SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Power - C:\Windows\System32\umpo.dll (Microsoft Corporation)
SafeBootMin: Primary disk - Driver Group
SafeBootMin: RpcEptMapper - C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: Dhcp - C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - File not found
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: ndiscap - C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Power - C:\Windows\System32\umpo.dll (Microsoft Corporation)
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: RpcEptMapper - C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: msacm.divxa32 - C:\windows\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\windows\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)
========== Files/Folders - Created Within 30 Days ==========
[2010/05/04 17:58:58 | 000,000,000 | ---D | C] -- C:\Users\Kelsey\Desktop\read-this-before-posting-t3821_files
[2010/05/04 17:20:03 | 000,000,000 | ---D | C] -- C:\Users\Kelsey\AppData\Roaming\AVG9
[2010/05/03 18:05:59 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2010/05/03 18:05:59 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2010/05/03 17:43:48 | 000,000,000 | ---D | C] -- C:\Users\Kelsey\Documents\Downloads
[2010/05/03 11:50:06 | 000,000,000 | ---D | C] -- C:\Users\Kelsey\AppData\Local\Google
[2010/05/02 15:19:25 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\avgrsstx.dll
[2010/05/02 15:19:24 | 000,052,872 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\drivers\avgrkx86.sys
[2010/05/02 15:19:20 | 000,242,896 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\drivers\avgtdix.sys
[2010/05/02 15:19:06 | 000,216,200 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\drivers\avgldx86.sys
[2010/05/02 15:19:03 | 000,029,512 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\drivers\avgmfx86.sys
[2010/05/02 15:19:01 | 000,000,000 | ---D | C] -- C:\windows\System32\drivers\Avg
[2010/05/02 15:16:10 | 000,025,096 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\windows\System32\drivers\AVGIDSwx.sys
[2010/05/02 15:15:19 | 000,024,856 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\drivers\avgfwd6x.sys
[2010/05/02 15:11:24 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9
[2010/05/02 14:44:30 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\deployJava1.dll
[2010/05/02 14:44:30 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\javaws.exe
[2010/05/02 14:44:30 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\javaw.exe
[2010/05/02 14:44:30 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\java.exe
[2010/05/02 14:42:43 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2010/05/02 14:33:39 | 000,000,000 | ---D | C] -- C:\Users\Kelsey\AppData\Roaming\SystemRequirementsLab
[2010/05/01 14:46:58 | 000,000,000 | ---D | C] -- C:\Users\Kelsey\Desktop\win32-patcheddo-t21097-15_files
[2010/05/01 14:46:45 | 000,000,000 | ---D | C] -- C:\Users\Kelsey\Desktop\win32-patcheddo-t21097_files
[2010/04/29 20:19:19 | 000,000,000 | ---D | C] -- C:\35c607c03024c31468d9fd408cb9
[2010/04/29 20:19:18 | 000,000,000 | ---D | C] -- C:\Users\Kelsey\AppData\Roaming\PC Tools
[2010/04/29 20:19:18 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2010/04/29 20:19:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010/04/29 11:06:42 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\lsasrv.dll
[2010/04/29 11:06:42 | 000,133,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\ksecpkg.sys
[2010/04/29 10:48:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2010/04/29 10:48:28 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2010/04/29 00:07:48 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/04/26 23:44:58 | 000,000,000 | ---D | C] -- C:\Users\Kelsey\AppData\Roaming\Malwarebytes
[2010/04/26 23:44:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/04/26 23:44:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/04/26 16:00:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010/04/26 16:00:21 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/04/26 15:43:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010/04/26 15:43:04 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/04/25 16:20:21 | 000,000,000 | ---D | C] -- C:\Users\Kelsey\AppData\Local\Apps
[2010/04/24 11:53:46 | 000,000,000 | ---D | C] -- C:\Users\Kelsey\AppData\Local\ElevatedDiagnostics
[2010/04/19 22:43:52 | 000,000,000 | ---D | C] -- C:\Users\Kelsey\AppData\Roaming\Feedreader
[2010/04/18 13:37:34 | 000,000,000 | ---D | C] -- C:\Users\Kelsey\Documents\HotkeyService-1_15
[2010/04/18 13:36:49 | 000,000,000 | ---D | C] -- C:\Users\Kelsey\AppData\Roaming\Download Manager
[2010/04/17 00:59:04 | 003,954,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe
[2010/04/17 00:59:04 | 003,899,280 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe
[2010/04/17 00:59:03 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\vbscript.dll
[2010/04/15 19:30:00 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DX9_42.dll
[2010/04/15 19:29:59 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_31.dll
[2010/04/15 19:28:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2010/04/15 12:48:20 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/04/15 12:48:18 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/04/15 12:48:18 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/04/15 12:44:09 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/04/15 12:40:39 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/04/15 08:01:04 | 003,879,288 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Kelsey\Desktop\procexp.exe
[2010/04/11 23:17:16 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010/04/09 15:14:45 | 000,000,000 | ---D | C] -- C:\Users\Kelsey\Documents\School Planning
[2010/04/09 14:34:11 | 002,469,888 | ---- | C] (Online Media Technologies Ltd.) -- C:\windows\System32\NCTAudioCompress3.dll
[2010/04/09 14:34:11 | 002,183,168 | ---- | C] (NCT Company Ltd.) -- C:\windows\System32\NCTVideoCompress.dll
[2010/04/09 14:34:11 | 001,810,432 | ---- | C] (Online Media Technologies Ltd.) -- C:\windows\System32\NCTAudioCompress2.dll
[2010/04/09 14:34:11 | 000,987,136 | ---- | C] (NCT Company Ltd.) -- C:\windows\System32\NCTVideoCoreM.dll
[2010/04/09 14:34:11 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msvcp70.dll
[2010/04/09 14:34:11 | 000,348,160 | ---- | C] (Online Media Technologies Ltd.) -- C:\windows\System32\NCTWMAFile2.dll
[2010/04/09 14:34:11 | 000,290,816 | ---- | C] (NCT Company Ltd.) -- C:\windows\System32\NCTAVIFile.dll
[2010/04/09 14:34:11 | 000,196,608 | ---- | C] (NCT Company Ltd.) -- C:\windows\System32\NCTWMVFile.dll
[2010/04/09 14:34:11 | 000,139,264 | ---- | C] (NCT Company Ltd.) -- C:\windows\System32\NCTVideoFile.dll
[2010/04/09 14:34:11 | 000,090,112 | ---- | C] (Online Media Technologies Ltd.) -- C:\windows\System32\NCTAudioFormatSettings3.dll
[2010/04/09 12:29:44 | 000,000,000 | ---D | C] -- C:\windows\Minidump
[2010/04/09 10:51:36 | 000,000,000 | ---D | C] -- C:\Users\Kelsey\AppData\Roaming\Media Player Classic
[2010/04/05 17:53:30 | 000,000,000 | ---D | C] -- C:\Users\Kelsey\Desktop\Japan stuff
[2010/04/04 19:45:46 | 000,000,000 | ---D | C] -- C:\Users\Kelsey\AppData\Local\Microsoft Games
[2009/11/04 22:06:04 | 000,013,880 | ---- | C] ( ) -- C:\windows\System32\drivers\kbfiltr.sys
========== Files - Modified Within 30 Days ==========
[2010/05/04 18:01:51 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2010/05/04 18:01:42 | 1602,887,680 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/04 18:00:14 | 001,437,013 | -H-- | M] () -- C:\Users\Kelsey\AppData\Local\IconCache.db
[2010/05/04 17:59:01 | 000,027,110 | ---- | M] () -- C:\Users\Kelsey\Desktop\read-this-before-posting-t3821.htm
[2010/05/04 17:53:28 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT
[2010/05/04 17:51:22 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/05/04 17:51:22 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/05/04 17:33:51 | 002,359,296 | -HS- | M] () -- C:\Users\Kelsey\ntuser.dat
[2010/05/04 10:41:47 | 253,574,354 | ---- | M] () -- C:\windows\MEMORY.DMP
[2010/05/03 18:50:59 | 000,002,218 | ---- | M] () -- C:\Users\Kelsey\Desktop\Google Chrome.lnk
[2010/05/03 02:44:02 | 000,000,125 | ---- | M] () -- C:\Users\Kelsey\Desktop\aureset.cmd
[2010/05/03 02:29:52 | 003,879,288 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Kelsey\Desktop\procexp.exe
[2010/05/03 01:53:26 | 059,504,392 | ---- | M] () -- C:\windows\System32\drivers\Avg\incavi.avm
[2010/05/02 15:19:29 | 000,001,812 | ---- | M] () -- C:\Users\Public\Desktop\AVG 9.0.lnk
[2010/05/02 15:19:28 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\avgrsstx.dll
[2010/05/02 15:19:25 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\drivers\avgrkx86.sys
[2010/05/02 15:19:24 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\drivers\avgtdix.sys
[2010/05/02 15:19:07 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\drivers\avgldx86.sys
[2010/05/02 15:19:06 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\drivers\avgmfx86.sys
[2010/05/02 15:19:03 | 000,583,987 | ---- | M] () -- C:\windows\System32\drivers\Avg\iavifw.avm
[2010/05/02 15:19:02 | 000,113,461 | ---- | M] () -- C:\windows\System32\drivers\Avg\iavichjw.avm
[2010/05/02 15:16:10 | 000,025,096 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\windows\System32\drivers\AVGIDSwx.sys
[2010/05/02 15:15:19 | 000,024,856 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\System32\drivers\avgfwd6x.sys
[2010/05/01 14:46:59 | 000,040,634 | ---- | M] () -- C:\Users\Kelsey\Desktop\win32-patcheddo-t21097-15.htm
[2010/05/01 14:46:47 | 000,159,780 | ---- | M] () -- C:\Users\Kelsey\Desktop\win32-patcheddo-t21097.htm
[2010/05/01 14:35:22 | 000,000,000 | -H-- | M] () -- C:\Users\Kelsey\Documents\Default.rdp
[2010/04/29 11:28:52 | 000,713,888 | ---- | M] () -- C:\windows\System32\PerfStringBackup.INI
[2010/04/29 11:28:52 | 000,103,702 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2010/04/29 11:28:52 | 000,000,000 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2010/04/29 10:14:26 | 000,000,057 | ---- | M] () -- C:\windows\System32\mapisvc.inf
[2010/04/29 01:48:17 | 000,524,288 | -HS- | M] () -- C:\Users\Kelsey\ntuser.dat{0f867801-52e4-11df-9d1f-485b390770f3}.TMContainer00000000000000000002.regtrans-ms
[2010/04/29 01:48:17 | 000,524,288 | -HS- | M] () -- C:\Users\Kelsey\ntuser.dat{0f867801-52e4-11df-9d1f-485b390770f3}.TMContainer00000000000000000001.regtrans-ms
[2010/04/29 01:48:17 | 000,065,536 | -HS- | M] () -- C:\Users\Kelsey\ntuser.dat{0f867801-52e4-11df-9d1f-485b390770f3}.TM.blf
[2010/04/29 01:23:13 | 000,524,288 | -HS- | M] () -- C:\Users\Kelsey\ntuser.dat{17604d9c-52df-11df-982d-485b390770f3}.TMContainer00000000000000000002.regtrans-ms
[2010/04/29 01:23:13 | 000,524,288 | -HS- | M] () -- C:\Users\Kelsey\ntuser.dat{17604d9c-52df-11df-982d-485b390770f3}.TMContainer00000000000000000001.regtrans-ms
[2010/04/29 01:23:13 | 000,065,536 | -HS- | M] () -- C:\Users\Kelsey\ntuser.dat{17604d9c-52df-11df-982d-485b390770f3}.TM.blf
[2010/04/18 13:37:19 | 003,149,611 | ---- | M] () -- C:\Users\Kelsey\Documents\HotkeyService-1_15.zip
[2010/04/12 17:29:27 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\javaws.exe
[2010/04/12 17:29:26 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\javaw.exe
[2010/04/12 17:29:25 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\java.exe
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\deployJava1.dll
========== Files Created - No Company Name ==========
[2010/05/04 17:58:58 | 000,027,110 | ---- | C] () -- C:\Users\Kelsey\Desktop\read-this-before-posting-t3821.htm
[2010/05/03 18:50:59 | 000,002,218 | ---- | C] () -- C:\Users\Kelsey\Desktop\Google Chrome.lnk
[2010/05/03 02:43:22 | 000,000,125 | ---- | C] () -- C:\Users\Kelsey\Desktop\aureset.cmd
[2010/05/02 15:19:29 | 000,001,812 | ---- | C] () -- C:\Users\Public\Desktop\AVG 9.0.lnk
[2010/05/02 15:19:02 | 000,583,987 | ---- | C] () -- C:\windows\System32\drivers\Avg\iavifw.avm
[2010/05/02 15:19:02 | 000,113,461 | ---- | C] () -- C:\windows\System32\drivers\Avg\iavichjw.avm
[2010/05/02 15:19:01 | 059,504,392 | ---- | C] () -- C:\windows\System32\drivers\Avg\incavi.avm
[2010/05/01 14:46:58 | 000,040,634 | ---- | C] () -- C:\Users\Kelsey\Desktop\win32-patcheddo-t21097-15.htm
[2010/05/01 14:46:44 | 000,159,780 | ---- | C] () -- C:\Users\Kelsey\Desktop\win32-patcheddo-t21097.htm
[2010/05/01 14:35:22 | 000,000,000 | -H-- | C] () -- C:\Users\Kelsey\Documents\Default.rdp
[2010/04/29 01:48:17 | 000,524,288 | -HS- | C] () -- C:\Users\Kelsey\ntuser.dat{0f867801-52e4-11df-9d1f-485b390770f3}.TMContainer00000000000000000002.regtrans-ms
[2010/04/29 01:48:17 | 000,524,288 | -HS- | C] () -- C:\Users\Kelsey\ntuser.dat{0f867801-52e4-11df-9d1f-485b390770f3}.TMContainer00000000000000000001.regtrans-ms
[2010/04/29 01:48:17 | 000,065,536 | -HS- | C] () -- C:\Users\Kelsey\ntuser.dat{0f867801-52e4-11df-9d1f-485b390770f3}.TM.blf
[2010/04/29 01:23:13 | 000,524,288 | -HS- | C] () -- C:\Users\Kelsey\ntuser.dat{17604d9c-52df-11df-982d-485b390770f3}.TMContainer00000000000000000002.regtrans-ms
[2010/04/29 01:23:13 | 000,524,288 | -HS- | C] () -- C:\Users\Kelsey\ntuser.dat{17604d9c-52df-11df-982d-485b390770f3}.TMContainer00000000000000000001.regtrans-ms
[2010/04/29 01:23:13 | 000,065,536 | -HS- | C] () -- C:\Users\Kelsey\ntuser.dat{17604d9c-52df-11df-982d-485b390770f3}.TM.blf
[2010/04/18 13:37:17 | 003,149,611 | ---- | C] () -- C:\Users\Kelsey\Documents\HotkeyService-1_15.zip
[2010/04/09 12:29:39 | 253,574,354 | ---- | C] () -- C:\windows\MEMORY.DMP
[2010/04/09 10:07:16 | 000,165,376 | ---- | C] () -- C:\windows\System32\unrar.dll
[2010/03/29 06:42:33 | 000,006,144 | ---- | C] () -- C:\windows\System32\drivers\ASUSHWIO.SYS
[2010/01/07 07:14:26 | 000,011,448 | ---- | C] () -- C:\windows\System32\drivers\AsUpIO.sys
[2010/01/07 07:14:18 | 000,001,769 | ---- | C] () -- C:\windows\Language_trs.ini
[2010/01/07 06:47:03 | 000,021,864 | ---- | C] () -- C:\windows\AsAcpiSvrLang.ini
[2009/07/14 08:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009/07/14 08:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
========== Custom Scans ==========
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2009/07/14 10:14:53 | 001,739,776 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\apds.dll
< %systemroot%\system32\*.exe /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.sys >
[2009/07/14 06:40:41 | 000,009,029 | ---- | M] () -- C:\Windows\System32\ANSI.SYS
[2009/10/06 02:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) -- C:\Windows\System32\athr.sys
[2009/07/14 10:26:21 | 000,249,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clfs.sys
[2009/07/14 06:40:44 | 000,027,097 | ---- | M] () -- C:\Windows\System32\country.sys
[2009/07/14 06:40:40 | 000,004,768 | ---- | M] () -- C:\Windows\System32\HIMEM.SYS
[2009/07/14 06:40:43 | 000,042,809 | ---- | M] () -- C:\Windows\System32\KEY01.SYS
[2009/07/14 06:40:43 | 000,042,537 | ---- | M] () -- C:\Windows\System32\KEYBOARD.SYS
[2009/07/14 06:40:23 | 000,027,866 | ---- | M] () -- C:\Windows\System32\NTDOS.SYS
[2009/07/14 06:40:31 | 000,029,146 | ---- | M] () -- C:\Windows\System32\NTDOS404.SYS
[2009/07/14 06:40:35 | 000,029,370 | ---- | M] () -- C:\Windows\System32\NTDOS411.SYS
[2009/07/14 06:40:39 | 000,029,274 | ---- | M] () -- C:\Windows\System32\NTDOS412.SYS
[2009/07/14 06:40:27 | 000,029,146 | ---- | M] () -- C:\Windows\System32\NTDOS804.SYS
[2009/07/14 06:40:11 | 000,033,952 | ---- | M] () -- C:\Windows\System32\NTIO.SYS
[2009/07/14 06:40:15 | 000,034,672 | ---- | M] () -- C:\Windows\System32\NTIO404.SYS
[2009/07/14 06:40:17 | 000,035,776 | ---- | M] () -- C:\Windows\System32\NTIO411.SYS
[2009/07/14 06:40:19 | 000,035,536 | ---- | M] () -- C:\Windows\System32\NTIO412.SYS
[2009/07/14 06:40:13 | 000,034,672 | ---- | M] () -- C:\Windows\System32\NTIO804.SYS
[2009/07/14 08:26:52 | 002,326,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
< %systemroot%\system32\drivers\*.dll >
< %systemroot%\system32\drivers\*.ini >
< %systemroot%\system32\drivers\*.exe >
< %SYSTEMDRIVE%\*.* >
[2009/06/11 06:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/07/14 10:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2009/06/11 06:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010/05/04 18:01:42 | 1602,887,680 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/04 18:01:44 | 2137,186,304 | -HS- | M] () -- C:\pagefile.sys
< %PROGRAMFILES%\*. >
[2010/01/07 07:24:23 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2010/04/26 15:43:04 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software
[2010/03/29 07:41:31 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2010/01/07 07:49:45 | 000,000,000 | ---D | M] -- C:\Program Files\ASUS
[2010/01/07 06:44:04 | 000,000,000 | ---D | M] -- C:\Program Files\Atheros
[2010/03/30 06:02:43 | 000,000,000 | ---D | M] -- C:\Program Files\AVG
[2010/04/29 01:47:45 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2010/04/29 20:19:18 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2010/01/07 06:45:47 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2010/04/29 01:46:26 | 000,000,000 | ---D | M] -- C:\Program Files\Digsby
[2010/04/18 09:51:58 | 000,000,000 | ---D | M] -- C:\Program Files\DVD Maker
[2010/01/08 07:43:35 | 000,000,000 | ---D | M] -- C:\Program Files\E-Cam
[2010/01/07 06:53:25 | 000,000,000 | ---D | M] -- C:\Program Files\EBI
[2010/01/07 06:47:21 | 000,000,000 | ---D | M] -- C:\Program Files\EeePC
[2010/03/30 12:06:49 | 000,000,000 | ---D | M] -- C:\Program Files\GRETECH
[2010/04/29 01:43:10 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2010/01/07 06:40:12 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2010/04/18 09:51:58 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2010/04/29 01:43:10 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2010/04/29 01:46:28 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2010/05/02 14:44:23 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2010/04/29 10:48:35 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/03/29 06:39:12 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2009/07/14 13:52:30 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2010/01/07 07:01:49 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2010/01/07 07:00:41 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office Suite Activation Assistant
[2010/03/29 06:37:12 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010/03/29 06:38:33 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Sync Framework
[2010/01/07 07:02:11 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio 8
[2010/03/30 13:26:39 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2010/01/07 06:57:52 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010/04/04 14:57:29 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2009/07/14 13:52:30 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2010/01/07 06:49:39 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2010/01/07 07:49:47 | 000,000,000 | ---D | M] -- C:\Program Files\Oberon Media
[2010/04/15 12:44:50 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2010/01/07 06:41:25 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
[2009/07/14 13:52:30 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2010/01/07 07:14:08 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2010/04/29 01:18:38 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
[2010/01/07 06:42:29 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2010/05/02 14:42:43 | 000,000,000 | ---D | M] -- C:\Program Files\SystemRequirementsLab
[2010/01/08 07:54:26 | 000,000,000 | -H-D | M] -- C:\Program Files\Temp
[2010/05/02 17:06:46 | 000,000,000 | ---D | M] -- C:\Program Files\Trend Micro
[2009/07/14 13:53:23 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2010/05/01 11:04:07 | 000,000,000 | ---D | M] -- C:\Program Files\uTorrent
[2010/04/29 01:46:39 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2010/03/29 06:39:05 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2010/03/29 06:35:59 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
[2010/04/18 09:51:58 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2010/05/03 18:05:59 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2009/07/14 13:52:30 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2010/04/29 01:46:39 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Viewer
[2009/07/14 13:52:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2010/05/03 18:06:04 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
< %appdata%\*.* >
< MD5 for: AGP440.SYS >
[2009/07/14 10:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009/07/14 10:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/07/14 10:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 10:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009/07/14 10:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009/07/14 10:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009/07/14 10:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll