Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-09-2013 03 Ran by Messi10fcb (administrator) on MESSI10FCB-PC on 17-09-2013 22:15:56 Running from C:\Users\Messi10fcb\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe (Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe () C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe ( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (CyberLink) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe () C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe (Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated) HKLM\...\Run: [SmartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610872 2009-08-25] () HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.) HKLM\...\Winlogon: [Userinit] HKLM-x32\...\Winlogon: [Userinit] [x] HKCU\...\Run: [msnmsgr] - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4240760 2010-09-23] (Microsoft Corporation) HKCU\...\Run: [ctfmon.exe] - C:\WINDOWS\system32\ctfmon.exe [9728 2009-07-14] (Microsoft Corporation) HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.) MountPoints2: G - G:\HTC_Sync_Manager_PC.exe MountPoints2: {a0f7b156-0cd7-11e3-99ac-002713a4e937} - G:\HTC_Sync_Manager_PC.exe MountPoints2: {aad44800-48fe-11df-b3ab-806e6f6e6963} - F:\SETUP.EXE HKLM-x32\...\Run: [Corel File Shell Monitor] - C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe [15544 2009-08-26] () HKLM-x32\...\Run: [HPCam_Menu] - c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.) HKLM-x32\...\Run: [QlbCtrl.exe] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [322104 2009-08-20] ( Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [WirelessAssistant] - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard) HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4408368 2013-04-29] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT/2 StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: IEPluginBHO Class - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.) DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: HKLM-x32 {BEA7310D-06C4-4339-A784-DC3804819809} http://www.tescophoto.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWow64\EZUPBH~1.DLL [52272 2010-01-09] (EasyBits Software Corp.) FireFox: ======== FF ProfilePath: C:\Users\Messi10fcb\AppData\Roaming\Mozilla\Firefox\Profiles\zbqv0hq9.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Messi10fcb\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml ==================== Services (Whitelisted) ================= R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation) S2 avgfws; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [1428472 2013-04-10] (AVG Technologies CZ, s.r.o.) S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4937264 2013-05-14] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-04-18] (AVG Technologies CZ, s.r.o.) R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-04-12] (Nero AG) R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] () R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [247808 2010-03-23] (IDT, Inc.) ==================== Drivers (Whitelisted) ==================== R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [50296 2012-09-04] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-03-29] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-02-08] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206136 2013-02-08] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311096 2013-02-08] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-02-08] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-02-08] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.) S3 nmwcdcx64; C:\Windows\System32\drivers\ccdcmbox64.sys [27136 2011-08-17] (Nokia) S3 nmwcdx64; C:\Windows\System32\drivers\ccdcmbx64.sys [19968 2011-08-17] (Nokia) S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerfltx64.sys [8704 2008-05-02] (Windows (R) Codename Longhorn DDK provider) ========================== Drivers MD5 ======================= C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\Accelerometer.sys 5C368F4B04ED2A923E6AFCA2D37BAFF5 C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\adp94xx.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\adpahci.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\adpu320.sys ==> MD5 is legit C:\Windows\system32\drivers\afd.sys 1C7857B62DE5994A75B054A9FD4C3825 C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit C:\Windows\System32\drivers\aliide.sys ==> MD5 is legit C:\Windows\System32\drivers\amdide.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit C:\Windows\System32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49 C:\Windows\System32\DRIVERS\amdsbs.sys ==> MD5 is legit C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048 C:\Windows\system32\drivers\appid.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\arc.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\arcsas.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\avgfwd6a.sys 3D1FFAA3358CA0D8A298DEA8BECFC468 C:\Windows\System32\DRIVERS\avgidsdrivera.sys 139BD30C32BEE830D0CF39C5324D79DE C:\Windows\System32\DRIVERS\avgidsha.sys 2940FACB6EF92BD1936E4A1E2502468E C:\Windows\System32\DRIVERS\avgldx64.sys 54B66C4AEEC6C4F742F3569EBA03EBB8 C:\Windows\System32\DRIVERS\avgloga.sys 13667B5D6310228A9FEF2BA5FCD9081F C:\Windows\System32\DRIVERS\avgmfx64.sys BE82F9A1F2CCF4CE746D0C645D94079E C:\Windows\System32\DRIVERS\avgrkx64.sys 5D11620DEF66F9DC9468FEE385A8429B C:\Windows\System32\DRIVERS\avgtdia.sys 69BD90E337625F96C718CACE7A9C9E29 C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\bcmwl664.sys 6C95DD14CFD30B0617B91DC6A0B1A1FB C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\blbdrive.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit C:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315 C:\Windows\System32\DRIVERS\bthmodem.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4 C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37 C:\Windows\System32\drivers\btwaudio.sys 4BDBDB86ABBA924E029FB2683BE7C505 C:\Windows\System32\drivers\btwavdt.sys 5C849BD7C78791C5CEE9F4651D7FE38D C:\Windows\System32\DRIVERS\btwl2cap.sys 6149301DC3F81D6F9667A3FBAC410975 C:\Windows\System32\DRIVERS\btwrchid.sys 3E1991AFA851A36DC978B0A1B0535C8B C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\circlass.sys ==> MD5 is legit C:\Windows\System32\CLFS.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit C:\Windows\System32\drivers\cmdide.sys ==> MD5 is legit C:\Windows\System32\Drivers\cng.sys AAFCB52FE0037207FB6FBEA070D25EFE C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit C:\Windows\System32\drivers\discache.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit C:\Windows\System32\drivers\dxgkrnl.sys AF2E16242AA723F68F461B6EAE2EAD3D C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\elxstor.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\enecir.sys 524C79054636D2E5751169005006460B C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0 C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\hamachi.sys 1E6438D4EA6E1174A3B3B1EDC4DE660B C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\hidir.sys ==> MD5 is legit C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\hpdskflt.sys 4E0BEC0F78096FFD6D3314B497FC49D3 C:\Windows\System32\DRIVERS\HpqKbFiltr.sys 9AF482D058BE59CC28BCE52E7C4B747C C:\Windows\System32\drivers\HpSAMD.sys ==> MD5 is legit C:\Windows\System32\Drivers\ANDROIDUSB.sys F47CEC45FB85791D4AB237563AD0FA8F C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\iaStor.sys BBB3B6DF1ABB0FE35802EDE85CC1C011 C:\Windows\System32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366 C:\Windows\System32\DRIVERS\igdkmd64.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\iirsp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\Impcd.sys 4FF8A2082D78255D2EB169F986BCC981 C:\Windows\System32\drivers\intelide.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit C:\Windows\System32\drivers\isapnp.sys ==> MD5 is legit C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\jmcr.sys F8844B00C10E386C704C610E95A9847D C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit C:\Windows\System32\Drivers\ksecdd.sys 97A7070AEA4C058B6418519E869A63B4 C:\Windows\System32\Drivers\ksecpkg.sys 7EFB9333E4ECCE6AE4AE9D777D9E553E C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\lsi_fc.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\lsi_sas.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\lsi_sas2.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\lsi_scsi.sys ==> MD5 is legit C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\megasas.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\MegaSR.sys ==> MD5 is legit C:\Windows\System32\drivers\modem.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit C:\Windows\System32\drivers\mpio.sys ==> MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163 C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit C:\Windows\System32\drivers\msdsm.sys ==> MD5 is legit C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88 C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\netw5v64.sys 64428DFDAF6E88366CB51F45A79C5F69 C:\Windows\System32\DRIVERS\nfrd960.sys ==> MD5 is legit C:\Windows\System32\drivers\ccdcmbx64.sys 907B5E1E4A592E5EDC5E4CCBDE4863C2 C:\Windows\System32\drivers\ccdcmbox64.sys 41C1AC1F3613435EB32D67BCB80A5FA5 C:\Windows\System32\drivers\ccdcmbox64.sys 41C1AC1F3613435EB32D67BCB80A5FA5 C:\Windows\System32\drivers\ccdcmbx64.sys 907B5E1E4A592E5EDC5E4CCBDE4863C2 C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0 C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit C:\Windows\System32\drivers\nvhda64v.sys 1F07B814C0BB5AABA703ABFF1F31F2E8 C:\Windows\System32\DRIVERS\nvlddmkm.sys 993D73A8090C957230DE4E14AA9C5DFF C:\Windows\System32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD C:\Windows\System32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C C:\Windows\System32\drivers\pci.sys ==> MD5 is legit C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ql2300.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ql40xx.sys ==> MD5 is legit C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34 C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932 C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\Rt64win7.sys 5B04929EF24F87E239B880FAAE410E3A C:\Windows\System32\drivers\sbp2port.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit C:\Windows\system32\drivers\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0 C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\Sftfslh.sys C6CC9297BD53E5229653303E556AA539 C:\Windows\System32\DRIVERS\Sftplaylh.sys 390AA7BC52CEE43F6790CDEA1E776703 C:\Windows\System32\DRIVERS\Sftredirlh.sys 617E29A0B0A2807466560D4C4E338D3E C:\Windows\System32\DRIVERS\Sftvollh.sys 8F571F016FA1976F445147E9E6C8AE9B C:\Windows\System32\DRIVERS\SiSRaid2.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\sisraid4.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28 C:\Windows\System32\DRIVERS\VSTAZL6.SYS 0C4540311E11664B245A263E1154CEF8 C:\Windows\System32\DRIVERS\VSTDPV6.SYS 02071D207A9858FBE3A48CBFD59C4A04 C:\Windows\System32\DRIVERS\VSTCNXT6.SYS 18E40C245DBFAF36FD0134A7EF2DF396 C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3 C:\Windows\System32\DRIVERS\stexstor.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\stwrt64.sys DFFBC024DFC7BB05B2129E05CBC7A201 C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\SynTP.sys AC3CC98B1BDB6540021D3FFB105AC2B9 C:\Windows\System32\drivers\tcpip.sys DB74544B75566C974815E79A62433F29 C:\Windows\System32\DRIVERS\tcpip.sys DB74544B75566C974815E79A62433F29 C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8 C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09 C:\Windows\System32\drivers\tsusbflt.sys 17C6B51CBCCDED95B3CC14E22791F85E C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\usbser_lowerfltx64.sys F49988FBF59413B974B1380D6F743EBC C:\Windows\System32\DRIVERS\usbccgp.sys 6F1A3157A1C89435352CEB543CDB359C C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit C:\Windows\system32\drivers\usbehci.sys C025055FE7B87701EB042095DF1A2D7B C:\Windows\System32\DRIVERS\usbhub.sys 287C6C9410B111B68B52CA298F7B8C24 C:\Windows\system32\drivers\usbohci.sys 9840FC418B4CBD632D3D0A667A725C31 C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit C:\Windows\System32\drivers\usbser.sys 4ACEE387FA8FD39F83564FCD2FC234F2 C:\Windows\System32\DRIVERS\usbser_lowerfltjx64.sys 8844CB19A37B65E27049D4A7786726A9 C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6 C:\Windows\system32\drivers\usbuhci.sys 62069A34518BCF9C1FD9E74B3F6DB7CD C:\Windows\System32\Drivers\usbvideo.sys 454800C2BC7F3927CE030141EE4F4C50 C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit C:\Windows\System32\drivers\vga.sys ==> MD5 is legit C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit C:\Windows\System32\drivers\viaide.sys ==> MD5 is legit C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vsmraid.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wd.sys ==> MD5 is legit C:\Windows\System32\drivers\Wdf01000.sys 442783E2CB0DA19873B7A63833FF4CB4 C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659 C:\Windows\System32\DRIVERS\xusb21.sys 2EE48CFCE7CA8E0DB4C44C7476C0943B C:\Windows\System32\DRIVERS\yk62x64.sys B3EEACF62445E24FBB2CD4B0FB4DB026 ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-17 22:03 - 2013-09-17 22:04 - 00448512 _____ (OldTimer Tools) C:\Users\Messi10fcb\Downloads\TFC.exe 2013-09-17 21:55 - 2013-09-17 21:58 - 00000000 ____D C:\AdwCleaner 2013-09-17 21:54 - 2013-09-17 21:54 - 01039554 _____ C:\Users\Messi10fcb\Downloads\AdwCleaner.exe 2013-09-17 21:44 - 2013-09-17 21:44 - 00000000 ____D C:\Users\Messi10fcb\Desktop\Old Firefox Data 2013-09-17 20:30 - 2013-09-17 20:30 - 00024056 _____ C:\Users\Messi10fcb\Downloads\Addition.txt 2013-09-17 20:25 - 2013-09-17 21:15 - 00000000 ____D C:\FRST 2013-09-17 20:25 - 2013-09-17 20:25 - 01950524 _____ (Farbar) C:\Users\Messi10fcb\Downloads\FRST64.exe 2013-09-17 20:07 - 2013-09-17 20:07 - 00085128 _____ C:\Users\Messi10fcb\Downloads\Extras.Txt 2013-09-17 20:06 - 2013-09-17 20:06 - 00120654 _____ C:\Users\Messi10fcb\Downloads\OTL.Txt 2013-09-17 19:40 - 2013-09-17 19:40 - 00615176 _____ C:\Users\Messi10fcb\Downloads\OTL_3.2.70.2 (25180)(1).exe 2013-09-17 19:39 - 2013-09-17 19:38 - 00602112 _____ (OldTimer Tools) C:\Users\Messi10fcb\Downloads\OTL.exe 2013-09-13 18:16 - 2013-09-13 18:16 - 00007024 ____N C:\bootsqm.dat 2013-09-06 07:46 - 2013-09-06 09:32 - 00000553 _____ C:\Users\Messi10fcb\Desktop\New Text Document.txt 2013-09-05 06:39 - 2013-09-05 06:39 - 00016095 _____ C:\Users\Messi10fcb\Desktop\hs_err_pid15444.log 2013-08-31 23:38 - 2013-08-31 23:38 - 00000000 ____D C:\Users\Messi10fcb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices 2013-08-25 20:02 - 2013-08-25 20:02 - 00000000 ____D C:\Users\Messi10fcb\AppData\Roaming\HTC Sync 2013-08-25 20:02 - 2013-08-25 20:02 - 00000000 ____D C:\Users\Messi10fcb\AppData\Roaming\HTC 2013-08-25 19:58 - 2013-09-17 22:11 - 00000000 ____D C:\Users\Messi10fcb\AppData\Local\HTC MediaHub 2013-08-25 19:58 - 2013-08-25 20:01 - 00000000 ____D C:\Users\Messi10fcb\Documents\HTC 2013-08-25 19:58 - 2013-08-25 19:58 - 00001991 _____ C:\Users\Public\Desktop\HTC Sync Manager.lnk 2013-08-25 19:58 - 2013-08-25 19:58 - 00000000 ____D C:\Users\Messi10fcb\AppData\Local\Apple Computer 2013-08-25 19:58 - 2013-08-25 19:58 - 00000000 ____D C:\Users\Messi10fcb\.android 2013-08-25 19:58 - 2013-08-25 19:58 - 00000000 ____D C:\ProgramData\Motorola 2013-08-25 19:57 - 2013-08-25 19:57 - 00000000 ____D C:\Program Files (x86)\Spirent Communications 2013-08-25 19:08 - 2013-08-25 19:58 - 00000000 ____D C:\Program Files (x86)\HTC 2013-08-25 19:08 - 2013-08-25 19:08 - 00000000 ____D C:\Users\Messi10fcb\AppData\Local\Downloaded Installations 2013-08-25 19:07 - 2013-08-25 19:07 - 00000000 ____D C:\ProgramData\HTC 2013-08-25 18:46 - 2013-08-25 18:48 - 00000000 ____D C:\Users\Messi10fcb\Desktop\Wiola ==================== One Month Modified Files and Folders ======= 2013-09-17 22:11 - 2013-08-25 19:58 - 00000000 ____D C:\Users\Messi10fcb\AppData\Local\HTC MediaHub 2013-09-17 22:11 - 2012-11-06 13:00 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-09-17 22:11 - 2012-06-29 20:26 - 00000000 ____D C:\Users\Messi10fcb\AppData\Local\LogMeIn Hamachi 2013-09-17 22:11 - 2010-04-16 09:34 - 00000000 ____D C:\Users\Messi10fcb\Tracing 2013-09-17 22:10 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-17 22:10 - 2009-07-14 05:51 - 00121094 _____ C:\Windows\setupact.log 2013-09-17 22:09 - 2010-03-19 10:18 - 01273969 _____ C:\Windows\WindowsUpdate.log 2013-09-17 22:06 - 2009-07-14 05:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-09-17 22:06 - 2009-07-14 05:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-09-17 22:04 - 2013-09-17 22:03 - 00448512 _____ (OldTimer Tools) C:\Users\Messi10fcb\Downloads\TFC.exe 2013-09-17 21:59 - 2010-03-19 10:23 - 00255052 _____ C:\Windows\PFRO.log 2013-09-17 21:58 - 2013-09-17 21:55 - 00000000 ____D C:\AdwCleaner 2013-09-17 21:54 - 2013-09-17 21:54 - 01039554 _____ C:\Users\Messi10fcb\Downloads\AdwCleaner.exe 2013-09-17 21:50 - 2010-04-15 20:53 - 00000000 ____D C:\Users\Messi10fcb\AppData\Roaming\Skype 2013-09-17 21:44 - 2013-09-17 21:44 - 00000000 ____D C:\Users\Messi10fcb\Desktop\Old Firefox Data 2013-09-17 21:22 - 2011-05-06 21:18 - 00003966 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{064D516E-97D4-423E-A9C6-1E9E432C00C0} 2013-09-17 21:18 - 2011-04-24 20:07 - 00000000 ____D C:\ProgramData\MFAData 2013-09-17 21:15 - 2013-09-17 20:25 - 00000000 ____D C:\FRST 2013-09-17 21:15 - 2013-03-07 09:32 - 00000000 ____D C:\Users\Messi10fcb\AppData\Local\Windows Live 2013-09-17 20:30 - 2013-09-17 20:30 - 00024056 _____ C:\Users\Messi10fcb\Downloads\Addition.txt 2013-09-17 20:25 - 2013-09-17 20:25 - 01950524 _____ (Farbar) C:\Users\Messi10fcb\Downloads\FRST64.exe 2013-09-17 20:07 - 2013-09-17 20:07 - 00085128 _____ C:\Users\Messi10fcb\Downloads\Extras.Txt 2013-09-17 20:06 - 2013-09-17 20:06 - 00120654 _____ C:\Users\Messi10fcb\Downloads\OTL.Txt 2013-09-17 19:40 - 2013-09-17 19:40 - 00615176 _____ C:\Users\Messi10fcb\Downloads\OTL_3.2.70.2 (25180)(1).exe 2013-09-17 19:38 - 2013-09-17 19:39 - 00602112 _____ (OldTimer Tools) C:\Users\Messi10fcb\Downloads\OTL.exe 2013-09-13 18:16 - 2013-09-13 18:16 - 00007024 ____N C:\bootsqm.dat 2013-09-10 19:11 - 2012-11-06 13:00 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-09-10 19:11 - 2012-11-06 13:00 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-09-10 19:11 - 2011-08-07 10:59 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-09-06 09:32 - 2013-09-06 07:46 - 00000553 _____ C:\Users\Messi10fcb\Desktop\New Text Document.txt 2013-09-05 06:39 - 2013-09-05 06:39 - 00016095 _____ C:\Users\Messi10fcb\Desktop\hs_err_pid15444.log 2013-08-31 23:38 - 2013-08-31 23:38 - 00000000 ____D C:\Users\Messi10fcb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices 2013-08-30 17:20 - 2012-06-04 22:09 - 00000000 ____D C:\Program Files (x86)\Steam 2013-08-26 17:41 - 2009-07-14 05:45 - 00375088 _____ C:\Windows\system32\FNTCACHE.DAT 2013-08-25 20:02 - 2013-08-25 20:02 - 00000000 ____D C:\Users\Messi10fcb\AppData\Roaming\HTC Sync 2013-08-25 20:02 - 2013-08-25 20:02 - 00000000 ____D C:\Users\Messi10fcb\AppData\Roaming\HTC 2013-08-25 20:01 - 2013-08-25 19:58 - 00000000 ____D C:\Users\Messi10fcb\Documents\HTC 2013-08-25 20:01 - 2010-04-15 20:28 - 00098264 _____ C:\Users\Messi10fcb\AppData\Local\GDIPFONTCACHEV1.DAT 2013-08-25 19:58 - 2013-08-25 19:58 - 00001991 _____ C:\Users\Public\Desktop\HTC Sync Manager.lnk 2013-08-25 19:58 - 2013-08-25 19:58 - 00000000 ____D C:\Users\Messi10fcb\AppData\Local\Apple Computer 2013-08-25 19:58 - 2013-08-25 19:58 - 00000000 ____D C:\Users\Messi10fcb\.android 2013-08-25 19:58 - 2013-08-25 19:58 - 00000000 ____D C:\ProgramData\Motorola 2013-08-25 19:58 - 2013-08-25 19:08 - 00000000 ____D C:\Program Files (x86)\HTC 2013-08-25 19:58 - 2011-01-09 01:09 - 00000000 ____D C:\Users\Messi10fcb\AppData\Roaming\Apple Computer 2013-08-25 19:58 - 2010-04-15 20:24 - 00000000 ____D C:\Users\Messi10fcb 2013-08-25 19:57 - 2013-08-25 19:57 - 00000000 ____D C:\Program Files (x86)\Spirent Communications 2013-08-25 19:57 - 2010-03-19 10:17 - 00045254 _____ C:\Windows\DPINST.LOG 2013-08-25 19:08 - 2013-08-25 19:08 - 00000000 ____D C:\Users\Messi10fcb\AppData\Local\Downloaded Installations 2013-08-25 19:07 - 2013-08-25 19:07 - 00000000 ____D C:\ProgramData\HTC 2013-08-25 18:48 - 2013-08-25 18:46 - 00000000 ____D C:\Users\Messi10fcb\Desktop\Wiola 2013-08-24 17:10 - 2012-12-30 20:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== BCD ================================ Windows Boot Manager -------------------- identifier {bootmgr} device partition=\Device\HarddiskVolume1 description Windows Boot Manager locale en-US inherit {globalsettings} extendedinput Yes default {current} resumeobject {c279be75-9b51-11de-9b93-a29d207e6d0e} displayorder {current} toolsdisplayorder {memdiag} timeout 30 customactions 0x1000085000001 0x5400000f custom:5400000f {2ea0bf53-3337-11df-a4b4-f6c009def1f8} Windows Boot Loader ------------------- identifier {2ea0bf53-3337-11df-a4b4-f6c009def1f8} device ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{2ea0bf54-3337-11df-a4b4-f6c009def1f8} path \windows\system32\winload.exe description Windows Recovery Environment inherit {bootloadersettings} osdevice ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{2ea0bf54-3337-11df-a4b4-f6c009def1f8} systemroot \windows nx OptIn winpe Yes Windows Boot Loader ------------------- identifier {572bcd60-ffa7-11d9-aae0-0007e994107d} device ramdisk=[boot]\sources\boot.wim,{ramdiskoptions} path \windows\system32\boot\winload.exe description Microsoft Windows PE 2.0 osdevice ramdisk=[boot]\sources\boot.wim,{ramdiskoptions} systemroot \windows detecthal Yes winpe Yes ems Yes Windows Boot Loader ------------------- identifier {current} device partition=C: path \Windows\system32\winload.exe description Windows 7 locale en-US inherit {bootloadersettings} recoverysequence {2ea0bf53-3337-11df-a4b4-f6c009def1f8} recoveryenabled Yes osdevice partition=C: systemroot \Windows resumeobject {c279be75-9b51-11de-9b93-a29d207e6d0e} nx OptIn Resume from Hibernate --------------------- identifier {c279be75-9b51-11de-9b93-a29d207e6d0e} device partition=C: path \Windows\system32\winresume.exe description Windows Resume Application locale en-US inherit {resumeloadersettings} filedevice partition=C: filepath \hiberfil.sys debugoptionenabled No Windows Memory Tester --------------------- identifier {memdiag} device partition=\Device\HarddiskVolume1 path \boot\memtest.exe description Windows Memory Diagnostic locale en-US inherit {globalsettings} badmemoryaccess Yes EMS Settings ------------ identifier {emssettings} bootems Yes Debugger Settings ----------------- identifier {dbgsettings} debugtype Serial debugport 1 baudrate 115200 RAM Defects ----------- identifier {badmemory} Global Settings --------------- identifier {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Boot Loader Settings -------------------- identifier {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Hypervisor Settings ------------------- identifier {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Resume Loader Settings ---------------------- identifier {resumeloadersettings} inherit {globalsettings} Device options -------------- identifier {2ea0bf54-3337-11df-a4b4-f6c009def1f8} description Ramdisk Options ramdisksdidevice partition=D: ramdisksdipath \Recovery\WindowsRE\boot.sdi Setup Ramdisk Options --------------------- identifier {ramdiskoptions} description Ramdisk Options ramdisksdidevice boot ramdisksdipath \boot\boot.sdi LastRegBack: 2013-09-01 13:09 ==================== End Of Log ============================