This topic is locked
Contents of OTL log below.
Thanks for any help!!
OTL logfile created on: 6/6/2013 1:10:07 AM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Poppa\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
5.00 Gb Total Physical Memory | 4.32 Gb Available Physical Memory | 86.40% Memory free
10.00 Gb Paging File | 9.35 Gb Available in Paging File | 93.51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.91 Gb Total Space | 78.62 Gb Free Space | 27.50% Space Free | Partition Type: NTFS
Drive D: | 12.18 Gb Total Space | 1.65 Gb Free Space | 13.54% Space Free | Partition Type: NTFS
Drive F: | 15.11 Gb Total Space | 14.11 Gb Free Space | 93.38% Space Free | Partition Type: FAT32
Drive G: | 968.98 Mb Total Space | 252.67 Mb Free Space | 26.08% Space Free | Partition Type: FAT
Computer Name: POPPA-PC | User Name: Poppa | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/06/06 00:41:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Poppa\Desktop\OTL.exe
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV:64bit: - [2009/10/16 16:09:20 | 001,044,136 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\SysNative\lxdwcoms.exe -- (lxdw_device)
SRV:64bit: - [2009/10/16 16:09:10 | 000,033,960 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxdwserv.exe -- (lxdwCATSCustConnectService)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/05/14 19:07:52 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/08 19:45:06 | 000,056,872 | ---- | M] (White Sky, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe -- (IDVaultSvc)
SRV - [2013/04/19 17:10:50 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/04/18 15:04:05 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/01/08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/23 23:33:30 | 000,144,520 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Norton Security Suite\Engine\20.3.1.22\ccSvcHst.exe -- (N360)
SRV - [2012/12/18 10:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/10/10 22:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/10/02 14:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/08/23 12:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2012/06/19 16:21:24 | 001,646,608 | ---- | M] (Rosetta Stone Ltd.) [Auto | Stopped] -- C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe -- (RosettaStoneDaemon)
SRV - [2011/12/15 18:03:40 | 000,011,776 | ---- | M] (Brand Affinity Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Brand Affinity Technologies\Fantapper Player\FantapperUpdateService.exe -- (FTSvc)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/10/16 16:09:10 | 000,033,960 | ---- | M] () [Auto | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxdwserv.exe -- (lxdwCATSCustConnectService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/05/16 11:33:10 | 000,594,600 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\SysWOW64\lxdwcoms.exe -- (lxdw_device)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/05/15 18:11:04 | 000,049,240 | ---- | M] (Zemana Ltd.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\AntiLog64.sys -- (AntiLog32)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/03/07 17:41:22 | 000,025,784 | ---- | M] (Zemana Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\KeyCrypt64.sys -- (keycrypt)
DRV:64bit: - [2013/02/19 20:35:10 | 000,039,768 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/01/30 23:18:06 | 001,139,800 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symefa64.sys -- (SymEFA)
DRV:64bit: - [2013/01/28 21:45:20 | 000,796,248 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\N360x64\1403010.016\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013/01/28 21:45:20 | 000,036,952 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\N360x64\1403010.016\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013/01/21 22:15:34 | 000,493,656 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symds64.sys -- (SymDS)
DRV:64bit: - [2012/11/24 09:39:50 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/11/15 22:18:04 | 000,168,096 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\N360x64\1403010.016\ccsetx64.sys -- (ccSet_N360)
DRV:64bit: - [2012/10/08 20:52:52 | 000,031,968 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice)
DRV:64bit: - [2012/07/27 23:05:22 | 000,224,416 | R--- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\N360x64\1403010.016\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012/07/22 21:34:24 | 000,432,800 | R--- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symnets.sys -- (SymNetS)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/07 19:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/07/14 12:51:56 | 000,087,600 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:64bit: - [2009/09/15 05:36:48 | 001,061,888 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 20:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/06/10 17:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (VST64_DPV)
DRV:64bit: - [2009/06/10 17:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (winachsf)
DRV:64bit: - [2009/06/10 17:01:11 | 000,411,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTBS26.SYS -- (VST64HWBS2)
DRV:64bit: - [2009/06/10 16:35:46 | 000,416,768 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTL8187B.sys -- (RTL8187B)
DRV:64bit: - [2009/06/10 16:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007/02/03 11:30:58 | 000,058,528 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV:64bit: - [2007/02/03 11:25:56 | 000,955,680 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CamDrL64.sys -- (CamDrL64)
DRV - [2013/05/31 12:58:18 | 001,393,240 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130531.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013/05/22 15:37:58 | 002,098,776 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130605.002\ex64.sys -- (NAVEX15)
DRV - [2013/05/22 15:37:58 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130605.002\eng64.sys -- (NAVENG)
DRV - [2012/11/24 10:23:28 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/11/24 10:23:28 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/11/23 17:36:10 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130604.001\IDSviA64.sys -- (IDSVia64)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{532C70B1-CA8A-4ED7-82A6-2243AD2008AF}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{C785A769-2E9F-41CE-A941-D457C980756A}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{532C70B1-CA8A-4ED7-82A6-2243AD2008AF}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{932594B8-F95A-4828-88A9-B3DB49194635}: "URL" = http://search.phpnuk...q={searchTerms}
IE - HKLM\..\SearchScopes\{C785A769-2E9F-41CE-A941-D457C980756A}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.phpnuk...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7ADFA_enUS449
IE - HKCU\..\SearchScopes\{ABD93EAF-D775-BC54-E63B-2804F22FD156}: "URL" = http://search.startn...eferrer:source}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Users\Poppa\AppData\Local\Roblox\Versions\version-87de5333d4254860\\NPRobloxProxy.dll ()
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Poppa\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Poppa\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Poppa\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Poppa\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Poppa\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\ [2013/06/06 00:57:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\ [2012/12/02 00:35:00 | 000,000,000 | ---D | M]
[2012/12/02 01:05:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Poppa\AppData\Roaming\Mozilla\Extensions
[2012/01/11 18:25:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
========== Chrome ==========
CHR - Extension: No name found = C:\Users\Poppa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpgoohpbdddibhlhdkenenmmlfofjfkh\1.0.5_0\
CHR - Extension: No name found = C:\Users\Poppa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: No name found = C:\Users\Poppa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.2.5.32_0\
CHR - Extension: No name found = C:\Users\Poppa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgcjecomkebbohfjgmncelbhogbbokf\1.0.6_0\
CHR - Extension: No name found = C:\Users\Poppa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2006/09/18 17:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (no name) - {27a220b7-bb43-4faf-b27b-f803d18eea28} - No CLSID value found.
O2 - BHO: (Ginyas Browser Companion) - {2d8c4843-765f-4827-bafa-8c318284e4d8} - C:\Program Files (x86)\GinyasBrowserCompanions\jsloader.dll ()
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\20.3.1.22\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\20.3.1.22\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Fantapper) - {8A86D350-37AB-410A-8531-7D1363F317B3} - C:\Program Files (x86)\Brand Affinity Technologies\Fantapper Player\\IEInstaller.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Constant Guard Protection Suite) - {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.13.506.2\NativeBHO.dll (WhiteSky)
O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\20.3.1.22\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\20.3.1.22\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [lxdwamon] C:\Program Files (x86)\Lexmark 7600 Series\lxdwamon.exe ()
O4:64bit: - HKLM..\Run: [lxdwmon.exe] C:\Program Files (x86)\Lexmark 7600 Series\lxdwmon.exe ()
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHWA.EXE /EPT "EPLTarget\P0000000000000000" /M "WorkForce 545" File not found
O4 - HKCU..\Run: [NVIDIASpace] C:\ProgramData\NVIDIASpace\cpuhelper.dll ()
O4 - HKCU..\Run: [StartNow Search Protect] C:\Program Files (x86)\StartNow Toolbar\search_protect.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Poppa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Poppa\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Poppa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8:64bit: - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {2C153C75-8476-434B-B3C3-57B63A3D1939} http://www.worldwinn...ut/brickout.cab (Brickout Control)
O16 - DPF: {555F1BBC-6EC2-474F-84AF-633EF097FF54} http://www.worldwinn...ts/wwhearts.cab (WWHearts Control)
O16 - DPF: {61900274-3323-4446-BDCD-91548D32AF1B} http://www.worldwinn...ersolitaire.cab (SpiderSolitaire Control)
O16 - DPF: {64CD313F-F079-4D93-959F-4D28B5519449} http://www.worldwinn...dy/jeopardy.cab (Jeopardy Control)
O16 - DPF: {6C6FE41A-0DA6-42A1-9AD8-792026B2B2A7} http://www.worldwinn...ll/freecell.cab (FreeCell Control)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinn...ed/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} http://www.worldwinn....0/iewwload.cab (WorldWinner ActiveX Launcher Control)
O16 - DPF: {95A311CD-EC8E-452A-BCEC-B844EB616D03} http://www.worldwinn...eweledtwist.cab (BejeweledTwist Control)
O16 - DPF: {A021A215-6CDC-44B4-8C16-90491CED9605} http://www.worldwinn...8/clue/clue.cab (Clue Control)
O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/...vl.cab55579.cab (ZPA_SHVL Object)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...k.cab102118.cab (MSN Games - Installer)
O16 - DPF: {BB637307-92FA-47EC-B3F7-6969078673CC} http://www.worldwinn...royal/royal.cab (Royal Control)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://aolsvc.aol.co...zylomplayer.cab (Zylom Games Player)
O16 - DPF: {C82BB209-F528-46F9-96D5-69DEF7260916} http://www.worldwinn...i/mysterypi.cab (MysteryPI Control)
O16 - DPF: {C93C1C34-CEA9-49B1-9046-040F59E0E0D8} http://www.worldwinn...paint/paint.cab (Paint Control)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {E12EB891-D000-421B-A8ED-EDE1BDCA14A0} http://www.worldwinn...sol/golfsol.cab (GolfSol Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F28B6729-E0AD-4545-84D9-2504221A2A5A}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\ica - No CLSID value found
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KEYCRY~1\KE6D28~1.DLL) - C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(2).dll (Zemana Ltd.)
O20 - AppInit_DLLs: (C:\PROGRA~2\KEYCRY~1\KE50FD~1.DLL) - C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(2).dll (Zemana Ltd.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper: C:\Users\Poppa\Downloads\moving.jpg
O24 - Desktop BackupWallPaper: C:\Users\Poppa\Downloads\moving.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/06/06 04:50:00 | 000,000,000 | -HSD | C] -- C:\found.000
[2013/06/05 23:49:49 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIASpace
[2013/06/04 17:22:27 | 000,000,000 | ---D | C] -- C:\tmp
[2013/06/04 15:38:11 | 000,000,000 | ---D | C] -- C:\Users\Poppa\AppData\Roaming\Blender Foundation
[2013/06/04 15:33:43 | 000,000,000 | ---D | C] -- C:\Users\Poppa\.thumbnails
[2013/06/04 15:33:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation
[2013/05/24 21:09:55 | 000,000,000 | ---D | C] -- C:\Users\Poppa\Desktop\viewer
[2013/05/23 15:28:29 | 000,000,000 | ---D | C] -- C:\Users\Poppa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pepakura Designer 3
[2013/05/09 22:13:49 | 000,000,000 | ---D | C] -- C:\Users\Poppa\AppData\Local\{E1BA439F-3275-4EBC-AF21-010CFF0F3D0C}
[2013/05/09 22:13:48 | 000,000,000 | ---D | C] -- C:\Users\Poppa\AppData\Local\{62EB5D37-53B6-4084-8EFB-691214021D9B}
[2013/05/08 18:07:22 | 000,000,000 | ---D | C] -- C:\Users\Poppa\.minecraft
[2013/05/08 15:36:09 | 000,000,000 | ---D | C] -- C:\Users\Poppa\AppData\Local\{F2DEFAED-47D4-48FA-9D4A-11897278FF6C}
[2013/05/08 03:00:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2013/05/07 15:02:14 | 000,000,000 | ---D | C] -- C:\Users\Poppa\AppData\Roaming\.technic
[2013/05/07 13:04:07 | 000,000,000 | ---D | C] -- C:\Users\Poppa\AppData\Local\{BA6CCC34-FCC4-436C-9D3F-24586506A1F6}
[2013/05/07 12:59:14 | 000,000,000 | ---D | C] -- C:\Windows\en
[2013/05/07 12:54:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2013/05/07 12:52:11 | 000,000,000 | ---D | C] -- C:\Users\Poppa\AppData\Roaming\Strongvault
[2013/05/07 12:50:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Strongvault Online Backup
[2013/05/07 12:50:23 | 000,000,000 | -HSD | C] -- C:\AI_RecycleBin
[2013/05/07 12:49:28 | 000,000,000 | ---D | C] -- C:\Users\Poppa\AppData\Local\Windows Live
[2013/05/07 12:49:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2013/05/07 11:36:15 | 000,000,000 | ---D | C] -- C:\Users\Poppa\Desktop\New folder (3)
[1 C:\Users\Poppa\Documents\*.tmp files -> C:\Users\Poppa\Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/06/06 01:04:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/06/06 01:04:13 | 4025,331,712 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/06 01:03:10 | 000,009,728 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/06 01:03:10 | 000,009,728 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/06 01:00:06 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/06 00:54:47 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanions Chrome Watcher.job
[2013/06/06 00:54:21 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/06 00:54:12 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanions Stats Report.job
[2013/06/06 00:54:12 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanions FireFox Watcher.job
[2013/06/06 00:54:08 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanions Update Checker.job
[2013/06/06 00:41:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Poppa\Desktop\OTL.exe
[2013/06/05 23:49:49 | 000,000,794 | ---- | M] () -- C:\Users\Poppa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NVIDIA GPU Helper.lnk
[2013/06/05 23:49:45 | 000,064,512 | ---- | M] () -- C:\Users\Poppa\javaw.dll
[2013/06/05 23:08:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2657773482-128599143-1476263235-1000UA.job
[2013/06/05 23:07:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/06/05 03:08:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2657773482-128599143-1476263235-1000Core.job
[2013/06/04 16:11:28 | 000,002,328 | ---- | M] () -- C:\Users\Poppa\Desktop\Google Chrome.lnk
[2013/06/03 18:08:44 | 002,476,224 | ---- | M] () -- C:\Users\Poppa\Desktop\TechnicLauncher.exe
[2013/05/31 18:24:59 | 000,000,050 | ---- | M] () -- C:\Users\Poppa\AppData\Roaming\mbam.context.scan
[2013/05/24 21:09:55 | 000,001,523 | ---- | M] () -- C:\Users\Poppa\Desktop\Pepakura Viewer 3.lnk
[2013/05/24 20:42:18 | 002,929,022 | ---- | M] () -- C:\Users\Poppa\Desktop\LineFollowPro.rbt
[2013/05/20 17:12:13 | 002,141,259 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\Cat.DB
[2013/05/20 17:11:43 | 000,014,818 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\VT20130115.021
[2013/05/16 03:36:29 | 005,062,384 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/05/16 03:05:46 | 000,884,548 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/05/16 03:05:46 | 000,725,380 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/05/16 03:05:46 | 000,145,398 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/05/15 18:25:42 | 000,015,086 | ---- | M] () -- C:\Users\Poppa\AppData\Roaming\wklnhst.dat
[2013/05/15 18:11:04 | 000,049,240 | ---- | M] (Zemana Ltd.) -- C:\Windows\SysNative\drivers\AntiLog64.sys
[2013/05/15 18:11:01 | 000,002,209 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Constant Guard.lnk
[2013/05/15 18:11:01 | 000,002,191 | ---- | M] () -- C:\Users\Public\Desktop\Constant Guard.lnk
[2013/05/14 18:49:11 | 000,000,046 | ---- | M] () -- C:\Users\Poppa\Desktop\teams.dat
[2013/05/09 22:28:18 | 000,005,120 | ---- | M] () -- C:\Users\Poppa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[1 C:\Users\Poppa\Documents\*.tmp files -> C:\Users\Poppa\Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/06/05 23:49:49 | 000,000,794 | ---- | C] () -- C:\Users\Poppa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NVIDIA GPU Helper.lnk
[2013/06/05 23:49:45 | 000,064,512 | ---- | C] () -- C:\Users\Poppa\javaw.dll
[2013/05/31 18:24:59 | 000,000,050 | ---- | C] () -- C:\Users\Poppa\AppData\Roaming\mbam.context.scan
[2013/05/24 21:09:55 | 000,001,523 | ---- | C] () -- C:\Users\Poppa\Desktop\Pepakura Viewer 3.lnk
[2013/05/24 19:37:02 | 002,929,022 | ---- | C] () -- C:\Users\Poppa\Desktop\LineFollowPro.rbt
[2013/05/14 18:30:49 | 000,000,046 | ---- | C] () -- C:\Users\Poppa\Desktop\teams.dat
[2013/05/07 15:01:37 | 002,476,224 | ---- | C] () -- C:\Users\Poppa\Desktop\TechnicLauncher.exe
[2013/05/07 12:55:44 | 000,001,376 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2013/05/07 12:37:17 | 000,005,120 | ---- | C] () -- C:\Users\Poppa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/03/21 16:33:09 | 000,000,116 | ---- | C] () -- C:\Users\Poppa\Matrix.bat
[2012/12/12 19:28:45 | 000,587,351 | ---- | C] () -- C:\Users\Poppa\final copy.jpg
[2012/12/02 10:56:02 | 000,000,469 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012/12/02 10:37:08 | 000,864,050 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/08/02 21:36:55 | 000,065,536 | -H-- | C] () -- C:\Windows\SysWow64\WebCamLib.dll
[2012/05/05 08:37:56 | 000,854,016 | ---- | C] () -- C:\Users\Poppa\Cartograph_G_Post_Processor.exe
[2012/05/05 08:37:56 | 000,518,656 | ---- | C] () -- C:\Users\Poppa\Cartograph_G_Renderer.exe
[2012/05/05 08:37:56 | 000,299,008 | ---- | C] () -- C:\Users\Poppa\corona.dll
[2012/05/05 08:37:56 | 000,164,352 | ---- | C] () -- C:\Users\Poppa\libpng14.dll
[2012/05/05 08:37:56 | 000,141,312 | ---- | C] () -- C:\Users\Poppa\zlibwapi.dll
[2012/05/05 08:37:56 | 000,092,672 | ---- | C] () -- C:\Users\Poppa\zlib1.dll
[2012/05/05 08:37:56 | 000,002,214 | ---- | C] () -- C:\Users\Poppa\Texture.png
[2012/05/05 08:37:56 | 000,000,121 | ---- | C] () -- C:\Users\Poppa\WLF.png
[2012/03/04 12:59:22 | 000,156,160 | ---- | C] () -- C:\Windows\SysWow64\WS_ContextMenu.dll
[2012/02/17 20:14:34 | 839,753,847 | ---- | C] () -- C:\Users\Poppa\AppData\Roaming\.minecraft.rar
[2012/02/10 20:23:31 | 000,000,239 | ---- | C] () -- C:\Windows\PowerReg.dat
[2012/02/10 20:23:20 | 000,045,568 | ---- | C] () -- C:\Windows\UniFish3.exe
[2011/09/19 03:07:46 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2011/09/19 03:07:32 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2011/09/18 18:15:27 | 000,015,086 | ---- | C] () -- C:\Users\Poppa\AppData\Roaming\wklnhst.dat
[2011/09/15 14:40:11 | 001,036,288 | ---- | C] () -- C:\Windows\SysWow64\lxdwdrs.dll
[2011/09/15 14:40:11 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\lxdwcaps.dll
[2011/09/15 14:40:11 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\lxdwcnv4.dll
[2011/09/15 14:37:53 | 000,389,120 | ---- | C] () -- C:\Windows\SysWow64\LXDWinst.dll
[2011/09/15 14:37:53 | 000,335,872 | ---- | C] () -- C:\Windows\SysWow64\lxdwcomx.dll
[2011/09/15 14:37:52 | 000,651,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdwpmui.dll
[2011/09/15 14:37:52 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdwinpa.dll
[2011/09/15 14:37:52 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdwiesc.dll
[2011/09/15 14:37:51 | 001,069,056 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdwserv.dll
[2011/09/15 14:37:51 | 000,851,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdwusb1.dll
[2011/09/15 14:37:51 | 000,679,936 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdwhbn3.dll
[2011/09/15 14:37:51 | 000,594,600 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdwcoms.exe
[2011/09/15 14:37:51 | 000,577,536 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdwlmpm.dll
[2011/09/15 14:37:51 | 000,328,360 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdwih.exe
[2011/09/15 14:37:50 | 000,765,952 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdwcomc.dll
[2011/09/15 14:37:50 | 000,376,832 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdwcomm.dll
[2011/09/15 14:37:50 | 000,369,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdwcfg.exe
[2011/09/14 17:27:34 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
========== ZeroAccess Check ==========
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 01:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012/12/02 19:46:24 | 000,000,000 | -HSD | M] -- C:\Users\Poppa\AppData\Roaming\.#
[2013/04/30 19:40:03 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\.minecraft
[2012/12/02 01:04:41 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\.Nitrous
[2013/06/03 18:08:17 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\.technic
[2012/12/02 01:05:08 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\.techniclauncher
[2012/12/02 01:05:08 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\7600 Series
[2012/12/02 01:05:09 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\Apowersoft
[2012/12/02 01:05:10 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\Atari
[2012/12/02 01:05:12 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\BANDISOFT
[2013/06/04 15:38:11 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\Blender Foundation
[2013/04/23 15:00:06 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/12/02 01:05:12 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\com.w3i.fliptoast
[2013/06/06 00:59:32 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\Dropbox
[2013/01/10 22:44:20 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\EPSON
[2012/12/02 01:05:13 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\ICAClient
[2013/06/06 01:02:59 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\ID Vault
[2012/12/02 01:05:13 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\Leadertech
[2013/01/29 17:58:15 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\LEGO Company
[2012/12/02 01:05:13 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\Lexmark Productivity Studio
[2012/12/02 01:05:21 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\Oberon Media
[2013/04/24 15:11:03 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\PDAppFlex
[2012/12/02 01:05:21 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\pymclevel
[2012/12/02 01:05:23 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\skyz
[2013/04/25 14:44:27 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/12/13 04:30:11 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\StartNow Toolbar
[2013/05/13 21:10:25 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\Strongvault
[2012/12/02 01:05:23 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\Template
[2012/12/02 01:05:23 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\Tific
[2012/12/02 01:05:23 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\W3i, LLC
[2012/12/02 01:05:23 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\WildTangent
[2012/12/02 01:05:23 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\Wondershare
[2012/12/02 01:05:24 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\Wondershare Video Converter Ultimate
[2012/12/02 01:05:24 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\Worksimaging
[2012/12/14 12:38:41 | 000,000,000 | ---D | M] -- C:\Users\Poppa\AppData\Roaming\WorldPainter
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 64 bytes -> C:\Users\Poppa\Documents\The Office.mp3:TOC.WMV
< End of report >
Sign In
Create Account
