Solved Memory Intensive svchost.exe *32 process

Discussion in 'Virus, Spyware and Malware Removal' started by Comedian1220, Aug 30, 2011.

Recommended: Click here to Fix Errors and Optimize Windows

Page 2 of 3

  1. Comedian1220 Bronze Member

    Bronze
    Message Count:
    19
    Likes Received:
    0
    My System
    Loading...
    Ok, ran the OTL fix you requested. Following is the log. I also attached another screenshot, because when i logged on just now i had 2 desktop.ini files and a ~$O200 Ex#2.docx file on my desktop. I know they were not there earlier today. Not sure where they came from or why they appeared...

    ========== OTL ==========
    Process svchost.exe killed successfully!
    Process svchost.exe killed successfully!
    No active process named svchost.exe was found!
    No active process named svchost.exe was found!
    No active process named svchost.exe was found!
    No active process named svchost.exe was found!
    No active process named svchost.exe was found!
    No active process named svchost.exe was found!



    OTL by OldTimer - Version 3.1.27.0 log created on 08312011_213328

    Attached Files:

    Comedian1220, Sep 1, 2011
    #16

  2. Pancake Security Team

    PCHF Staff
    Message Count:
    13,497
    Likes Received:
    594
    My System
    Loading...
    I'm sure Crush will agree with me that there is no malware.Your system is fine.
    Pancake, Sep 1, 2011
    #17

  3. Crush Administrator & Security Team Leader

    Manager
    PCHF Staff
    Message Count:
    39,939
    Likes Received:
    3,674
    My System
    Loading...
    After that OTL fix everything *should* be fine. Can you post new logs?
    Crush, Sep 1, 2011
    #18

  4. Google Advertisement

  5. Comedian1220 Bronze Member

    Bronze
    Message Count:
    19
    Likes Received:
    0
    My System
    Loading...
    OK, new logs! If there is in fact no malware can you direct me to a place where I might be able to find some information on cleaning/speeding up my laptop? Or a link to a place with a way to accurately do a system restore?


    OTL logfile created on: 9/1/2011 10:47:40 AM - Run 3
    OTL by OldTimer - Version 3.1.27.0 Folder = C:\Users\Joel\Desktop
    64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 60.00% Memory free
    8.00 Gb Paging File | 6.00 Gb Available in Paging File | 79.00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 451.01 Gb Total Space | 388.15 Gb Free Space | 86.06% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: JOEL-PC
    Current User Name: Joel
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Include 64bit Scans
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Standard

    ========== Processes (SafeList) ==========

    PRC - [2011/09/01 02:43:56 | 00,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    PRC - [2011/09/01 02:43:54 | 00,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    PRC - [2011/08/29 23:54:57 | 00,548,352 | ---- | M] (OldTimer Tools) -- C:\Users\Joel\Desktop\OTL.exe
    PRC - [2010/10/07 13:23:00 | 00,345,376 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    PRC - [2010/09/16 15:06:22 | 00,080,896 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
    PRC - [2010/08/12 22:51:10 | 01,422,168 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
    PRC - [2010/06/08 12:49:30 | 00,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    PRC - [2010/06/08 12:49:26 | 00,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    PRC - [2010/04/24 02:10:34 | 00,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    PRC - [2010/04/24 02:10:28 | 00,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    PRC - [2010/03/03 16:42:02 | 02,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    PRC - [2010/03/03 16:41:58 | 00,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    PRC - [2010/02/28 03:33:14 | 00,821,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
    PRC - [2009/07/13 21:14:45 | 00,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
    PRC - [2009/07/13 21:14:45 | 00,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
    PRC - [2009/06/09 10:11:14 | 00,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
    PRC - [2009/05/21 10:59:08 | 00,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
    PRC - [2009/05/21 10:59:08 | 00,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
    PRC - [2009/01/14 19:53:02 | 00,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe


    ========== Modules (SafeList) ==========

    MOD - [2011/08/29 23:54:57 | 00,548,352 | ---- | M] (OldTimer Tools) -- C:\Users\Joel\Desktop\OTL.exe
    MOD - [2010/12/21 01:34:12 | 00,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davclnt.dll
    MOD - [2010/08/21 01:21:32 | 01,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
    MOD - [2009/07/13 21:16:19 | 00,156,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
    MOD - [2009/07/13 21:16:19 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
    MOD - [2009/07/13 21:16:11 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntlanman.dll
    MOD - [2009/07/13 21:16:03 | 01,661,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\networkexplorer.dll
    MOD - [2009/07/13 21:15:13 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\drprov.dll
    MOD - [2009/07/13 21:15:08 | 00,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davhlpr.dll
    MOD - [2009/07/13 21:15:07 | 00,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
    MOD - [2009/07/13 21:15:07 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll


    ========== Win32 Services (SafeList) ==========

    SRV:64bit: - [2011/02/19 02:37:44 | 01,135,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
    SRV:64bit: - [2011/01/25 16:08:18 | 00,933,664 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
    SRV:64bit: - [2010/12/25 02:30:43 | 01,255,736 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\Wat\WatAdminSvc.exe -- (WatAdminSvc)
    SRV:64bit: - [2010/06/18 01:10:14 | 00,258,048 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
    SRV:64bit: - [2010/02/03 02:13:10 | 00,048,128 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
    SRV:64bit: - [2010/01/09 22:34:24 | 04,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
    SRV:64bit: - [2009/12/29 16:19:12 | 00,873,248 | ---- | M] (Broadcom Corporation.) [Disabled | Stopped] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
    SRV:64bit: - [2009/07/13 21:41:59 | 00,229,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)
    SRV:64bit: - [2009/07/13 21:41:56 | 00,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)
    SRV:64bit: - [2009/07/13 21:41:56 | 00,163,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpo.dll -- (Power)
    SRV:64bit: - [2009/07/13 21:41:55 | 00,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
    SRV:64bit: - [2009/07/13 21:41:54 | 00,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sppuinotify.dll -- (sppuinotify)
    SRV:64bit: - [2009/07/13 21:41:54 | 00,029,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)
    SRV:64bit: - [2009/07/13 21:41:53 | 00,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)
    SRV:64bit: - [2009/07/13 21:41:53 | 00,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)
    SRV:64bit: - [2009/07/13 21:41:53 | 00,187,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)
    SRV:64bit: - [2009/07/13 21:41:53 | 00,067,072 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)
    SRV:64bit: - [2009/07/13 21:41:53 | 00,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)
    SRV:64bit: - [2009/07/13 21:41:18 | 00,231,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)
    SRV:64bit: - [2009/07/13 21:40:28 | 00,314,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
    SRV:64bit: - [2009/07/13 21:40:28 | 00,291,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc)
    SRV:64bit: - [2009/07/13 21:40:13 | 00,083,968 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\bthserv.dll -- (bthserv)
    SRV:64bit: - [2009/07/13 21:40:10 | 00,100,864 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC)
    SRV:64bit: - [2009/07/13 21:40:05 | 00,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)
    SRV:64bit: - [2009/07/13 21:40:01 | 00,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)
    SRV:64bit: - [2009/07/13 21:39:51 | 01,503,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
    SRV:64bit: - [2009/07/13 21:39:28 | 03,524,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc)
    SRV:64bit: - [2009/07/13 21:39:11 | 00,689,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FXSSVC.exe -- (Fax)
    SRV:64bit: - [2009/06/09 10:11:14 | 00,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
    SRV:64bit: - [2009/03/03 06:42:58 | 00,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
    SRV - [2011/01/05 12:59:50 | 00,037,664 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
    SRV - [2010/10/07 13:23:00 | 00,345,376 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe -- (Bonjour Service)
    SRV - [2010/09/16 15:06:22 | 00,080,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
    SRV - [2010/06/08 12:49:30 | 00,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
    SRV - [2010/04/24 02:10:34 | 00,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
    SRV - [2010/04/24 02:10:28 | 00,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
    SRV - [2010/03/18 15:27:14 | 00,138,576 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
    SRV - [2010/03/18 14:16:28 | 00,130,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2010/03/03 16:42:02 | 02,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
    SRV - [2010/03/03 16:41:58 | 00,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
    SRV - [2010/02/28 03:33:14 | 00,821,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE -- (cvhsvc)
    SRV - [2009/07/13 23:20:14 | 00,000,000 | ---D | M] [On_Demand | Stopped] -- C:\Windows\Vss -- (VSS)
    SRV - [2009/07/13 23:20:14 | 00,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
    SRV - [2009/07/13 21:16:12 | 00,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
    SRV - [2009/07/13 21:15:11 | 00,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
    SRV - [2009/07/13 16:30:11 | 00,061,056 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
    SRV - [2009/06/10 16:39:58 | 00,089,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
    SRV - [2009/05/21 10:59:08 | 00,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)
    SRV - [2009/01/14 19:53:02 | 00,226,656 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
    SRV - [2005/04/04 01:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2011/04/27 23:58:42 | 00,552,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthport.sys -- (BTHPORT)
    DRV:64bit: - [2011/04/27 23:58:34 | 00,080,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BTHUSB.SYS -- (BTHUSB)
    DRV:64bit: - [2011/03/11 02:22:41 | 00,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011/03/11 02:22:40 | 00,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2010/12/11 11:56:46 | 00,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)
    DRV:64bit: - [2010/08/30 08:17:36 | 00,289,280 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
    DRV:64bit: - [2010/08/25 16:36:02 | 10,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2010/06/25 17:08:10 | 00,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
    DRV:64bit: - [2010/06/18 01:10:14 | 00,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
    DRV:64bit: - [2010/06/08 12:33:14 | 00,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
    DRV:64bit: - [2010/04/24 02:10:32 | 00,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
    DRV:64bit: - [2010/04/24 02:10:28 | 00,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
    DRV:64bit: - [2010/04/24 02:10:28 | 00,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
    DRV:64bit: - [2010/04/24 02:10:20 | 00,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
    DRV:64bit: - [2010/04/02 23:36:00 | 00,228,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci)
    DRV:64bit: - [2010/03/30 15:58:06 | 00,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
    DRV:64bit: - [2010/03/30 15:58:06 | 00,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
    DRV:64bit: - [2010/03/30 15:58:06 | 00,053,800 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
    DRV:64bit: - [2010/03/30 15:58:06 | 00,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
    DRV:64bit: - [2010/03/30 15:58:06 | 00,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
    DRV:64bit: - [2010/03/17 17:44:44 | 00,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
    DRV:64bit: - [2010/03/17 17:41:48 | 00,325,152 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
    DRV:64bit: - [2010/03/04 00:40:58 | 00,184,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbvideo.sys -- (usbvideo) USB Video Device (WDM)
    DRV:64bit: - [2010/02/26 20:32:12 | 00,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
    DRV:64bit: - [2010/02/03 02:13:08 | 00,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
    DRV:64bit: - [2010/02/03 02:13:08 | 00,020,984 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcmvwl64.sys -- (BcmVWL)
    DRV:64bit: - [2010/02/03 02:13:06 | 03,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
    DRV:64bit: - [2009/12/30 11:21:26 | 00,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
    DRV:64bit: - [2009/12/11 06:29:27 | 00,153,160 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)
    DRV:64bit: - [2009/11/01 20:16:50 | 00,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
    DRV:64bit: - [2009/09/26 02:20:38 | 00,223,448 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)
    DRV:64bit: - [2009/09/17 14:54:54 | 00,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
    DRV:64bit: - [2009/07/13 21:52:20 | 00,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/13 21:48:04 | 00,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/13 21:48:04 | 00,014,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)
    DRV:64bit: - [2009/07/13 21:47:49 | 00,055,376 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)
    DRV:64bit: - [2009/07/13 21:47:48 | 00,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2009/07/13 21:45:56 | 00,022,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)
    DRV:64bit: - [2009/07/13 21:45:55 | 00,217,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)
    DRV:64bit: - [2009/07/13 21:45:55 | 00,036,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot)
    DRV:64bit: - [2009/07/13 21:45:55 | 00,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/07/13 21:45:46 | 00,214,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)
    DRV:64bit: - [2009/07/13 21:45:45 | 00,050,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)
    DRV:64bit: - [2009/07/13 21:43:14 | 00,460,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)
    DRV:64bit: - [2009/07/13 20:35:32 | 00,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
    DRV:64bit: - [2009/07/13 20:17:46 | 00,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)
    DRV:64bit: - [2009/07/13 20:16:35 | 00,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPREFMP.sys -- (RDPREFMP)
    DRV:64bit: - [2009/07/13 20:10:24 | 00,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
    DRV:64bit: - [2009/07/13 20:09:26 | 00,012,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wfplwf.sys -- (WfpLwf)
    DRV:64bit: - [2009/07/13 20:08:13 | 00,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)
    DRV:64bit: - [2009/07/13 20:07:22 | 00,059,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vwififlt.sys -- (vwififlt)
    DRV:64bit: - [2009/07/13 20:07:21 | 00,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)
    DRV:64bit: - [2009/07/13 20:07:00 | 00,350,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
    DRV:64bit: - [2009/07/13 20:07:00 | 00,118,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthpan.sys -- (BthPan) Bluetooth Device (Personal Area Network)
    DRV:64bit: - [2009/07/13 20:06:56 | 00,158,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rfcomm.sys -- (RFCOMM) Bluetooth Device (RFCOMM Protocol TDI)
    DRV:64bit: - [2009/07/13 20:06:53 | 00,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthenum.sys -- (BthEnum)
    DRV:64bit: - [2009/07/13 20:06:52 | 00,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass)
    DRV:64bit: - [2009/07/13 20:06:24 | 00,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)
    DRV:64bit: - [2009/07/13 20:02:08 | 00,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)
    DRV:64bit: - [2009/07/13 20:00:34 | 00,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CompositeBus.sys -- (CompositeBus)
    DRV:64bit: - [2009/07/13 20:00:13 | 00,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\beep.sys -- (Beep)
    DRV:64bit: - [2009/07/13 19:52:39 | 00,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)
    DRV:64bit: - [2009/07/13 19:50:17 | 00,029,696 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)
    DRV:64bit: - [2009/07/13 19:37:18 | 00,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\discache.sys -- (discache)
    DRV:64bit: - [2009/07/13 19:31:06 | 00,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)
    DRV:64bit: - [2009/07/13 19:31:03 | 00,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)
    DRV:64bit: - [2009/07/13 19:27:17 | 00,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)
    DRV:64bit: - [2009/07/13 19:19:25 | 00,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)
    DRV:64bit: - [2009/07/09 05:00:00 | 00,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
    DRV:64bit: - [2009/06/15 15:06:42 | 00,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
    DRV:64bit: - [2009/06/10 16:35:33 | 00,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
    DRV:64bit: - [2009/06/10 16:34:33 | 03,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 16:34:28 | 00,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 16:34:23 | 00,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 16:31:59 | 00,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2009/05/18 14:17:08 | 00,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
    DRV:64bit: - [2006/11/01 14:51:00 | 00,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
    DRV - [2009/07/13 21:19:10 | 00,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
    DRV - [2009/07/13 21:16:02 | 00,014,336 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysWOW64\netbios.dll -- (NetBIOS)
    DRV - [2009/06/10 17:28:14 | 00,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
    DRV - [2009/06/10 17:15:18 | 00,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========


    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Dell | MSN
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 6F C2 56 07 17 D3 04 42 9F 88 12 C5 83 07 B5 14 [binary data]
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.3.1
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
    FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.12.3.47088

    FF - HKLM\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/09/01 02:43:56 | 00,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/07/25 16:22:11 | 00,000,000 | ---D | M]

    [2010/12/23 00:46:30 | 00,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\Mozilla\Extensions
    [2011/08/30 00:20:38 | 00,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\bs0h44hv.default\extensions
    [2011/08/25 03:33:47 | 00,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\bs0h44hv.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
    [2011/08/07 13:43:30 | 00,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\bs0h44hv.default\extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack
    [2011/08/17 00:19:28 | 00,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\bs0h44hv.default\extensions\piclens@cooliris.com
    [2011/08/30 03:01:47 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2011/04/04 15:18:16 | 00,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
    [2011/09/01 02:43:56 | 00,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
    [2011/04/04 15:18:01 | 00,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
    [2011/08/11 23:16:35 | 00,002,252 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml

    O1 HOSTS File: ([2011/08/30 23:56:01 | 00,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
    O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)
    O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
    O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
    O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
    O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
    O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
    O4 - Startup: C:\Users\Joel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files (x86)\Dell\DellDock\DellDock.exe File not found
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
    O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
    O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
    O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
    O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O15:64bit: - ..Trusted Domains: 72 domain(s) and sub-domain(s) not assigned to a zone.
    O15 - HKLM\..Trusted Domains: 72 domain(s) and sub-domain(s) not assigned to a zone.
    O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
    O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
    O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
    O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
    O15 - HKCU\..Trusted Domains: 80 domain(s) and sub-domain(s) not assigned to a zone.
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Reg Error: Key error.)
    O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Reg Error: Key error.)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Reg Error: Key error.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Key error.)
    O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Key error.)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Key error.)
    O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.21.0.cab (SysInfo Class)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.33.3.254 10.36.3.254 10.9.3.254
    O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
    O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
    O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
    O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
    O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    64bit: O35 - comfile [open] -- "%1" %* File not found
    64bit: O35 - exefile [open] -- "%1" %* File not found
    O35 - comfile [open] -- "%1" %*
    O35 - exefile [open] -- "%1" %*

    NetSvcs:64bit: Ias - C:\Windows\SysNative\ias [2009/07/13 23:20:14 | 00,000,000 | ---D | M]
    NetSvcs:64bit: Irmon - C:\Windows\SysNative\irmon.dll (Microsoft Corporation)
    NetSvcs:64bit: Wmi - C:\Windows\SysNative\wmi.dll (Microsoft Corporation)
    NetSvcs:64bit: Themes - C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
    NetSvcs:64bit: BDESVC - C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
    NetSvcs: Ias - C:\Windows\SysWOW64\ias.dll (Microsoft Corporation)
    NetSvcs: Wmi - C:\Windows\SysWOW64\wmi.dll (Microsoft Corporation)

    MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe - (Broadcom Corporation.)
    MsConfig:64bit - StartUpFolder: C:^Users^Joel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk - C:\Users\Joel\AppData\Roaming\Dropbox\bin\Dropbox.exe - (Dropbox, Inc.)
    MsConfig:64bit - StartUpFolder: C:^Users^Joel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE - (Microsoft Corporation)
    MsConfig:64bit - StartUpReg: B70C978E0D8686DFA1B56EEE8DDD560C8E84B941._service_run - hkey= - key= - C:\Users\Joel\AppData\Local\Google\Chrome\Application\chrome.exe File not found
    MsConfig:64bit - StartUpReg: Dell Webcam Central - hkey= - key= - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
    MsConfig:64bit - StartUpReg: DellSupportCenter - hkey= - key= - C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
    MsConfig:64bit - StartUpReg: Desktop Disc Tool - hkey= - key= - C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
    MsConfig:64bit - StartUpReg: HP Software Update - hkey= - key= - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
    MsConfig:64bit - StartUpReg: HTC Sync Loader - hkey= - key= - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
    MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
    MsConfig:64bit - StartUpReg: Security Protection - hkey= - key= - C:\ProgramData\defender.exe File not found
    MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
    MsConfig:64bit - StartUpReg: utilman - hkey= - key= - C:\Windows\SysWow64\config\systemprofile\AppData\Local\utilman.exe File not found
    MsConfig:64bit - State: "services" - Reg Error: Key error.
    MsConfig:64bit - State: "startup" - Reg Error: Key error.
    MsConfig:64bit - State: "bootini" - Reg Error: Key error.

    SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
    SafeBootMin:64bit: Base - Driver Group
    SafeBootMin:64bit: Boot Bus Extender - Driver Group
    SafeBootMin:64bit: Boot file system - Driver Group
    SafeBootMin:64bit: File system - Driver Group
    SafeBootMin:64bit: Filter - Driver Group
    SafeBootMin:64bit: HelpSvc - Service
    SafeBootMin:64bit: MCODS - Reg Error: Value error.
    SafeBootMin:64bit: PCI Configuration - Driver Group
    SafeBootMin:64bit: PNP Filter - Driver Group
    SafeBootMin:64bit: Power - C:\Windows\SysNative\umpo.dll (Microsoft Corporation)
    SafeBootMin:64bit: Primary disk - Driver Group
    SafeBootMin:64bit: RpcEptMapper - C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation)
    SafeBootMin:64bit: sacsvr - Service
    SafeBootMin:64bit: SCSI Class - Driver Group
    SafeBootMin:64bit: System Bus Extender - Driver Group
    SafeBootMin:64bit: vmms - Service
    SafeBootMin:64bit: WinDefend - Service
    SafeBootMin:64bit: WudfPf - C:\Windows\SysNative\drivers\WUDFPf.sys (Microsoft Corporation)
    SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
    SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
    SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
    SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
    SafeBootMin: Base - Driver Group
    SafeBootMin: Boot Bus Extender - Driver Group
    SafeBootMin: Boot file system - Driver Group
    SafeBootMin: File system - Driver Group
    SafeBootMin: Filter - Driver Group
    SafeBootMin: HelpSvc - Service
    SafeBootMin: MCODS - Reg Error: Value error.
    SafeBootMin: PCI Configuration - Driver Group
    SafeBootMin: PNP Filter - Driver Group
    SafeBootMin: Primary disk - Driver Group
    SafeBootMin: sacsvr - Service
    SafeBootMin: SCSI Class - Driver Group
    SafeBootMin: System Bus Extender - Driver Group
    SafeBootMin: VDS - C:\Windows\SysWOW64\wbem\vds.mof ()
    SafeBootMin: vmms - Service
    SafeBootMin: WinDefend - Service
    SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
    SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
    SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
    SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

    SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
    SafeBootNet:64bit: Base - Driver Group
    SafeBootNet:64bit: Boot Bus Extender - Driver Group
    SafeBootNet:64bit: Boot file system - Driver Group
    SafeBootNet:64bit: Dhcp - C:\Windows\SysNative\dhcpcore.dll (Microsoft Corporation)
    SafeBootNet:64bit: File system - Driver Group
    SafeBootNet:64bit: Filter - Driver Group
    SafeBootNet:64bit: HelpSvc - Service
    SafeBootNet:64bit: MCODS - Reg Error: Value error.
    SafeBootNet:64bit: Messenger - Service
    SafeBootNet:64bit: NDIS Wrapper - Driver Group
    SafeBootNet:64bit: ndiscap - C:\Windows\SysNative\drivers\ndiscap.sys (Microsoft Corporation)
    SafeBootNet:64bit: NetBIOSGroup - Driver Group
    SafeBootNet:64bit: NetDDEGroup - Driver Group
    SafeBootNet:64bit: Network - Driver Group
    SafeBootNet:64bit: NetworkProvider - Driver Group
    SafeBootNet:64bit: PCI Configuration - Driver Group
    SafeBootNet:64bit: PNP Filter - Driver Group
    SafeBootNet:64bit: PNP_TDI - Driver Group
    SafeBootNet:64bit: Power - C:\Windows\SysNative\umpo.dll (Microsoft Corporation)
    SafeBootNet:64bit: Primary disk - Driver Group
    SafeBootNet:64bit: rdsessmgr - Service
    SafeBootNet:64bit: RpcEptMapper - C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation)
    SafeBootNet:64bit: sacsvr - Service
    SafeBootNet:64bit: SCSI Class - Driver Group
    SafeBootNet:64bit: Streams Drivers - Driver Group
    SafeBootNet:64bit: System Bus Extender - Driver Group
    SafeBootNet:64bit: TDI - Driver Group
    SafeBootNet:64bit: vmms - Service
    SafeBootNet:64bit: WinDefend - Service
    SafeBootNet:64bit: WudfPf - C:\Windows\SysNative\drivers\WUDFPf.sys (Microsoft Corporation)
    SafeBootNet:64bit: WudfUsbccidDriver - Driver
    SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
    SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
    SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
    SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
    SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
    SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
    SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
    SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
    SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
    SafeBootNet: Base - Driver Group
    SafeBootNet: Boot Bus Extender - Driver Group
    SafeBootNet: Boot file system - Driver Group
    SafeBootNet: Dhcp - C:\Windows\SysWOW64\dhcpcore.dll (Microsoft Corporation)
    SafeBootNet: File system - Driver Group
    SafeBootNet: Filter - Driver Group
    SafeBootNet: HelpSvc - Service
    SafeBootNet: MCODS - Reg Error: Value error.
    SafeBootNet: Messenger - Service
    SafeBootNet: MPSDrv - C:\Windows\SysWOW64\wbem\mpsdrv.mof ()
    SafeBootNet: NDIS Wrapper - Driver Group
    SafeBootNet: NetBIOS - C:\Windows\SysWOW64\netbios.dll (Microsoft Corporation)
    SafeBootNet: NetBIOSGroup - Driver Group
    SafeBootNet: NetDDEGroup - Driver Group
    SafeBootNet: Network - Driver Group
    SafeBootNet: NetworkProvider - Driver Group
    SafeBootNet: PCI Configuration - Driver Group
    SafeBootNet: PNP Filter - Driver Group
    SafeBootNet: PNP_TDI - Driver Group
    SafeBootNet: Primary disk - Driver Group
    SafeBootNet: rdsessmgr - Service
    SafeBootNet: sacsvr - Service
    SafeBootNet: SCSI Class - Driver Group
    SafeBootNet: Streams Drivers - Driver Group
    SafeBootNet: System Bus Extender - Driver Group
    SafeBootNet: Tcpip - C:\Windows\SysWOW64\wbem\tcpip.mof ()
    SafeBootNet: TDI - Driver Group
    SafeBootNet: VDS - C:\Windows\SysWOW64\wbem\vds.mof ()
    SafeBootNet: vmms - Service
    SafeBootNet: WinDefend - Service
    SafeBootNet: WudfUsbccidDriver - Driver
    SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
    SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
    SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
    SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
    SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
    SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
    SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
    SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
    SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

    ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
    ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
    ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
    ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
    ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
    ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
    ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
    ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
    ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
    ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
    ActiveX:64bit: >{7b3add4d-93dd-4677-a636-f6592b7767a1} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
    ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
    ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
    ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
    ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig

    Drivers32:64bit: aux1 - C:\Windows\SysNative\wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: midi - C:\Windows\SysNative\wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: midi1 - C:\Windows\SysNative\wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: midi2 - C:\Windows\SysNative\wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: midimapper - C:\Windows\SysNative\midimap.dll (Microsoft Corporation)
    Drivers32:64bit: mixer - C:\Windows\SysNative\wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: mixer1 - C:\Windows\SysNative\wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: mixer2 - C:\Windows\SysNative\wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: msacm.imaadpcm - C:\Windows\SysNative\imaadp32.acm (Microsoft Corporation)
    Drivers32:64bit: msacm.l3acm - C:\Windows\SysNative\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32:64bit: msacm.msadpcm - C:\Windows\SysNative\msadp32.acm (Microsoft Corporation)
    Drivers32:64bit: msacm.msg711 - C:\Windows\SysNative\msg711.acm (Microsoft Corporation)
    Drivers32:64bit: msacm.msgsm610 - C:\Windows\SysNative\msgsm32.acm (Microsoft Corporation)
    Drivers32:64bit: MSVideo8 - C:\Windows\SysNative\vfwwdm32.dll (Microsoft Corporation)
    Drivers32:64bit: vidc.i420 - C:\Windows\SysNative\iyuv_32.dll (Microsoft Corporation)
    Drivers32:64bit: VIDC.IYUV - C:\Windows\SysNative\iyuv_32.dll (Microsoft Corporation)
    Drivers32:64bit: vidc.mrle - C:\Windows\SysNative\msrle32.dll (Microsoft Corporation)
    Drivers32:64bit: vidc.msvc - C:\Windows\SysNative\msvidc32.dll (Microsoft Corporation)
    Drivers32:64bit: VIDC.UYVY - C:\Windows\SysNative\msyuv.dll (Microsoft Corporation)
    Drivers32:64bit: VIDC.YUY2 - C:\Windows\SysNative\msyuv.dll (Microsoft Corporation)
    Drivers32:64bit: VIDC.YVU9 - C:\Windows\SysNative\tsbyuv.dll (Microsoft Corporation)
    Drivers32:64bit: VIDC.YVYU - C:\Windows\SysNative\msyuv.dll (Microsoft Corporation)
    Drivers32:64bit: wave - C:\Windows\SysNative\wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: wave1 - C:\Windows\SysNative\wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: wave2 - C:\Windows\SysNative\wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: wavemapper - C:\Windows\SysNative\msacm32.drv (Microsoft Corporation)
    Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.siren - C:\Windows\SysWow64\sirenacm.dll (Microsoft Corporation)
    Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
    OTL cannot create restorepoints on Vista OSs!

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/08/31 14:03:03 | 00,000,000 | ---D | C] -- C:\Users\Joel\Desktop\Logs
    [2011/08/30 23:59:29 | 00,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
    [2011/08/30 23:57:54 | 00,000,000 | ---D | C] -- C:\Windows\temp
    [2011/08/30 20:05:00 | 00,000,000 | ---D | C] -- C:\Users\Joel\Documents\Fall 2011
    [2011/08/30 19:35:58 | 04,190,333 | R--- | C] (Swearware) -- C:\Users\Joel\Desktop\Pchelpforum.exe
    [2011/08/30 12:59:55 | 00,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
    [2011/08/30 12:59:55 | 00,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
    [2011/08/30 02:59:39 | 13,977,256 | ---- | C] (Mozilla) -- C:\Users\Joel\Desktop\Firefox Setup 6.0.exe
    [2011/08/30 02:44:17 | 00,000,000 | ---D | C] -- C:\Users\Joel\AppData\Local\VS Revo Group
    [2011/08/30 02:44:14 | 00,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys
    [2011/08/30 02:44:13 | 00,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
    [2011/08/30 02:33:51 | 00,000,000 | ---D | C] -- C:\ProgramData\TEMP
    [2011/08/30 02:32:48 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSSTDFMT.DLL
    [2011/08/30 02:25:52 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
    [2011/08/30 02:25:52 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
    [2011/08/30 00:38:20 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
    [2011/08/30 00:09:40 | 00,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
    [2011/08/30 00:09:33 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
    [2011/08/30 00:09:30 | 00,000,000 | ---D | C] -- C:\Qoobox
    [2011/08/29 23:55:56 | 00,000,000 | ---D | C] -- C:\_OTL
    [2011/08/29 23:54:56 | 00,548,352 | ---- | C] (OldTimer Tools) -- C:\Users\Joel\Desktop\OTL.exe
    [2011/08/29 23:46:06 | 00,000,000 | ---D | C] -- C:\Windows\Minidump
    [2011/08/29 11:44:17 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\svchost.exe
    [2011/08/26 14:52:52 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\EQ2MAP Updater
    [2011/08/17 00:20:44 | 00,000,000 | ---D | C] -- C:\Users\Joel\AppData\Roaming\ProfitUI Reborn Updater
    [2011/08/11 02:24:01 | 00,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
    [2011/08/11 02:24:01 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
    [2011/08/11 02:24:00 | 02,143,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
    [2011/08/11 02:23:59 | 02,303,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
    [2011/08/11 02:23:59 | 00,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
    [2011/08/11 02:23:59 | 00,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
    [2011/08/11 02:23:59 | 00,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
    [2011/08/11 02:23:59 | 00,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2011/08/11 02:23:58 | 01,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
    [2011/08/11 02:23:58 | 00,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
    [2011/08/11 02:23:57 | 00,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
    [2011/08/11 02:23:56 | 01,389,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll
    [2011/08/11 02:23:56 | 01,126,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
    [2011/08/11 02:23:56 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsproxy.dll
    [2011/08/11 02:23:55 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsproxy.dll
    [2011/08/10 21:15:09 | 00,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
    [2011/08/10 21:15:09 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
    [2011/08/10 21:15:09 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
    [2011/08/10 21:15:08 | 00,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
    [2011/08/10 21:15:08 | 00,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
    [2011/08/10 21:15:08 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
    [2011/08/10 21:15:08 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
    [2011/08/10 21:15:08 | 00,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
    [2011/08/10 21:15:08 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
    [2011/08/10 21:15:08 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
    [2011/08/10 21:15:04 | 01,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
    [2011/08/10 21:15:04 | 00,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
    [2011/08/10 21:15:04 | 00,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
    [2011/08/10 21:15:04 | 00,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
    [2011/08/10 21:15:04 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
    [2011/08/10 21:15:04 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
    [2011/08/10 21:15:04 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
    [2011/08/10 21:15:04 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
    [2011/08/10 21:15:03 | 00,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
    [2011/08/10 21:15:03 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
    [2011/08/10 21:15:03 | 00,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
    [2011/08/10 21:15:03 | 00,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
    [2011/08/10 21:15:03 | 00,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
    [2011/08/10 21:15:02 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
    [2011/08/10 21:15:02 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
    [2011/08/10 21:15:01 | 05,474,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
    [2011/08/10 21:15:00 | 03,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
    [2011/08/10 21:15:00 | 03,911,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
    [2011/08/07 21:28:19 | 00,000,000 | ---D | C] -- C:\Users\Joel\AppData\Roaming\Ventrilo
    [2011/08/07 21:24:43 | 00,000,000 | ---D | C] -- C:\Program Files\Ventrilo
    [2011/08/07 21:23:12 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
    [2011/08/04 03:55:14 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Amazon
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2011/09/01 10:47:52 | 09,437,184 | -HS- | M] () -- C:\Users\Joel\NTUSER.DAT
    [2011/09/01 10:12:21 | 00,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2011/09/01 10:12:21 | 00,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2011/09/01 10:05:15 | 00,000,374 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
    [2011/09/01 10:05:07 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2011/09/01 10:04:57 | 00,067,584 | --S- | M] () -- C:\Windows\BootStat.dat
    [2011/09/01 10:04:47 | 30,629,02784 | -HS- | M] () -- C:\hiberfil.sys
    [2011/09/01 02:47:27 | 01,456,443 | -H-- | M] () -- C:\Users\Joel\AppData\Local\IconCache.db
    [2011/08/30 23:56:05 | 00,000,215 | ---- | M] () -- C:\Windows\system.ini
    [2011/08/30 23:56:01 | 00,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
    [2011/08/30 20:04:40 | 00,102,912 | ---- | M] () -- C:\Users\Joel\Documents\Fall 2011.doc
    [2011/08/30 19:42:46 | 36,879,0862 | ---- | M] () -- C:\Windows\MEMORY.DMP
    [2011/08/30 19:35:59 | 04,190,333 | R--- | M] (Swearware) -- C:\Users\Joel\Desktop\Pchelpforum.exe
    [2011/08/30 19:34:29 | 00,000,177 | ---- | M] () -- C:\Windows\wininit.ini
    [2011/08/30 03:03:40 | 00,436,163 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20110830-032809.backup
    [2011/08/30 03:01:47 | 00,001,100 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2011/08/30 03:01:13 | 13,977,256 | ---- | M] (Mozilla) -- C:\Users\Joel\Desktop\Firefox Setup 6.0.exe
    [2011/08/30 01:32:12 | 00,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20110830-030340.backup
    [2011/08/29 23:59:02 | 00,001,075 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2011/08/29 23:54:57 | 00,548,352 | ---- | M] (OldTimer Tools) -- C:\Users\Joel\Desktop\OTL.exe
    [2011/08/29 23:13:22 | 00,727,182 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2011/08/29 23:13:22 | 00,624,622 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2011/08/29 23:13:22 | 00,106,708 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2011/08/29 21:57:34 | 00,011,652 | ---- | M] () -- C:\Users\Joel\Desktop\FINC.xlsx
    [2011/08/26 14:52:52 | 00,001,045 | ---- | M] () -- C:\Users\Joel\Desktop\EQ2MAP Updater.lnk
    [2011/08/26 14:52:07 | 00,909,555 | ---- | M] () -- C:\Users\Joel\Desktop\EQ2MAP-Updater-1.2.4-Setup.zip
    [2011/08/17 00:20:44 | 00,002,031 | ---- | M] () -- C:\Users\Joel\Desktop\ProfitUI Reborn Updater.lnk
    [2011/08/17 00:17:30 | 00,001,009 | ---- | M] () -- C:\Users\Joel\Desktop\ProfitUI Reborn Updater.zip
    [2011/08/16 12:25:31 | 00,020,629 | ---- | M] () -- C:\Users\Joel\Desktop\WOE.xlsx
    [2011/08/11 02:31:32 | 00,000,197 | ---- | M] () -- C:\Windows\SysNative\MRT.INI
    [2011/08/08 22:28:39 | 00,003,678 | ---- | M] () -- C:\Users\Joel\Desktop\Attach.zip
    [2011/08/07 21:24:44 | 00,000,919 | ---- | M] () -- C:\Users\Joel\Desktop\Ventrilo.lnk
    [2011/08/04 03:55:19 | 00,001,960 | ---- | M] () -- C:\Users\Joel\Desktop\Kindle.lnk
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2011/08/30 20:04:38 | 00,102,912 | ---- | C] () -- C:\Users\Joel\Documents\Fall 2011.doc
    [2011/08/30 12:59:55 | 00,098,816 | ---- | C] () -- C:\Windows\sed.exe
    [2011/08/30 12:59:55 | 00,080,412 | ---- | C] () -- C:\Windows\grep.exe
    [2011/08/30 12:59:55 | 00,068,096 | ---- | C] () -- C:\Windows\zip.exe
    [2011/08/30 11:24:11 | 00,067,584 | --S- | C] () -- C:\Windows\BootStat.dat
    [2011/08/30 03:01:47 | 00,001,100 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2011/08/30 02:57:09 | 00,000,177 | ---- | C] () -- C:\Windows\wininit.ini
    [2011/08/30 00:09:40 | 00,256,000 | ---- | C] () -- C:\Windows\PEV.exe
    [2011/08/30 00:09:40 | 00,208,896 | ---- | C] () -- C:\Windows\MBR.exe
    [2011/08/29 23:59:02 | 00,001,075 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2011/08/29 23:45:28 | 36,879,0862 | ---- | C] () -- C:\Windows\MEMORY.DMP
    [2011/08/29 21:57:33 | 00,011,652 | ---- | C] () -- C:\Users\Joel\Desktop\FINC.xlsx
    [2011/08/26 14:52:52 | 00,001,045 | ---- | C] () -- C:\Users\Joel\Desktop\EQ2MAP Updater.lnk
    [2011/08/26 14:52:06 | 00,909,555 | ---- | C] () -- C:\Users\Joel\Desktop\EQ2MAP-Updater-1.2.4-Setup.zip
    [2011/08/17 00:20:44 | 00,002,031 | ---- | C] () -- C:\Users\Joel\Desktop\ProfitUI Reborn Updater.lnk
    [2011/08/17 00:17:29 | 00,001,009 | ---- | C] () -- C:\Users\Joel\Desktop\ProfitUI Reborn Updater.zip
    [2011/08/15 21:10:47 | 00,020,629 | ---- | C] () -- C:\Users\Joel\Desktop\WOE.xlsx
    [2011/08/11 02:31:32 | 00,000,197 | ---- | C] () -- C:\Windows\SysNative\MRT.INI
    [2011/08/08 22:28:39 | 00,003,678 | ---- | C] () -- C:\Users\Joel\Desktop\Attach.zip
    [2011/08/07 21:24:44 | 00,000,919 | ---- | C] () -- C:\Users\Joel\Desktop\Ventrilo.lnk
    [2011/08/04 03:55:19 | 00,001,960 | ---- | C] () -- C:\Users\Joel\Desktop\Kindle.lnk
    [2011/07/17 03:03:33 | 00,009,884 | -HS- | C] () -- C:\Users\Joel\AppData\Local\wr82dta03sn337opb5168r31
    [2011/07/17 03:03:33 | 00,009,884 | -HS- | C] () -- C:\ProgramData\wr82dta03sn337opb5168r31
    [2011/01/03 20:26:53 | 00,743,534 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2010/12/11 13:28:47 | 00,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
    [2010/12/11 13:28:47 | 00,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
    [2010/12/11 13:25:38 | 00,000,325 | ---- | C] () -- C:\Windows\Prelaunch.ini
    [2010/12/11 13:25:38 | 00,000,271 | ---- | C] () -- C:\Windows\WisPriority.ini
    [2010/12/11 13:25:38 | 00,000,032 | ---- | C] () -- C:\Windows\WisHWDest.ini
    [2010/12/11 13:25:38 | 00,000,028 | ---- | C] () -- C:\Windows\WisLangCode.ini
    [2010/12/11 13:25:38 | 00,000,023 | ---- | C] () -- C:\Windows\WisSysInfo.ini
    [2009/07/13 19:42:10 | 00,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
    [2009/07/13 17:03:59 | 00,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

    ========== LOP Check ==========

    [2011/01/06 15:46:57 | 00,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\Amazon
    [2011/04/04 21:05:30 | 00,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\Command & Conquer 3 Tiberium Wars
    [2011/08/11 23:12:15 | 00,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\Dropbox
    [2011/03/20 18:09:40 | 00,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\GARMIN
    [2011/02/18 12:26:18 | 00,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\HTC
    [2011/02/18 12:28:48 | 00,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
    [2011/05/16 23:03:58 | 00,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\LolClient
    [2011/08/17 00:25:10 | 00,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\ProfitUI Reborn Updater
    [2011/01/10 19:31:57 | 00,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\SoftGrid Client
    [2011/04/04 15:19:21 | 00,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\SystemRequirementsLab
    [2011/01/10 19:22:15 | 00,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\TP
    [2011/08/31 22:48:23 | 00,032,574 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========



    ========== Custom Scans ==========


    < %systemroot%\Fonts\*.com >
    [2009/07/14 01:32:31 | 00,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
    [2009/07/14 01:32:31 | 00,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
    [2009/07/14 01:32:31 | 00,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
    [2009/07/14 01:32:31 | 00,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

    < %systemroot%\Fonts\*.dll >

    < %systemroot%\Fonts\*.ini >
    [2009/06/10 16:49:50 | 00,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

    < %systemroot%\Fonts\*.ini2 >

    < %systemroot%\Fonts\*.exe >

    < %systemroot%\system32\spool\prtprocs\w32x86\*.* >

    < %systemroot%\REPAIR\*.bak1 >

    < %systemroot%\REPAIR\*.ini >

    < %systemroot%\system32\*.jpg >

    < %systemroot%\*.jpg >

    < %systemroot%\*.png >

    < %systemroot%\*.scr >

    < %systemroot%\*._sy >

    < %APPDATA%\Adobe\Update\*.* >

    < %ALLUSERSPROFILE%\Favorites\*.* >

    < %APPDATA%\Microsoft\*.* >

    < %PROGRAMFILES%\*.* >
    [2009/07/14 00:54:24 | 00,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

    < %APPDATA%\Update\*.* >

    < %PROGRAMFILES%\bak. /s >

    < %systemroot%\system32\bak. /s >

    < %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

    < %systemroot%\system32\config\systemprofile\*.dat /x >

    < %systemroot%\*.config >

    < %systemroot%\system32\*.db >

    < %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
    [2011/04/04 01:56:52 | 00,000,221 | -HS- | M] () -- C:\Users\Joel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

    < %USERPROFILE%\Desktop\*.exe >
    [2011/08/30 03:01:13 | 13,977,256 | ---- | M] (Mozilla) -- C:\Users\Joel\Desktop\Firefox Setup 6.0.exe
    [2011/08/29 23:54:57 | 00,548,352 | ---- | M] (OldTimer Tools) -- C:\Users\Joel\Desktop\OTL.exe
    [2011/08/30 19:35:59 | 04,190,333 | R--- | M] (Swearware) -- C:\Users\Joel\Desktop\Pchelpforum.exe

    < %PROGRAMFILES%\Common Files\*.* >

    < %systemroot%\*.src >

    < %systemroot%\install\*.* >

    < %systemroot%\system32\DLL\*.* >

    < %systemroot%\system32\HelpFiles\*.* >

    < %systemroot%\system32\rundll\*.* >

    < %systemroot%\winn32\*.* >

    < %systemroot%\Java\*.* >

    < %systemroot%\system32\test\*.* >

    < %systemroot%\system32\Rundll32\*.* >

    < %systemroot%\AppPatch\Custom\*.* >

    < %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

    < %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

    < %PROGRAMFILES%\Internet Explorer\*.tmp >

    < %PROGRAMFILES%\Internet Explorer\*.dat >

    < %USERPROFILE%\My Documents\*.exe >

    < %USERPROFILE%\*.exe >

    < %systemroot%\ADDINS\*.* >
    [2009/06/10 17:20:04 | 00,000,802 | ---- | M] () -- C:\Windows\addins\FXSEXT.ecf

    < %systemroot%\assembly\*.bak2 >

    < %systemroot%\Config\*.* >

    < %systemroot%\REPAIR\*.bak2 >

    < %systemroot%\SECURITY\Database\*.sdb /x >
    [2010/12/11 12:57:14 | 00,008,192 | ---- | M] () -- C:\Windows\security\database\edb.chk
    [2010/12/11 12:57:14 | 01,048,576 | ---- | M] () -- C:\Windows\security\database\edb.log
    [2010/12/11 12:57:14 | 01,048,576 | ---- | M] () -- C:\Windows\security\database\edbres00001.jrs
    [2010/12/11 12:57:14 | 01,048,576 | ---- | M] () -- C:\Windows\security\database\edbres00002.jrs
    [2010/12/11 12:57:14 | 00,786,432 | ---- | M] () -- C:\Windows\security\database\edbtmp.log
    [2010/12/11 12:57:14 | 01,056,768 | ---- | M] () -- C:\Windows\security\database\tmp.edb

    < %systemroot%\SYSTEM\*.bak2 >

    < %systemroot%\Web\*.bak2 >

    < %systemroot%\Driver Cache\*.* >

    < %PROGRAMFILES%\Mozilla Firefox\*.exe >
    [2011/09/01 02:43:56 | 00,125,912 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\crashreporter.exe
    [2011/09/01 02:43:56 | 00,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    [2011/09/01 02:43:54 | 00,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    [2011/09/01 02:43:54 | 00,269,272 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\updater.exe

    < %ProgramFiles%\Microsoft Common\*.* >

    < %ProgramFiles%\TinyProxy. >

    < %USERPROFILE%\Favorites\*.url /x >
    [2010/12/23 00:38:53 | 00,000,402 | -HS- | M] () -- C:\Users\Joel\Favorites\desktop.ini

    < %systemroot%\system32\*.bk >

    < %systemroot%\*.te >

    < %systemroot%\system32\system32\*.* >

    < %ALLUSERSPROFILE%\*.dat /x >
    [2011/07/17 03:05:36 | 00,009,884 | -HS- | M] () -- C:\ProgramData\wr82dta03sn337opb5168r31

    < %systemroot%\*. /mp /s >

    < %systemroot%\system32\*.dll /lockedfiles >

    < %systemroot%\system32\*.exe /lockedfiles >

    < %systemroot%\Tasks\*.job /lockedfiles >

    < %systemroot%\system32\drivers\*.sys /lockedfiles >

    < %systemroot%\System32\config\*.sav >

    < %systemroot%\system32\*.sys >

    < %systemroot%\system32\drivers\*.dll >

    < %systemroot%\system32\drivers\*.ini >

    < %systemroot%\system32\drivers\*.exe >

    < %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >

    < %SYSTEMDRIVE%\*.* >
    [2009/07/13 21:38:58 | 00,383,562 | RHS- | M] () -- C:\bootmgr
    [2009/04/28 12:27:09 | 00,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
    [2011/08/30 23:57:52 | 00,022,292 | ---- | M] () -- C:\ComboFix.txt
    [2010/12/11 13:18:19 | 00,003,625 | -H-- | M] () -- C:\dell.sdr
    [2011/09/01 10:04:47 | 30,629,02784 | -HS- | M] () -- C:\hiberfil.sys
    [2011/09/01 10:04:54 | 40,838,71744 | -HS- | M] () -- C:\pagefile.sys
    [2011/08/30 15:54:11 | 00,000,434 | ---- | M] () -- C:\rkill.log

    < %PROGRAMFILES%\*. >
    [2011/02/18 10:49:12 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
    [2011/08/04 03:55:19 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Amazon
    [2011/02/21 21:11:18 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
    [2011/02/21 21:11:01 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
    [2010/12/11 12:43:11 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Cisco
    [2010/12/11 12:43:38 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Citrix
    [2011/08/30 23:53:58 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
    [2010/12/11 12:50:43 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Creative
    [2010/12/11 12:50:11 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Creative Live! Cam
    [2010/12/11 13:07:13 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Dell
    [2010/12/11 12:49:52 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Dell Support Center
    [2010/12/11 12:50:40 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Dell Webcam
    [2011/07/06 18:34:39 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Delta
    [2011/04/04 20:56:26 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Electronic Arts
    [2011/08/26 14:58:01 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\EQ2MAP Updater
    [2011/08/30 00:38:20 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\ESET
    [2011/07/09 12:39:43 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\HP
    [2011/02/18 10:50:21 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\HTC
    [2011/05/16 20:39:33 | 00,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
    [2010/12/11 12:37:18 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
    [2011/08/11 10:10:45 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
    [2011/02/21 21:12:33 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
    [2011/08/30 02:46:25 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Java
    [2011/08/29 23:59:03 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2011/05/09 09:53:28 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\McAfee
    [2010/12/11 12:28:39 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
    [2011/01/09 14:24:55 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Analysis Services
    [2011/01/05 01:39:58 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Application Virtualization Client
    [2010/12/11 12:57:50 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
    [2011/02/21 17:55:07 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Games
    [2011/01/10 19:42:17 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
    [2011/06/15 21:44:24 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
    [2010/12/11 12:29:36 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
    [2010/12/11 12:30:26 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Sync Framework
    [2011/01/09 14:27:41 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
    [2011/05/11 19:49:28 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Minitab
    [2011/09/01 02:43:59 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
    [2009/07/14 01:32:38 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
    [2011/02/18 10:49:01 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0
    [2011/05/16 18:21:16 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Pando Networks
    [2011/02/21 21:11:33 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
    [2009/07/14 01:32:38 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
    [2010/12/11 12:51:04 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Roxio
    [2010/12/11 12:58:00 | 00,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
    [2011/02/18 10:49:29 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Spirent Communications
    [2011/08/30 23:17:31 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Spybot - Search & Destroy
    [2011/04/04 02:04:09 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\SystemRequirementsLab
    [2009/07/14 00:57:06 | 00,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
    [2010/12/11 12:44:18 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\WildTangent
    [2009/07/14 01:37:47 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
    [2010/12/11 12:30:56 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
    [2010/12/11 12:28:19 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live SkyDrive
    [2010/12/28 02:13:38 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
    [2010/12/28 02:13:38 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
    [2009/07/14 01:32:38 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
    [2009/07/14 01:37:47 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
    [2009/07/14 01:32:40 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
    [2009/07/14 01:37:47 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar

    < %appdata%\*.* >


    < MD5 for: AGP440.SYS >
    [2009/07/13 21:52:21 | 00,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
    [2009/07/13 21:52:21 | 00,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
    [2009/07/13 21:52:21 | 00,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

    < MD5 for: ATAPI.SYS >
    [2009/07/13 21:52:21 | 00,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\ERDNT\cache64\atapi.sys
    [2009/07/13 21:52:21 | 00,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_1a38e2b78a3fe5b8\atapi.sys
    [2009/07/13 21:52:21 | 00,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
    [2009/07/13 21:52:21 | 00,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
    [2009/07/13 21:52:21 | 00,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20575_none_39c1885e54505643\atapi.sys
    [2009/07/13 21:52:21 | 00,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

    < MD5 for: CNGAUDIT.DLL >
    [2009/07/13 21:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\ERDNT\cache86\cngaudit.dll
    [2009/07/13 21:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
    [2009/07/13 21:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
    [2009/07/13 21:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
    [2009/07/13 21:40:20 | 00,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\ERDNT\cache64\cngaudit.dll
    [2009/07/13 21:40:20 | 00,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

    < MD5 for: DISK.SYS >
    [2009/07/13 21:47:48 | 00,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysWow64\DriverStore\FileRepository\disk.inf_amd64_neutral_10ce25bbc5a9cc43\disk.sys
    [2009/07/13 21:47:48 | 00,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_55bb738b8ddd8a01\disk.sys

    < MD5 for: IASTOR.SYS >
    [2010/06/08 12:33:14 | 00,540,696 | ---- | M] (Intel Corporation) MD5=2064090C9FAAD92C090D77E50E735B2E -- C:\Windows\SysWow64\DriverStore\FileRepository\iaahci.inf_amd64_neutral_b2da0d5f1235b4d6\iaStor.sys

    < MD5 for: IASTORV.SYS >
    [2010/11/20 09:33:38 | 00,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
    [2010/05/12 04:37:57 | 00,410,504 | ---- | M] (Intel Corporation) MD5=513DC087CFED7D2BB82F005385D3531F -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16592_none_0af87721a183cb70\iaStorV.sys
    [2011/03/11 02:19:16 | 00,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
    [2011/03/11 02:41:26 | 00,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
    [2011/03/11 02:23:00 | 00,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0033117673c16921\iaStorV.sys
    [2011/03/11 02:23:00 | 00,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
    [2011/03/11 02:25:49 | 00,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
    [2009/07/13 21:48:04 | 00,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
    [2009/07/13 21:48:04 | 00,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
    [2010/05/12 04:50:37 | 00,410,496 | ---- | M] (Intel Corporation) MD5=E353CF970C5D4D6A092911E15FB78C07 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20712_none_0bd89532ba6088d9\iaStorV.sys

    < MD5 for: NETLOGON.DLL >
    [2009/07/13 21:41:52 | 00,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\ERDNT\cache64\netlogon.dll
    [2009/07/13 21:41:52 | 00,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
    [2010/11/20 09:27:22 | 00,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
    [2010/11/20 08:20:28 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
    [2009/07/13 21:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\ERDNT\cache86\netlogon.dll
    [2009/07/13 21:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
    [2009/07/13 21:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
    [2009/07/13 21:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

    < MD5 for: NVSTOR.SYS >
    [2010/05/12 04:38:10 | 00,166,280 | ---- | M] (NVIDIA Corporation) MD5=0AF7B8136794E23E87BE138992880E64 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16592_none_95c1e7d0d8ba7548\nvstor.sys
    [2009/07/13 21:45:45 | 00,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
    [2009/07/13 21:45:45 | 00,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
    [2011/03/11 02:23:06 | 00,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvstor.sys
    [2011/03/11 02:23:06 | 00,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
    [2011/03/11 02:25:53 | 00,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
    [2010/05/12 04:50:49 | 00,166,272 | ---- | M] (NVIDIA Corporation) MD5=CE76755AF933E728CEBA6C7A970838A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20712_none_96a205e1f19732b1\nvstor.sys
    [2011/03/11 02:19:21 | 00,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
    [2011/03/11 02:41:34 | 00,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
    [2010/11/20 09:33:48 | 00,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

    < MD5 for: SCECLI.DLL >
    [2009/07/13 21:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\ERDNT\cache86\scecli.dll
    [2009/07/13 21:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
    [2009/07/13 21:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
    [2009/07/13 21:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
    [2009/07/13 21:41:53 | 00,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\ERDNT\cache64\scecli.dll
    [2009/07/13 21:41:53 | 00,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
    [2010/11/20 08:21:04 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
    [2010/11/20 09:27:25 | 00,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

    < MD5 for: USBSTOR.SYS >
    [2009/07/13 20:06:34 | 00,089,600 | ---- | M] (Microsoft Corporation) MD5=080D3820DA6C046BE82FC8B45A893E83 -- C:\Windows\SysWow64\DriverStore\FileRepository\usbstor.inf_amd64_neutral_c301b770e0bfb179\USBSTOR.SYS
    [2009/07/13 20:06:34 | 00,089,600 | ---- | M] (Microsoft Corporation) MD5=080D3820DA6C046BE82FC8B45A893E83 -- C:\Windows\winsxs\amd64_usbstor.inf_31bf3856ad364e35_6.1.7600.16385_none_a47b405db18421ea\USBSTOR.SYS
    [2011/03/11 00:21:50 | 00,091,648 | ---- | M] (Microsoft Corporation) MD5=36106AC439EDFBB7B8BDBF99079C7590 -- C:\Windows\winsxs\amd64_usbstor.inf_31bf3856ad364e35_6.1.7601.21680_none_a6e64054c7cca389\USBSTOR.SYS
    [2011/03/11 00:29:51 | 00,091,136 | ---- | M] (Microsoft Corporation) MD5=3A6CB8C3B8904F01E73D10081B7D0EC7 -- C:\Windows\winsxs\amd64_usbstor.inf_31bf3856ad364e35_6.1.7600.20921_none_a541c506ca74a675\USBSTOR.SYS
    [2010/05/12 00:19:40 | 00,091,136 | ---- | M] (Microsoft Corporation) MD5=8E9438CE315A7C6791CAC9440231E598 -- C:\Windows\winsxs\amd64_usbstor.inf_31bf3856ad364e35_6.1.7600.20712_none_a54d9170ca6ba98d\USBSTOR.SYS
    [2010/05/12 00:21:12 | 00,091,136 | ---- | M] (Microsoft Corporation) MD5=A60E7E0FA88FF067D049D525547CD5E9 -- C:\Windows\winsxs\amd64_usbstor.inf_31bf3856ad364e35_6.1.7600.16592_none_a46d735fb18eec24\USBSTOR.SYS
    [2010/11/20 06:44:05 | 00,091,648 | ---- | M] (Microsoft Corporation) MD5=D76510CFA0FC09023077F22C2F979D86 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_usbstor.inf_31bf3856ad364e35_6.1.7601.17514_none_a6ac5425ae72a584\USBSTOR.SYS
    [2011/03/11 00:31:17 | 00,091,136 | ---- | M] (Microsoft Corporation) MD5=F39983647BC1F3E6100778DDFE9DCE29 -- C:\Windows\SysWow64\DriverStore\FileRepository\usbstor.inf_amd64_neutral_dd8b7470ecdd8b8b\USBSTOR.SYS
    [2011/03/11 00:31:17 | 00,091,136 | ---- | M] (Microsoft Corporation) MD5=F39983647BC1F3E6100778DDFE9DCE29 -- C:\Windows\winsxs\amd64_usbstor.inf_31bf3856ad364e35_6.1.7600.16778_none_a48918bfb179469a\USBSTOR.SYS
    [2011/03/11 00:37:16 | 00,091,648 | ---- | M] (Microsoft Corporation) MD5=FED648B01349A3C8395A5169DB5FB7D6 -- C:\Windows\winsxs\amd64_usbstor.inf_31bf3856ad364e35_6.1.7601.17577_none_a66e757baea0992f\USBSTOR.SYS

    < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:5C321E34
    < End of report >



    aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
    Run date: 2011-09-01 10:53:25
    -----------------------------
    10:53:25.454 OS Version: Windows x64 6.1.7600
    10:53:25.454 Number of processors: 4 586 0x2505
    10:53:25.455 ComputerName: JOEL-PC UserName: Joel
    10:53:26.869 Initialize success
    10:53:53.055 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
    10:53:53.060 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
    10:53:53.064 Device \Driver\iaStor -> MajorFunction fffffa8006e6d5c0
    10:53:55.069 Disk 0 MBR read successfully
    10:53:55.074 Disk 0 MBR scan
    10:53:55.079 Disk 0 Windows 7 default MBR code found via API
    10:53:55.084 Disk 0 unknown MBR code
    10:53:55.088 Disk 0 MBR hidden
    10:53:55.093 Disk 0 MBR [possible unknown bootkit@MBR] **ROOTKIT**
    10:53:55.097 Disk 0 trace - called modules:
    10:53:55.102 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa8006e6d5c0]<<
    10:53:55.107 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004be5060]
    10:53:55.112 3 CLASSPNP.SYS[fffff88001b0443f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004944050]
    10:53:55.116 \Driver\iaStor[0xfffffa8004adddb0] -> IRP_MJ_CREATE -> 0xfffffa8006e6d5c0
    10:53:55.444 Scan finished successfully
    10:54:16.840 Disk 0 MBR has been saved successfully to "C:\Users\Joel\Desktop\MBR.dat"
    10:54:16.845 The log file has been saved successfully to "C:\Users\Joel\Desktop\aswMBR.txt"
    Comedian1220, Sep 1, 2011
    #19

  6. Crush Administrator & Security Team Leader

    Manager
    PCHF Staff
    Message Count:
    39,939
    Likes Received:
    3,674
    My System
    Loading...
    Crush, Sep 1, 2011
    #20

  7. Comedian1220 Bronze Member

    Bronze
    Message Count:
    19
    Likes Received:
    0
    My System
    Loading...
    I meant, i have a system restore point from early August i could go back to. However, i've never done anything like that and if I do it, want to make sure i don't ****** it up.

    Also, i noticed firefox blocking a lot of popups from reputable sites i visit frequently.
    Comedian1220, Sep 1, 2011
    #21

  8. Crush Administrator & Security Team Leader

    Manager
    PCHF Staff
    Message Count:
    39,939
    Likes Received:
    3,674
    My System
    Loading...
    Hi,

    I see some issues in your OTL log. I will be able to get a reply out to you later tonight to fix them. As for now, have the suggestions from my link above helped?
    Crush, Sep 1, 2011
    #22

  9. Comedian1220 Bronze Member

    Bronze
    Message Count:
    19
    Likes Received:
    0
    My System
    Loading...
    I mean I have a system Restore Point from early August I could roll back too. Just never done a restore like that before and don't want to screw it up.

    Also, as a note. Firefox is blocking a lot of Pop-ups from reputable sites I visit frequently and can't remember there ever being any before.

    Working through your stuff from the link in a few minutes when class ends!
    Comedian1220, Sep 1, 2011
    #23

  10. Crush Administrator & Security Team Leader

    Manager
    PCHF Staff
    Message Count:
    39,939
    Likes Received:
    3,674
    My System
    Loading...
    Have you reviewed the link from Post 20?
    Crush, Sep 1, 2011
    #24

  11. Comedian1220 Bronze Member

    Bronze
    Message Count:
    19
    Likes Received:
    0
    My System
    Loading...
    I have, and am working through the steps as we speak. Have to balance it between paying attention to lecture!
    Comedian1220, Sep 1, 2011
    #25

  12. Crush Administrator & Security Team Leader

    Manager
    PCHF Staff
    Message Count:
    39,939
    Likes Received:
    3,674
    My System
    Loading...
    Ok let me know how it goes
    Crush, Sep 1, 2011
    #26

  13. Comedian1220 Bronze Member

    Bronze
    Message Count:
    19
    Likes Received:
    0
    My System
    Loading...
    I worked through the list. The only thing i was not able to do was adjust the virtual memory settings as i was not sure how to do that.

    There is some increased speed! I still get hung on occasion, and manually ending the svchost.exe *32 process gets me going again. On the whole though the computer is running better!
    Comedian1220, Sep 1, 2011
    #27

  14. Crush Administrator & Security Team Leader

    Manager
    PCHF Staff
    Message Count:
    39,939
    Likes Received:
    3,674
    My System
    Loading...
    Thanks for the updates. I'm still a few hours away from getting home. I will be back to you asap
    Crush, Sep 1, 2011
    #28

  15. Crush Administrator & Security Team Leader

    Manager
    PCHF Staff
    Message Count:
    39,939
    Likes Received:
    3,674
    My System
    Loading...
    We need to fix the infection found with aswMBR now

    • Double click aswMBR.exe to run it like before
    • Once the scan finishes click Fix to remove the infection
    Copy and paste the contents of the log generated back here.
    Crush, Sep 1, 2011
    #29

  16. Comedian1220 Bronze Member

    Bronze
    Message Count:
    19
    Likes Received:
    0
    My System
    Loading...
    So I ran the fix and then was told to reboot...so I did and now my computer is at startup repair...says it is attempting repairs...has been doing so for 20 minutes now. Is that normal?
    Can't get logged back in to post the log.
    Comedian1220, Sep 1, 2011
    #30
Page 2 of 3

Memory Intensive svchost.exe *32 process

Recommended: Click here to Fix Errors and Optimize Windows