OTL scans:
OTL logfile created on: 9/1/2013 12:54:25 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00004809 | Country: Singapore | Language: ENE | Date Format: d/M/yyyy
7.91 Gb Total Physical Memory | 3.63 Gb Available Physical Memory | 45.89% Memory free
15.83 Gb Paging File | 11.10 Gb Available in Paging File | 70.13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 109.24 Gb Total Space | 27.21 Gb Free Space | 24.91% Space Free | Partition Type: NTFS
Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/01/09 12:51:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Downloads\OTL.exe
PRC - [2012/12/12 17:57:16 | 000,140,128 | ---- | M] (北京悠然天地科技有限公司) -- C:\Program Files (x86)\kuaiyong\DRM\KYDeviceServer.exe
PRC - [2012/12/05 09:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012/12/02 01:23:06 | 000,202,592 | ---- | M] (BullGuard Ltd.) -- C:\Program Files\BullGuard Ltd\BullGuard\Files32\Spamfilter\LittleHook.exe
PRC - [2012/12/01 22:48:33 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
PRC - [2012/10/11 10:29:13 | 000,143,928 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccsvchst.exe
PRC - [2012/10/01 15:09:24 | 000,055,184 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
PRC - [2012/09/19 21:10:10 | 001,177,536 | R--- | M] (Western Digital ) -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
PRC - [2012/09/19 21:10:06 | 001,157,056 | R--- | M] (Western Digital ) -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
PRC - [2012/09/19 21:03:58 | 005,236,664 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
PRC - [2012/09/19 21:02:48 | 000,248,248 | R--- | M] (Western Digital) -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
PRC - [2012/08/09 23:12:18 | 000,055,184 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
PRC - [2012/07/28 04:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/03/21 06:09:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/02/01 16:24:40 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/02/01 16:24:38 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/11/03 12:01:34 | 000,983,104 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2010/11/03 12:01:20 | 001,298,496 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2010/11/03 11:53:28 | 000,897,088 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2010/11/03 11:53:06 | 000,979,008 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
PRC - [2010/09/29 18:05:32 | 000,048,752 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
PRC - [2009/08/13 06:06:00 | 000,662,016 | ---- | M] (Sonix) -- C:\Windows\vsnp2uvc.exe
========== Modules (No Company Name) ==========
MOD - [2012/12/05 09:15:15 | 012,456,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
MOD - [2012/12/05 09:15:15 | 000,460,904 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppgooglenaclpluginchrome.dll
MOD - [2012/12/05 09:15:14 | 004,008,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll
MOD - [2012/12/05 09:14:29 | 000,587,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\libglesv2.dll
MOD - [2012/12/05 09:14:28 | 000,124,520 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\libegl.dll
MOD - [2012/12/05 09:14:21 | 000,157,304 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avutil-51.dll
MOD - [2012/12/05 09:14:20 | 000,275,576 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avformat-54.dll
MOD - [2012/12/05 09:14:19 | 002,168,952 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll
MOD - [2012/11/28 14:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/11/28 14:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/06/26 17:32:38 | 000,482,656 | ---- | M] () -- C:\Program Files\BullGuard Ltd\BullGuard\Files32\SQLite.dll
MOD - [2012/05/30 22:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\wincfi39.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013/01/07 19:18:49 | 000,583,008 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- c:\Program Files\BullGuard Ltd\BullGuard\BsFire.dll -- (BsFire)
SRV:64bit: - [2012/12/17 18:03:41 | 000,366,432 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe -- (BsBhvScan)
SRV:64bit: - [2012/12/17 18:03:41 | 000,335,200 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll -- (BsMain)
SRV:64bit: - [2012/12/17 18:03:41 | 000,221,536 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe -- (BsScanner)
SRV:64bit: - [2012/12/17 18:03:40 | 000,378,208 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- c:\Program Files\BullGuard Ltd\BullGuard\BsFileScan.dll -- (BsFileScan)
SRV:64bit: - [2012/12/17 18:03:39 | 000,612,192 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- c:\Program Files\BullGuard Ltd\BullGuard\BsMailProxy\BsMailProxy.dll -- (BsMailProxy)
SRV:64bit: - [2012/12/17 18:03:38 | 000,669,536 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BsBackup.dll -- (BsBackup)
SRV:64bit: - [2012/12/17 18:00:25 | 000,379,232 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe -- (BsUpdate)
SRV:64bit: - [2010/06/17 15:47:12 | 000,063,336 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\PSUtility\PSUService.exe -- (PowerSavingUtilityService)
SRV:64bit: - [2009/07/14 09:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/01/09 12:52:55 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/12 17:57:16 | 000,140,128 | ---- | M] (北京悠然天地科技有限公司) [Auto | Running] -- C:\Program Files (x86)\kuaiyong\DRM\KYDeviceServer.exe -- (KYDeviceServer)
SRV - [2012/10/11 10:29:13 | 000,143,928 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe -- (NIS)
SRV - [2012/09/19 21:10:10 | 001,177,536 | R--- | M] (Western Digital ) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe -- (WDRulesService)
SRV - [2012/09/19 21:10:06 | 001,157,056 | R--- | M] (Western Digital ) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe -- (WDBackup)
SRV - [2012/09/19 21:02:48 | 000,248,248 | R--- | M] (Western Digital) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe -- (WDDriveService)
SRV - [2012/07/28 04:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/01/31 10:59:44 | 000,103,992 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2011/03/21 06:09:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/02/01 16:24:40 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/02/01 16:24:38 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/11/03 12:01:34 | 000,983,104 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2010/11/03 12:01:20 | 001,298,496 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2010/11/03 11:53:28 | 000,897,088 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/01/03 22:33:54 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/12/17 18:03:43 | 000,040,544 | R--- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afw.sys -- (AFW)
DRV:64bit: - [2012/12/17 18:03:40 | 000,464,480 | R--- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\afwcore.sys -- (afwcore)
DRV:64bit: - [2012/10/09 09:00:02 | 000,776,864 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1402000.013\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012/10/04 15:38:58 | 000,034,928 | ---- | M] (BullGuard Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BdNet.sys -- (BdNet)
DRV:64bit: - [2012/10/04 09:40:35 | 001,133,216 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1402000.013\symefa64.sys -- (SymEFA)
DRV:64bit: - [2012/10/04 09:40:20 | 000,493,216 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1402000.013\symds64.sys -- (SymDS)
DRV:64bit: - [2012/10/04 09:19:14 | 000,168,096 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1402000.013\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2012/09/28 10:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/09/13 07:20:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/09/07 10:05:14 | 000,432,800 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1402000.013\symnets.sys -- (SymNetS)
DRV:64bit: - [2012/09/07 09:48:08 | 000,224,416 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1402000.013\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012/08/23 22:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 22:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 22:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/06/26 17:48:40 | 000,068,208 | ---- | M] (BullGuard Ltd.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\BdSpy.sys -- (BdSpy)
DRV:64bit: - [2012/06/26 17:48:36 | 000,290,376 | ---- | M] (BitDefender S.R.L.) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Trufos.sys -- (Trufos)
DRV:64bit: - [2012/06/26 17:48:34 | 000,256,072 | ---- | M] (NovaShield, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\NSKernel.sys -- (NovaShieldFilterDriver)
DRV:64bit: - [2012/06/26 17:48:34 | 000,025,160 | ---- | M] (NovaShield, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSNetmon.sys -- (NovaShieldTDIDriver)
DRV:64bit: - [2012/05/25 13:36:55 | 000,037,496 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1402000.013\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012/03/26 14:50:12 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2012/03/01 14:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/09 19:45:00 | 000,060,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2011/11/15 01:13:00 | 000,327,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2011/10/21 12:30:02 | 012,310,112 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/08/23 08:12:56 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011/05/01 14:33:06 | 008,593,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011/03/24 06:47:02 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2011/03/24 06:47:02 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011/03/21 06:09:00 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011/03/11 14:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 14:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/10 17:55:48 | 001,803,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2011/02/17 18:11:54 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/12/28 13:45:54 | 000,412,776 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/12/01 02:12:06 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/11/25 06:59:16 | 000,694,888 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su)
DRV:64bit: - [2010/11/21 11:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/04 05:07:06 | 000,058,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2009/11/19 06:45:08 | 000,299,568 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/07/14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/24 14:31:30 | 000,021,104 | ---- | M] (FUJITSU LIMITED) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\FBIOSDRV.sys -- (FBIOSDRV)
DRV:64bit: - [2009/06/11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2006/11/01 19:59:24 | 000,007,296 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02e3.sys -- (FUJ02E3)
DRV:64bit: - [2006/11/01 19:20:28 | 000,007,808 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02b1.sys -- (FUJ02B1)
DRV - [2013/01/03 22:54:44 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130108.022\ex64.sys -- (NAVEX15)
DRV - [2013/01/03 22:54:44 | 000,126,112 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130108.022\eng64.sys -- (NAVENG)
DRV - [2013/01/02 16:57:22 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20130108.002\IDSviA64.sys -- (IDSVia64)
DRV - [2012/11/30 00:48:34 | 001,384,608 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20130107.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/08/18 17:00:00 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/08/18 17:00:00 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/07/14 09:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://sg.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://xin.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-SG
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2D 2A E9 81 B0 CF CD 01 [binary data]
IE - HKCU\..\URLSearchHook: {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@kuaiyong.yrtd.com,version=1.0.1.1: C:\Program Files (x86)\kuaiyong\np_kyplugin.dll (YRTD)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\IPSFFPlgn\ [2013/01/03 22:34:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\coFFPlgn\ [2013/01/09 00:20:45 | 000,000,000 | ---D | M]
[2012/12/01 23:44:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\extensions
[2012/12/01 23:44:23 | 000,000,000 | ---D | M] (BitTorrentControl_v12) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}
========== Chrome ==========
CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java Platform SE 6 U37 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
CHR - plugin: Java Deployment Toolkit 6.0.370.6 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - Extension: YouTube = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: BitTorrentControl_v12 = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf\10.13.20.29_0\
CHR - Extension: TimelineRemove = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnedfaenfnkikficknkklbdedlecmpgc\1.0.7_0\
CHR - Extension: AdBlock = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.54_0\
CHR - Extension: Norton Identity Protection = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.2.0.18_0\
CHR - Extension: Yontoo = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\
CHR - Extension: Gmail = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012/12/21 23:52:20 | 000,000,960 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 192.168.1.74 Alias.27 # WD SmartWare: uuid:73656761-7465-7375-636b-0090a9b5a3bc
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} - No CLSID value found.
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [BullGuard] C:\Program Files\BullGuard Ltd\BullGuard\bullguard.exe (BullGuard Ltd.)
O4:64bit: - HKLM..\Run: [BullGuardUpdate2] c:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate2.exe (BullGuard Ltd.)
O4:64bit: - HKLM..\Run: [FDM7] C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [LoadFUJ02E3] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PSUTility] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime Alternative\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix)
O4 - HKLM..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Western Digital Technologies, Inc.)
O4 - HKCU..\Run: [iDevice Manager Launcher] C:\Program Files (x86)\Software4u\iDevice Manager\Software4u.IPELauncher.exe (Marx Softwareentwicklung - www.software4u.de)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{49E1A37A-7A62-423B-84C5-74E8A72A5E55}: DhcpNameServer = 165.21.83.88 165.21.100.88
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8EF096BA-09ED-411F-A82C-D1D5EB78BA49}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CE9058A3-E199-490C-BAB3-9AB28A4048A8}: DhcpNameServer = 208.67.222.222 208.67.220.220 165.21.100.88 165.21.83.88
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:64bit: - AppInit_DLLs: (c:\PROGRA~1\BULLGU~1\BULLGU~1\BgAgent.dll) - c:\Program Files\BullGuard Ltd\BullGuard\BgAgent.dll (BullGuard Ltd.)
O20:64bit: - AppInit_DLLs: (BgGamingMonitor.dll) - C:\Windows\SysNative\BgGamingMonitor.dll (BullGuard Ltd.)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\PROGRA~1\BULLGU~1\BULLGU~1\Files32\BgAgent.dll) - c:\Program Files\BullGuard Ltd\BullGuard\Files32\BgAgent.dll (BullGuard Ltd.)
O20 - AppInit_DLLs: (BgGamingMonitor.dll) - C:\Windows\SysWow64\BgGamingMonitor.dll (BullGuard Ltd.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/01/09 12:40:29 | 000,000,000 | ---D | C] -- C:\Windows\DRM
[2013/01/09 12:33:11 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\kuaiyong
[2013/01/09 12:33:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\辦蚚彆翑忒
[2013/01/09 12:33:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\kuaiyong
[2013/01/07 16:41:11 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Windows Live
[2013/01/07 13:40:19 | 000,000,000 | R--D | C] -- C:\Users\Owner\Documents\Scanned Documents
[2013/01/07 13:40:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Fax
[2013/01/06 09:16:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Dance_data
[2013/01/05 03:11:56 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\CrashDumps
[2013/01/04 05:10:47 | 001,133,216 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1402000.013\symefa64.sys
[2013/01/04 05:10:47 | 000,776,864 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1402000.013\srtsp64.sys
[2013/01/04 05:10:47 | 000,493,216 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1402000.013\symds64.sys
[2013/01/04 05:10:47 | 000,432,800 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1402000.013\symnets.sys
[2013/01/04 05:10:47 | 000,037,496 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1402000.013\srtspx64.sys
[2013/01/04 05:10:47 | 000,023,448 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1402000.013\symelam.sys
[2013/01/04 05:10:46 | 000,224,416 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1402000.013\ironx64.sys
[2013/01/04 05:10:46 | 000,168,096 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1402000.013\ccsetx64.sys
[2013/01/04 05:10:41 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64\1402000.013
[2013/01/03 23:32:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2013/01/03 22:36:24 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Symantec
[2013/01/03 22:33:54 | 000,177,312 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013/01/03 22:33:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2013/01/03 22:33:54 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2013/01/03 22:33:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64
[2013/01/03 22:33:33 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
[2013/01/03 22:33:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Internet Security
[2013/01/03 22:33:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2013/01/03 22:33:21 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2013/01/03 22:33:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2013/01/01 04:59:22 | 000,000,000 | R--D | C] -- C:\Users\Owner\Videos
[2012/12/27 13:11:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Run As Date
[2012/12/27 13:11:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Run As Date
[2012/12/27 05:31:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BrainWave Generator
[2012/12/26 00:14:01 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Diagnostics
[2012/12/24 16:37:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/12/21 23:43:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
[2012/12/21 23:43:35 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital
[2012/12/21 23:43:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Western Digital
[2012/12/21 23:38:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Western_Digital
[2012/12/21 23:38:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Western Digital
[2012/12/21 23:35:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Western Digital
[2012/12/17 18:03:44 | 000,118,256 | ---- | C] (BullGuard Ltd.) -- C:\Windows\SysNative\BgGamingMonitor.dll
[2012/12/17 18:03:44 | 000,106,896 | ---- | C] (BullGuard Ltd.) -- C:\Windows\SysWow64\BgGamingMonitor.dll
[2012/12/16 11:43:54 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\redsn0w
[2012/12/15 21:19:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery
[2012/12/15 21:19:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Elcomsoft Password Recovery
[2012/12/15 21:19:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elcomsoft Password Recovery
[2012/12/15 21:19:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elcomsoft
[2012/12/15 18:22:30 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\AdobeSupportAdvisor.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1
[2012/12/15 18:22:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Support Advisor
[2012/12/15 18:22:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2012/12/15 18:22:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2012/12/15 18:18:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/12/15 18:18:08 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/12/15 18:18:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/12/15 18:18:08 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/12/15 18:18:08 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012/12/15 18:13:18 | 000,000,000 | ---D | C] -- C:\Users\Owner\.shsh
[2012/12/13 13:16:04 | 000,000,000 | ---D | C] -- C:\Windows\AutoKMS
[2012/12/13 13:13:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2012/12/13 13:13:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012/12/13 13:13:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2012/12/13 13:13:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012/12/13 13:12:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2012/12/13 13:12:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2012/12/13 13:12:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/12/13 13:12:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2012/12/13 13:12:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012/12/13 13:11:55 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012/12/13 13:11:19 | 000,000,000 | ---D | C] -- C:\ProgramData\SafeNet Sentinel
[2012/12/13 13:11:17 | 000,000,000 | ---D | C] -- C:\ProgramData\SPSS
[2012/12/13 13:11:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics
[2012/12/13 13:11:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\IBM
[2012/12/13 13:10:47 | 000,000,000 | ---D | C] -- C:\Program Files\IBM
[2012/12/12 19:30:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Yahoo!
[2012/12/12 19:29:07 | 000,048,637 | ---- | C] (Pcre) -- C:\Windows\SysWow64\pcre.dll
[2012/12/12 19:28:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dll-Files.com Fixer
[2012/12/12 19:27:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
[2012/12/12 19:27:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2012/12/12 19:26:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
========== Files - Modified Within 30 Days ==========
[2013/01/09 12:53:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/09 12:52:57 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/09 12:40:30 | 000,007,313 | ---- | M] () -- C:\Windows\unins000.dat
[2013/01/09 12:40:29 | 000,727,737 | ---- | M] () -- C:\Windows\unins000.exe
[2013/01/09 12:40:00 | 000,001,015 | ---- | M] () -- C:\Users\Public\Desktop\辦蚚彆翑忒.lnk
[2013/01/09 12:33:07 | 000,001,039 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\辦蚚彆翑忒.lnk
[2013/01/09 12:21:24 | 000,000,512 | ---- | M] () -- C:\Windows\SysNative\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
[2013/01/09 00:26:22 | 000,781,298 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/01/09 00:26:22 | 000,653,724 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/01/09 00:26:22 | 000,121,596 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/01/09 00:25:59 | 000,028,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/09 00:25:59 | 000,028,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/09 00:21:22 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/09 00:20:59 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2013/01/09 00:20:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/09 00:20:34 | 2078,765,055 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/07 16:54:09 | 000,001,072 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/01/07 14:21:04 | 000,183,160 | ---- | M] () -- C:\Users\Owner\Desktop\Immigration & Checkpoints Authority - APPLES.pdf
[2013/01/06 09:16:28 | 000,011,616 | ---- | M] () -- C:\Users\Owner\Desktop\Dance.aup
[2013/01/05 03:11:29 | 001,443,943 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1402000.013\Cat.DB
[2013/01/05 03:11:25 | 000,013,946 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1402000.013\VT20121114.016
[2013/01/03 22:33:54 | 000,177,312 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013/01/03 22:33:54 | 000,007,466 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013/01/03 22:33:54 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2013/01/02 03:38:48 | 000,001,483 | ---- | M] () -- C:\Users\Owner\Desktop\SmartWare (MyBookLive) - Shortcut.lnk
[2012/12/30 11:26:55 | 000,417,936 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/12/30 05:05:25 | 000,001,687 | ---- | M] () -- C:\Users\Owner\Documents\Document1.gno
[2012/12/27 13:31:06 | 000,028,672 | ---- | M] () -- C:\Windows\SysWow64\NSREG.DLL
[2012/12/27 13:11:09 | 000,000,997 | ---- | M] () -- C:\Users\Public\Desktop\RunAsDate.exe.lnk
[2012/12/24 16:37:25 | 000,001,911 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/12/21 23:52:20 | 000,000,960 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/12/17 18:03:43 | 000,040,544 | R--- | M] (Agnitum Ltd.) -- C:\Windows\SysNative\drivers\afw.sys
[2012/12/17 18:03:42 | 000,118,256 | ---- | M] (BullGuard Ltd.) -- C:\Windows\SysNative\BgGamingMonitor.dll
[2012/12/17 18:03:42 | 000,106,896 | ---- | M] (BullGuard Ltd.) -- C:\Windows\SysWow64\BgGamingMonitor.dll
[2012/12/17 18:03:40 | 000,464,480 | R--- | M] (Agnitum Ltd.) -- C:\Windows\SysNative\drivers\afwcore.sys
[2012/12/15 20:22:01 | 000,000,877 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.umbrella
[2012/12/15 18:22:28 | 000,001,007 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Support Advisor.lnk
[2012/12/15 18:18:26 | 000,001,789 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/12/15 18:02:37 | 930,637,985 | ---- | M] () -- C:\Users\Owner\Desktop\iPhone3,1_6.0_10A403_Restore.ipsw
[2012/12/15 17:51:54 | 017,279,732 | ---- | M] () -- C:\Users\Owner\redsn0w_win_0.9.15b3.zip
[2012/12/13 13:10:44 | 000,001,025 | ---- | M] () -- C:\Windows\SysWow64\sysprs7.tgz
[2012/12/13 13:10:44 | 000,001,025 | ---- | M] () -- C:\Windows\SysWow64\sysprs7.dll
[2012/12/13 13:10:44 | 000,000,219 | ---- | M] () -- C:\Windows\SysWow64\lsprst7.tgz
[2012/12/13 13:10:44 | 000,000,205 | ---- | M] () -- C:\Windows\SysWow64\lsprst7.dll
[2012/12/13 13:10:44 | 000,000,016 | -H-- | M] () -- C:\Windows\SysWow64\servdat.slm
[2012/12/12 19:29:08 | 000,048,637 | ---- | M] (Pcre) -- C:\Windows\SysWow64\pcre.dll
[2012/12/12 19:27:31 | 000,001,167 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
========== Files Created - No Company Name ==========
[2013/01/09 12:40:29 | 000,727,737 | ---- | C] () -- C:\Windows\unins000.exe
[2013/01/09 12:40:29 | 000,007,313 | ---- | C] () -- C:\Windows\unins000.dat
[2013/01/09 12:33:07 | 000,001,039 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\辦蚚彆翑忒.lnk
[2013/01/09 12:33:07 | 000,001,015 | ---- | C] () -- C:\Users\Public\Desktop\辦蚚彆翑忒.lnk
[2013/01/09 12:21:24 | 000,000,512 | ---- | C] () -- C:\Windows\SysNative\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
[2013/01/07 14:21:04 | 000,183,160 | ---- | C] () -- C:\Users\Owner\Desktop\Immigration & Checkpoints Authority - APPLES.pdf
[2013/01/06 09:16:28 | 000,011,616 | ---- | C] () -- C:\Users\Owner\Desktop\Dance.aup
[2013/01/05 03:11:25 | 001,443,943 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1402000.013\Cat.DB
[2013/01/05 03:11:25 | 000,013,946 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1402000.013\VT20121114.016
[2013/01/04 05:10:47 | 000,009,670 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1402000.013\symelam64.cat
[2013/01/04 05:10:47 | 000,007,605 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1402000.013\srtspx64.cat
[2013/01/04 05:10:47 | 000,007,603 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1402000.013\symefa64.cat
[2013/01/04 05:10:47 | 000,007,601 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1402000.013\symnet64.cat
[2013/01/04 05:10:47 | 000,007,597 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1402000.013\symds64.cat
[2013/01/04 05:10:47 | 000,003,433 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1402000.013\symefa.inf
[2013/01/04 05:10:47 | 000,002,851 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1402000.013\symds.inf
[2013/01/04 05:10:47 | 000,001,440 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1402000.013\symnet.inf
[2013/01/04 05:10:47 | 000,001,437 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1402000.013\srtsp64.inf
[2013/01/04 05:10:47 | 000,001,418 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1402000.013\srtspx64.inf
[2013/01/04 05:10:47 | 000,000,996 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1402000.013\symelam.inf
[2013/01/04 05:10:46 | 000,007,611 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1402000.013\ccsetx64.cat
[2013/01/04 05:10:46 | 000,007,601 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1402000.013\srtsp64.cat
[2013/01/04 05:10:46 | 000,007,593 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1402000.013\iron.cat
[2013/01/04 05:10:46 | 000,000,853 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1402000.013\ccsetx64.inf
[2013/01/04 05:10:46 | 000,000,767 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1402000.013\iron.inf
[2013/01/04 05:10:41 | 000,009,103 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1402000.013\symvtcer.dat
[2013/01/04 05:10:41 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1402000.013\isolate.ini
[2013/01/03 22:33:54 | 000,007,466 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013/01/03 22:33:54 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2013/01/03 13:52:47 | 011,117,497 | ---- | C] () -- C:\Users\Owner\Desktop\Nathan_Jendrick.pdf
[2013/01/02 03:38:48 | 000,001,483 | ---- | C] () -- C:\Users\Owner\Desktop\SmartWare (MyBookLive) - Shortcut.lnk
[2012/12/31 18:29:21 | 930,637,985 | ---- | C] () -- C:\Users\Owner\Desktop\iPhone3,1_6.0_10A403_Restore.ipsw
[2012/12/30 05:05:25 | 000,001,687 | ---- | C] () -- C:\Users\Owner\Documents\Document1.gno
[2012/12/27 13:31:06 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\NSREG.DLL
[2012/12/27 13:11:09 | 000,000,997 | ---- | C] () -- C:\Users\Public\Desktop\RunAsDate.exe.lnk
[2012/12/24 16:37:25 | 000,001,911 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/12/16 14:00:16 | 137,580,544 | ---- | C] () -- C:\Users\Owner\Desktop\redsn0w.exe
[2012/12/15 18:22:28 | 000,001,007 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Support Advisor.lnk
[2012/12/15 18:18:26 | 000,001,789 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/12/15 17:51:24 | 017,279,732 | ---- | C] () -- C:\Users\Owner\redsn0w_win_0.9.15b3.zip
[2012/12/13 13:16:04 | 000,000,266 | ---- | C] () -- C:\Windows\tasks\AutoKMS.job
[2012/12/13 13:10:44 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.tgz
[2012/12/13 13:10:44 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll
[2012/12/13 13:10:44 | 000,000,219 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.tgz
[2012/12/13 13:10:44 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll
[2012/12/13 13:10:44 | 000,000,016 | -H-- | C] () -- C:\Windows\SysWow64\servdat.slm
[2012/12/12 19:27:31 | 000,001,167 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2012/12/02 00:15:18 | 000,245,760 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2uvc.dll
[2012/12/02 00:15:18 | 000,024,576 | ---- | C] () -- C:\Windows\snuvcdsm.exe
[2012/12/02 00:15:18 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2012/12/02 00:02:19 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012/12/02 00:02:19 | 000,217,536 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012/12/02 00:02:18 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/12/02 00:02:17 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2012/11/10 13:29:55 | 003,164,160 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2012/11/10 13:29:55 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012/11/10 13:29:55 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012/11/10 13:29:55 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2012/11/10 13:29:55 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/11/10 13:29:55 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2012/11/10 13:29:54 | 000,073,216 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012/11/10 13:26:09 | 000,757,660 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/01/20 10:47:34 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
========== ZeroAccess Check ==========
[2009/07/14 12:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 13:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 12:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 09:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 11:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 09:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012/12/05 14:25:32 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\AnvSoft
[2013/01/07 14:52:32 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Audacity
[2013/01/05 03:09:33 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\BitTorrent
[2012/12/21 22:17:58 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\BullGuard
[2013/01/09 12:33:11 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\kuaiyong
[2012/12/16 11:52:49 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\redsn0w
[2012/12/02 08:09:13 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Software4u
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2012/11/10 13:33:01 | 000,000,020 | ---- | M] ()(C:\Windows\?o’) -- C:\Windows\„õ´
[2012/11/10 13:33:00 | 000,000,020 | ---- | C] ()(C:\Windows\?o’) -- C:\Windows\„õ´
< End of report >