OTL logfile created on: 8/21/2013 3:29:32 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Rose\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.75 Gb Total Physical Memory | 1.41 Gb Available Physical Memory | 51.35% Memory free
5.49 Gb Paging File | 3.30 Gb Available in Paging File | 60.06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 218.96 Gb Total Space | 122.79 Gb Free Space | 56.08% Space Free | Partition Type: NTFS
Drive D: | 13.63 Gb Total Space | 1.92 Gb Free Space | 14.09% Space Free | Partition Type: NTFS
Drive F: | 3.72 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: ROSE-PC | User Name: Rose | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/08/21 03:29:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Rose\Downloads\OTL.exe
PRC - [2013/07/23 19:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
PRC - [2013/07/23 03:53:52 | 001,104,384 | ---- | M] (Spotify Ltd) -- C:\Users\Rose\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2013/07/04 15:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
PRC - [2013/07/01 01:46:26 | 004,411,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/09/28 15:42:08 | 000,298,376 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
PRC - [2012/09/28 15:19:16 | 007,392,648 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2011/07/01 15:28:01 | 000,064,048 | ---- | M] (Defender Pro) -- C:\Program Files\Defender Pro\Defender Pro 15-in-1\Antispam32\pchooklaunch32.exe
PRC - [2011/03/30 15:44:58 | 001,324,008 | ---- | M] (Iminent) -- C:\Program Files (x86)\Iminent\IMBooster\IMBooster.exe
PRC - [2010/11/01 15:15:12 | 000,886,752 | -H-- | M] () -- C:\Program Files (x86)\SelectRebates\SelectRebates.exe
PRC - [2010/02/26 19:27:16 | 000,127,984 | ---- | M] (CinemaNow, Inc.) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
PRC - [2009/07/13 21:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 21:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 21:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 21:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
PRC - [2009/07/13 21:14:45 | 000,020,480 | ---- | M] () -- \\.\globalroot\systemroot\svchost.exe
========== Modules (No Company Name) ==========
MOD - [2013/08/15 04:19:40 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\048017d94384988bfe84bcb2ca7ebf0f\System.Web.Services.ni.dll
MOD - [2013/08/15 04:17:56 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\28ea347a952d20959ac6ae02d7457d39\System.Windows.Forms.ni.dll
MOD - [2013/08/15 04:17:33 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/15 04:16:47 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/08/15 04:16:39 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\8f7d83126a3cf283e5ac97f2d6d99f12\System.Configuration.ni.dll
MOD - [2013/08/15 04:16:36 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/08/15 04:16:23 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/07/24 20:49:46 | 000,396,240 | ---- | M] () -- C:\Users\Rose\AppData\Local\Google\Chrome\Application\28.0.1500.95\ppgooglenaclpluginchrome.dll
MOD - [2013/07/24 20:49:45 | 013,599,184 | ---- | M] () -- C:\Users\Rose\AppData\Local\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
MOD - [2013/07/24 20:49:44 | 004,052,944 | ---- | M] () -- C:\Users\Rose\AppData\Local\Google\Chrome\Application\28.0.1500.95\pdf.dll
MOD - [2013/07/24 20:48:54 | 000,601,552 | ---- | M] () -- C:\Users\Rose\AppData\Local\Google\Chrome\Application\28.0.1500.95\libglesv2.dll
MOD - [2013/07/24 20:48:53 | 000,123,344 | ---- | M] () -- C:\Users\Rose\AppData\Local\Google\Chrome\Application\28.0.1500.95\libegl.dll
MOD - [2013/07/24 20:48:51 | 001,597,392 | ---- | M] () -- C:\Users\Rose\AppData\Local\Google\Chrome\Application\28.0.1500.95\ffmpegsumo.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/03/30 15:45:06 | 000,236,520 | ---- | M] () -- C:\Program Files (x86)\Iminent\IMBooster\Iminent.Windows.dll
MOD - [2011/03/30 15:45:06 | 000,218,600 | ---- | M] () -- C:\Program Files (x86)\Iminent\IMBooster\Iminent.Workflow.dll
MOD - [2011/03/30 15:45:04 | 001,869,288 | ---- | M] () -- C:\Program Files (x86)\Iminent\IMBooster\Iminent.Services.dll
MOD - [2011/03/30 15:45:02 | 000,041,960 | ---- | M] () -- C:\Program Files (x86)\Iminent\IMBooster\Iminent.Business.TinyUrl.dll
MOD - [2011/03/30 15:45:00 | 000,337,896 | ---- | M] () -- C:\Program Files (x86)\Iminent\IMBooster\Iminent.Booster.UI.dll
MOD - [2010/11/01 15:15:12 | 000,886,752 | -H-- | M] () -- C:\Program Files (x86)\SelectRebates\SelectRebates.exe
MOD - [2010/02/22 14:19:10 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2010/02/22 14:19:08 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2010/02/22 14:19:08 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
========== Services (SafeList) ==========
SRV:64bit: - [2011/07/01 15:24:54 | 000,052,200 | ---- | M] (Defender Pro) [Auto | Running] -- C:\Program Files\Defender Pro\Defender Pro 15-in-1\updatesrv.exe -- (Updatesrv)
SRV:64bit: - [2011/07/01 15:24:28 | 000,467,248 | ---- | M] (Defender Pro) [On_Demand | Stopped] -- C:\Program Files\Common Files\Defender Pro\Defender Pro Arrakis Server\bin\arrakis3.exe -- (Update Server)
SRV:64bit: - [2011/07/01 15:24:14 | 002,534,952 | ---- | M] (Defender Pro) [Auto | Running] -- C:\Program Files\Defender Pro\Defender Pro 15-in-1\vsserv.exe -- (VSSERV)
SRV:64bit: - [2010/12/28 04:00:34 | 001,296,728 | ---- | M] (www.BitComet.com) [On_Demand | Stopped] -- C:\Program Files\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE)
SRV:64bit: - [2010/04/19 19:55:18 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) [Auto | Running] -- C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe -- (RtVOsdService)
SRV:64bit: - [2010/03/10 23:29:46 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/02/05 13:50:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2010/01/27 17:01:04 | 000,102,968 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2010/01/12 18:44:24 | 000,019,968 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV:64bit: - [2009/03/27 22:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV - [2013/08/21 00:20:16 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/23 19:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2013/07/04 15:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/28 15:19:16 | 007,392,648 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2012/09/27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2010/10/22 13:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\Hp\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/26 19:27:16 | 000,127,984 | ---- | M] (CinemaNow, Inc.) [Auto | Running] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2010/01/04 14:03:42 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/07/20 01:51:00 | 000,311,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2013/07/20 01:50:56 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2013/07/20 01:50:56 | 000,071,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2013/07/20 01:50:50 | 000,206,648 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2013/07/10 01:32:38 | 000,045,880 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2013/07/01 01:45:28 | 000,116,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/03/21 03:08:24 | 000,240,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2013/02/12 00:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/09 13:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/01 15:24:55 | 000,099,408 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\Program Files\Common Files\Defender Pro\Defender Pro Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV:64bit: - [2011/07/01 15:24:09 | 000,088,144 | ---- | M] (BitDefender) [Kernel | System | Running] -- c:\Program Files\Common Files\Defender Pro\Defender Pro Firewall\bdfndisf6.sys -- (bdfndisf)
DRV:64bit: - [2010/12/06 16:16:53 | 000,318,000 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/12/06 16:15:28 | 000,347,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 05:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/11 01:11:52 | 000,141,384 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdserd.sys -- (sscdserd)
DRV:64bit: - [2010/11/11 01:11:50 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2010/11/11 01:11:50 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus)
DRV:64bit: - [2010/11/11 01:11:50 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2010/09/29 06:01:46 | 000,695,400 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su)
DRV:64bit: - [2010/09/26 21:15:22 | 002,374,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/07/09 15:08:16 | 000,388,168 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\bdfsfltr.sys -- (bdfsfltr)
DRV:64bit: - [2010/06/28 12:55:44 | 001,040,976 | ---- | M] (BitDefender) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\avckf.sys -- (avckf)
DRV:64bit: - [2010/06/28 12:55:38 | 000,692,816 | ---- | M] (BitDefender) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\avc3.sys -- (avc3)
DRV:64bit: - [2010/05/13 16:52:08 | 000,162,896 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\bdfm.sys -- (BDFM)
DRV:64bit: - [2010/03/10 23:39:52 | 006,403,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/03/10 22:34:06 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/02/22 16:00:12 | 000,239,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/01/20 15:18:26 | 000,040,320 | ---- | M] (Belcarra Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btblan.sys -- (Leapfrog-USBLAN)
DRV:64bit: - [2010/01/19 19:32:40 | 000,103,944 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bdvedisk.sys -- (Bdvedisk)
DRV:64bit: - [2009/12/22 05:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/11/01 19:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009/10/07 23:13:34 | 000,070,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/10/07 23:13:34 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/08/23 22:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009/07/21 18:03:34 | 001,208,320 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 17:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 17:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 17:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 16:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 16:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 16:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL Inc.)
IE - HKLM\..\URLSearchHook: {08a4f3d8-73a4-4212-b58c-2840ab3578ca} - No CLSID value found
IE - HKLM\..\URLSearchHook: {37153479-1976-43c3-a1ee-557513977b64} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{07BD871A-650C-459D-AE39-EE3E6C2567BA}: "URL" = http://www.ask.com/w...}&l=dis&o=uscql
IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...mrud=24-08-2011
IE - HKLM\..\SearchScopes\{28697264-E498-4BDE-BBBD-4854902B14C3}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{7931b63e-6ba3-4f38-9d55-5b518a03be02}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2559647
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?...CID=msnHomepage
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.msn.com/
IE - HKCU\..\SearchScopes,DefaultScope = {ABD93EAF-D775-BC54-E63B-2804F22FD156}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{07BD871A-650C-459D-AE39-EE3E6C2567BA}: "URL" = http://www.ask.com/w...}&l=dis&o=uscql
IE - HKCU\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...mrud=24-08-2011
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask...D3-F025C9587FDE
IE - HKCU\..\SearchScopes\{28697264-E498-4BDE-BBBD-4854902B14C3}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{44816E91-C68A-2FF3-3D8F-8970062E5600}: "URL" = http://www.startnow....ion=6.1-x64-SP1
IE - HKCU\..\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}: "URL" = http://search.alot.c...q={searchTerms}
IE - HKCU\..\SearchScopes\{64A280A3-DAF0-48C5-AC01-8D2CEBB0B8A8}: "URL" = http://ws.infospace....r?_iceUrl=true user_id=%userid&tool_id=60231&qkw={searchTerms}
IE - HKCU\..\SearchScopes\{7931b63e-6ba3-4f38-9d55-5b518a03be02}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKCU\..\SearchScopes\{ABD93EAF-D775-BC54-E63B-2804F22FD156}: "URL" = http://search.startn...eferrer:source}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2559647
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "AOL Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Coupons.com Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.aol.co...rud=29-06-2012"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.aol.com/?...usaolp00000013"
FF - prefs.js..extensions.enabledAddons: [email protected]:1.2
FF - prefs.js..extensions.enabledAddons: [email protected]:1.20.00
FF - prefs.js..extensions.enabledAddons: [email protected]:1.0.35
FF - prefs.js..extensions.enabledAddons: [email protected]:1.0
FF - prefs.js..extensions.enabledAddons: {c2f863cd-0429-48c7-bb54-db756a951760}:5.96.10.8300
FF - prefs.js..extensions.enabledAddons: {37153479-1976-43c3-a1ee-557513977b64}:3.14.1.0
FF - prefs.js..extensions.enabledAddons: [email protected]:1.2.0.18
FF - prefs.js..keyword.URL: "http://search.condui...rchSource=2&q="
FF - prefs.js..network.proxy.type: 0
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Chimpoo_3a.com/Plugin: C:\Program Files (x86)\Chimpoo_3a\bar\1.bin\NP3aStub.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Rose\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Rose\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Rose\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES\DEFENDER PRO\DEFENDER PRO 15-IN-1\BDAPHFFEXT\ [2013/07/27 18:59:58 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\DEFENDER PRO\DEFENDER PRO 15-IN-1\BDTBEXT\ [2013/07/27 18:59:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/07/27 18:59:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Defender Pro\Defender Pro 15-in-1\bdaphffext\ [2013/07/27 18:59:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\3affxtbr@Chimpoo_3a.com: C:\Program Files (x86)\Chimpoo_3a\bar\1.bin [2013/07/22 19:21:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/04/21 00:03:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/07/27 19:18:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/04/21 00:03:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/07/27 19:18:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/04/21 00:03:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/07/27 19:18:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\Defender Pro\Defender Pro 15-in-1\bdtbext\ [2013/07/27 18:59:59 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/07/27 18:59:33 | 000,000,000 | ---D | M]
[2011/05/02 15:58:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rose\AppData\Roaming\Mozilla\Extensions
[2013/07/29 02:54:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rose\AppData\Roaming\Mozilla\Firefox\Profiles\ro24c7t8.default\extensions
[2013/07/27 19:01:19 | 000,000,000 | ---D | M] (Quixley_v2b Community Toolbar) -- C:\Users\Rose\AppData\Roaming\Mozilla\Firefox\Profiles\ro24c7t8.default\extensions\{08a4f3d8-73a4-4212-b58c-2840ab3578ca}
[2013/07/27 19:01:19 | 000,000,000 | ---D | M] (CompTool0234 Community Toolbar) -- C:\Users\Rose\AppData\Roaming\Mozilla\Firefox\Profiles\ro24c7t8.default\extensions\{37153479-1976-43c3-a1ee-557513977b64}
[2013/07/27 19:01:19 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Users\Rose\AppData\Roaming\Mozilla\Firefox\Profiles\ro24c7t8.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2013/07/27 19:01:19 | 000,000,000 | ---D | M] ("AOL Messaging Toolbar") -- C:\Users\Rose\AppData\Roaming\Mozilla\Firefox\Profiles\ro24c7t8.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
[2013/07/27 19:01:19 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\Rose\AppData\Roaming\Mozilla\Firefox\Profiles\ro24c7t8.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2012/03/07 11:18:10 | 000,000,000 | ---D | M] (Coupon Alert) -- C:\Users\Rose\AppData\Roaming\Mozilla\Firefox\Profiles\ro24c7t8.default\extensions\2pffxtbr@CouponAlert_2p.com
[2012/05/30 11:52:03 | 000,000,000 | ---D | M] (Chimpoo) -- C:\Users\Rose\AppData\Roaming\Mozilla\Firefox\Profiles\ro24c7t8.default\extensions\3affxtbr@Chimpoo_3a.com
[2011/10/30 13:12:58 | 000,000,000 | ---D | M] (My Web Search) -- C:\Users\Rose\AppData\Roaming\Mozilla\Firefox\Profiles\ro24c7t8.default\extensions\[email protected]
[2013/07/27 19:01:18 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Users\Rose\AppData\Roaming\Mozilla\Firefox\Profiles\ro24c7t8.default\extensions\[email protected]
[2011/08/28 12:56:04 | 000,000,000 | ---D | M] (BetterLinks) -- C:\Users\Rose\AppData\Roaming\Mozilla\Firefox\Profiles\ro24c7t8.default\extensions\[email protected]
[2013/07/29 02:54:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rose\AppData\Roaming\Mozilla\Firefox\Profiles\ro24c7t8.default\extensions\staged-xpis
[2013/07/27 19:01:18 | 000,000,000 | ---D | M] (WindowShopper) -- C:\Users\Rose\AppData\Roaming\Mozilla\Firefox\Profiles\ro24c7t8.default\extensions\[email protected]
[2013/07/27 19:01:18 | 000,000,000 | ---D | M] (ShopAtHome.com Intelligent Shopping Toolbar) -- C:\Users\Rose\AppData\Roaming\Mozilla\Firefox\Profiles\ro24c7t8.default\extensions\[email protected]
[1616/02/26 09:01:20 | 000,004,815 | ---- | M] () (No name found) -- C:\Users\Rose\AppData\Roaming\Mozilla\Firefox\Profiles\ro24c7t8.default\extensions\[email protected]
[2012/07/19 19:59:00 | 000,553,706 | ---- | M] () (No name found) -- C:\Users\Rose\AppData\Roaming\Mozilla\Firefox\Profiles\ro24c7t8.default\extensions\{0dd5ab7a-9db5-0aa4-e914-7148cd6c0afc}.xpi
[2013/02/19 03:39:44 | 000,890,561 | ---- | M] () (No name found) -- C:\Users\Rose\AppData\Roaming\Mozilla\Firefox\Profiles\ro24c7t8.default\extensions\staged-xpis\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\bitcomet_extension_signed.xpi
[2012/07/20 17:38:47 | 000,002,562 | ---- | M] () -- C:\Users\Rose\AppData\Roaming\Mozilla\Firefox\Profiles\ro24c7t8.default\searchplugins\aol-search.xml
[2011/07/07 10:17:58 | 000,000,925 | ---- | M] () -- C:\Users\Rose\AppData\Roaming\Mozilla\Firefox\Profiles\ro24c7t8.default\searchplugins\conduit.xml
[2011/11/12 14:23:55 | 000,009,987 | ---- | M] () -- C:\Users\Rose\AppData\Roaming\Mozilla\Firefox\Profiles\ro24c7t8.default\searchplugins\mywebsearch.xml
[2012/07/20 17:38:23 | 000,002,356 | ---- | M] () -- C:\Users\Rose\AppData\Roaming\Mozilla\Firefox\Profiles\ro24c7t8.default\searchplugins\startnow.xml
[2013/07/27 18:59:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/07/27 18:59:48 | 000,000,000 | ---D | M] (GameTap) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2013/07/27 18:59:48 | 000,000,000 | ---D | M] (Iminent WebBooster) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2012/04/21 00:03:32 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/01/12 04:58:30 | 000,917,816 | ---- | M] (BitComet) -- C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll
[2011/07/13 17:52:56 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2011/07/13 17:52:58 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
[2012/04/21 00:03:28 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/04/21 00:03:28 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Rose\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Rose\AppData\Local\Google\Chrome\Application\28.0.1500.95\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Rose\AppData\Local\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Rose\AppData\Local\Google\Chrome\Application\28.0.1500.95\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: BitCometAgent (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npBitCometAgent.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Java Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Zylom Plugin (Enabled) = C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Rose\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: HP Product Detection Plugin = C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp\1.0.28.1_0\
CHR - Extension: YouTube = C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Gmail = C:\Users\Rose\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (ALOT Toolbar Helper) - {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - C:\Program Files (x86)\alot\bin\BHO\alotBHO.dll (Vertro)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll ()
O2 - BHO: (ShopAtHome.com Toolbar) - {66516A07-F617-488A-90CF-4E690CFB3C5F} - C:\Program Files (x86)\ShopAtHome\tbcore3U.dll (ShopAtHome.com)
O2 - BHO: (Window Shopper) - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files (x86)\Superfish\Window Shopper\SuperfishIEAddon.dll (Superfish)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\IMBooster4Web\Iminent.WebBooster.dll (Iminent)
O2 - BHO: (SocialRibbons LP2) - {AE92E5DE-20F7-9934-D515-7BE13880A842} - C:\Program Files (x86)\SocialRibbons LP2\Toolbar.dll ()
O2 - BHO: (AOL Messaging Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL Inc.)
O2 - BHO: (DCA BHO) - {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - C:\Program Files (x86)\Common Files\FreeCause\DCA\dca-bho.dll (Compete, Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O2 - BHO: (ShopAtHomeIEHelper Class) - {E8DAAA30-6CAA-4b58-9603-8E54238219E2} - C:\Program Files (x86)\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome.com)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Defender Pro Toolbar) - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\Defender Pro\Defender Pro 15-in-1\ietoolbar.dll (Defender Pro)
O3 - HKLM\..\Toolbar: (ShopAtHome.com Toolbar) - {311B58DC-A4DC-4B04-B1B5-60299AD3D803} - C:\Program Files (x86)\ShopAtHome\tbcore3U.dll (ShopAtHome.com)
O3 - HKLM\..\Toolbar: (no name) - {37153479-1976-43c3-a1ee-557513977b64} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Defender Pro Toolbar) - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\Defender Pro\Defender Pro 15-in-1\Antispam32\ietoolbar.dll (Defender Pro)
O3 - HKLM\..\Toolbar: (ALOT Toolbar) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files (x86)\alot\bin\alot.dll (Vertro)
O3 - HKLM\..\Toolbar: (Chimpoo) - {5b010b98-98f5-4faf-bdc5-f24746d465ce} - C:\Program Files (x86)\Chimpoo_3a\bar\1.bin\3abar.dll File not found
O3 - HKLM\..\Toolbar: (AOL Messaging Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (ShopAtHome.com Toolbar) - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files (x86)\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome.com)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (ShopAtHome.com Toolbar) - {311B58DC-A4DC-4B04-B1B5-60299AD3D803} - C:\Program Files (x86)\ShopAtHome\tbcore3U.dll (ShopAtHome.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Chimpoo) - {5B010B98-98F5-4FAF-BDC5-F24746D465CE} - C:\Program Files (x86)\Chimpoo_3a\bar\1.bin\3abar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (ShopAtHome.com Toolbar) - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - C:\Program Files (x86)\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome.com)
O4:64bit: - HKLM..\Run: [BDAgent] C:\Program Files\Defender Pro\Defender Pro 15-in-1\bdagent.exe (Defender Pro)
O4:64bit: - HKLM..\Run: [Defender Pro Antiphishing Helper] C:\Program Files\Defender Pro\Defender Pro 15-in-1\ieshow.exe (Defender Pro)
O4:64bit: - HKLM..\Run: [HP Quick Launch] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtkOSD] C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Defender Pro Antiphishing Helper] C:\Program Files\Defender Pro\Defender Pro 15-in-1\Antispam32\ieshow.exe (Defender Pro)
O4 - HKLM..\Run: [IMBooster] C:\Program Files (x86)\Iminent\IMBooster\imbooster.exe (Iminent)
O4 - HKLM..\Run: [Monitor] C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [SelectRebates] C:\Program Files (x86)\SelectRebates\SelectRebates.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Spotify] C:\Users\Rose\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Rose\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - Startup: C:\Users\Rose\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe (Leader Technologies)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O8:64bit: - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Window Shopper - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - C:\Program Files (x86)\Superfish\Window Shopper\SuperfishIEAddon.dll (Superfish)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKCU\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} http://archives.game...apWebPlayer.cab (GameTap Player)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF5B3F3C-E2E4-445E-8C37-762358EE0D34}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{35fb6de0-dcca-11e1-81d7-c80aa997dc7a}\Shell - "" = AutoRun
O33 - MountPoints2\{35fb6de0-dcca-11e1-81d7-c80aa997dc7a}\Shell\AutoRun\command - "" = G:\LGAutoRun.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LGAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/08/20 00:58:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon
[2013/08/20 00:53:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
[2013/08/20 00:48:58 | 000,000,000 | ---D | C] -- C:\Nexon
[2013/08/20 00:48:54 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonUS
[2013/08/20 00:14:15 | 1775,341,008 | ---- | C] (Nexon) -- C:\Users\Rose\Desktop\Combatarms_VER_US_1307.10.exe
[2013/08/20 00:09:41 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\runic games
[2013/08/19 23:56:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Runic Games
[2013/08/19 23:53:50 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\WinZip
[2013/08/19 23:53:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
[2013/08/19 23:53:00 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2013/08/19 23:52:59 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2013/08/16 03:15:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eidos
[2013/08/16 03:12:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Eidos
[2013/08/15 03:53:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MpEngineStore
[2013/08/15 03:11:51 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/08/12 14:19:40 | 000,000,000 | ---D | C] -- C:\Users\Rose\Documents\Warzone 2100 2.3
[2013/08/09 18:08:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013/08/07 03:44:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
[2013/08/07 03:41:10 | 000,000,000 | ---D | C] -- C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
[2013/08/06 04:56:21 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\RSBot
[2013/08/06 04:55:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/08/06 04:46:45 | 000,466,456 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2013/08/06 04:46:45 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2013/08/06 04:46:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2013/08/06 04:46:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warzone 2100
[2013/08/06 04:46:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Warzone 2100
[2013/08/06 04:05:58 | 052,818,192 | ---- | C] (Warzone 2100 Project) -- C:\Users\Rose\Desktop\warzone2100-2.3.6.exe
[2013/08/01 02:23:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet (64-bit)
[2013/07/28 02:51:25 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\ImgBurn
[2013/07/28 02:47:10 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ImgBurn
[2013/07/28 02:44:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ImgBurn
[2013/07/28 01:44:50 | 000,000,000 | ---D | C] -- C:\Users\Rose\Desktop\Language
[2013/07/28 01:39:18 | 000,000,000 | ---D | C] -- C:\Users\Rose\Desktop\SLOT
[2013/07/26 05:56:30 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\IsolatedStorage
[2013/07/26 03:07:31 | 000,000,000 | R--D | C] -- C:\Users\Rose\Desktop\States
[2013/07/26 03:07:30 | 000,000,000 | ---D | C] -- C:\Users\Rose\Desktop\Cheats
[2013/07/26 03:07:30 | 000,000,000 | ---D | C] -- C:\Users\Rose\Desktop\Battery
[2013/07/26 03:07:15 | 000,000,000 | ---D | C] -- C:\Users\Rose\Desktop\Roms
[2013/07/23 21:39:34 | 000,000,000 | ---D | C] -- C:\Users\Rose\Documents\Mario Kart 64
[2013/07/23 21:29:44 | 000,000,000 | ---D | C] -- C:\Users\Rose\Documents\Add-in Express
[2013/07/23 04:10:18 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\AVG2013
[2013/07/23 04:09:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013/07/23 04:09:11 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\TuneUp Software
[2013/07/23 04:06:39 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013/07/23 04:06:39 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2013/07/23 04:05:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2013/07/23 04:01:31 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013/07/23 04:01:31 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\MFAData
[2013/07/23 04:01:31 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2013/07/23 04:01:31 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\Avg2013
[2013/07/23 03:53:58 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Local\Spotify
[2013/07/23 03:53:31 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\Spotify
[2013/07/23 03:03:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/07/23 03:03:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013/07/23 03:02:59 | 000,000,000 | ---D | C] -- C:\41aef70989dd6d0cd5e8
[2013/07/23 01:59:07 | 000,000,000 | ---D | C] -- C:\Users\Rose\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
[2013/07/23 01:47:33 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2011/04/24 22:33:24 | 000,586,752 | -HS- | C] (Microsoft Corporation) -- C:\Users\Rose\AppData\Local\jfo.exe
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/08/21 03:27:28 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/08/21 03:27:28 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/08/21 03:20:10 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/08/21 03:19:14 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/21 03:18:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/08/21 03:18:46 | 461,704,325 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/08/21 03:18:46 | 2210,578,432 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/21 03:14:51 | 000,003,120 | ---- | M] () -- C:\Windows\SysWow64\GWJRLE4Q.ocx
[2013/08/21 03:02:03 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-903994150-1397619272-3207344859-1000UA.job
[2013/08/21 03:02:02 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/21 02:00:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-903994150-1397619272-3207344859-1000Core.job
[2013/08/20 00:53:27 | 000,001,603 | ---- | M] () -- C:\Users\Public\Desktop\Combat Arms.lnk
[2013/08/20 00:33:21 | 1775,341,008 | ---- | M] (Nexon) -- C:\Users\Rose\Desktop\Combatarms_VER_US_1307.10.exe
[2013/08/19 23:53:24 | 000,002,277 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk
[2013/08/18 15:55:57 | 000,029,005 | ---- | M] () -- C:\Users\Rose\Desktop\stock-vector-heavy-metal-rock-and-roll-devil-horns-hand-sign-with-a-black-leather-studded-bracelet-56637382.jpg
[2013/08/18 02:15:58 | 000,066,601 | ---- | M] () -- C:\Users\Rose\Desktop\Alexis.jpg
[2013/08/17 02:31:39 | 000,003,120 | ---- | M] () -- C:\Windows\F6TDORFB.ocx
[2013/08/16 03:48:14 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRose.job
[2013/08/16 03:18:28 | 000,043,520 | ---- | M] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2013/08/16 03:15:33 | 000,001,166 | ---- | M] () -- C:\Users\Rose\Desktop\Play Hitman Contracts.lnk
[2013/08/15 03:15:45 | 000,754,288 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/08/15 03:15:45 | 000,633,180 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/08/15 03:15:45 | 000,110,782 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/08/12 14:11:56 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2013/08/12 14:11:56 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2013/08/12 14:11:55 | 000,001,050 | ---- | M] () -- C:\Users\Public\Desktop\Warzone 2100.lnk
[2013/08/07 03:44:53 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
[2013/08/06 06:09:13 | 000,000,024 | ---- | M] () -- C:\Users\Rose\random.dat
[2013/08/06 04:56:38 | 000,000,043 | ---- | M] () -- C:\Users\Rose\jagex_cl_runescape_LIVE.dat
[2013/08/06 04:34:29 | 052,818,192 | ---- | M] (Warzone 2100 Project) -- C:\Users\Rose\Desktop\warzone2100-2.3.6.exe
[2013/08/01 02:24:01 | 000,000,812 | ---- | M] () -- C:\Users\Public\Desktop\BitComet.lnk
[2013/07/31 16:06:49 | 000,002,321 | ---- | M] () -- C:\Users\Rose\Desktop\Google Chrome.lnk
[2013/07/30 16:16:06 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013/07/30 06:35:56 | 000,002,319 | ---- | M] () -- C:\Users\Rose\Desktop\vba.ini
[2013/07/30 06:35:55 | 000,000,512 | ---- | M] () -- C:\Users\Rose\Desktop\Grand Theft Auto Advance.sav
[2013/07/30 05:58:07 | 000,065,536 | ---- | M] () -- C:\Users\Rose\Desktop\Castlevania - Aria of Sorrow.sav
[2013/07/30 05:58:04 | 000,084,942 | ---- | M] () -- C:\Users\Rose\Desktop\Castlevania - Aria of Sorrow1.sgm
[2013/07/30 04:05:14 | 000,021,444 | ---- | M] () -- C:\Users\Rose\Desktop\994228_10152362934307524_1617810251_n.jpg
[2013/07/30 02:12:40 | 000,088,791 | ---- | M] () -- C:\Users\Rose\Desktop\Glory Days - Essence of a War1.sgm
[2013/07/29 04:43:07 | 000,065,536 | ---- | M] () -- C:\Users\Rose\Desktop\Castlevania - Harmony of Dissonance.sav
[2013/07/29 04:39:06 | 000,073,072 | ---- | M] () -- C:\Users\Rose\Desktop\Castlevania - Harmony of Dissonance1.sgm
[2013/07/29 03:02:54 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/07/28 03:07:22 | 000,000,129 | ---- | M] () -- C:\Windows\SysNative\MRT.INI
[2013/07/28 02:47:11 | 000,001,865 | ---- | M] () -- C:\Users\Rose\Desktop\ImgBurn.lnk
[2013/07/28 02:02:27 | 000,065,536 | ---- | M] () -- C:\Users\Rose\Desktop\Super Mario Advance 4 - Super Mario Bros. 3.sav
[2013/07/28 02:02:27 | 000,002,447 | ---- | M] () -- C:\Users\Rose\Desktop\BoycottAdvance.ini
[2013/07/28 01:47:14 | 000,001,518 | ---- | M] () -- C:\Users\Rose\Desktop\Software.ini
[2013/07/28 01:44:02 | 000,001,536 | ---- | M] () -- C:\Users\Rose\Desktop\NO$GBA.INP
[2013/07/26 16:20:36 | 000,065,068 | ---- | M] () -- C:\Users\Rose\Desktop\Grand Theft Auto Advance1.sgm
[2013/07/26 04:35:30 | 000,065,536 | ---- | M] () -- C:\Users\Rose\Desktop\Pokemon Emerald.sav
[2013/07/26 04:28:59 | 000,050,223 | ---- | M] () -- C:\Users\Rose\Desktop\Pokemon Emerald1.sgm
[2013/07/26 02:59:29 | 000,065,536 | ---- | M] () -- C:\Users\Rose\Desktop\Final Fantasy Tactics Advance.sav
[2013/07/26 02:11:03 | 000,008,192 | ---- | M] () -- C:\Users\Rose\Desktop\Super Mario Advance 3 - Yoshi's Island.sav
[2013/07/23 17:45:27 | 000,440,480 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/07/23 04:22:46 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/07/23 04:22:44 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/07/23 03:53:53 | 000,001,762 | ---- | M] () -- C:\Users\Rose\Desktop\Spotify.lnk
[2013/07/23 03:44:29 | 000,002,413 | ---- | M] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2013/07/23 01:59:07 | 000,002,046 | ---- | M] () -- C:\Users\Rose\Desktop\RuneScape.lnk
[2013/07/23 01:55:50 | 006,623,588 | ---- | M] () -- C:\Users\Rose\Desktop\Castlevania - Aria of Sorrow.gba
[2013/07/23 01:54:50 | 004,194,304 | ---- | M] () -- C:\Users\Rose\Desktop\Glory Days - Essence of a War.gba
[2013/07/23 01:53:26 | 002,464,684 | ---- | M] () -- C:\Users\Rose\Desktop\Glory Days - Essence of a War.zip
[2013/07/23 01:52:16 | 001,974,352 | ---- | M] (None) -- C:\Users\Rose\Desktop\VisualBoyAdvance.exe
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/08/20 00:53:27 | 000,001,603 | ---- | C] () -- C:\Users\Public\Desktop\Combat Arms.lnk
[2013/08/19 23:53:24 | 000,002,277 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk
[2013/08/18 15:55:56 | 000,029,005 | ---- | C] () -- C:\Users\Rose\Desktop\stock-vector-heavy-metal-rock-and-roll-devil-horns-hand-sign-with-a-black-leather-studded-bracelet-56637382.jpg
[2013/08/18 02:15:56 | 000,066,601 | ---- | C] () -- C:\Users\Rose\Desktop\Alexis.jpg
[2013/08/17 02:31:39 | 000,003,120 | ---- | C] () -- C:\Windows\F6TDORFB.ocx
[2013/08/16 03:18:28 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2013/08/16 03:15:33 | 000,001,166 | ---- | C] () -- C:\Users\Rose\Desktop\Play Hitman Contracts.lnk
[2013/08/07 03:48:42 | 000,000,328 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForRose.job
[2013/08/07 03:44:53 | 000,002,185 | ---- | C] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
[2013/08/06 04:46:44 | 000,001,050 | ---- | C] () -- C:\Users\Public\Desktop\Warzone 2100.lnk
[2013/07/30 04:05:13 | 000,021,444 | ---- | C] () -- C:\Users\Rose\Desktop\994228_10152362934307524_1617810251_n.jpg
[2013/07/29 04:34:03 | 000,073,072 | ---- | C] () -- C:\Users\Rose\Desktop\Castlevania - Harmony of Dissonance1.sgm
[2013/07/29 04:25:54 | 000,065,536 | ---- | C] () -- C:\Users\Rose\Desktop\Castlevania - Harmony of Dissonance.sav
[2013/07/29 02:54:27 | 000,000,812 | ---- | C] () -- C:\Users\Public\Desktop\BitComet.lnk
[2013/07/28 02:47:11 | 000,001,865 | ---- | C] () -- C:\Users\Rose\Desktop\ImgBurn.lnk
[2013/07/28 02:47:10 | 000,001,895 | ---- | C] () -- C:\Users\Rose\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
[2013/07/28 02:02:27 | 000,002,447 | ---- | C] () -- C:\Users\Rose\Desktop\BoycottAdvance.ini
[2013/07/28 02:01:48 | 000,065,536 | ---- | C] () -- C:\Users\Rose\Desktop\Super Mario Advance 4 - Super Mario Bros. 3.sav
[2013/07/28 01:44:50 | 000,001,518 | ---- | C] () -- C:\Users\Rose\Desktop\Software.ini
[2013/07/28 01:42:42 | 000,001,536 | ---- | C] () -- C:\Users\Rose\Desktop\NO$GBA.INP
[2013/07/26 16:12:02 | 000,065,068 | ---- | C] () -- C:\Users\Rose\Desktop\Grand Theft Auto Advance1.sgm
[2013/07/26 04:35:30 | 000,065,536 | ---- | C] () -- C:\Users\Rose\Desktop\Pokemon Emerald.sav
[2013/07/26 04:22:59 | 000,050,223 | ---- | C] () -- C:\Users\Rose\Desktop\Pokemon Emerald1.sgm
[2013/07/26 02:59:29 | 000,065,536 | ---- | C] () -- C:\Users\Rose\Desktop\Final Fantasy Tactics Advance.sav
[2013/07/26 02:28:58 | 000,000,512 | ---- | C] () -- C:\Users\Rose\Desktop\Grand Theft Auto Advance.sav
[2013/07/26 02:07:40 | 000,008,192 | ---- | C] () -- C:\Users\Rose\Desktop\Super Mario Advance 3 - Yoshi's Island.sav
[2013/07/25 16:43:28 | 000,088,791 | ---- | C] () -- C:\Users\Rose\Desktop\Glory Days - Essence of a War1.sgm
[2013/07/23 04:22:46 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/07/23 04:22:44 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/07/23 04:09:12 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013/07/23 03:53:53 | 000,001,762 | ---- | C] () -- C:\Users\Rose\Desktop\Spotify.lnk
[2013/07/23 03:53:53 | 000,001,748 | ---- | C] () -- C:\Users\Rose\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2013/07/23 02:06:20 | 000,084,942 | ---- | C] () -- C:\Users\Rose\Desktop\Castlevania - Aria of Sorrow1.sgm
[2013/07/23 01:59:07 | 000,002,076 | ---- | C] () -- C:\Users\Rose\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk
[2013/07/23 01:59:06 | 000,002,046 | ---- | C] () -- C:\Users\Rose\Desktop\RuneScape.lnk
[2013/07/23 01:58:11 | 000,065,536 | ---- | C] () -- C:\Users\Rose\Desktop\Castlevania - Aria of Sorrow.sav
[2013/07/23 01:56:56 | 000,002,319 | ---- | C] () -- C:\Users\Rose\Desktop\vba.ini
[2013/07/23 01:53:24 | 002,464,684 | ---- | C] () -- C:\Users\Rose\Desktop\Glory Days - Essence of a War.zip
[2012/09/03 09:25:35 | 000,000,184 | -H-- | C] () -- C:\ProgramData\-blQtG85gJjPDzcr
[2012/09/03 09:25:34 | 000,000,168 | -H-- | C] () -- C:\ProgramData\-blQtG85gJjPDzc
[2012/09/03 09:25:24 | 000,000,368 | -H-- | C] () -- C:\ProgramData\blQtG85gJjPDzc
[2012/08/02 14:31:25 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2012/08/02 14:31:25 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2011/11/24 18:36:52 | 000,000,043 | ---- | C] () -- C:\Users\Rose\jagex_cl_runescape_LIVE.dat
[2011/11/24 18:36:52 | 000,000,024 | ---- | C] () -- C:\Users\Rose\random.dat
[2011/07/01 15:08:00 | 000,060,523 | ---- | C] () -- C:\ProgramData\bdinstall.bin
[2011/04/24 22:33:38 | 000,011,274 | -HS- | C] () -- C:\Users\Rose\AppData\Local\7y6774w28t81a
[2011/04/24 22:33:38 | 000,011,274 | -HS- | C] () -- C:\ProgramData\7y6774w28t81a
[2011/03/01 13:37:10 | 000,001,854 | ---- | C] () -- C:\Users\Rose\AppData\Roaming\GhostObjGAFix.xml
[2010/07/08 10:37:14 | 000,101,544 | ---- | C] () -- C:\Program Files\Common Files\LinkInstaller.exe
========== ZeroAccess Check ==========
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
"ThreadingModel" = Both
"" = C:\$Recycle.Bin\S-1-5-21-903994150-1397619272-3207344859-1000\$256fafff9b715c3c765fb7f1e8557917\n.
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 01:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012/05/23 16:11:41 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\.minecraft
[2011/11/16 18:04:21 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\0816B
[2011/11/16 19:20:33 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\6B962
[2011/08/24 19:39:31 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\acccore
[2011/07/07 10:44:17 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\Amazon
[2013/07/27 19:01:17 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\AVG2013
[2013/08/20 00:34:18 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\BitComet
[2010/11/05 15:14:51 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\com.zoodles.3B7D4B2F97D0C2BDB13554D0687ECC70A3734EDD.1
[2013/07/27 19:01:17 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\Defender Pro
[2011/11/16 18:03:36 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\EpppmGG5aQJ6WKf
[2011/11/16 18:03:32 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\F777fRRL9gTXjYe
[2010/12/28 22:06:03 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\GetRightToGo
[2013/07/28 04:24:32 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\ImgBurn
[2011/11/16 19:20:33 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\kiibbD3ppn4aQ6s
[2011/11/16 19:05:43 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\kXwkUVelOtP
[2012/04/04 15:26:37 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\Leadertech
[2013/07/27 19:01:19 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\OpenCandy
[2013/07/27 19:01:19 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\Opera
[2011/11/16 18:03:33 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\PELLL8gTZqhYCk
[2013/07/27 19:01:19 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\PictureMover
[2011/07/01 15:13:06 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\QuickScan
[2011/11/16 18:03:35 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\RNNyyxAA1uS2oF
[2013/08/06 04:57:09 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\RSBot
[2013/08/20 00:09:41 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\runic games
[2011/11/16 19:05:43 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\s4amH5sWJdLgZh
[2013/08/21 03:20:08 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\Spotify
[2011/01/03 18:45:42 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\TeamViewer
[2013/07/23 04:09:11 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\TuneUp Software
[2012/09/04 13:36:32 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\Unity
[2010/11/10 21:19:44 | 000,000,000 | ---D | M] -- C:\Users\Rose\AppData\Roaming\WildTangent
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 150 bytes -> C:\ProgramData\Temp:260575F1
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:0AC32449
< End of report >