony.lnk
[2012/03/11 14:56:50 | 000,001,870 | ---- | C] () -- C:\Users\Public\Desktop\Max Payne.lnk
[2012/03/05 00:07:05 | 000,002,022 | ---- | C] () -- C:\Users\Public\Desktop\Aliens vs. Predator 2 Single-Player Demo.lnk
[2012/02/29 23:27:58 | 000,000,824 | ---- | C] () -- C:\Users\Ryan\Desktop\Handbrake.lnk
[2012/02/28 12:09:59 | 000,001,859 | ---- | C] () -- C:\Users\Public\Desktop\Desura.lnk
[2012/02/27 23:16:28 | 000,002,179 | ---- | C] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
[2012/02/19 14:48:35 | 000,001,146 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP SimplePass Identity Protection.lnk
[2012/02/19 00:30:18 | 000,002,145 | ---- | C] () -- C:\Users\Public\Desktop\Max Payne 2 Demo.lnk
[2012/02/18 21:43:57 | 000,002,218 | ---- | C] () -- C:\Users\Public\Desktop\Postal 2 Apocalypse Weekend Expansion Pack.lnk
[2012/02/18 21:43:57 | 000,002,034 | ---- | C] () -- C:\Users\Public\Desktop\Postal 2 Share The Pain.lnk
[2012/02/18 20:20:49 | 000,007,552 | ---- | C] () -- C:\Windows\SysWow64\drivers\enodpl.sys
[2012/02/18 20:20:49 | 000,006,659 | ---- | C] () -- C:\Windows\SysWow64\TANDPL.VXD
[2012/02/18 20:20:49 | 000,006,532 | ---- | C] () -- C:\Windows\SysWow64\ENODPL.VXD
[2012/02/18 20:20:49 | 000,004,736 | ---- | C] () -- C:\Windows\SysWow64\drivers\tandpl.sys
[2012/02/18 20:15:23 | 000,001,162 | ---- | C] () -- C:\Users\Ryan\Desktop\SOF II Single Player Demo.lnk
[2012/02/18 20:15:23 | 000,000,347 | ---- | C] () -- C:\Windows\SOF2.INI
[2012/02/18 15:33:09 | 000,001,933 | ---- | C] () -- C:\Users\Public\Desktop\Max Payne Demo.lnk
[2012/02/18 11:50:21 | 000,696,832 | ---- | C] () -- C:\Windows\SysNative\xvidcore.dll
[2012/02/18 11:50:21 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012/02/18 11:50:21 | 000,255,488 | ---- | C] () -- C:\Windows\SysNative\xvidvfw.dll
[2012/02/18 11:50:21 | 000,173,568 | ---- | C] () -- C:\Windows\SysNative\xvid.ax
[2012/02/18 11:50:21 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax
[2012/02/18 11:50:20 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012/02/17 17:21:16 | 000,000,572 | ---- | C] () -- C:\Users\Ryan\Desktop\Fraps.lnk
[2012/02/16 15:12:52 | 000,046,363 | ---- | C] () -- C:\Users\Ryan\.recently-used.xbel.9G1K9V
[2012/02/16 15:11:42 | 000,045,732 | ---- | C] () -- C:\Users\Ryan\.recently-used.xbel.BSBJ9V
[2012/02/16 15:10:16 | 000,046,363 | ---- | C] () -- C:\Users\Ryan\.recently-used.xbel.YGRC9V
[2012/02/16 15:09:13 | 000,045,732 | ---- | C] () -- C:\Users\Ryan\.recently-used.xbel.K9XF9V
[2012/02/16 15:07:25 | 000,045,732 | ---- | C] () -- C:\Users\Ryan\.recently-used.xbel.VB1K9V
[2011/12/10 16:57:51 | 000,005,342 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/08/22 17:57:37 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2011/04/09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/03/01 23:10:57 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2011/02/12 11:10:20 | 001,806,336 | ---- | C] () -- C:\Users\Ryan\AppData\Roaming\mwll_torrent.dll
[2011/02/12 11:10:20 | 000,101,888 | ---- | C] () -- C:\Users\Ryan\AppData\Roaming\Shd.dll
[2011/02/09 22:56:23 | 000,111,928 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/02/09 22:56:21 | 000,682,280 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011/02/09 22:56:21 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/02/08 15:22:23 | 000,000,246 | ---- | C] () -- C:\Users\Ryan\AppData\Roaming\wklnhst.dat
[2011/02/06 13:50:35 | 000,000,336 | ---- | C] () -- C:\Windows\game.ini
[2011/02/05 14:58:49 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/05/26 08:49:46 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/05/26 08:39:20 | 000,000,299 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2010/05/26 08:39:20 | 000,000,240 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini
[2010/04/25 21:21:00 | 000,000,188 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini
[2010/04/25 20:09:46 | 000,009,988 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
========== LOP Check ==========
[2011/06/25 23:57:41 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\.minecraft
[2011/03/27 02:49:06 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\AVG10
[2011/11/30 15:18:16 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\BANDISOFT
[2011/07/03 23:03:18 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/02/07 23:13:39 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\DAEMON Tools Pro
[2011/02/05 14:42:34 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\DigitalPersona
[2012/03/14 01:49:37 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\gtk-2.0
[2012/02/29 23:36:25 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\HandBrake
[2011/07/04 00:17:58 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\inkscape
[2011/11/30 17:47:27 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\Nitro PDF
[2011/12/02 00:55:46 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\OpenCandy
[2011/02/22 13:58:29 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\OpenOffice.org
[2011/08/23 18:37:05 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\Opera
[2011/08/25 10:18:34 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\PCTools
[2011/11/30 17:46:09 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\PrimoPDF
[2011/04/03 00:03:52 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\Replay Media Catcher 4
[2011/06/03 12:13:22 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\SystemRequirementsLab
[2011/02/08 15:22:25 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\Template
[2011/12/05 13:10:49 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\TestApp
[2012/01/24 15:19:35 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\Ulead Systems
[2011/12/29 08:36:48 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\Wacom
[2011/12/29 08:37:24 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
[2011/02/15 00:01:41 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\Windows Live Writer
[2011/06/06 12:58:51 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\www.scribd.com
[2012/02/15 21:05:31 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 200 bytes -> C:\ProgramData\Temp:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:430C6D84
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:76650B61
< End of report >