Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Touchpad & keyboard disabled on start up


  • Please log in to reply

#31
aka_GForce

aka_GForce

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.0.6002.2.2.0.768.3
Locale ID: 1033

Additional information about the problem:
BCCode: 1000008e
BCP1: C0000005
BCP2: 83D40770
BCP3: 9C78B74C
BCP4: 00000000
OS Version: 6_0_6002
Service Pack: 2_0
Product: 768_1

Files that help describe the problem:
C:\Windows\Minidump\Mini051613-01.dmp
C:\Users\Brandley\AppData\Local\temp\WER-71776-0.sysdata.xml
C:\Users\Brandley\AppData\Local\temp\WER401B.tmp.version.txt

Read our privacy statement:
http://go.microsoft....63&clcid=0x0409

~~~~~~~~~~~~~~~~~~~~~~~~

2013-05-16 21:51:01, Info CSI 00000006 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:51:01, Info CSI 00000007 [SR] Beginning Verify and Repair transaction
2013-05-16 21:51:07, Info CSI 00000009 [SR] Verify complete
2013-05-16 21:51:08, Info CSI 0000000a [SR] Verifying 100 (0x00000064) components
2013-05-16 21:51:08, Info CSI 0000000b [SR] Beginning Verify and Repair transaction
2013-05-16 21:51:15, Info CSI 0000000d [SR] Verify complete
2013-05-16 21:51:15, Info CSI 0000000e [SR] Verifying 100 (0x00000064) components
2013-05-16 21:51:15, Info CSI 0000000f [SR] Beginning Verify and Repair transaction
2013-05-16 21:51:18, Info CSI 00000011 [SR] Verify complete
2013-05-16 21:51:19, Info CSI 00000012 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:51:19, Info CSI 00000013 [SR] Beginning Verify and Repair transaction
2013-05-16 21:51:20, Info CSI 00000015 [SR] Verify complete
2013-05-16 21:51:21, Info CSI 00000016 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:51:21, Info CSI 00000017 [SR] Beginning Verify and Repair transaction
2013-05-16 21:51:23, Info CSI 00000019 [SR] Verify complete
2013-05-16 21:51:24, Info CSI 0000001a [SR] Verifying 100 (0x00000064) components
2013-05-16 21:51:24, Info CSI 0000001b [SR] Beginning Verify and Repair transaction
2013-05-16 21:51:25, Info CSI 0000001d [SR] Verify complete
2013-05-16 21:51:26, Info CSI 0000001e [SR] Verifying 100 (0x00000064) components
2013-05-16 21:51:26, Info CSI 0000001f [SR] Beginning Verify and Repair transaction
2013-05-16 21:51:27, Info CSI 00000021 [SR] Verify complete
2013-05-16 21:51:28, Info CSI 00000022 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:51:28, Info CSI 00000023 [SR] Beginning Verify and Repair transaction
2013-05-16 21:51:29, Info CSI 00000025 [SR] Verify complete
2013-05-16 21:51:30, Info CSI 00000026 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:51:30, Info CSI 00000027 [SR] Beginning Verify and Repair transaction
2013-05-16 21:51:32, Info CSI 00000029 [SR] Verify complete
2013-05-16 21:51:33, Info CSI 0000002a [SR] Verifying 100 (0x00000064) components
2013-05-16 21:51:33, Info CSI 0000002b [SR] Beginning Verify and Repair transaction
2013-05-16 21:51:34, Info CSI 0000002d [SR] Verify complete
2013-05-16 21:51:35, Info CSI 0000002e [SR] Verifying 100 (0x00000064) components
2013-05-16 21:51:35, Info CSI 0000002f [SR] Beginning Verify and Repair transaction
2013-05-16 21:51:37, Info CSI 00000031 [SR] Verify complete
2013-05-16 21:51:37, Info CSI 00000032 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:51:37, Info CSI 00000033 [SR] Beginning Verify and Repair transaction
2013-05-16 21:51:39, Info CSI 00000035 [SR] Verify complete
2013-05-16 21:51:39, Info CSI 00000036 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:51:39, Info CSI 00000037 [SR] Beginning Verify and Repair transaction
2013-05-16 21:51:41, Info CSI 00000039 [SR] Verify complete
2013-05-16 21:51:42, Info CSI 0000003a [SR] Verifying 100 (0x00000064) components
2013-05-16 21:51:42, Info CSI 0000003b [SR] Beginning Verify and Repair transaction
2013-05-16 21:51:43, Info CSI 0000003d [SR] Verify complete
2013-05-16 21:51:44, Info CSI 0000003e [SR] Verifying 100 (0x00000064) components
2013-05-16 21:51:44, Info CSI 0000003f [SR] Beginning Verify and Repair transaction
2013-05-16 21:51:45, Info CSI 00000041 [SR] Verify complete
2013-05-16 21:51:46, Info CSI 00000042 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:51:46, Info CSI 00000043 [SR] Beginning Verify and Repair transaction
2013-05-16 21:51:47, Info CSI 00000045 [SR] Verify complete
2013-05-16 21:51:48, Info CSI 00000046 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:51:48, Info CSI 00000047 [SR] Beginning Verify and Repair transaction
2013-05-16 21:51:50, Info CSI 00000049 [SR] Verify complete
2013-05-16 21:51:50, Info CSI 0000004a [SR] Verifying 100 (0x00000064) components
2013-05-16 21:51:50, Info CSI 0000004b [SR] Beginning Verify and Repair transaction
2013-05-16 21:51:52, Info CSI 0000004d [SR] Verify complete
2013-05-16 21:51:53, Info CSI 0000004e [SR] Verifying 100 (0x00000064) components
2013-05-16 21:51:53, Info CSI 0000004f [SR] Beginning Verify and Repair transaction
2013-05-16 21:51:54, Info CSI 00000051 [SR] Verify complete
2013-05-16 21:51:55, Info CSI 00000052 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:51:55, Info CSI 00000053 [SR] Beginning Verify and Repair transaction
2013-05-16 21:51:57, Info CSI 00000055 [SR] Verify complete
2013-05-16 21:51:57, Info CSI 00000056 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:51:57, Info CSI 00000057 [SR] Beginning Verify and Repair transaction
2013-05-16 21:51:59, Info CSI 00000059 [SR] Verify complete
2013-05-16 21:51:59, Info CSI 0000005a [SR] Verifying 100 (0x00000064) components
2013-05-16 21:51:59, Info CSI 0000005b [SR] Beginning Verify and Repair transaction
2013-05-16 21:52:01, Info CSI 0000005d [SR] Verify complete
2013-05-16 21:52:01, Info CSI 0000005e [SR] Verifying 100 (0x00000064) components
2013-05-16 21:52:01, Info CSI 0000005f [SR] Beginning Verify and Repair transaction
2013-05-16 21:52:03, Info CSI 00000061 [SR] Verify complete
2013-05-16 21:52:04, Info CSI 00000062 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:52:04, Info CSI 00000063 [SR] Beginning Verify and Repair transaction
2013-05-16 21:52:05, Info CSI 00000065 [SR] Verify complete
2013-05-16 21:52:06, Info CSI 00000066 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:52:06, Info CSI 00000067 [SR] Beginning Verify and Repair transaction
2013-05-16 21:52:07, Info CSI 00000069 [SR] Verify complete
2013-05-16 21:52:08, Info CSI 0000006a [SR] Verifying 100 (0x00000064) components
2013-05-16 21:52:08, Info CSI 0000006b [SR] Beginning Verify and Repair transaction
2013-05-16 21:52:09, Info CSI 0000006d [SR] Verify complete
2013-05-16 21:52:10, Info CSI 0000006e [SR] Verifying 100 (0x00000064) components
2013-05-16 21:52:10, Info CSI 0000006f [SR] Beginning Verify and Repair transaction
2013-05-16 21:52:12, Info CSI 00000071 [SR] Verify complete
2013-05-16 21:52:13, Info CSI 00000072 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:52:13, Info CSI 00000073 [SR] Beginning Verify and Repair transaction
2013-05-16 21:52:14, Info CSI 00000075 [SR] Verify complete
2013-05-16 21:52:15, Info CSI 00000076 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:52:15, Info CSI 00000077 [SR] Beginning Verify and Repair transaction
2013-05-16 21:52:17, Info CSI 00000079 [SR] Verify complete
2013-05-16 21:52:17, Info CSI 0000007a [SR] Verifying 100 (0x00000064) components
2013-05-16 21:52:17, Info CSI 0000007b [SR] Beginning Verify and Repair transaction
2013-05-16 21:52:20, Info CSI 0000007d [SR] Verify complete
2013-05-16 21:52:20, Info CSI 0000007e [SR] Verifying 100 (0x00000064) components
2013-05-16 21:52:20, Info CSI 0000007f [SR] Beginning Verify and Repair transaction
2013-05-16 21:52:22, Info CSI 00000081 [SR] Verify complete
2013-05-16 21:52:22, Info CSI 00000082 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:52:22, Info CSI 00000083 [SR] Beginning Verify and Repair transaction
2013-05-16 21:52:24, Info CSI 00000085 [SR] Verify complete
2013-05-16 21:52:25, Info CSI 00000086 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:52:25, Info CSI 00000087 [SR] Beginning Verify and Repair transaction
2013-05-16 21:52:26, Info CSI 00000089 [SR] Verify complete
2013-05-16 21:52:27, Info CSI 0000008a [SR] Verifying 100 (0x00000064) components
2013-05-16 21:52:27, Info CSI 0000008b [SR] Beginning Verify and Repair transaction
2013-05-16 21:52:28, Info CSI 0000008d [SR] Verify complete
2013-05-16 21:52:29, Info CSI 0000008e [SR] Verifying 100 (0x00000064) components
2013-05-16 21:52:29, Info CSI 0000008f [SR] Beginning Verify and Repair transaction
2013-05-16 21:52:32, Info CSI 00000091 [SR] Verify complete
2013-05-16 21:52:32, Info CSI 00000092 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:52:32, Info CSI 00000093 [SR] Beginning Verify and Repair transaction
2013-05-16 21:52:34, Info CSI 00000095 [SR] Verify complete
2013-05-16 21:52:34, Info CSI 00000096 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:52:34, Info CSI 00000097 [SR] Beginning Verify and Repair transaction
2013-05-16 21:52:36, Info CSI 00000099 [SR] Verify complete
2013-05-16 21:52:37, Info CSI 0000009a [SR] Verifying 100 (0x00000064) components
2013-05-16 21:52:37, Info CSI 0000009b [SR] Beginning Verify and Repair transaction
2013-05-16 21:52:38, Info CSI 0000009d [SR] Verify complete
2013-05-16 21:52:38, Info CSI 0000009e [SR] Verifying 100 (0x00000064) components
2013-05-16 21:52:38, Info CSI 0000009f [SR] Beginning Verify and Repair transaction
2013-05-16 21:52:42, Info CSI 000000a1 [SR] Verify complete
2013-05-16 21:52:42, Info CSI 000000a2 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:52:42, Info CSI 000000a3 [SR] Beginning Verify and Repair transaction
2013-05-16 21:52:48, Info CSI 000000a5 [SR] Verify complete
2013-05-16 21:52:48, Info CSI 000000a6 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:52:48, Info CSI 000000a7 [SR] Beginning Verify and Repair transaction
2013-05-16 21:52:53, Info CSI 000000a9 [SR] Verify complete
2013-05-16 21:52:53, Info CSI 000000aa [SR] Verifying 100 (0x00000064) components
2013-05-16 21:52:53, Info CSI 000000ab [SR] Beginning Verify and Repair transaction
2013-05-16 21:52:59, Info CSI 000000ae [SR] Verify complete
2013-05-16 21:53:00, Info CSI 000000af [SR] Verifying 100 (0x00000064) components
2013-05-16 21:53:00, Info CSI 000000b0 [SR] Beginning Verify and Repair transaction
2013-05-16 21:53:05, Info CSI 000000b2 [SR] Verify complete
2013-05-16 21:53:05, Info CSI 000000b3 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:53:05, Info CSI 000000b4 [SR] Beginning Verify and Repair transaction
2013-05-16 21:53:10, Info CSI 000000b7 [SR] Verify complete
2013-05-16 21:53:10, Info CSI 000000b8 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:53:10, Info CSI 000000b9 [SR] Beginning Verify and Repair transaction
2013-05-16 21:53:16, Info CSI 000000bb [SR] Verify complete
2013-05-16 21:53:17, Info CSI 000000bc [SR] Verifying 100 (0x00000064) components
2013-05-16 21:53:17, Info CSI 000000bd [SR] Beginning Verify and Repair transaction
2013-05-16 21:53:26, Info CSI 000000c7 [SR] Verify complete
2013-05-16 21:53:27, Info CSI 000000c8 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:53:27, Info CSI 000000c9 [SR] Beginning Verify and Repair transaction
2013-05-16 21:53:32, Info CSI 000000cb [SR] Verify complete
2013-05-16 21:53:33, Info CSI 000000cc [SR] Verifying 100 (0x00000064) components
2013-05-16 21:53:33, Info CSI 000000cd [SR] Beginning Verify and Repair transaction
2013-05-16 21:53:37, Info CSI 000000cf [SR] Verify complete
2013-05-16 21:53:38, Info CSI 000000d0 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:53:38, Info CSI 000000d1 [SR] Beginning Verify and Repair transaction
2013-05-16 21:53:44, Info CSI 000000d3 [SR] Verify complete
2013-05-16 21:53:45, Info CSI 000000d4 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:53:45, Info CSI 000000d5 [SR] Beginning Verify and Repair transaction
2013-05-16 21:53:54, Info CSI 000000d7 [SR] Verify complete
2013-05-16 21:53:55, Info CSI 000000d8 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:53:55, Info CSI 000000d9 [SR] Beginning Verify and Repair transaction
2013-05-16 21:54:06, Info CSI 000000dd [SR] Verify complete
2013-05-16 21:54:07, Info CSI 000000de [SR] Verifying 100 (0x00000064) components
2013-05-16 21:54:07, Info CSI 000000df [SR] Beginning Verify and Repair transaction
2013-05-16 21:54:22, Info CSI 000000e1 [SR] Verify complete
2013-05-16 21:54:23, Info CSI 000000e2 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:54:23, Info CSI 000000e3 [SR] Beginning Verify and Repair transaction
2013-05-16 21:54:42, Info CSI 000000e5 [SR] Verify complete
2013-05-16 21:54:42, Info CSI 000000e6 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:54:42, Info CSI 000000e7 [SR] Beginning Verify and Repair transaction
2013-05-16 21:54:49, Info CSI 000000e9 [SR] Verify complete
2013-05-16 21:54:49, Info CSI 000000ea [SR] Verifying 100 (0x00000064) components
2013-05-16 21:54:49, Info CSI 000000eb [SR] Beginning Verify and Repair transaction
2013-05-16 21:54:51, Info CSI 000000ed [SR] Verify complete
2013-05-16 21:54:52, Info CSI 000000ee [SR] Verifying 100 (0x00000064) components
2013-05-16 21:54:52, Info CSI 000000ef [SR] Beginning Verify and Repair transaction
2013-05-16 21:54:53, Info CSI 000000f1 [SR] Verify complete
2013-05-16 21:54:54, Info CSI 000000f2 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:54:54, Info CSI 000000f3 [SR] Beginning Verify and Repair transaction
2013-05-16 21:55:05, Info CSI 0000010c [SR] Verify complete
2013-05-16 21:55:06, Info CSI 0000010d [SR] Verifying 100 (0x00000064) components
2013-05-16 21:55:06, Info CSI 0000010e [SR] Beginning Verify and Repair transaction
2013-05-16 21:55:11, Info CSI 00000115 [SR] Verify complete
2013-05-16 21:55:11, Info CSI 00000116 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:55:11, Info CSI 00000117 [SR] Beginning Verify and Repair transaction
2013-05-16 21:55:13, Info CSI 00000119 [SR] Verify complete
2013-05-16 21:55:13, Info CSI 0000011a [SR] Verifying 100 (0x00000064) components
2013-05-16 21:55:13, Info CSI 0000011b [SR] Beginning Verify and Repair transaction
2013-05-16 21:55:18, Info CSI 0000011d [SR] Verify complete
2013-05-16 21:55:18, Info CSI 0000011e [SR] Verifying 100 (0x00000064) components
2013-05-16 21:55:18, Info CSI 0000011f [SR] Beginning Verify and Repair transaction
2013-05-16 21:55:24, Info CSI 00000121 [SR] Verify complete
2013-05-16 21:55:25, Info CSI 00000122 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:55:25, Info CSI 00000123 [SR] Beginning Verify and Repair transaction
2013-05-16 21:55:37, Info CSI 00000126 [SR] Verify complete
2013-05-16 21:55:37, Info CSI 00000127 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:55:37, Info CSI 00000128 [SR] Beginning Verify and Repair transaction
2013-05-16 21:55:42, Info CSI 0000012a [SR] Verify complete
2013-05-16 21:55:42, Info CSI 0000012b [SR] Verifying 100 (0x00000064) components
2013-05-16 21:55:42, Info CSI 0000012c [SR] Beginning Verify and Repair transaction
2013-05-16 21:55:45, Info CSI 0000012e [SR] Verify complete
2013-05-16 21:55:46, Info CSI 0000012f [SR] Verifying 100 (0x00000064) components
2013-05-16 21:55:46, Info CSI 00000130 [SR] Beginning Verify and Repair transaction
2013-05-16 21:55:53, Info CSI 00000132 [SR] Verify complete
2013-05-16 21:55:54, Info CSI 00000133 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:55:54, Info CSI 00000134 [SR] Beginning Verify and Repair transaction
2013-05-16 21:55:59, Info CSI 00000136 [SR] Verify complete
2013-05-16 21:56:00, Info CSI 00000137 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:56:00, Info CSI 00000138 [SR] Beginning Verify and Repair transaction
2013-05-16 21:56:08, Info CSI 0000013a [SR] Verify complete
2013-05-16 21:56:08, Info CSI 0000013b [SR] Verifying 100 (0x00000064) components
2013-05-16 21:56:08, Info CSI 0000013c [SR] Beginning Verify and Repair transaction
2013-05-16 21:56:22, Info CSI 00000161 [SR] Verify complete
2013-05-16 21:56:22, Info CSI 00000162 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:56:22, Info CSI 00000163 [SR] Beginning Verify and Repair transaction
2013-05-16 21:56:32, Info CSI 00000165 [SR] Verify complete
2013-05-16 21:56:33, Info CSI 00000166 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:56:33, Info CSI 00000167 [SR] Beginning Verify and Repair transaction
2013-05-16 21:57:02, Info CSI 00000169 [SR] Verify complete
2013-05-16 21:57:02, Info CSI 0000016a [SR] Verifying 100 (0x00000064) components
2013-05-16 21:57:02, Info CSI 0000016b [SR] Beginning Verify and Repair transaction
2013-05-16 21:57:21, Info CSI 0000016d [SR] Verify complete
2013-05-16 21:57:22, Info CSI 0000016e [SR] Verifying 100 (0x00000064) components
2013-05-16 21:57:22, Info CSI 0000016f [SR] Beginning Verify and Repair transaction
2013-05-16 21:57:32, Info CSI 00000171 [SR] Verify complete
2013-05-16 21:57:33, Info CSI 00000172 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:57:33, Info CSI 00000173 [SR] Beginning Verify and Repair transaction
2013-05-16 21:57:34, Info CSI 00000175 [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.0.6001.18000, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2013-05-16 21:57:38, Info CSI 00000177 [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.0.6001.18000, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2013-05-16 21:57:38, Info CSI 00000178 [SR] This component was referenced by [l:160{80}]"Package_30_for_KB936330~31bf3856ad364e35~x86~~6.0.1.18000.936330-187_neutral_GDR"
2013-05-16 21:57:38, Info CSI 0000017b [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:20{10}]"tcpmon.ini"; source file in store is also corrupted
2013-05-16 21:57:39, Info CSI 0000017d [SR] Verify complete
2013-05-16 21:57:39, Info CSI 0000017e [SR] Verifying 100 (0x00000064) components
2013-05-16 21:57:39, Info CSI 0000017f [SR] Beginning Verify and Repair transaction
2013-05-16 21:57:45, Info CSI 00000181 [SR] Verify complete
2013-05-16 21:57:46, Info CSI 00000182 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:57:46, Info CSI 00000183 [SR] Beginning Verify and Repair transaction
2013-05-16 21:57:51, Info CSI 00000186 [SR] Verify complete
2013-05-16 21:57:52, Info CSI 00000187 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:57:52, Info CSI 00000188 [SR] Beginning Verify and Repair transaction
2013-05-16 21:58:08, Info CSI 0000018a [SR] Verify complete
2013-05-16 21:58:08, Info CSI 0000018b [SR] Verifying 100 (0x00000064) components
2013-05-16 21:58:08, Info CSI 0000018c [SR] Beginning Verify and Repair transaction
2013-05-16 21:58:18, Info CSI 0000018e [SR] Verify complete
2013-05-16 21:58:19, Info CSI 0000018f [SR] Verifying 100 (0x00000064) components
2013-05-16 21:58:19, Info CSI 00000190 [SR] Beginning Verify and Repair transaction
2013-05-16 21:58:26, Info CSI 00000192 [SR] Verify complete
2013-05-16 21:58:27, Info CSI 00000193 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:58:27, Info CSI 00000194 [SR] Beginning Verify and Repair transaction
2013-05-16 21:58:34, Info CSI 00000196 [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2013-05-16 21:58:36, Info CSI 00000198 [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2013-05-16 21:58:36, Info CSI 00000199 [SR] This component was referenced by [l:158{79}]"Package_16_for_KB948465~31bf3856ad364e35~x86~~6.0.1.18005.948465-49_neutral_GDR"
2013-05-16 21:58:40, Info CSI 0000019b [SR] Verify complete
2013-05-16 21:58:40, Info CSI 0000019c [SR] Verifying 100 (0x00000064) components
2013-05-16 21:58:40, Info CSI 0000019d [SR] Beginning Verify and Repair transaction
2013-05-16 21:58:47, Info CSI 0000019f [SR] Verify complete
2013-05-16 21:58:47, Info CSI 000001a0 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:58:47, Info CSI 000001a1 [SR] Beginning Verify and Repair transaction
2013-05-16 21:58:57, Info CSI 000001a3 [SR] Verify complete
2013-05-16 21:58:58, Info CSI 000001a4 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:58:58, Info CSI 000001a5 [SR] Beginning Verify and Repair transaction
2013-05-16 21:59:09, Info CSI 000001a8 [SR] Verify complete
2013-05-16 21:59:10, Info CSI 000001a9 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:59:10, Info CSI 000001aa [SR] Beginning Verify and Repair transaction
2013-05-16 21:59:17, Info CSI 000001ac [SR] Verify complete
2013-05-16 21:59:18, Info CSI 000001ad [SR] Verifying 100 (0x00000064) components
2013-05-16 21:59:18, Info CSI 000001ae [SR] Beginning Verify and Repair transaction
2013-05-16 21:59:23, Info CSI 000001b0 [SR] Verify complete
2013-05-16 21:59:24, Info CSI 000001b1 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:59:24, Info CSI 000001b2 [SR] Beginning Verify and Repair transaction
2013-05-16 21:59:31, Info CSI 000001b4 [SR] Verify complete
2013-05-16 21:59:32, Info CSI 000001b5 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:59:32, Info CSI 000001b6 [SR] Beginning Verify and Repair transaction
2013-05-16 21:59:39, Info CSI 000001bb [SR] Verify complete
2013-05-16 21:59:40, Info CSI 000001bc [SR] Verifying 100 (0x00000064) components
2013-05-16 21:59:40, Info CSI 000001bd [SR] Beginning Verify and Repair transaction
2013-05-16 21:59:46, Info CSI 000001bf [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-05-16 21:59:46, Info CSI 000001c1 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-05-16 21:59:46, Info CSI 000001c5 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-05-16 21:59:46, Info CSI 000001c7 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-05-16 21:59:47, Info CSI 000001cb [SR] Verify complete
2013-05-16 21:59:48, Info CSI 000001cc [SR] Verifying 100 (0x00000064) components
2013-05-16 21:59:48, Info CSI 000001cd [SR] Beginning Verify and Repair transaction
2013-05-16 21:59:57, Info CSI 000001cf [SR] Verify complete
2013-05-16 21:59:58, Info CSI 000001d0 [SR] Verifying 100 (0x00000064) components
2013-05-16 21:59:58, Info CSI 000001d1 [SR] Beginning Verify and Repair transaction
2013-05-16 22:00:03, Info CSI 000001d3 [SR] Verify complete
2013-05-16 22:00:04, Info CSI 000001d4 [SR] Verifying 100 (0x00000064) components
2013-05-16 22:00:04, Info CSI 000001d5 [SR] Beginning Verify and Repair transaction
2013-05-16 22:00:06, Info CSI 000001d7 [SR] Verify complete
2013-05-16 22:00:07, Info CSI 000001d8 [SR] Verifying 100 (0x00000064) components
2013-05-16 22:00:07, Info CSI 000001d9 [SR] Beginning Verify and Repair transaction
2013-05-16 22:00:17, Info CSI 000001db [SR] Verify complete
2013-05-16 22:00:17, Info CSI 000001dc [SR] Verifying 100 (0x00000064) components
2013-05-16 22:00:17, Info CSI 000001dd [SR] Beginning Verify and Repair transaction
2013-05-16 22:00:25, Info CSI 000001df [SR] Verify complete
2013-05-16 22:00:25, Info CSI 000001e0 [SR] Verifying 100 (0x00000064) components
2013-05-16 22:00:25, Info CSI 000001e1 [SR] Beginning Verify and Repair transaction
2013-05-16 22:00:31, Info CSI 000001e3 [SR] Verify complete
2013-05-16 22:00:31, Info CSI 000001e4 [SR] Verifying 100 (0x00000064) components
2013-05-16 22:00:31, Info CSI 000001e5 [SR] Beginning Verify and Repair transaction
2013-05-16 22:00:52, Info CSI 000001e7 [SR] Verify complete
2013-05-16 22:00:53, Info CSI 000001e8 [SR] Verifying 100 (0x00000064) components
2013-05-16 22:00:53, Info CSI 000001e9 [SR] Beginning Verify and Repair transaction
2013-05-16 22:00:56, Info CSI 000001eb [SR] Verify complete
2013-05-16 22:00:57, Info CSI 000001ec [SR] Verifying 100 (0x00000064) components
2013-05-16 22:00:57, Info CSI 000001ed [SR] Beginning Verify and Repair transaction
2013-05-16 22:01:03, Info CSI 000001ef [SR] Verify complete
2013-05-16 22:01:04, Info CSI 000001f0 [SR] Verifying 90 (0x0000005a) components
2013-05-16 22:01:04, Info CSI 000001f1 [SR] Beginning Verify and Repair transaction
2013-05-16 22:01:10, Info CSI 000001fc [SR] Verify complete
2013-05-16 22:01:10, Info CSI 000001fd [SR] Repairing 4 components
2013-05-16 22:01:10, Info CSI 000001fe [SR] Beginning Verify and Repair transaction
2013-05-16 22:01:10, Info CSI 00000200 [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.0.6001.18000, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2013-05-16 22:01:10, Info CSI 00000202 [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2013-05-16 22:01:10, Info CSI 00000204 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-05-16 22:01:10, Info CSI 00000206 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-05-16 22:01:10, Info CSI 0000020a [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.0.6001.18000, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2013-05-16 22:01:10, Info CSI 0000020b [SR] This component was referenced by [l:160{80}]"Package_30_for_KB936330~31bf3856ad364e35~x86~~6.0.1.18000.936330-187_neutral_GDR"
2013-05-16 22:01:10, Info CSI 0000020e [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:20{10}]"tcpmon.ini"; source file in store is also corrupted
2013-05-16 22:01:10, Info CSI 00000210 [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2013-05-16 22:01:10, Info CSI 00000211 [SR] This component was referenced by [l:158{79}]"Package_16_for_KB948465~31bf3856ad364e35~x86~~6.0.1.18005.948465-49_neutral_GDR"
2013-05-16 22:01:10, Info CSI 00000213 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-05-16 22:01:10, Info CSI 00000215 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-05-16 22:01:10, Info CSI 00000219 [SR] Repair complete
2013-05-16 22:01:10, Info CSI 0000021a [SR] Committing transaction
2013-05-16 22:01:10, Info CSI 0000021b [SR] Cannot commit interactively, there are boot critical components being repaired
2013-05-16 22:01:10, Info CSI 0000021c [SR] Repairing 4 components
2013-05-16 22:01:10, Info CSI 0000021d [SR] Beginning Verify and Repair transaction
2013-05-16 22:01:10, Info CSI 0000021f [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.0.6001.18000, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2013-05-16 22:01:10, Info CSI 00000221 [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2013-05-16 22:01:10, Info CSI 00000223 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-05-16 22:01:10, Info CSI 00000225 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-05-16 22:01:11, Info CSI 00000229 [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.0.6001.18000, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2013-05-16 22:01:11, Info CSI 0000022a [SR] This component was referenced by [l:160{80}]"Package_30_for_KB936330~31bf3856ad364e35~x86~~6.0.1.18000.936330-187_neutral_GDR"
2013-05-16 22:01:11, Info CSI 0000022d [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:20{10}]"tcpmon.ini"; source file in store is also corrupted
2013-05-16 22:01:11, Info CSI 0000022f [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2013-05-16 22:01:11, Info CSI 00000230 [SR] This component was referenced by [l:158{79}]"Package_16_for_KB948465~31bf3856ad364e35~x86~~6.0.1.18005.948465-49_neutral_GDR"
2013-05-16 22:01:11, Info CSI 00000232 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-05-16 22:01:11, Info CSI 00000234 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-05-16 22:01:11, Info CSI 00000238 [SR] Repair complete
  • 0

Advertisements


#32
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
The SFC scan was not able to repair only two .ini files. One has to do with printers and the other with Windows Sidebar. And you aren't running Sidebar so they aren't important. I want to run a Rogue Killer fix and if nothing changes with the touchpad I want you to check the touchpad settings. If they are OK it's time to update the driver. Are you sure you downloaded the correct driver for the make and model # of your computer? And did you copy the installation instructions for the driver?


Step-1.

Run RogueKiller

Quit all programs and close all browsers.
  • Right click the RogueKiller icon and click Run as Administrator to run the program.
  • Wait until Prescan has finished ...
  • Click on the Delete button.

    Posted Image
  • The report has been created on the desktop.
  • Next click on the ShortcutsFix

    Posted Image
  • The report has been created on the desktop.
Please post:
The RKreport.txt files located on your desktop.
NOTE: If RogueKiller has been blocked, do not hesitate to try a few times more. If it really won't run, rename it to winlogon.exe (or winlogon.com) and try again


Step-2.

Run OTL again and click the Posted Image button. Post the log it produces in your next reply.


Step-3.

Check Touchpad Settings

  • Double click on the Touchpad icon in the system tray (where the clock is). The Dell Touchpad window will open.
  • Click the Device Select/Buttons Settings icon.
  • Click the Device Select tab and make sure the radio buttons beside Enable under the following items are blue. It they aren't then click them to turn them blue.
    • Touchpad
    • Touchpad Buttons
  • Click the Apply button if you had to make any changes.
  • Click the icon next to Scrolling and Zoom Settings
  • Under the Scrolling and Zoom heading make sure the boxes are checked beside the following items:
    • Enable
    • Enable Circular Scrolling
    • Enable Zoom
  • Under Scroll Zone Width:
    • Normal
  • Click the Apply button if you had to make any changes.
  • Close the Dell Touchpad.
If that didn't resolve the issue go to Step 4. If it did resolve the issue go to Step 5.

Step-4.


Using the instructions from the Dell drivers download site, update the touchpad driver.


Step-5.

Check for Problem Devices

Open your Device Manager. To do that:
  • Click the Start Orbn, then right click on Computer then Properties.
  • In the left column, under Tasks, click Device Manager and click Continue on the UAC window. The Device Manager will open.
    In the list of devices look for any device with a Red X or a Yellow question mark or exclamation point. If there aren't any:
  • In Device Manager, click the View menu and click Show hidden devices.
    Check for any Red Xs or Yellow question marks or exclamation points.
If you find any let me know what they are or take a screen shot and post it.


Step-6.

Things For Your Next Post:
Please post the logs in the order requested. Do Not attach the logs unless I request it.
1. The RKreport.txt logs
2. The new OTL.txt log
3. Let me know if the touchpad issue is resolved.
4. Let me know what you found in the Device Manager
  • 0

#33
aka_GForce

aka_GForce

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
I didn't have the icon for the TPad in the quick launch bar (was still disabled on start, I have since changed that back) so went into programs, found and launched the exe from there.
Before I did the TPad was working except for scrolling. After checking the settings there the scroll worked.
I did NOT change any settings there so that was just weird. There are no zoom options there as you described, everything else was enabled.
So the TPad was working before the scans were run and driver update. Yes, I am sure I had the right one and it has been installed successfully. On restart the TPad continued to work properly. YAY! Hopefully it stays that way now. :cool:
The only thing in device manager that is marked with exclamation point is the ADS Instant HDTV PCI under Sound, video & game controllers. I am not sure what that device is, but it says it cannot start.
As an added bonus the keyboard repeat feature seems to be fixed as well. I didn't mention that before but it was part of the keyboard issues I was having, I was just happy to be able to type again. Requested logs follow.

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : Brandley [Admin rights]
Mode : Remove -- Date : 05/18/2013 11:56:17
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 5 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ SMENU] HKCU\[...]\Advanced : Start_TrackProgs (0) -> REPLACED (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[WALLP] HKCU\[...]\Desktop : Wallpaper (C:\Users\Brandley\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Photo Gallery Wallpaper.jpg) -> REPLACED (C:\Users\Brandley\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ Extern Hives: ¤¤¤
-> D:\windows\system32\config\SOFTWARE
-> D:\windows\system32\config\SYSTEM
-> D:\Users\Default\NTUSER.DAT

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD2500BEVS-75UST0 +++++
--- User ---
[MBR] 1f476026428459b9bb42d40eb24a1721
[BSP] 4a5e6f979c18133732caaa2ed3be66c9 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 80325 | Size: 10000 Mo
2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 20560325 | Size: 228434 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_05182013_02d1156.txt >>
RKreport[1]_S_05182013_02d1153.txt ; RKreport[2]_D_05182013_02d1156.txt



~~~~~~~~~~~~~~~~~~~~~~~~~~~~

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : Brandley [Admin rights]
Mode : Shortcuts HJfix -- Date : 05/18/2013 11:58:24
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ Extern Hives: ¤¤¤
-> D:\windows\system32\config\SOFTWARE
-> D:\windows\system32\config\SYSTEM
-> D:\Users\Default\NTUSER.DAT

¤¤¤ File attributes restored: ¤¤¤
Desktop: Success 0 / Fail 0
Quick launch: Success 0 / Fail 0
Programs: Success 2 / Fail 0
Start menu: Success 0 / Fail 0
User folder: Success 126 / Fail 0
My documents: Success 1128 / Fail 1128
My favorites: Success 7 / Fail 0
My pictures: Success 0 / Fail 0
My music: Success 1234 / Fail 0
My videos: Success 0 / Fail 0
Local drives: Success 105 / Fail 0
Backup: [NOT FOUND]

Drives:
[C:] \Device\HarddiskVolume3 -- 0x3 --> Restored
[D:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[E:] \Device\CdRom0 -- 0x5 --> Skipped

Finished : << RKreport[3]_SC_05182013_02d1158.txt >>
RKreport[1]_S_05182013_02d1153.txt ; RKreport[2]_D_05182013_02d1156.txt ; RKreport[3]_SC_05182013_02d1158.txt



~~~~~~~~~~~~~~~~~~~~~~

OTL logfile created on: 5/18/2013 12:01:18 PM - Run 6
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Brandley\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.12 Gb Available Physical Memory | 56.26% Memory free
4.23 Gb Paging File | 3.15 Gb Available in Paging File | 74.45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223.08 Gb Total Space | 66.57 Gb Free Space | 29.84% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 5.10 Gb Free Space | 52.27% Space Free | Partition Type: NTFS

Computer Name: GAYLESLAP | User Name: Brandley | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/05/07 23:59:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Brandley\Desktop\OTL.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/12/18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/11/26 06:09:22 | 001,225,312 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2012/11/26 06:09:20 | 000,659,040 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2012/10/30 15:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/10/30 15:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/12/23 13:57:30 | 000,166,056 | ---- | M] () -- C:\ProgramData\HP Photo Creations\MessageCheck.exe
PRC - [2011/05/02 15:26:00 | 000,294,224 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe
PRC - [2009/04/10 22:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/16 19:59:22 | 000,483,428 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2009/03/16 19:59:20 | 000,254,042 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\stacsv.exe
PRC - [2009/03/16 19:59:18 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\AEstSrv.exe
PRC - [2008/08/16 15:42:34 | 000,072,704 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
PRC - [2008/05/09 13:04:12 | 000,126,976 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2008/05/05 17:46:38 | 001,168,632 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files\Fingerprint Sensor\AtService.exe
PRC - [2008/04/28 13:56:28 | 000,161,048 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/03/10 22:22:50 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2008/03/10 22:22:46 | 000,163,840 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2008/03/10 22:22:44 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2008/03/10 22:22:44 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2007/10/03 12:45:02 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/10/03 12:44:58 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/07/12 09:43:50 | 000,226,904 | ---- | M] (Macrovision Corporation) -- C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe


========== Modules (No Company Name) ==========

MOD - [2013/05/15 03:49:30 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e9ea3e70247b4aa4a8b260426db3aa6b\System.Windows.Forms.ni.dll
MOD - [2013/02/13 05:10:19 | 011,820,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\86365ae159cb808d52a7e3ba2700ea6c\System.Web.ni.dll
MOD - [2013/01/09 05:05:21 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll
MOD - [2013/01/09 05:04:14 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll
MOD - [2013/01/09 05:02:34 | 001,593,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll
MOD - [2013/01/09 04:59:09 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll
MOD - [2013/01/09 04:58:48 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll
MOD - [2011/12/23 13:57:30 | 000,166,056 | ---- | M] () -- C:\ProgramData\HP Photo Creations\MessageCheck.exe
MOD - [2010/09/14 14:34:38 | 000,153,600 | ---- | M] () -- C:\Windows\System32\WSContextMenu.dll
MOD - [2008/08/16 15:45:07 | 001,679,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3019.36912__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2008/08/16 15:45:07 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3019.36870__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2008/08/16 15:45:07 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3019.36924__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2008/08/16 15:45:07 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3019.37100__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2008/08/16 15:45:07 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3019.37065__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2008/08/16 15:45:07 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3019.36904__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2008/08/16 15:45:07 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3019.37022__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2008/08/16 15:45:07 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3019.36890__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2008/08/16 15:45:06 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3019.37131__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2008/08/16 15:44:56 | 000,352,256 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3019.37072__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:56 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3019.37137__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:56 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3019.37079__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2008/08/16 15:44:56 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3019.36884__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:56 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3019.37071__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2008/08/16 15:44:55 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3019.37030__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:55 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3019.36936__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:55 | 000,446,464 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3019.37015__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:55 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3019.36891__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:55 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3019.37092__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2008/08/16 15:44:55 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3019.37058__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:55 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3019.36943__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2008/08/16 15:44:55 | 000,217,088 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3019.36930__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:55 | 000,147,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3019.37130__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:55 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3019.37044__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:55 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3019.37029__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2008/08/16 15:44:55 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3019.37022__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2008/08/16 15:44:55 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3019.37129__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2008/08/16 15:44:55 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3019.36942__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2008/08/16 15:44:55 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3019.37044__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2008/08/16 15:44:55 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3019.37058__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2008/08/16 15:44:54 | 000,479,232 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3019.37023__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:54 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2939.23668__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2008/08/16 15:44:54 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2939.23689__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2939.23743__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2008/08/16 15:44:54 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2939.23764__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3019.37029__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2008/08/16 15:44:54 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2939.23662__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2008/08/16 15:44:54 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2939.23802__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2008/08/16 15:44:54 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2939.23667__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2008/08/16 15:44:54 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2939.23717__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2008/08/16 15:44:54 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2939.23693__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2939.23687__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2939.23679__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2939.23679__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2939.23707__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2939.23717__90ba9c70f846762e\DEM.OS.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2939.23718__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2939.23688__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2939.23734__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2939.23718__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2939.23767__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2939.23710__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2939.23768__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2008/08/16 15:44:53 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2965.22300__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2939.23739__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2939.23740__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2939.23738__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2939.23742__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2939.23708__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2939.23763__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2939.23741__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2939.23711__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2939.23665__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2008/08/16 15:44:53 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2939.23709__90ba9c70f846762e\APM.Foundation.dll
MOD - [2008/08/16 15:44:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2008/08/16 15:44:49 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3019.37122__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2008/08/16 15:44:49 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3019.37147__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2008/08/16 15:44:49 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2939.23679__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2008/08/16 15:44:49 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2939.23677__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2008/08/16 15:44:49 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3019.36862__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2008/08/16 15:44:48 | 001,511,424 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3019.36878__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2008/08/16 15:44:48 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3019.36897__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2008/08/16 15:44:48 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3019.36862__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2008/08/16 15:44:48 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3019.37121__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2008/08/16 15:44:48 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2939.23713__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2008/08/16 15:44:48 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2939.23678__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2008/08/16 15:44:48 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2939.23694__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2008/08/16 15:44:48 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2939.23712__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2008/08/16 15:44:48 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2939.23711__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2008/08/16 15:44:47 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3019.36863__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2008/08/16 15:44:47 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3019.36861__90ba9c70f846762e\APM.Server.dll
MOD - [2008/08/16 15:44:47 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3019.36862__90ba9c70f846762e\AEM.Server.dll
MOD - [2008/08/16 15:44:47 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2939.23689__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2008/08/16 15:44:47 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3019.37122__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2008/08/16 15:44:47 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2008/08/16 15:44:47 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2939.23746__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2008/05/04 00:42:20 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter -- (sprtsvc_dellsupportcenter)
SRV - [2013/05/17 11:33:38 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/14 19:40:05 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/12/18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/11/26 06:09:22 | 001,225,312 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2012/11/26 06:09:20 | 000,659,040 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2012/10/30 15:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/05/02 15:26:00 | 000,294,224 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV - [2010/03/04 13:00:56 | 000,025,704 | R--- | M] (Amazon.com) [On_Demand | Stopped] -- C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe -- (ADVService)
SRV - [2009/03/16 19:59:20 | 000,254,042 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\stacsv.exe -- (STacSV)
SRV - [2009/03/16 19:59:18 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\AEstSrv.exe -- (AESTFilters)
SRV - [2008/08/16 15:42:34 | 000,072,704 | ---- | M] (Creative Labs) [Auto | Running] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)
SRV - [2008/05/05 17:46:38 | 001,168,632 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Program Files\Fingerprint Sensor\AtService.exe -- (ATService)
SRV - [2008/04/28 13:56:28 | 000,161,048 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008/01/20 18:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/03 12:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wdcsam.sys -- (WDC_SAM)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pcdrndisuio.sys -- (PcdrNdisuio)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ivusb.sys -- (ivusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Brandley\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btwusb.sys -- (BTWUSB)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwmodem.sys -- (btwmodem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwhid.sys -- (btwhid)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwdndis.sys -- (BTWDNDIS)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btport.sys -- (BTDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btaudio.sys -- (btaudio)
DRV - [2012/11/20 12:00:58 | 000,027,496 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VirtualAudio.sys -- (WsAudio_Device)
DRV - [2012/10/30 15:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/10/30 15:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/10/30 15:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/10/30 15:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/10/30 15:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/10/30 15:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/10/08 19:53:56 | 000,026,080 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice)
DRV - [2012/03/06 15:02:43 | 000,024,408 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2010/09/14 14:34:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)
DRV - [2010/09/14 14:34:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)
DRV - [2010/09/14 14:34:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)
DRV - [2010/09/14 14:34:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)
DRV - [2010/09/14 14:34:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)
DRV - [2010/09/08 12:20:01 | 000,037,920 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2010/09/01 00:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/03/08 10:02:58 | 000,062,496 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
DRV - [2009/03/16 19:59:22 | 000,398,336 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009/03/08 17:06:00 | 000,280,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA001Vid.sys -- (OA001Vid)
DRV - [2009/03/06 07:30:08 | 000,133,632 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA001Ufd.sys -- (OA001Ufd)
DRV - [2008/05/05 19:08:52 | 000,475,136 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV - [2008/05/04 00:42:18 | 003,548,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2008/05/04 00:42:18 | 003,548,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/03/11 06:24:46 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008/03/10 22:42:24 | 000,203,264 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x)
DRV - [2008/03/10 22:24:46 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2008/03/10 22:24:44 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008/03/10 22:24:42 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008/03/10 22:22:44 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/01/20 18:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2007/06/18 16:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2007/04/03 10:43:28 | 001,131,136 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Ph3xIB32.sys -- (Ph3xIB32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...ie7&rlz=1I7DKUS
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search...p={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=us&ibd=2080817
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{8046BD4D-45D6-4CA9-AA1E-D83CFB044571}: "URL" = http://websearch.ask...79-BB6EAB3D2CE0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;*.local

========== FireFox ==========

FF - prefs.js..browser.search..defaultengine: "Yahoo"
FF - prefs.js..browser.search..defaultenginename: "Yahoo"
FF - prefs.js..browser.search..order.1: "Yahoo"
FF - prefs.js..browser.search..selectedEngine: "Yahoo"
FF - prefs.js..browser.search..selectedEngineURL: "http://fileservehome...={searchTerms}"
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.selectedEngineURL: "http://fileservehome...={searchTerms}"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7BF17C1572-C9EC-4e5c-A542-D05CBB5C5A08%7D:9.7.0.7
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1474
FF - prefs.js..extensions.enabledAddons: %7B288479BE-1B9E-11E2-80EA-F3246188709B%7D:1.1
FF - prefs.js..extensions.enabledAddons: tfdlookup%40nohup.in:2.7
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.14
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.8
FF - prefs.js..extensions.enabledAddons: %7BBAEBEF65-9289-47c5-8524-C345CC5D860D%7D:1.12
FF - prefs.js..extensions.enabledAddons: pbupload%40photobucket.com:1.3.5
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.1
FF - prefs.js..extensions.enabledItems: [email protected]:3.3
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.13
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}:9.7.0.7
FF - prefs.js..extensions.enabledItems: [email protected]:6.0.1367
FF - prefs.js..extensions.enabledItems: {3DB5ABE1-407D-458F-AD5D-8D89BD625CCC}:1.2.0
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.126
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..extensions.enabledItems: [email protected]:3.12.2.100009
FF - prefs.js..extensions.enabledItems: {BAEBEF65-9289-47c5-8524-C345CC5D860D}:1.9
FF - prefs.js..extensions.enabledItems: {b947750f-94cc-4d60-9f68-281d51279131}:3.8.0.8
FF - prefs.js..keyword.URL: "http://fileservehome...02ff&Keywords="
FF - prefs.js..network.proxy.gopher: ""
FF - prefs.js..network.proxy.gopher_port: ""
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nbc.com/DirectPlayer: C:\Program Files\NBC Direct\npDirectPlayerMozilla.dll File not found
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Brandley\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Brandley\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/08/13 20:47:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/01/11 20:09:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\DigitalPersona\Bin\FirefoxExt\ [2012/05/29 17:22:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/12/12 15:24:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/17 11:33:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/05/17 11:33:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}: C:\Program Files\DAP\DAPFireFox [2011/10/28 19:52:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/08/13 20:47:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\DigitalPersona\Bin\firefoxext [2012/05/29 17:22:28 | 000,000,000 | ---D | M]

[2010/01/05 23:54:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Extensions
[2013/05/16 09:13:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions
[2010/07/26 01:16:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/07/22 13:42:52 | 000,000,000 | ---D | M] (Xinha Here!) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{5B280457-4290-40c2-9441-EA647775F824}
[2013/02/24 01:16:34 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013/04/16 02:32:24 | 000,322,488 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\[email protected]
[2013/05/16 09:13:36 | 000,028,018 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\[email protected]
[2012/12/18 17:36:18 | 000,053,364 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\[email protected]
[2012/12/18 17:36:17 | 000,002,716 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{288479BE-1B9E-11E2-80EA-F3246188709B}.xpi
[2013/04/08 00:24:05 | 000,154,271 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{BAEBEF65-9289-47c5-8524-C345CC5D860D}.xpi
[2013/05/09 01:38:13 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/03/01 02:10:58 | 000,269,007 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2011/05/11 15:21:46 | 000,001,213 | ---- | M] () -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\searchplugins\fileserve.xml
[2013/05/17 11:33:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/05/17 11:33:40 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/12/12 15:24:44 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/10/28 19:52:48 | 000,000,000 | ---D | M] (Download Accelerator Plus (DAP) extension) -- C:\PROGRAM FILES\DAP\DAPFIREFOX
[2012/01/11 20:09:12 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2011/05/11 15:21:45 | 000,001,213 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fileserve.xml

========== Chrome ==========

CHR - default_search_provider: MyStart Search (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url =
CHR - homepage: http://my.msn.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Brandley\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Brandley\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Brandley\AppData\Local\Google\Chrome\Application\26.0.1410.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Chrome DAP extension (Enabled) = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\2.0.8_0\lib/npdapchrome.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Brandley\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: TVU Web Player for FireFox (Enabled) = C:\Windows\system32\TVUAx\npTVUAx.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Angry Birds = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Download Accelerator Plus (DAP) = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\2.0.8_0\
CHR - Extension: Keep My Opt-Outs = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhnjdplhmcnkiecampfdgfjilccfpfoe\1.0.14_0\
CHR - Extension: avast! WebRep = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: Speed Test Analysis = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb\1.0.0.0\

O1 HOSTS File: ([2013/05/14 18:39:03 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Download Accelerator Plus Integration) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\DAP\dapieloader.dll (SpeedBit Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell...r/SysProExe.CAB (WMI Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.112.128.2 204.17.139.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9C455C83-8DBA-41B3-A6B2-0A67DB9441EC}: DhcpNameServer = 209.112.128.2 204.17.139.2
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Brandley\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Brandley\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 13:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = ComFile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/05/17 11:33:18 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/05/14 18:44:23 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/05/14 18:44:19 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/05/14 18:44:18 | 000,000,000 | ---D | C] -- C:\Users\Brandley\AppData\Local\temp
[2013/05/14 18:15:47 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/05/14 18:15:47 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/05/14 18:15:47 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/05/14 18:15:27 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/05/14 18:13:19 | 005,066,131 | R--- | C] (Swearware) -- C:\Users\Brandley\Desktop\ComboFix.exe
[2013/05/13 18:40:17 | 000,354,299 | ---- | C] (Farbar) -- C:\Users\Brandley\Desktop\FSS.exe
[2013/05/13 09:02:41 | 002,347,384 | ---- | C] (ESET) -- C:\Users\Brandley\Desktop\esetsmartinstaller_enu.exe
[2013/05/11 15:56:58 | 000,000,000 | ---D | C] -- C:\Users\Brandley\Desktop\RK_Quarantine
[2013/05/11 14:25:47 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Brandley\Desktop\aswMBR.exe
[2013/05/08 11:37:02 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/05/07 23:59:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Brandley\Desktop\OTL.exe
[2013/05/04 12:54:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java(58)
[2013/05/04 12:54:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java

========== Files - Modified Within 30 Days ==========

[2013/05/18 11:47:00 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Communicator.job
[2013/05/18 11:38:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/05/18 11:24:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-313869043-597203798-2405295701-1000UA.job
[2013/05/18 10:57:40 | 000,010,774 | ---- | M] () -- C:\Users\Brandley\Desktop\dellsystemdetect.application
[2013/05/18 10:18:46 | 000,604,752 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/05/18 10:18:46 | 000,109,022 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/05/18 10:12:01 | 000,003,744 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/18 10:12:01 | 000,003,744 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/18 10:11:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/18 10:11:45 | 2145,361,920 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/18 05:24:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-313869043-597203798-2405295701-1000Core.job
[2013/05/16 18:08:17 | 312,639,125 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/05/16 08:51:35 | 400,325,598 | ---- | M] () -- C:\Users\Brandley\Desktop\DVDbackup.reg
[2013/05/15 03:44:31 | 000,271,344 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/05/14 18:39:03 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013/05/14 18:13:42 | 005,066,131 | R--- | M] (Swearware) -- C:\Users\Brandley\Desktop\ComboFix.exe
[2013/05/13 18:43:36 | 000,890,825 | ---- | M] () -- C:\Users\Brandley\Desktop\SecurityCheck.exe
[2013/05/13 18:40:18 | 000,354,299 | ---- | M] (Farbar) -- C:\Users\Brandley\Desktop\FSS.exe
[2013/05/13 09:02:45 | 002,347,384 | ---- | M] (ESET) -- C:\Users\Brandley\Desktop\esetsmartinstaller_enu.exe
[2013/05/11 14:31:08 | 000,816,128 | ---- | M] () -- C:\Users\Brandley\Desktop\RogueKiller.exe
[2013/05/11 14:26:57 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Brandley\Desktop\aswMBR.exe
[2013/05/11 14:15:01 | 000,000,175 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013/05/10 15:34:19 | 004,402,240 | ---- | M] () -- C:\Users\Brandley\Desktop\R191022.exe
[2013/05/10 14:29:00 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013/05/08 11:17:06 | 000,628,743 | ---- | M] () -- C:\Users\Brandley\Desktop\adwcleaner.exe
[2013/05/07 23:59:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Brandley\Desktop\OTL.exe
[2013/05/07 23:40:29 | 000,036,864 | ---- | M] () -- C:\Windows\System32\umstartup.etl
[2013/05/04 02:18:58 | 000,039,936 | ---- | M] () -- C:\Windows\System32\umstartup000.etl
[2013/05/04 01:47:09 | 000,035,550 | ---- | M] () -- C:\Users\Brandley\Documents\cc_20130504_014702.reg
[2013/05/04 01:43:09 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/05/04 01:28:22 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

========== Files Created - No Company Name ==========

[2013/05/18 10:57:40 | 000,010,774 | ---- | C] () -- C:\Users\Brandley\Desktop\dellsystemdetect.application
[2013/05/16 08:50:56 | 400,325,598 | ---- | C] () -- C:\Users\Brandley\Desktop\DVDbackup.reg
[2013/05/14 18:15:47 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/05/14 18:15:47 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/05/14 18:15:47 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/05/14 18:15:47 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/05/14 18:15:47 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/05/13 18:43:35 | 000,890,825 | ---- | C] () -- C:\Users\Brandley\Desktop\SecurityCheck.exe
[2013/05/11 14:31:07 | 000,816,128 | ---- | C] () -- C:\Users\Brandley\Desktop\RogueKiller.exe
[2013/05/11 14:11:33 | 000,000,175 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013/05/10 15:33:32 | 004,402,240 | ---- | C] () -- C:\Users\Brandley\Desktop\R191022.exe
[2013/05/09 00:40:14 | 2145,361,920 | -HS- | C] () -- C:\hiberfil.sys
[2013/05/08 11:17:01 | 000,628,743 | ---- | C] () -- C:\Users\Brandley\Desktop\adwcleaner.exe
[2013/05/04 01:47:05 | 000,035,550 | ---- | C] () -- C:\Users\Brandley\Documents\cc_20130504_014702.reg
[2012/06/06 13:49:33 | 000,049,091 | ---- | C] () -- C:\Users\Brandley\lorealparisargentinafb2.jpg
[2012/06/06 13:48:35 | 000,045,317 | ---- | C] () -- C:\Users\Brandley\lorealparisargentinafb.jpg
[2012/06/05 21:10:01 | 000,026,711 | ---- | C] () -- C:\Users\Brandley\P060212_2002.jpg
[2012/06/05 20:56:38 | 068,010,654 | ---- | C] () -- C:\Users\Brandley\LTT-Seattle.zip
[2012/05/11 23:18:06 | 000,000,680 | ---- | C] () -- C:\Users\Brandley\AppData\Local\d3d9caps.dat
[2012/04/22 12:59:40 | 000,068,071 | ---- | C] () -- C:\Users\Brandley\Your travel document PBORB5362355094.eml
[2011/11/17 18:24:01 | 001,174,083 | ---- | C] () -- C:\Windows\unins000.exe
[2011/11/17 18:24:01 | 000,017,783 | ---- | C] () -- C:\Windows\unins000.dat
[2011/11/11 21:42:20 | 000,000,218 | ---- | C] () -- C:\Users\Brandley\.recently-used.xbel
[2011/10/28 19:52:43 | 000,109,216 | ---- | C] () -- C:\Windows\System32\EasyHook64.dll
[2011/10/28 19:52:43 | 000,084,480 | ---- | C] () -- C:\Windows\System32\EasyHook32.dll
[2011/09/02 21:38:48 | 000,000,997 | ---- | C] () -- C:\Users\Brandley\index.html
[2011/09/01 22:27:49 | 000,000,118 | ---- | C] () -- C:\Users\Brandley\Cari Man up radio.m3u
[2010/05/24 12:04:56 | 000,000,145 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2009/09/01 15:47:41 | 000,000,125 | --S- | C] () -- C:\ProgramData\.zreglib
[2008/10/19 04:53:12 | 000,000,552 | ---- | C] () -- C:\Users\Brandley\AppData\Local\d3d8caps.dat
[2008/10/04 10:30:54 | 000,023,909 | ---- | C] () -- C:\Users\Brandley\AppData\Roaming\UserTile.png
[2008/09/04 16:30:00 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2008/09/02 18:21:28 | 000,049,664 | ---- | C] () -- C:\Users\Brandley\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/08/29 22:28:08 | 000,008,248 | ---- | C] () -- C:\Users\Brandley\AppData\Local\en.ini

========== ZeroAccess Check ==========

[2006/11/02 04:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 09:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 22:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 22:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2008/09/16 02:58:24 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\aAvgApi
[2012/12/18 16:06:47 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Aimersoft Video Converter Ultimate
[2009/10/20 17:20:58 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Amazon
[2009/10/24 14:41:25 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Any Video Converter
[2013/03/15 12:50:28 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Apowersoft
[2010/12/07 02:52:42 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Ashampoo
[2010/03/22 12:39:29 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Audacity
[2011/04/28 09:10:11 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\AVG10
[2010/04/24 13:45:09 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\AVG9
[2012/12/17 01:33:30 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2010/08/16 16:18:25 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Clip Extractor
[2013/03/28 12:59:29 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\com.amazon.music.uploader
[2009/07/30 11:41:59 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\DataCast
[2012/05/29 14:43:43 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\DigitalPersona
[2012/10/20 17:27:16 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\foxyproxy
[2011/11/04 23:59:43 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\gtk-2.0
[2009/09/16 10:53:00 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\IDM
[2009/11/21 17:52:17 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\LimeWire
[2011/12/14 02:04:07 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Mobipocket
[2009/09/10 23:10:19 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\MPEG Streamclip
[2009/07/05 09:49:26 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\MusicNet
[2009/09/16 10:53:13 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\NBC Direct
[2011/11/04 22:45:51 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Participatory Culture Foundation
[2010/12/15 19:17:45 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\PCDr
[2012/10/22 17:50:48 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\PCF-VLC
[2008/10/04 10:30:53 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\PeerNetworking
[2011/01/17 21:02:20 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Philipp Winterberg
[2011/12/19 01:44:45 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Rovio
[2010/10/19 21:25:08 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\SendSpace Wizard
[2013/03/15 12:57:57 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\SpeedTestAnalysis
[2013/01/13 15:24:15 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Spotify
[2011/02/13 23:07:20 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Uniblue
[2011/12/23 14:47:02 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Visan
[2011/11/11 23:52:43 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Western Digital
[2010/05/24 12:05:00 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Western DigitalTemp
[2011/11/28 17:17:34 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 857 bytes -> C:\Users\Brandley\Your travel document PBORB5362355094.eml:OECustomProperty
@Alternate Data Stream - 159 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:CD060F93
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:2B11E0DF
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:010ADD2C
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:553CA6CA
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:D74B6CF5
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:430C6D84

< End of report >
  • 0

#34
aka_GForce

aka_GForce

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
I didn't have the icon for the TPad in the quick launch bar (was still disabled on start, I have since changed that back) so went into programs, found and launched the exe from there.
Before I did the TPad was working except for scrolling. After checking the settings there the scroll worked.
I did NOT change any settings there so that was just weird. There are no zoom options there as you described, everything else was enabled.
So the TPad was working before the scans were run and driver update. Yes, I am sure I had the right one and it has been installed successfully. On restart the TPad continued to work properly. YAY! Hopefully it stays that way now. :cool:
The only thing in device manager that is marked with exclamation point is the ADS Instant HDTV PCI under Sound, video & game controllers. I am not sure what that device is, but it says it cannot start.
As an added bonus the keyboard repeat feature seems to be fixed as well. I didn't mention that before but it was part of the keyboard issues I was having, I was just happy to be able to type again. Requested logs follow.

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : Brandley [Admin rights]
Mode : Remove -- Date : 05/18/2013 11:56:17
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 5 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ SMENU] HKCU\[...]\Advanced : Start_TrackProgs (0) -> REPLACED (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[WALLP] HKCU\[...]\Desktop : Wallpaper (C:\Users\Brandley\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Photo Gallery Wallpaper.jpg) -> REPLACED (C:\Users\Brandley\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ Extern Hives: ¤¤¤
-> D:\windows\system32\config\SOFTWARE
-> D:\windows\system32\config\SYSTEM
-> D:\Users\Default\NTUSER.DAT

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD2500BEVS-75UST0 +++++
--- User ---
[MBR] 1f476026428459b9bb42d40eb24a1721
[BSP] 4a5e6f979c18133732caaa2ed3be66c9 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 80325 | Size: 10000 Mo
2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 20560325 | Size: 228434 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_05182013_02d1156.txt >>
RKreport[1]_S_05182013_02d1153.txt ; RKreport[2]_D_05182013_02d1156.txt



~~~~~~~~~~~~~~~~~~~~~~~~~~~~

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : Brandley [Admin rights]
Mode : Shortcuts HJfix -- Date : 05/18/2013 11:58:24
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ Extern Hives: ¤¤¤
-> D:\windows\system32\config\SOFTWARE
-> D:\windows\system32\config\SYSTEM
-> D:\Users\Default\NTUSER.DAT

¤¤¤ File attributes restored: ¤¤¤
Desktop: Success 0 / Fail 0
Quick launch: Success 0 / Fail 0
Programs: Success 2 / Fail 0
Start menu: Success 0 / Fail 0
User folder: Success 126 / Fail 0
My documents: Success 1128 / Fail 1128
My favorites: Success 7 / Fail 0
My pictures: Success 0 / Fail 0
My music: Success 1234 / Fail 0
My videos: Success 0 / Fail 0
Local drives: Success 105 / Fail 0
Backup: [NOT FOUND]

Drives:
[C:] \Device\HarddiskVolume3 -- 0x3 --> Restored
[D:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[E:] \Device\CdRom0 -- 0x5 --> Skipped

Finished : << RKreport[3]_SC_05182013_02d1158.txt >>
RKreport[1]_S_05182013_02d1153.txt ; RKreport[2]_D_05182013_02d1156.txt ; RKreport[3]_SC_05182013_02d1158.txt



~~~~~~~~~~~~~~~~~~~~~~

OTL logfile created on: 5/18/2013 12:01:18 PM - Run 6
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Brandley\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.12 Gb Available Physical Memory | 56.26% Memory free
4.23 Gb Paging File | 3.15 Gb Available in Paging File | 74.45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223.08 Gb Total Space | 66.57 Gb Free Space | 29.84% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 5.10 Gb Free Space | 52.27% Space Free | Partition Type: NTFS

Computer Name: GAYLESLAP | User Name: Brandley | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/05/07 23:59:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Brandley\Desktop\OTL.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/12/18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/11/26 06:09:22 | 001,225,312 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2012/11/26 06:09:20 | 000,659,040 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2012/10/30 15:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/10/30 15:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/12/23 13:57:30 | 000,166,056 | ---- | M] () -- C:\ProgramData\HP Photo Creations\MessageCheck.exe
PRC - [2011/05/02 15:26:00 | 000,294,224 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe
PRC - [2009/04/10 22:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/16 19:59:22 | 000,483,428 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2009/03/16 19:59:20 | 000,254,042 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\stacsv.exe
PRC - [2009/03/16 19:59:18 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\AEstSrv.exe
PRC - [2008/08/16 15:42:34 | 000,072,704 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
PRC - [2008/05/09 13:04:12 | 000,126,976 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2008/05/05 17:46:38 | 001,168,632 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files\Fingerprint Sensor\AtService.exe
PRC - [2008/04/28 13:56:28 | 000,161,048 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/03/10 22:22:50 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2008/03/10 22:22:46 | 000,163,840 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2008/03/10 22:22:44 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2008/03/10 22:22:44 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2007/10/03 12:45:02 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/10/03 12:44:58 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/07/12 09:43:50 | 000,226,904 | ---- | M] (Macrovision Corporation) -- C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe


========== Modules (No Company Name) ==========

MOD - [2013/05/15 03:49:30 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e9ea3e70247b4aa4a8b260426db3aa6b\System.Windows.Forms.ni.dll
MOD - [2013/02/13 05:10:19 | 011,820,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\86365ae159cb808d52a7e3ba2700ea6c\System.Web.ni.dll
MOD - [2013/01/09 05:05:21 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll
MOD - [2013/01/09 05:04:14 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll
MOD - [2013/01/09 05:02:34 | 001,593,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll
MOD - [2013/01/09 04:59:09 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll
MOD - [2013/01/09 04:58:48 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll
MOD - [2011/12/23 13:57:30 | 000,166,056 | ---- | M] () -- C:\ProgramData\HP Photo Creations\MessageCheck.exe
MOD - [2010/09/14 14:34:38 | 000,153,600 | ---- | M] () -- C:\Windows\System32\WSContextMenu.dll
MOD - [2008/08/16 15:45:07 | 001,679,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3019.36912__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2008/08/16 15:45:07 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3019.36870__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2008/08/16 15:45:07 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3019.36924__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2008/08/16 15:45:07 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3019.37100__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2008/08/16 15:45:07 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3019.37065__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2008/08/16 15:45:07 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3019.36904__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2008/08/16 15:45:07 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3019.37022__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2008/08/16 15:45:07 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3019.36890__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2008/08/16 15:45:06 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3019.37131__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2008/08/16 15:44:56 | 000,352,256 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3019.37072__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:56 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3019.37137__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:56 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3019.37079__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2008/08/16 15:44:56 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3019.36884__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:56 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3019.37071__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2008/08/16 15:44:55 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3019.37030__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:55 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3019.36936__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:55 | 000,446,464 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3019.37015__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:55 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3019.36891__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:55 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3019.37092__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2008/08/16 15:44:55 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3019.37058__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:55 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3019.36943__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2008/08/16 15:44:55 | 000,217,088 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3019.36930__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:55 | 000,147,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3019.37130__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:55 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3019.37044__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:55 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3019.37029__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2008/08/16 15:44:55 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3019.37022__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2008/08/16 15:44:55 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3019.37129__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2008/08/16 15:44:55 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3019.36942__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2008/08/16 15:44:55 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3019.37044__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2008/08/16 15:44:55 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3019.37058__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2008/08/16 15:44:54 | 000,479,232 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3019.37023__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2008/08/16 15:44:54 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2939.23668__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2008/08/16 15:44:54 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2939.23689__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2939.23743__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2008/08/16 15:44:54 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2939.23764__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3019.37029__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2008/08/16 15:44:54 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2939.23662__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2008/08/16 15:44:54 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2939.23802__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2008/08/16 15:44:54 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2939.23667__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2008/08/16 15:44:54 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2939.23717__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2008/08/16 15:44:54 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2939.23693__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2939.23687__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2939.23679__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2939.23679__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2939.23707__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2939.23717__90ba9c70f846762e\DEM.OS.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2939.23718__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2939.23688__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2939.23734__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2939.23718__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2939.23767__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2939.23710__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2939.23768__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2008/08/16 15:44:54 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2008/08/16 15:44:53 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2965.22300__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2939.23739__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2939.23740__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2939.23738__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2939.23742__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2939.23708__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2939.23763__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2939.23741__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2939.23711__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2939.23665__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2008/08/16 15:44:53 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2008/08/16 15:44:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2939.23709__90ba9c70f846762e\APM.Foundation.dll
MOD - [2008/08/16 15:44:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2008/08/16 15:44:49 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3019.37122__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2008/08/16 15:44:49 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3019.37147__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2008/08/16 15:44:49 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2939.23679__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2008/08/16 15:44:49 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2939.23677__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2008/08/16 15:44:49 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3019.36862__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2008/08/16 15:44:48 | 001,511,424 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3019.36878__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2008/08/16 15:44:48 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3019.36897__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2008/08/16 15:44:48 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3019.36862__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2008/08/16 15:44:48 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3019.37121__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2008/08/16 15:44:48 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2939.23713__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2008/08/16 15:44:48 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2939.23678__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2008/08/16 15:44:48 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2939.23694__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2008/08/16 15:44:48 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2939.23712__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2008/08/16 15:44:48 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2939.23711__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2008/08/16 15:44:47 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3019.36863__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2008/08/16 15:44:47 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3019.36861__90ba9c70f846762e\APM.Server.dll
MOD - [2008/08/16 15:44:47 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3019.36862__90ba9c70f846762e\AEM.Server.dll
MOD - [2008/08/16 15:44:47 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2939.23689__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2008/08/16 15:44:47 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3019.37122__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2008/08/16 15:44:47 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2008/08/16 15:44:47 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2939.23746__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2008/05/04 00:42:20 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter -- (sprtsvc_dellsupportcenter)
SRV - [2013/05/17 11:33:38 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/14 19:40:05 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/12/18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/11/26 06:09:22 | 001,225,312 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2012/11/26 06:09:20 | 000,659,040 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2012/10/30 15:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/05/02 15:26:00 | 000,294,224 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV - [2010/03/04 13:00:56 | 000,025,704 | R--- | M] (Amazon.com) [On_Demand | Stopped] -- C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe -- (ADVService)
SRV - [2009/03/16 19:59:20 | 000,254,042 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\stacsv.exe -- (STacSV)
SRV - [2009/03/16 19:59:18 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\AEstSrv.exe -- (AESTFilters)
SRV - [2008/08/16 15:42:34 | 000,072,704 | ---- | M] (Creative Labs) [Auto | Running] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)
SRV - [2008/05/05 17:46:38 | 001,168,632 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Program Files\Fingerprint Sensor\AtService.exe -- (ATService)
SRV - [2008/04/28 13:56:28 | 000,161,048 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008/01/20 18:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/03 12:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wdcsam.sys -- (WDC_SAM)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pcdrndisuio.sys -- (PcdrNdisuio)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ivusb.sys -- (ivusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Brandley\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btwusb.sys -- (BTWUSB)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwmodem.sys -- (btwmodem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwhid.sys -- (btwhid)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwdndis.sys -- (BTWDNDIS)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btport.sys -- (BTDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btaudio.sys -- (btaudio)
DRV - [2012/11/20 12:00:58 | 000,027,496 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VirtualAudio.sys -- (WsAudio_Device)
DRV - [2012/10/30 15:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/10/30 15:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/10/30 15:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/10/30 15:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/10/30 15:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/10/30 15:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/10/08 19:53:56 | 000,026,080 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice)
DRV - [2012/03/06 15:02:43 | 000,024,408 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2010/09/14 14:34:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)
DRV - [2010/09/14 14:34:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)
DRV - [2010/09/14 14:34:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)
DRV - [2010/09/14 14:34:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)
DRV - [2010/09/14 14:34:44 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)
DRV - [2010/09/08 12:20:01 | 000,037,920 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2010/09/01 00:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/03/08 10:02:58 | 000,062,496 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
DRV - [2009/03/16 19:59:22 | 000,398,336 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009/03/08 17:06:00 | 000,280,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA001Vid.sys -- (OA001Vid)
DRV - [2009/03/06 07:30:08 | 000,133,632 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA001Ufd.sys -- (OA001Ufd)
DRV - [2008/05/05 19:08:52 | 000,475,136 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV - [2008/05/04 00:42:18 | 003,548,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2008/05/04 00:42:18 | 003,548,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/03/11 06:24:46 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008/03/10 22:42:24 | 000,203,264 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x)
DRV - [2008/03/10 22:24:46 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2008/03/10 22:24:44 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008/03/10 22:24:42 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008/03/10 22:22:44 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/01/20 18:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2007/06/18 16:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2007/04/03 10:43:28 | 001,131,136 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Ph3xIB32.sys -- (Ph3xIB32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...ie7&rlz=1I7DKUS
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search...p={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=us&ibd=2080817
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{8046BD4D-45D6-4CA9-AA1E-D83CFB044571}: "URL" = http://websearch.ask...79-BB6EAB3D2CE0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;*.local

========== FireFox ==========

FF - prefs.js..browser.search..defaultengine: "Yahoo"
FF - prefs.js..browser.search..defaultenginename: "Yahoo"
FF - prefs.js..browser.search..order.1: "Yahoo"
FF - prefs.js..browser.search..selectedEngine: "Yahoo"
FF - prefs.js..browser.search..selectedEngineURL: "http://fileservehome...={searchTerms}"
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.selectedEngineURL: "http://fileservehome...={searchTerms}"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7BF17C1572-C9EC-4e5c-A542-D05CBB5C5A08%7D:9.7.0.7
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1474
FF - prefs.js..extensions.enabledAddons: %7B288479BE-1B9E-11E2-80EA-F3246188709B%7D:1.1
FF - prefs.js..extensions.enabledAddons: tfdlookup%40nohup.in:2.7
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.14
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.8
FF - prefs.js..extensions.enabledAddons: %7BBAEBEF65-9289-47c5-8524-C345CC5D860D%7D:1.12
FF - prefs.js..extensions.enabledAddons: pbupload%40photobucket.com:1.3.5
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.1
FF - prefs.js..extensions.enabledItems: [email protected]:3.3
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.13
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}:9.7.0.7
FF - prefs.js..extensions.enabledItems: [email protected]:6.0.1367
FF - prefs.js..extensions.enabledItems: {3DB5ABE1-407D-458F-AD5D-8D89BD625CCC}:1.2.0
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.126
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..extensions.enabledItems: [email protected]:3.12.2.100009
FF - prefs.js..extensions.enabledItems: {BAEBEF65-9289-47c5-8524-C345CC5D860D}:1.9
FF - prefs.js..extensions.enabledItems: {b947750f-94cc-4d60-9f68-281d51279131}:3.8.0.8
FF - prefs.js..keyword.URL: "http://fileservehome...02ff&Keywords="
FF - prefs.js..network.proxy.gopher: ""
FF - prefs.js..network.proxy.gopher_port: ""
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nbc.com/DirectPlayer: C:\Program Files\NBC Direct\npDirectPlayerMozilla.dll File not found
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Brandley\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Brandley\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/08/13 20:47:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/01/11 20:09:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\DigitalPersona\Bin\FirefoxExt\ [2012/05/29 17:22:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/12/12 15:24:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/17 11:33:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/05/17 11:33:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}: C:\Program Files\DAP\DAPFireFox [2011/10/28 19:52:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/08/13 20:47:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\DigitalPersona\Bin\firefoxext [2012/05/29 17:22:28 | 000,000,000 | ---D | M]

[2010/01/05 23:54:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Extensions
[2013/05/16 09:13:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions
[2010/07/26 01:16:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/07/22 13:42:52 | 000,000,000 | ---D | M] (Xinha Here!) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{5B280457-4290-40c2-9441-EA647775F824}
[2013/02/24 01:16:34 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013/04/16 02:32:24 | 000,322,488 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\[email protected]
[2013/05/16 09:13:36 | 000,028,018 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\[email protected]
[2012/12/18 17:36:18 | 000,053,364 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\[email protected]
[2012/12/18 17:36:17 | 000,002,716 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{288479BE-1B9E-11E2-80EA-F3246188709B}.xpi
[2013/04/08 00:24:05 | 000,154,271 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{BAEBEF65-9289-47c5-8524-C345CC5D860D}.xpi
[2013/05/09 01:38:13 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/03/01 02:10:58 | 000,269,007 | ---- | M] () (No name found) -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2011/05/11 15:21:46 | 000,001,213 | ---- | M] () -- C:\Users\Brandley\AppData\Roaming\Mozilla\Firefox\Profiles\8w3rm69w.default\searchplugins\fileserve.xml
[2013/05/17 11:33:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/05/17 11:33:40 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/12/12 15:24:44 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/10/28 19:52:48 | 000,000,000 | ---D | M] (Download Accelerator Plus (DAP) extension) -- C:\PROGRAM FILES\DAP\DAPFIREFOX
[2012/01/11 20:09:12 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2011/05/11 15:21:45 | 000,001,213 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fileserve.xml

========== Chrome ==========

CHR - default_search_provider: MyStart Search (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url =
CHR - homepage: http://my.msn.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Brandley\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Brandley\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Brandley\AppData\Local\Google\Chrome\Application\26.0.1410.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Chrome DAP extension (Enabled) = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\2.0.8_0\lib/npdapchrome.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Brandley\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: TVU Web Player for FireFox (Enabled) = C:\Windows\system32\TVUAx\npTVUAx.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Angry Birds = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Download Accelerator Plus (DAP) = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\2.0.8_0\
CHR - Extension: Keep My Opt-Outs = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhnjdplhmcnkiecampfdgfjilccfpfoe\1.0.14_0\
CHR - Extension: avast! WebRep = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: Speed Test Analysis = C:\Users\Brandley\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb\1.0.0.0\

O1 HOSTS File: ([2013/05/14 18:39:03 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Download Accelerator Plus Integration) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\DAP\dapieloader.dll (SpeedBit Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell...r/SysProExe.CAB (WMI Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.112.128.2 204.17.139.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9C455C83-8DBA-41B3-A6B2-0A67DB9441EC}: DhcpNameServer = 209.112.128.2 204.17.139.2
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Brandley\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Brandley\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 13:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = ComFile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/05/17 11:33:18 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/05/14 18:44:23 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/05/14 18:44:19 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/05/14 18:44:18 | 000,000,000 | ---D | C] -- C:\Users\Brandley\AppData\Local\temp
[2013/05/14 18:15:47 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/05/14 18:15:47 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/05/14 18:15:47 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/05/14 18:15:27 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/05/14 18:13:19 | 005,066,131 | R--- | C] (Swearware) -- C:\Users\Brandley\Desktop\ComboFix.exe
[2013/05/13 18:40:17 | 000,354,299 | ---- | C] (Farbar) -- C:\Users\Brandley\Desktop\FSS.exe
[2013/05/13 09:02:41 | 002,347,384 | ---- | C] (ESET) -- C:\Users\Brandley\Desktop\esetsmartinstaller_enu.exe
[2013/05/11 15:56:58 | 000,000,000 | ---D | C] -- C:\Users\Brandley\Desktop\RK_Quarantine
[2013/05/11 14:25:47 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Brandley\Desktop\aswMBR.exe
[2013/05/08 11:37:02 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/05/07 23:59:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Brandley\Desktop\OTL.exe
[2013/05/04 12:54:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java(58)
[2013/05/04 12:54:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java

========== Files - Modified Within 30 Days ==========

[2013/05/18 11:47:00 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Communicator.job
[2013/05/18 11:38:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/05/18 11:24:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-313869043-597203798-2405295701-1000UA.job
[2013/05/18 10:57:40 | 000,010,774 | ---- | M] () -- C:\Users\Brandley\Desktop\dellsystemdetect.application
[2013/05/18 10:18:46 | 000,604,752 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/05/18 10:18:46 | 000,109,022 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/05/18 10:12:01 | 000,003,744 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/18 10:12:01 | 000,003,744 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/18 10:11:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/18 10:11:45 | 2145,361,920 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/18 05:24:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-313869043-597203798-2405295701-1000Core.job
[2013/05/16 18:08:17 | 312,639,125 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/05/16 08:51:35 | 400,325,598 | ---- | M] () -- C:\Users\Brandley\Desktop\DVDbackup.reg
[2013/05/15 03:44:31 | 000,271,344 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/05/14 18:39:03 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013/05/14 18:13:42 | 005,066,131 | R--- | M] (Swearware) -- C:\Users\Brandley\Desktop\ComboFix.exe
[2013/05/13 18:43:36 | 000,890,825 | ---- | M] () -- C:\Users\Brandley\Desktop\SecurityCheck.exe
[2013/05/13 18:40:18 | 000,354,299 | ---- | M] (Farbar) -- C:\Users\Brandley\Desktop\FSS.exe
[2013/05/13 09:02:45 | 002,347,384 | ---- | M] (ESET) -- C:\Users\Brandley\Desktop\esetsmartinstaller_enu.exe
[2013/05/11 14:31:08 | 000,816,128 | ---- | M] () -- C:\Users\Brandley\Desktop\RogueKiller.exe
[2013/05/11 14:26:57 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Brandley\Desktop\aswMBR.exe
[2013/05/11 14:15:01 | 000,000,175 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013/05/10 15:34:19 | 004,402,240 | ---- | M] () -- C:\Users\Brandley\Desktop\R191022.exe
[2013/05/10 14:29:00 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013/05/08 11:17:06 | 000,628,743 | ---- | M] () -- C:\Users\Brandley\Desktop\adwcleaner.exe
[2013/05/07 23:59:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Brandley\Desktop\OTL.exe
[2013/05/07 23:40:29 | 000,036,864 | ---- | M] () -- C:\Windows\System32\umstartup.etl
[2013/05/04 02:18:58 | 000,039,936 | ---- | M] () -- C:\Windows\System32\umstartup000.etl
[2013/05/04 01:47:09 | 000,035,550 | ---- | M] () -- C:\Users\Brandley\Documents\cc_20130504_014702.reg
[2013/05/04 01:43:09 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/05/04 01:28:22 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

========== Files Created - No Company Name ==========

[2013/05/18 10:57:40 | 000,010,774 | ---- | C] () -- C:\Users\Brandley\Desktop\dellsystemdetect.application
[2013/05/16 08:50:56 | 400,325,598 | ---- | C] () -- C:\Users\Brandley\Desktop\DVDbackup.reg
[2013/05/14 18:15:47 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/05/14 18:15:47 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/05/14 18:15:47 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/05/14 18:15:47 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/05/14 18:15:47 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/05/13 18:43:35 | 000,890,825 | ---- | C] () -- C:\Users\Brandley\Desktop\SecurityCheck.exe
[2013/05/11 14:31:07 | 000,816,128 | ---- | C] () -- C:\Users\Brandley\Desktop\RogueKiller.exe
[2013/05/11 14:11:33 | 000,000,175 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013/05/10 15:33:32 | 004,402,240 | ---- | C] () -- C:\Users\Brandley\Desktop\R191022.exe
[2013/05/09 00:40:14 | 2145,361,920 | -HS- | C] () -- C:\hiberfil.sys
[2013/05/08 11:17:01 | 000,628,743 | ---- | C] () -- C:\Users\Brandley\Desktop\adwcleaner.exe
[2013/05/04 01:47:05 | 000,035,550 | ---- | C] () -- C:\Users\Brandley\Documents\cc_20130504_014702.reg
[2012/06/06 13:49:33 | 000,049,091 | ---- | C] () -- C:\Users\Brandley\lorealparisargentinafb2.jpg
[2012/06/06 13:48:35 | 000,045,317 | ---- | C] () -- C:\Users\Brandley\lorealparisargentinafb.jpg
[2012/06/05 21:10:01 | 000,026,711 | ---- | C] () -- C:\Users\Brandley\P060212_2002.jpg
[2012/06/05 20:56:38 | 068,010,654 | ---- | C] () -- C:\Users\Brandley\LTT-Seattle.zip
[2012/05/11 23:18:06 | 000,000,680 | ---- | C] () -- C:\Users\Brandley\AppData\Local\d3d9caps.dat
[2012/04/22 12:59:40 | 000,068,071 | ---- | C] () -- C:\Users\Brandley\Your travel document PBORB5362355094.eml
[2011/11/17 18:24:01 | 001,174,083 | ---- | C] () -- C:\Windows\unins000.exe
[2011/11/17 18:24:01 | 000,017,783 | ---- | C] () -- C:\Windows\unins000.dat
[2011/11/11 21:42:20 | 000,000,218 | ---- | C] () -- C:\Users\Brandley\.recently-used.xbel
[2011/10/28 19:52:43 | 000,109,216 | ---- | C] () -- C:\Windows\System32\EasyHook64.dll
[2011/10/28 19:52:43 | 000,084,480 | ---- | C] () -- C:\Windows\System32\EasyHook32.dll
[2011/09/02 21:38:48 | 000,000,997 | ---- | C] () -- C:\Users\Brandley\index.html
[2011/09/01 22:27:49 | 000,000,118 | ---- | C] () -- C:\Users\Brandley\Cari Man up radio.m3u
[2010/05/24 12:04:56 | 000,000,145 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2009/09/01 15:47:41 | 000,000,125 | --S- | C] () -- C:\ProgramData\.zreglib
[2008/10/19 04:53:12 | 000,000,552 | ---- | C] () -- C:\Users\Brandley\AppData\Local\d3d8caps.dat
[2008/10/04 10:30:54 | 000,023,909 | ---- | C] () -- C:\Users\Brandley\AppData\Roaming\UserTile.png
[2008/09/04 16:30:00 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2008/09/02 18:21:28 | 000,049,664 | ---- | C] () -- C:\Users\Brandley\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/08/29 22:28:08 | 000,008,248 | ---- | C] () -- C:\Users\Brandley\AppData\Local\en.ini

========== ZeroAccess Check ==========

[2006/11/02 04:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 09:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 22:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 22:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2008/09/16 02:58:24 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\aAvgApi
[2012/12/18 16:06:47 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Aimersoft Video Converter Ultimate
[2009/10/20 17:20:58 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Amazon
[2009/10/24 14:41:25 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Any Video Converter
[2013/03/15 12:50:28 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Apowersoft
[2010/12/07 02:52:42 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Ashampoo
[2010/03/22 12:39:29 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Audacity
[2011/04/28 09:10:11 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\AVG10
[2010/04/24 13:45:09 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\AVG9
[2012/12/17 01:33:30 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2010/08/16 16:18:25 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Clip Extractor
[2013/03/28 12:59:29 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\com.amazon.music.uploader
[2009/07/30 11:41:59 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\DataCast
[2012/05/29 14:43:43 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\DigitalPersona
[2012/10/20 17:27:16 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\foxyproxy
[2011/11/04 23:59:43 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\gtk-2.0
[2009/09/16 10:53:00 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\IDM
[2009/11/21 17:52:17 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\LimeWire
[2011/12/14 02:04:07 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Mobipocket
[2009/09/10 23:10:19 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\MPEG Streamclip
[2009/07/05 09:49:26 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\MusicNet
[2009/09/16 10:53:13 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\NBC Direct
[2011/11/04 22:45:51 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Participatory Culture Foundation
[2010/12/15 19:17:45 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\PCDr
[2012/10/22 17:50:48 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\PCF-VLC
[2008/10/04 10:30:53 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\PeerNetworking
[2011/01/17 21:02:20 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Philipp Winterberg
[2011/12/19 01:44:45 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Rovio
[2010/10/19 21:25:08 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\SendSpace Wizard
[2013/03/15 12:57:57 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\SpeedTestAnalysis
[2013/01/13 15:24:15 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Spotify
[2011/02/13 23:07:20 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Uniblue
[2011/12/23 14:47:02 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Visan
[2011/11/11 23:52:43 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Western Digital
[2010/05/24 12:05:00 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Western DigitalTemp
[2011/11/28 17:17:34 | 000,000,000 | ---D | M] -- C:\Users\Brandley\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 857 bytes -> C:\Users\Brandley\Your travel document PBORB5362355094.eml:OECustomProperty
@Alternate Data Stream - 159 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:CD060F93
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:2B11E0DF
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:010ADD2C
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:553CA6CA
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:D74B6CF5
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:430C6D84

< End of report >
  • 0

#35
aka_GForce

aka_GForce

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
The DVD Drive is working again as well. Auto run works, the touch keys for Media Player work. Dunno which fix fixed that but it's just like Christmas. :cheers:
  • 0

#36
aka_GForce

aka_GForce

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
:confused: Shut down and on next boot up the TPad and the touchkeys for the DVD ceased to work again... the DVD player still worked though. I dun get it. The TPad icon in quick launch loaded but it is non-responsive, can't open to the program settings or properties either. So is same as it was before, if the Apoint.exe is enabled for start-up it doesn't work.
  • 0

#37
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Thanks for the update. I too am at a loss on the intermittent touchpad issue. The DVD player working again is good news. The ADS Instant HDTV PCI in device Manager is an ADSInstant HDTV tuner card. Click here to see a discussion in the problem. Look for the answers by kingjinx and Lyndia Dee.

The last OTL scan looks clean. I want to do one last OTL fix and remove the ADS files. And your Adobe Reader is out of date so we need to update it.

As for the touchpad issue, the last thing I can recommend is troubleshooting the Windows start up items and services.


Step-1.

Posted Image OTL Fix

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

1. Please copy all of the text in the quote box below (Do Not copy the word Quote. To do this, highlight everything
inside the quote box (except the word Quote) , right click and click Copy.

:COMMANDS
[createrestorepoiint]

:OTL
@Alternate Data Stream - 857 bytes -> C:\Users\Brandley\Your travel document PBORB5362355094.eml:OECustomProperty
@Alternate Data Stream - 159 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:CD060F93
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:2B11E0DF
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:010ADD2C
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:553CA6CA
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:D74B6CF5
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:430C6D84

:COMMANDS
[emptytemp]


Warning: This fix is relevant for this system and no other. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

2. Please re-open Posted Image on your desktop. To do that:
  • Vista and 7 users: Right click the icon and click Run as Administrator
3. Place the mouse pointer inside the Posted Image textbox, right click and click Paste. This will put the above script inside the textbox.
4. Click the Posted Image button.
5. Let the program run unhindered.
6. OTL may ask to reboot the machine. Please do so if asked.
7. Click the Posted Image button.
8. A report will open. Copy and Paste that report in your next reply.
9. If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, (where mmddyyyy_hhmmss is the date of the tool run).


Step-2.

Update Adobe Reader

Earlier versions of Adobe Reader have known security flaws so it is recommended that you update your copy.
  • Windows Vista /7 Users: Click the Start Orb and click Control Panel. Under the Programs heading click Uninstall a program
  • Remove ALL instances of Adobe Reader
  • Re-boot your computer as required.
  • Once ALL versions of Adobe Reader have been uninstalled, download the latest version of Adobe Reader from Here.
  • Remove the check mark next to Yes, install McAfee Security Scan Plus-optional box.
  • Click the Download Now button to download Adobe Reader and follow the directions.
Alternative Option: After uninstalling Adobe Reader, you could try installing Foxit Reader from HERE. Foxit Reader is a much smaller program. It has fewer add-ons therefore loads more quickly.
NOTE: When installing FoxitReader, be careful not to install anything to do with AskBar.


Step-3.

How to perform a clean boot to troubleshoot a problem in Windows 8, Windows 7, or Windows Vista

Clean Boot Vista/7

  • Log on to the computer by using an account that has administrator rights.
  • Click Start Posted Image, type msconfig.exe in the Start Search box, and then press Enter to start the System Configuration utility.

    Posted Image If you are prompted for an administrator password or for confirmation, you should type the password or provide confirmation.

    Posted Image
  • On the General tab, click the Selective startup option, and then click to clear the Load startup items check box. (The Use Original Boot.ini check box is unavailable.)

    Posted Image
  • On the Services tab, click to select the Hide all Microsoft services check box, and then click Disable all.

    Posted Image

    • Note This step lets Microsoft services continue to run. These services include Networking, Plug and Play, Event Logging, Error Reporting, and other services. If you disable these services, you may permanently delete all restore points.
  • Click OK, and then click Restart.
Once the system restarts check to see if the problem with the touchpad is still there. If the clean Boot corrects the problem you will need to see which service or startup item is causing the conflict.

  • Click Start Posted Image, type msconfig.exe in the Start Search box, and then press Enter to start the System Configuration utility.

    Posted Image If you are prompted for an administrator password or for confirmation, you should type the password or provide confirmation.
  • Click the Services tab, and then click to select the Hide all Microsoft services check box.
  • Click to select half of the check boxes in the Service list.
  • Click OK, and then click Restart.
    After the computer finishes restarting, determine whether the problem still occurs.
  • If the problem still occurs, repeat steps 2a through 2e, but clear half of the checked boxes in the Service list that you originally selected and restart the computer. If the problem still occurs, clear half of the remaining boxes and restart. Do this until you find the service that causes the problem when it is checked.
  • If the problem does not occur, repeat steps 1 and 2, selecting only half of the remaining check boxes that are cleared in the Service list. Repeat these steps until you have selected all the check boxes or found the service that causes the conflict. Write down the name of that service then reconfigure Window to boot normally.
.
If no service causes this problem:

  • Click Start Posted Image, type msconfig.exe in the Start Search box, and then press Enter to start the System Configuration utility.

    Posted Image If you are prompted for an administrator password or for confirmation, you should type the password or provide confirmation.
  • Click the StartUp tab.
  • Click half of the check boxes in the Startup Items list.
  • click OK and Restart.
    After the computer finishes restarting, determine whether the problem still occurs.
  • If the problem still occurs, repeat steps 1 and 2, but clear half of the checked boxes in the Startup Items list that you originally selected and restart the computer. If the problem still occurs, clear half of the remaining boxes and restart. Do this until you find the service that causes the problem when it is checked.
  • If the problem does not occur, repeat steps 1 and 2, selecting only half of the remaining check boxes that are cleared in the Startup Items list. Repeat these steps until you have selected all the check boxes or found the Startup Item that causes the conflict. Write down the name of that Startup Item then reconfigure Window to boot normally.
.

Configure Vista and 7 to boot Normally

  • Click Start Posted Image, type msconfig.exe in the Start Search box, and then press Enter.

    Posted Image If you are prompted for an administrator password or for confirmation, you should type the password or click Continue.
  • On the General tab, click the Normal Startup option, and then click OK.
  • When you are prompted to restart the computer, click Restart.
Let me know which Service or Startup Item, if any caused the problem and we will try to find the best way to disable it.


Step-3.

Things For Your Next Post:
Please post the logs in the order requested. Do Not attach the logs unless I request it.
1. The OTL fixes log
2. Let me know how the Adobe update went.
3. Let me know the results of the search for a conflicting service or startup entry.
  • 0

#38
aka_GForce

aka_GForce

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Here's the thing... everything started working again on the next boot before starting this set of instructions.
I went through the instructions anyhow. Try as I may, I couldn't get it to stop working again.
Sure computer, make a liar outta me.
Adobe update went fine.

Here's the OTL Fix log.

All processes killed
========== COMMANDS ==========
Error: Unable to interpret <[createrestorepoiint]> in the current context!
========== OTL ==========
ADS C:\Users\Brandley\Your travel document PBORB5362355094.eml:OECustomProperty deleted successfully.
ADS C:\ProgramData\TEMP:DFC5A2B2 deleted successfully.
ADS C:\ProgramData\TEMP:CD060F93 deleted successfully.
ADS C:\ProgramData\TEMP:2B11E0DF deleted successfully.
ADS C:\ProgramData\TEMP:A8ADE5D8 deleted successfully.
ADS C:\ProgramData\TEMP:010ADD2C deleted successfully.
ADS C:\ProgramData\TEMP:553CA6CA deleted successfully.
ADS C:\ProgramData\TEMP:D74B6CF5 deleted successfully.
ADS C:\ProgramData\TEMP:430C6D84 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Admin
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Brandley
->Temp folder emptied: 1357256729 bytes
->Temporary Internet Files folder emptied: 3580970 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 382389265 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 1733 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 38449786 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 10774 bytes

Total Files Cleaned = 1,699.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 05192013_163028

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • 0

#39
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts

Here's the thing... everything started working again on the next boot before starting this set of instructions.
I went through the instructions anyhow. Try as I may, I couldn't get it to stop working again.
Sure computer, make a liar outta me.

:rofl: What can I say....it's magic! You have a strange computer. :yes: While everything is working we are gonna clean up our tools and keep our fingers, legs, toes, eyeballs and anything else you can think of crossed.


OK! Well done. :thumbsup: Here is the best part of the process! The mullygrubs are gone! That's a technical term for your log(s) appear to be clean! If you have no further issues with your computer, please proceed with the housekeeping procedures outlined below.
The first thing we need to do is to remove all the tools that we have used. This is so that should you ever be re-infected, you will download updated versions.

If you didn't uninstall ESET after running the program we will do it now.

Step-1.

Uninstall ESET

1. Please click the Start Orb Posted Image, click Control Panel. Under the Programs heading click Uninstall a program
2. In the list of programs installed, locate the following program(s):

ESET

3. Click on each program to highlight it and click Change/Remove. (Vista/7 users: right click the program and click Uninstall
4. After the programs have been uninstalled, close the Installed Programs window and the Control Panel.
5. Reboot the computer.

Delete the folders associated with the uninstalled programs.(Only do this if you uninstalled the program)

1. Using Windows Explorer (to get there right-click your Start button and click "Explore"), please delete the following folders(s) (if present):

C:\Program Files\ESET

2. Close Windows Explorer.

Step-2.

Uninstall AdwCleaner

Re-open AdwCleaner
  • Click the Uninstall button
  • Confirm with yes
Posted Image

Step-3.

Uninstall ComboFix
  • Click the Start Orb and click Run. This will display the Run dialogue box .
  • In the Run box, type in ComboFix /Uninstall (Notice the space between the "x" and "/") then click OK

    Posted Image
  • Follow the prompts on the screen.
  • A message should appear confirming that ComboFix was uninstalled
Step-4.

OTL Cleanup

1. Please re-open Posted Image on your desktop.
  • Be sure all other programs are closed as this step will require a reboot.
  • Click on Posted Image
  • You will be prompted to reboot your system. Please do so.
The above process will remove most/all of the tools used and logs created during the cleanup process. After it is finished, OTL will remove itself. This is so that if you are ever infected again you will download the most current copy of the tool.

Step-5.

Delete the following Files and Folders (If Present):

mbr.dat
SecurityCheck.exe
checkup.txt
sfcdetails.txt
R191022.exe
The Adobe Reader setup file
DVDbackup.reg
(leave this one for a week or two and if there still isn't any problem with the DVD player then delete it)

Delete any other .bat, .log, .reg, .txt, and any other files created during this process, and left on the desktop and empty the Recycle Bin.

Step-6.

Reset Hidden Files and Folders

For Vista and Windows 7
1. Click Start,click Control Panel.
2. Click Folder Options.... NOTE: If you are in the Category view, click Appearance, then Folder Options
3. On the Folder Options window click the View tab.
4. In the Advanced settings: box, Under Hidden files and folders, click the Do not show hidden files and folders button.
5. Click the Hide protected operating system files (Recommended) box.
6. Click Apply and then OK

Step-7.

Make a Fresh Restore Point, Clear the Old Restore Points, and Re-enable System Restore

The files in System Restore are protected to prevent any programs from changing those files. This is the only way to clean these files: (You will lose all previous restore points which are likely to be infected, but that's good news).

Note: Do not clear infected/old System Restore points before creating a new System Restore point first!

For Vista and Windows 7:
  • Click the Start Orb. Click Control Panel. Click System and Maintenance
  • Click System
  • In the left column under Tasks, click Advance System Settings and accept the warning if you get one
  • Click the System Protection Tab
  • In the Available Disks box put a ckeck mark in the box next to OS (?:) (System). Your drive letter will be shown in place of the ?

    Note: It may take some time for the system to populate the Available Disks box, so be patient.
  • Click the Create button at the bottom
  • Type in a name fo the restore point, i.e: Clean
  • Click Create
  • A small System Protection window will come up telling you a Restore Point is being created.
  • Another System Protection window will come up telling you the Restore Point has been created, click OK
  • Click OK again.
  • Close the Control Panel
Now we can purge the old Restore Points
  • Click Start(Windows 7 Orb), click Run (or press the Windows key and R together) to bring up the Run box.
  • Copy and Paste the following in the Run box:
    cleanmgr
  • Click OK
    A Disk Cleanup Options popup will open
    Posted Image
  • Click Files from all users on this computer

    A Drive Selection popup will open
    NOTE: You will not see this window unless you have more than one drive or partition on your computer.
    Posted Image
    If you chose Files from all users on this computer above, then click on Continue for UAC prompt.
  • Select the system drive, C:\ and click OK.
  • For a few moments the system will make some calculations
    Posted Image
  • The Disk Cleanup Window will open:
    Posted Image
  • Click the More Options tab.
  • Click the Clean up button under the System Restore and Shadow Copies section. (See screenshot below)
    Posted Image
  • In the Disk Cleanup dialog box, click Delete (See screenshot below).
    Posted Image
  • You will get a Disk Cleanup confirmation (See screenshot below)
    Posted Image
  • Click Delete Files, and then click OK.

Preventing Re-Infection

Below, I have included a number of recommendations for how to protect your computer against future malware infections.

:Keep Windows Updated:-Windows Updates are constantly being revised to combat the newest hacks and threats. Microsoft releases security updates that help your computer from becoming vulnerable.
Please either enable Automatic Updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.

Vista and Windows 7 Users:
1. Click Start> All Programs, from the list find Windows Update and click it.

:Turn On Automatic Updates:

Vista and Windows 7
1. Click Start> Control Panel. Click Security. Under Windows Update, Click Turn automatic on or off.
2. On the next page, under Important Updates, Click the Drop down arrow on the right side of the box and Click Install Updates Automatically(recommended).
If you click this setting, click to select the day and time for scheduled updates to occur. You can schedule Automatic Updates for any time of day. Remember, your computer must be on at the scheduled time for updates to be installed. After you set this option, Windows recognizes when you are online and uses your Internet connection to find updates on the Windows Update Web site or on the Microsoft Update Web site that apply to your computer. Updates are downloaded automatically in the background, and you are not notified or interrupted during this process. An icon appears in the notification area of your task bar when the updates are being downloaded. You can point to the icon to view the download status. To pause or to resume the download, right-click the icon, and then click Pause or Resume. When the download is completed, another message appears in the notification area so that you can review the updates that are scheduled for installation. If you choose not to install at that time, Windows starts the installation on your set schedule.

: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article and this article.
I would recommend that you completely uninstall Java unless you need it to run an important software or need it to play games on-line.
In that instance I would recommend that you only use Firefox or Chrome to visit those sites and do the following:If you still want to keep Java
  • Click the Start button
  • Click Control Panel
  • Double Click Java - Looks like a coffee cup. You may have to switch to Classical View on the upper left of the Control Panel to see it.
  • Click the Update tab
  • Click Update Now
  • Allow any updates to be downloaded and installed
: Keep Adobe Reader Updated :
  • Open Adobe Reader
  • Click Help on the menu at the top
  • Click Check for Updates
  • Allow any updates to be downloaded and installed
NOTE: Whether you use Adobe Reader, Acrobat or Foxit Reader to read pdf files you need to disable Javascript in the program. There is an exploit out there now that can use it to get on your PC. For Adobe Reader: Click Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript. Click OK Close program. It's the same for Foxit Reader except Preferences is under the Tools menu, and you uncheck Enable Javascript Actions.

NOTE: Many installers offer third-party downloads that are installed automatically when you do not uncheck certain checkboxes. While most of the time not being malicious you usually do not want these on your computer. Be careful during the installation process and you will avoid seeing tons of new unwanted toolbars in your favorite web browser.

:Web Browsers:

:Make your Internet Explorer more secure:
1. From within Internet Explorer click on the Tools menu and then click on Options.
2. Click once on the Security tab
3. Click once on the Internet icon so it becomes highlighted.
4. Click once on the Custom Level button.
5. Change the Download signed ActiveX controls to "Prompt"
6. Change the Download unsigned ActiveX controls to "Disable"
7. Change the Initialize and script ActiveX controls not marked as safe to "Disable"
8. Change the Installation of desktop items to "Prompt"
9. Change the Launching programs and files in an IFRAME to "Prompt"
10. When all these settings have been made, click on the OK button.
11. If it prompts you as to whether or not you want to save the settings, click the Yes button.
12. Next press the Apply button and then the OK to exit the Internet Properties page.

:Alternate Browsers:

If you use Firefox, I highly recommend these add-ons to keep your PC even more secure.
  • NoScript - for blocking ads and other potential website attacks
  • WebOfTrust - a safe surfing tool for your browser. Traffic-light rating symbols show which websites you can trust when you search, shop and surf on the Web.
  • McAfee SiteAdvisor - this tells you whether the sites you are about to visit are safe or not. A must if you do a lot of Googling
:Install the MVPs Hosts File:
  • MVPS Hosts file-replaces your current HOSTS file with one containing well known ad sites and other bad sites. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer, meaning it will be difficult to infect yourself in the future.

Preventative programs that will help to keep the nasties away! We will start with Anti Spyware programs. I would advise getting a couple of them at least, and running a full scan at least once a month. Run Quick Scans at least once a week. Download the Free versions. And update the definitions before running scans.

========Anti Spyware========
  • Malwarebytes-Free Version- a powerful tool to search for and eliminate malware found on your computer.
  • SUPERAntiSpyware Free Edition-another scanning tool to find and eliminate malware.
  • SpywareBlaster-to help prevent spyware from installing in the first place. A tutorial can be found here.
  • SpywareGuard-to catch and block spyware before it can execute. A tutorial can be found here.
  • WinPatrol - will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. Help file and tutorial can be found here.
It's a good idea to clear out all your temp files every now and again. This will help your computer from bogging down and slowing. It also can assist in getting rid of files that may contain malicious code that could re-infect your computer.

========TEMP File Cleaners========
  • TFC by OldTimer-A very powerful cleaning program for 32 and 64 bit OS. Note: You may have this already as part of the fixes you have run.
  • CleanUP-Click the Download CleanUP! link. There is also a Learn how to use CleanUP! link on this page.
:BACKUPS:
  • Keep a backup of your important files.-Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.
  • ERUNT-(Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.
:Keep Installed Programs Up to Date:

It is also possible for other programs on your computer to have security vulnerability that can allow malware to infect you. Therefore, it is also a good idea to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities.
A program that will do this is listed below. Download and install the program and run it monthly:
Filehippo Update Checker

Finally, please read How did I get infected in the first place? by Mr. Tony Cline

I'd be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can then be closed.

I Will Keep This Open For 24 hours or so. If Anything Comes Up - Just Come Back And Let Me Know

Stay Safe :wave:
godawgs
  • 0

#40
aka_GForce

aka_GForce

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Thanks so much for all the help and especially the tips in the last post, there were a few things there I didn't know.
This last ordeal with my laptop made me realize that I need to get back in the loop and start learning more, thought I pretty much knew my way around but I haven't kept up. Is way cool that G2G has a free Uni... am def going to learn how to help others :) Is what I've always wanted to do.

One question, I currently use Secunia PSI. You recommended Filehippo Update Checker. You think that is a better program?
  • 0

Advertisements


#41
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
You are most welcome. If you want to attend GeekU just click the GeekU link under the GeeksToGo Security badge in my signature.
It's not that I think Filehippo is the better program. Secunia requires Java and Filehippo Update Checker doesn't. And since Java is exploited so frequently we are now recommending Filehippo. I don't even have Java installed on my computers anymore. :thumbsup:

Stay Safe!
  • 0

#42
aka_GForce

aka_GForce

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
:cool: Thanks again, will check that one out then. Have a marvelous day!
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP