Thank you, Wyatt
Here is my OTL log:
OTL logfile created on: 3/11/2013 6:04:35 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19400)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 2.99 Gb Available Physical Memory | 74.85% Memory free
8.16 Gb Paging File | 7.21 Gb Available in Paging File | 88.26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 220.31 Gb Total Space | 44.09 Gb Free Space | 20.01% Space Free | Partition Type: NTFS
Drive D: | 232.88 Gb Total Space | 139.84 Gb Free Space | 60.05% Space Free | Partition Type: NTFS
Drive E: | 12.58 Gb Total Space | 1.97 Gb Free Space | 15.68% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/03/10 23:46:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Downloads\OTL.exe
========== Modules (No Company Name) ==========
MOD - [2013/02/20 23:23:44 | 000,459,728 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll
MOD - [2013/02/20 23:23:43 | 012,637,136 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\25.0.1364.97\PepperFlash\pepflashplayer.dll
MOD - [2013/02/20 23:23:42 | 004,050,896 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\25.0.1364.97\pdf.dll
MOD - [2013/02/20 23:22:48 | 001,552,848 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\25.0.1364.97\ffmpegsumo.dll
MOD - [2013/02/14 04:39:59 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\15e2d7f51f15830591727d6d6a1e4032\System.ServiceProcess.ni.dll
MOD - [2013/02/14 04:39:58 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\1f5fbaf96ffe156e2a82cb11342df079\System.Web.Services.ni.dll
MOD - [2013/02/14 04:39:55 | 011,820,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\421cb77e6a4c21f94e3c5ddf766de23b\System.Web.ni.dll
MOD - [2013/02/14 04:36:01 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e64304962098e90f0d3f4c33c1b080a6\System.Windows.Forms.ni.dll
MOD - [2013/01/10 17:46:07 | 017,404,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\1c40efd2328e271920f4b4eda38c0125\System.ServiceModel.ni.dll
MOD - [2013/01/10 17:45:21 | 002,346,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\895899bb8c1772f2043de17305d7eb35\System.Runtime.Serialization.ni.dll
MOD - [2013/01/10 17:45:17 | 001,071,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\f9d4a89fc32b5a458c0a02c48dc8538e\System.IdentityModel.ni.dll
MOD - [2013/01/10 17:45:11 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\004bc6615f9c06df5c98859d35149fe6\System.Configuration.ni.dll
MOD - [2013/01/10 17:45:10 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\bb8af3cf69f1337efda4e810b6751b89\SMDiagnostics.ni.dll
MOD - [2013/01/10 17:45:07 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll
MOD - [2013/01/10 17:44:43 | 001,593,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll
MOD - [2013/01/10 17:44:29 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\0f5a23bb73681b6388daccd8e250ba66\System.Data.ni.dll
MOD - [2013/01/10 17:43:40 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll
MOD - [2013/01/10 17:43:33 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll
MOD - [2012/08/17 13:19:04 | 004,051,456 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.1.3\libglesv2.dll
MOD - [2012/08/17 13:19:04 | 000,100,864 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.1.3\libegl.dll
MOD - [2009/03/29 22:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009/01/13 11:18:41 | 008,007,680 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
========== Services (SafeList) ==========
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2008/12/31 06:35:14 | 000,934,400 | ---- | M] (ATI Technologies Inc.) [Auto | Stopped] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV:64bit: - [2008/10/26 14:49:46 | 000,279,040 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_8aadd48d\STacSV64.exe -- (STacSV)
SRV:64bit: - [2008/06/27 09:53:06 | 000,089,088 | ---- | M] (Andrea Electronics Corporation) [Auto | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_8aadd48d\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2008/03/18 17:25:40 | 000,023,040 | ---- | M] (Hewlett-Packard Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Hpservice.exe -- (hpsrv)
SRV:64bit: - [2008/03/18 06:26:56 | 000,015,872 | ---- | M] (Agere Systems) [Auto | Stopped] -- C:\Windows\SysNative\agr64svc.exe -- (AgereModemAudio)
SRV:64bit: - [2008/01/20 20:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/02/26 16:32:12 | 000,968,880 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe -- (vToolbarUpdater14.2.0)
SRV - [2013/02/25 08:39:32 | 000,543,144 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/02/21 16:42:56 | 000,068,136 | ---- | M] (White Sky, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe -- (IDVaultSvc)
SRV - [2013/01/24 21:53:41 | 000,045,056 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe -- (BEService)
SRV - [2013/01/22 22:51:21 | 000,131,912 | ---- | M] (Desura Pty Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Desura\desura_service.exe -- (Desura Install Service)
SRV - [2013/01/08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/01/03 10:50:34 | 000,076,888 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/10/10 20:29:14 | 000,143,928 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ccSvcHst.exe -- (N360)
SRV - [2012/08/30 11:23:26 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Stopped] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2012/05/20 23:46:41 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/17 06:21:00 | 003,532,120 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2009/03/29 22:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/12/17 18:11:40 | 000,365,952 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/11/26 18:13:08 | 000,296,320 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe -- (TVCapSvc)
SRV - [2008/11/26 18:13:08 | 000,116,096 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- (TVSched)
SRV - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/03/09 01:11:05 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013/03/08 23:22:06 | 000,045,968 | ---- | M] (Zemana Ltd.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\AntiLog64.sys -- (AntiLog32)
DRV:64bit: - [2013/02/26 16:32:12 | 000,039,768 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/02/23 17:50:48 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013/02/13 18:05:00 | 000,025,784 | ---- | M] (Zemana Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\KeyCrypt64.sys -- (keycrypt)
DRV:64bit: - [2012/10/08 19:00:02 | 000,776,864 | ---- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\Windows\SysNative\Drivers\N360x64\1402000.013\SRTSP64.SYS -- (SRTSP)
DRV:64bit: - [2012/10/08 02:27:40 | 000,010,112 | ---- | M] (support.com, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssmirrdr.sys -- (ssmirrdr)
DRV:64bit: - [2012/10/03 19:40:36 | 001,133,216 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1402000.013\SYMEFA64.SYS -- (SymEFA)
DRV:64bit: - [2012/10/03 19:40:20 | 000,493,216 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1402000.013\SYMDS64.SYS -- (SymDS)
DRV:64bit: - [2012/10/03 19:19:14 | 000,168,096 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\N360x64\1402000.013\ccSetx64.sys -- (ccSet_N360)
DRV:64bit: - [2012/07/27 21:05:22 | 000,224,416 | R--- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\N360x64\1402000.013\Ironx64.SYS -- (SymIRON)
DRV:64bit: - [2012/07/22 19:34:24 | 000,455,840 | R--- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\N360x64\1402000.013\SYMTDIV.SYS -- (SYMTDIv)
DRV:64bit: - [2012/05/24 23:36:56 | 000,037,496 | R--- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\N360x64\1402000.013\SRTSPX64.SYS -- (SRTSPX)
DRV:64bit: - [2012/02/29 07:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/05/13 16:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/05/27 22:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/09/30 18:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/04/06 13:19:46 | 000,027,160 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2009/03/20 04:47:42 | 001,526,776 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XX)
DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/12/31 08:01:20 | 004,993,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2008/10/26 14:50:58 | 000,469,504 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA)
DRV:64bit: - [2008/10/23 03:42:06 | 000,128,352 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\jmcr.sys -- (JMCR)
DRV:64bit: - [2008/09/04 11:48:00 | 000,064,000 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\enecir.sys -- (enecir)
DRV:64bit: - [2008/08/06 10:26:08 | 000,174,592 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008/06/23 05:54:02 | 000,099,368 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2008/06/23 05:54:02 | 000,091,176 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2008/06/23 05:54:02 | 000,019,752 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2008/03/27 13:10:56 | 000,026,984 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2008/03/27 13:10:14 | 000,040,296 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2008/03/21 06:47:14 | 001,253,376 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2008/01/20 20:46:57 | 003,154,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NETw3v64.sys -- (NETw3v64)
DRV:64bit: - [2008/01/20 20:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2007/09/29 02:21:58 | 000,013,952 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\vhidmini.sys -- (vhidmini)
DRV:64bit: - [2007/09/29 02:04:58 | 000,046,464 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\JmtFltr.sys -- (JmtFltr)
DRV:64bit: - [2007/06/18 18:13:12 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2006/10/03 19:45:36 | 000,273,408 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV - [2013/03/09 01:48:42 | 002,087,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130310.007\ex64.sys -- (NAVEX15)
DRV - [2013/03/09 01:48:41 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013/03/09 01:48:41 | 000,126,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130310.007\eng64.sys -- (NAVENG)
DRV - [2013/03/09 00:27:07 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/03/08 17:22:34 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130308.001\IDSviA64.sys -- (IDSVia64)
DRV - [2013/03/01 03:09:56 | 001,388,120 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130301.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2008/11/28 19:04:24 | 000,146,928 | ---- | M] (CyberLink Corp.) [2009/03/20 04:18:44] [Kernel | Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})
DRV - [2008/08/05 16:24:54 | 000,024,568 | ---- | M] (Insyde Software) [Kernel | On_Demand | Stopped] -- C:\SWSetup\sp44138\iscflashx64.sys -- (iscFlash)
DRV - [2005/01/04 03:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{3B1AAF6F-BC73-4A31-9EE4-04B8C395AC0E}: "URL" = http://search.live.c...ms}&FORM=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{BFE5EDCC-25B3-461D-8E03-309E92AD753A}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchab.com/...09-d989b23a4cbc
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{2F59CA50-306F-4D9D-B0FA-F92F9B95F50A}: "URL" = ${SEARCH_URL}{searchTerms}
IE - HKLM\..\SearchScopes\{3B1AAF6F-BC73-4A31-9EE4-04B8C395AC0E}: "URL" = http://search.live.c...ms}&FORM=HPNTDF
IE - HKLM\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{BFE5EDCC-25B3-461D-8E03-309E92AD753A}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.symbaloo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {2F59CA50-306F-4D9D-B0FA-F92F9B95F50A}
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoo...earchTerms}&f=4
IE - HKCU\..\SearchScopes\{2005ACD9-727B-38B0-19F6-BE95434160E8}: "URL" = http://www.bing.com/...022&form=ZGAIDF
IE - HKCU\..\SearchScopes\{26FF95E0-C460-4078-B8B6-4C626AAA0D28}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{2F59CA50-306F-4D9D-B0FA-F92F9B95F50A}: "URL" = http://searchab.com/...q={searchTerms}
IE - HKCU\..\SearchScopes\{3B1AAF6F-BC73-4A31-9EE4-04B8C395AC0E}: "URL" = http://search.live.c...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://blekko.com/?s...q={searchTerms}
IE - HKCU\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKCU\..\SearchScopes\{5F9DAFC8-2337-43C1-9E91-1362D995CF46}: "URL" = http://search.avg.co...{language}&nt=1
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7ADBF_en
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://mysearch.avg....sa&d=2013-02-24 12:39:40&v=14.2.0.1&pid=safeguard&sg=1&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{BFE5EDCC-25B3-461D-8E03-309E92AD753A}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKCU\..\SearchScopes\{ECC4FF6F-CCD4-47AF-AFA5-FE52E2DE7295}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Privitize VPN"
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.order.1: "Privitize VPN"
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.param.yahoo-fr: "w3i&type=W3i_DS,157,0_0,Search,20110520,6902,0,19,0"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://mysearch.avg....sa&d=2013-02-24 12:39:40&v=14.2.0.1&pid=safeguard&sg=1&sap=hp"
FF - prefs.js..extensions.enabledAddons: {1266764D-FC4F-4FA7-B63B-884D53B1680F}:3.6.5
FF - prefs.js..extensions.enabledAddons: [email protected]:3.3.0
FF - prefs.js..extensions.enabledAddons: idvaultaddin@whitesky:1.13.220.2
FF - prefs.js..extensions.enabledAddons: [email protected]:1.20.02
FF - prefs.js..extensions.enabledAddons: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.5.4.20130221100632
FF - prefs.js..extensions.enabledItems: [email protected]:4.3
FF - prefs.js..extensions.enabledItems: [email protected]:4.3
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.2.20100127023632
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:2.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.2
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.2
FF - prefs.js..extensions.enabledItems: {c8f71e5b-88f8-42a7-98bb-e4c506161de9}:0.4
FF - prefs.js..keyword.URL: "http://mysearch.avg....sa&d=2013-02-24 12:39:40&pid=safeguard&sg=1&v=14.0.0.12&sap=ku&q="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.3.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.3.1: C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@ei.MyOwnSuperhero.com/Plugin: C:\Program Files (x86)\MyOwnSuperheroEI\Installr\1.bin\NPv3EISB.dll (MyOwnSuperhero)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@eximion.com/KalydoPlayer3.08.01: C:\Users\Owner\AppData\Roaming\Kalydo\KalydoPlayer\npkalydo.dll (Eximion B.V.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Owner\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\PROGRA~2\SONYON~1\npsoe.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\thehappycloud.com/HappyCloudPlugin: C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\ClickPotatoLite\bin\10.0.519.0\firefox\extensions [2010/07/24 02:00:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\14.2.0.1 [2013/02/26 16:33:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\ [2013/03/09 01:25:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\ [2013/03/10 23:05:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/08 22:35:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/01/29 16:05:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{1266764D-FC4F-4FA7-B63B-884D53B1680F}: C:\Users\Owner\AppData\Roaming\NetAssistant\ [2011/05/13 23:45:37 | 000,000,000 | ---D | M]
[2011/10/23 03:55:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Extensions
[2013/03/11 17:53:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\m8n203dj.default\extensions
[2011/03/21 17:06:34 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\m8n203dj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2013/03/07 15:56:13 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\m8n203dj.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/04/03 21:59:13 | 000,000,000 | ---D | M] (AmbientFox) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\m8n203dj.default\extensions\{c8f71e5b-88f8-42a7-98bb-e4c506161de9}
[2013/03/08 23:25:52 | 000,000,000 | ---D | M] (XFINITY Constant Guard Protection Suite) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\m8n203dj.default\extensions\idvaultaddin@whitesky
[2013/02/26 18:12:25 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\m8n203dj.default\extensions\[email protected]
[2013/03/07 15:56:13 | 000,011,271 | ---- | M] () (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\m8n203dj.default\extensions\[email protected]
[2013/03/06 22:10:32 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\m8n203dj.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/03/06 21:53:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/03/06 21:53:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
[2013/03/06 21:53:16 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2013/03/08 14:10:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions
[2013/03/08 14:10:47 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/03/08 14:10:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\distribution\extensions
[2013/03/08 14:10:14 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\updated\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/05/13 23:45:37 | 000,000,000 | ---D | M] (Freeze.com NetAssistant) -- C:\USERS\OWNER\APPDATA\ROAMING\NETASSISTANT
[2012/05/20 23:46:44 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/02/15 18:35:09 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/03/09 18:38:45 | 000,002,127 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\blekkotb.xml
[2010/07/19 01:13:50 | 000,002,035 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchsms.xml
[2013/02/26 16:33:31 | 000,003,725 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\safeguard-secure-search.xml
[2013/02/15 18:35:09 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.symbaloo.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\25.0.1364.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\25.0.1364.97\pdf.dll
CHR - plugin: TorchPlugin (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.2023_0\plugin/torchplugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Platform SE 7 U11 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: MyOwnSuperhero Installer Plugin Stub (Enabled) = C:\Program Files (x86)\MyOwnSuperheroEI\Installr\1.bin\NPv3EISB.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Happy Cloud Plugin (Enabled) = C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Owner\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Owner\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Kalydo Player Plugin for Mozilla (Enabled) = C:\Users\Owner\AppData\Roaming\Kalydo\KalydoPlayer\npkalydo.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll
CHR - plugin: Java Deployment Toolkit 7.0.110.21 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Deadmau5 Blue Edition = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiklhkepfpikmjoachlckldbcdapckbm\1.1_0\
CHR - Extension: Running Fred = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfalcbcdebaemokjapphcfnldiogddk\1.6.3.14_0\
CHR - Extension: From Dust = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\anelkojiepicmcldgnmkplocifmegpfj\0.0.0.23_1\
CHR - Extension: Google Drive = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Facebook Me-Gusta Button = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\caampdmalollkcdgdiilgpimcbfjfmoe\1.55_0\
CHR - Extension: Adblock Plus = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\
CHR - Extension: Symbaloo Chrome Bookmarker 0.3 = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnjfgbikbkcmickdalamlmpmkhmbollm\0.3_0\
CHR - Extension: Realm of the Mad God = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhjfmaldpppkmjjgkmadddbanpabfflp\1.0.0.3_1\
CHR - Extension: Realm of the Mad God = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhjfmaldpppkmjjgkmadddbanpabfflp\1.0.0.3_1\~
CHR - Extension: AdBlock = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\
CHR - Extension: 3D Neon Bike Race = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgmbelgikjfcedfiaaedcnodbgjjpfbd\1_1\
CHR - Extension: ButtonBeats Dubstep Balls = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmjadonkmcblbkocpaaefjbceiijfdg\1.1_1\
CHR - Extension: Legends of Yore = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcpcaannfbndnmddlihbbfinmkeopbhj\1_0\
CHR - Extension: Clash of the Dragons = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmdphihkopbepogaialenmgoacnpmffo\1.1_1\
CHR - Extension: Reddit Enhancement Suite = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.1.5_0\
CHR - Extension: Torch Share = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.2023_0\
CHR - Extension: Little Alchemy = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd\0.0.15.7_0\
CHR - Extension: Norton Identity Protection = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.2.0.18_0\
CHR - Extension: ScrewAds - Block, Skip, Remove YouTube Ads = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbnjoljpgkhiaicaejkdcjbfjknipnc\2.1.5_0\
CHR - Extension: AVG SafeGuard toolbar = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\14.2.0.1_0\
CHR - Extension: Muffin Knight = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngcgpajmidlcgbkpjaopbcglkjepkbaa\1.4.5_1\
CHR - Extension: Type Fu = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\okboeogmnhjpgbeaokfogelclpblaemo\2.0.0_0\
CHR - Extension: PokemonDb Search = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\omdabaonfeamdcjjllifgojglfgchckb\1.0_1\
CHR - Extension: Mahjong Daily = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pemeklgblkcideppcaccohkijfkejgpm\2.2.0_0\
CHR - Extension: Running = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pibmbphgclmikgclcjlfnlepeofhcffm\1.5_1\
CHR - Extension: Canvas Rider = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk\0.71_1\
O1 HOSTS File: ([2006/09/18 15:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\14.2.0.1\AVG SafeGuard toolbar_toolbar.dll ()
O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O2 - BHO: (Constant Guard Protection Suite) - {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.13.220.2\NativeBHO.dll (WhiteSky)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\14.2.0.1\AVG SafeGuard toolbar_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [DVDAgent] C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] D:\deamon tools lite\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Desura] C:\Program Files (x86)\Desura\desura.exe (Desura Pty Ltd)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Owner\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [GameTracker] C:\Program Files (x86)\GameTracker\GTLite.exe File not found
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [Yontoo Desktop] C:\Users\Owner\AppData\Roaming\Yontoo\YontooDesktop.exe (Yontoo LLC)
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000020 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.3.1)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_03)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.11.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F41BF314-8255-4540-AE2D-B170E5D7A302}: DhcpNameServer = 69.145.248.50 69.145.232.4 69.145.248.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F7E10389-126C-49AD-BF62-D3F215D0743D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F7E10389-126C-49AD-BF62-D3F215D0743D}: NameServer = 75.75.75.75,75.75.76.76
O18:64bit: - Protocol\Handler\gopher - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll ()
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL) - C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(1).dll (Zemana Ltd.)
O20 - AppInit_DLLs: (C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL) - C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(1).dll (Zemana Ltd.)
O20 - AppInit_DLLs: (c:\progra~2\zoomex\sprote~1.dll) - c:\Program Files (x86)\ZoomEx\sprotector.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Owner\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Owner\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{40a2adeb-7a4f-11e2-a495-b0baf38c8859}\Shell - "" = AutoRun
O33 - MountPoints2\{40a2adeb-7a4f-11e2-a495-b0baf38c8859}\Shell\AutoRun\command - "" = G:\INSTALL.EXE
O33 - MountPoints2\{47ce05e9-82af-11e1-a6e9-f91c5f1858cd}\Shell - "" = AutoRun
O33 - MountPoints2\{47ce05e9-82af-11e1-a6e9-f91c5f1858cd}\Shell\AutoRun\command - "" = G:\TL_Bootstrap.exe
O33 - MountPoints2\{a69cd060-0430-11df-bf1e-00247e439e87}\Shell - "" = AutoRun
O33 - MountPoints2\{a69cd060-0430-11df-bf1e-00247e439e87}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{b75b49b7-21ef-11e0-8904-00247e439e87}\Shell\AutoRun\command - "" = G:\system\viewer\FlipVideoforPC.exe
O33 - MountPoints2\{b75b49b7-21ef-11e0-8904-00247e439e87}\Shell\Flip Video for PC\command - "" = G:\system\viewer\FlipVideoforPC.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/03/10 18:29:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\CrashDumps
[2013/03/10 17:14:31 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{5BF22641-C5A5-4340-8E51-3E7F2EA1CDD9}
[2013/03/09 01:41:42 | 000,455,840 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1402000.013\symtdiv.sys
[2013/03/09 01:41:42 | 000,432,800 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1402000.013\symnets.sys
[2013/03/09 01:41:41 | 000,023,448 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1402000.013\symelam.sys
[2013/03/09 01:41:40 | 001,133,216 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1402000.013\symefa64.sys
[2013/03/09 01:41:38 | 000,493,216 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1402000.013\symds64.sys
[2013/03/09 01:41:37 | 000,037,496 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1402000.013\srtspx64.sys
[2013/03/09 01:41:35 | 000,776,864 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1402000.013\srtsp64.sys
[2013/03/09 01:41:34 | 000,224,416 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1402000.013\ironx64.sys
[2013/03/09 01:41:34 | 000,168,096 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\1402000.013\ccsetx64.sys
[2013/03/09 01:38:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64\1402000.013
[2013/03/09 00:20:47 | 000,177,312 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013/03/09 00:20:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2013/03/09 00:20:47 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2013/03/09 00:15:23 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64
[2013/03/09 00:15:20 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite
[2013/03/09 00:15:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Security Suite
[2013/03/08 23:58:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2013/03/08 23:58:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Symantec
[2013/03/08 23:43:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
[2013/03/08 23:29:28 | 000,000,000 | ---D | C] -- C:\ProgramData\IsolatedStorage
[2013/03/08 23:29:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\White_Sky,_Inc
[2013/03/08 23:29:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\ID Vault
[2013/03/08 23:23:24 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\ID Vault
[2013/03/08 23:22:10 | 000,025,784 | ---- | C] (Zemana Ltd.) -- C:\Windows\SysNative\drivers\KeyCrypt64.sys
[2013/03/08 23:22:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KeyCryptSDK
[2013/03/08 23:22:09 | 007,520,056 | ---- | C] (Zemana Ltd.) -- C:\Windows\SysWow64\ZALSDKCore.dll
[2013/03/08 23:22:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ZALSDK_uninst
[2013/03/08 23:22:06 | 000,045,968 | ---- | C] (Zemana Ltd.) -- C:\Windows\SysNative\drivers\AntiLog64.sys
[2013/03/08 23:22:01 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Zemana
[2013/03/08 23:21:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Constant Guard Protection Suite
[2013/03/08 23:14:58 | 000,000,000 | ---D | C] -- C:\ProgramData\White Sky, Inc
[2013/03/08 22:44:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{13F79190-EC63-4C92-AC7D-E836E2EC87EF}
[2013/03/08 13:57:52 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C14ED913-4D68-4EA7-A8E2-7B11D4A49B9D}
[2013/03/07 19:07:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Electronic Arts
[2013/03/07 19:07:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2013/03/07 18:51:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE
[2013/03/07 15:56:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{18F4792C-C822-4512-AD87-8E197DA113BE}
[2013/03/06 21:56:12 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Macromedia
[2013/03/06 17:52:44 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{5ADA6D49-C985-4EBD-86E9-AD6C91DD59B1}
[2013/03/05 16:32:45 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{3E4D79B9-F409-48E0-8538-3F0A8B2538A7}
[2013/03/03 12:44:53 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{50B4E2B2-725B-40BD-BECA-338738540397}
[2013/03/01 17:33:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Nexus Mod Manager
[2013/03/01 17:33:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Black_Tree_Gaming
[2013/03/01 17:32:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
[2013/02/28 19:54:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Skyrim
[2013/02/28 19:25:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
[2013/02/26 19:35:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
[2013/02/26 18:11:55 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Yontoo
[2013/02/26 18:11:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yontoo
[2013/02/26 18:10:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2013/02/26 18:05:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\ExpressFiles
[2013/02/26 18:05:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ExpressFiles
[2013/02/24 13:43:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\AVG SafeGuard toolbar
[2013/02/24 13:42:39 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG SafeGuard toolbar
[2013/02/24 13:39:08 | 000,039,768 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013/02/24 13:38:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2013/02/24 13:37:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG SafeGuard toolbar
[2013/02/24 13:37:36 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{4E39F507-3E39-466F-9464-43083BAE9922}
[2013/02/23 18:32:57 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\SKIDROW
[2013/02/23 18:32:57 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\BigHugeEngine
[2013/02/23 18:25:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
[2013/02/23 17:52:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\FrostWire
[2013/02/23 17:52:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\.frostwire5
[2013/02/23 17:51:57 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire 5
[2013/02/23 17:51:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FrostWire 5
[2013/02/23 17:50:48 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013/02/23 17:50:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\DAEMON Tools Lite
[2013/02/23 17:50:36 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\OpenCandy
[2013/02/23 17:48:03 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2013/02/20 17:59:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
[2013/02/19 20:20:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\My Games
[2013/02/19 20:20:18 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\My Games
[2013/02/18 22:52:54 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{DEF4076F-F7EA-4890-8747-02721CB59BF6}
[2013/02/17 14:43:43 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{4EF35E07-DD8C-47F3-937C-E34FA9070B03}
[2013/02/17 01:29:32 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{E2344AEA-ECAE-4203-91FE-763732513212}
[2013/02/17 01:17:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C0D6B5F1-593F-4084-8860-98EF3BC25241}
[2013/02/15 23:29:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Arktos
[2013/02/15 23:28:59 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Arktos
[2013/02/15 23:28:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\CrashRpt
[2013/02/15 01:03:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B899A9A1-EADD-40EE-BAF6-63DA49657F5D}
[2013/02/15 00:49:07 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\TERA
[2013/02/15 00:12:35 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TERA
[2013/02/15 00:10:59 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Happy Cloud
[2013/02/15 00:10:52 | 000,000,000 | ---D | C] -- C:\ProgramData\HappyCloud
[2013/02/14 22:21:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Facebook
[2013/02/13 13:29:07 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{D31D03AB-AD12-45E4-959D-10BE52FB1EBB}
[2013/02/13 04:00:57 | 004,695,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/02/12 23:18:26 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2013/02/12 23:18:25 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/02/12 23:18:23 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/02/12 23:18:20 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/02/12 23:18:19 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/02/12 23:18:19 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/02/12 23:18:18 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/02/12 23:18:18 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/02/12 23:18:17 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/02/12 23:18:16 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/02/12 23:18:15 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/02/12 23:18:14 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/02/12 23:18:13 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/02/12 23:18:13 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/02/12 23:18:13 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/02/12 23:18:13 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/02/12 23:18:13 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/02/12 23:18:13 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/02/12 23:18:12 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/02/12 23:18:11 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/02/12 23:18:11 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/02/12 23:18:11 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/02/12 23:18:11 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/02/12 23:18:11 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/02/12 23:18:11 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/02/12 23:18:11 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/02/12 23:18:11 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/02/12 23:18:10 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/02/12 23:18:10 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/02/12 23:17:58 | 001,570,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2013/02/12 23:17:58 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2013/02/12 22:21:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{0FD42FF9-857B-4E0E-8428-D43D9ED2E272}
[2013/02/11 16:52:30 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{E467ED8A-C1E8-4554-BDDD-D18376AF6E7A}
========== Files - Modified Within 30 Days ==========
[2013/03/11 17:55:42 | 000,769,622 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/03/11 17:55:42 | 000,648,624 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/03/11 17:55:42 | 000,122,504 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/03/11 17:53:44 | 000,007,512 | ---- | M] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2013/03/11 17:51:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/11 17:49:13 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013/03/11 17:48:47 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/11 17:48:47 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/11 17:46:41 | 000,000,362 | -H-- | M] () -- C:\Windows\tasks\ZoomExUpdaterTask{5C47DFE9-98D4-4BF6-B4A5-49987FF7D5ED}.job
[2013/03/11 17:44:15 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-129326238-4119731486-2921773998-1000UA.job
[2013/03/11 17:31:36 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/10 23:34:57 | 000,000,732 | ---- | M] () -- C:\Users\Owner\AppData\Local\d3d9caps64.dat
[2013/03/10 23:09:35 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/10 21:53:33 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-129326238-4119731486-2921773998-1000Core.job
[2013/03/10 21:52:43 | 397,622,847 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/03/10 21:28:12 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-129326238-4119731486-2921773998-1000UA.job
[2013/03/10 21:28:11 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-129326238-4119731486-2921773998-1000Core.job
[2013/03/10 16:55:35 | 003,015,341 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1402000.013\Cat.DB
[2013/03/10 01:18:02 | 000,002,680 | ---- | M] () -- C:\{96AE328E-7728-446A-8DA4-FB024F1C77AE}
[2013/03/09 13:31:29 | 000,097,792 | ---- | M] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/03/09 01:49:05 | 000,014,818 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1402000.013\VT20130115.021
[2013/03/09 01:45:54 | 000,002,551 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\HP MediaSmart.lnk
[2013/03/09 01:11:05 | 000,177,312 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013/03/09 01:11:05 | 000,007,466 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013/03/09 01:11:05 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2013/03/08 23:46:40 | 000,000,900 | ---- | M] () -- C:\Users\Owner\Desktop\Norton Installation Files.lnk
[2013/03/08 23:22:06 | 000,045,968 | ---- | M] (Zemana Ltd.) -- C:\Windows\SysNative\drivers\AntiLog64.sys
[2013/03/08 23:21:55 | 000,002,120 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Constant Guard.lnk
[2013/03/08 23:21:55 | 000,002,102 | ---- | M] () -- C:\Users\Public\Desktop\Constant Guard.lnk
[2013/03/02 21:27:16 | 000,001,149 | ---- | M] () -- C:\Users\Owner\Documents\CustomPreset.xml
[2013/02/26 19:35:28 | 000,001,025 | ---- | M] () -- C:\Users\Public\Desktop\Saints Row The Third.lnk
[2013/02/26 18:10:20 | 000,000,000 | ---- | M] () -- C:\END
[2013/02/26 18:05:49 | 000,001,790 | ---- | M] () -- C:\Users\Public\Desktop\Express Files.lnk
[2013/02/26 16:32:12 | 000,039,768 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013/02/23 18:25:14 | 000,000,892 | ---- | M] () -- C:\Users\Public\Desktop\Kingdoms of Amalur Reckoning.lnk
[2013/02/23 17:55:59 | 000,000,791 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2013/02/23 17:51:59 | 000,001,082 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 5.5.3.lnk
[2013/02/23 17:51:58 | 000,001,058 | ---- | M] () -- C:\Users\Owner\Desktop\FrostWire 5.5.3.lnk
[2013/02/23 17:50:48 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013/02/22 23:29:26 | 000,018,135 | ---- | M] () -- C:\Users\Owner\Desktop\Just+let+it+happen+_6e9695af4640996b6d6d0bd9b5b6f1be.jpg
[2013/02/22 23:04:50 | 000,010,591 | ---- | M] () -- C:\Users\Owner\Desktop\twerk.jpg
[2013/02/22 22:58:58 | 000,059,129 | ---- | M] () -- C:\Users\Owner\Desktop\Snapshot_20130222.jpg
[2013/02/21 20:55:30 | 000,002,046 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/02/15 08:56:21 | 000,000,816 | ---- | M] () -- C:\Users\Owner\Desktop\TERA.lnk
[2013/02/14 21:12:08 | 002,060,241 | ---- | M] () -- C:\Users\Owner\Desktop\TERA_Wallpaper_74_.jpg
[2013/02/14 20:40:33 | 000,079,757 | ---- | M] () -- C:\Program Files (x86)\man_boobs_health_18bd8hd-18bd8hh.jpg
[2013/02/14 04:33:02 | 000,314,528 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/02/13 18:05:04 | 007,520,056 | ---- | M] (Zemana Ltd.) -- C:\Windows\SysWow64\ZALSDKCore.dll
[2013/02/13 18:05:00 | 000,025,784 | ---- | M] (Zemana Ltd.) -- C:\Windows\SysNative\drivers\KeyCrypt64.sys
========== Files Created - No Company Name ==========
[2013/03/10 22:29:53 | 000,000,732 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps64.dat
[2013/03/10 21:52:43 | 397,622,847 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013/03/10 16:52:59 | 003,015,341 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1402000.013\Cat.DB
[2013/03/10 01:17:59 | 000,002,680 | ---- | C] () -- C:\{96AE328E-7728-446A-8DA4-FB024F1C77AE}
[2013/03/09 02:00:20 | 000,014,818 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1402000.013\VT20130115.021
[2013/03/09 01:41:42 | 000,007,877 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1402000.013\symnetv64.cat
[2013/03/09 01:41:42 | 000,007,601 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1402000.013\symnet64.cat
[2013/03/09 01:41:42 | 000,001,468 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1402000.013\symnetv.inf
[2013/03/09 01:41:42 | 000,001,440 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1402000.013\symnet.inf
[2013/03/09 01:41:41 | 000,009,670 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1402000.013\symelam64.cat
[2013/03/09 01:41:41 | 000,000,996 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1402000.013\symelam.inf
[2013/03/09 01:41:40 | 000,007,603 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1402000.013\symefa64.cat
[2013/03/09 01:41:40 | 000,003,433 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1402000.013\symefa.inf
[2013/03/09 01:41:38 | 000,007,597 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1402000.013\symds64.cat
[2013/03/09 01:41:38 | 000,002,851 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1402000.013\symds.inf
[2013/03/09 01:41:37 | 000,001,418 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1402000.013\srtspx64.inf
[2013/03/09 01:41:36 | 000,007,605 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1402000.013\srtspx64.cat
[2013/03/09 01:41:35 | 000,001,437 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1402000.013\srtsp64.inf
[2013/03/09 01:41:34 | 000,007,601 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1402000.013\srtsp64.cat
[2013/03/09 01:41:34 | 000,007,593 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1402000.013\iron.cat
[2013/03/09 01:41:34 | 000,000,853 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1402000.013\ccsetx64.inf
[2013/03/09 01:41:34 | 000,000,767 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\1402000.013\iron.inf
[2013/03/09 01:41:33 | 000,007,611 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1402000.013\ccsetx64.cat
[2013/03/09 01:38:31 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\1402000.013\isolate.ini
[2013/03/09 00:20:47 | 000,007,466 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013/03/09 00:20:47 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2013/03/08 23:43:49 | 000,000,900 | ---- | C] () -- C:\Users\Owner\Desktop\Norton Installation Files.lnk
[2013/03/08 23:21:55 | 000,002,120 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Constant Guard.lnk
[2013/03/08 23:21:55 | 000,002,114 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Constant Guard.lnk
[2013/03/08 23:21:55 | 000,002,102 | ---- | C] () -- C:\Users\Public\Desktop\Constant Guard.lnk
[2013/03/02 21:27:13 | 000,001,149 | ---- | C] () -- C:\Users\Owner\Documents\CustomPreset.xml
[2013/02/26 19:35:28 | 000,001,025 | ---- | C] () -- C:\Users\Public\Desktop\Saints Row The Third.lnk
[2013/02/26 18:05:49 | 000,001,790 | ---- | C] () -- C:\Users\Public\Desktop\Express Files.lnk
[2013/02/26 18:04:43 | 000,000,000 | ---- | C] () -- C:\END
[2013/02/23 18:25:14 | 000,000,892 | ---- | C] () -- C:\Users\Public\Desktop\Kingdoms of Amalur Reckoning.lnk
[2013/02/23 17:55:59 | 000,000,791 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2013/02/23 17:51:59 | 000,001,082 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 5.5.3.lnk
[2013/02/23 17:51:58 | 000,001,058 | ---- | C] () -- C:\Users\Owner\Desktop\FrostWire 5.5.3.lnk
[2013/02/22 23:29:25 | 000,018,135 | ---- | C] () -- C:\Users\Owner\Desktop\Just+let+it+happen+_6e9695af4640996b6d6d0bd9b5b6f1be.jpg
[2013/02/22 22:58:58 | 000,059,129 | ---- | C] () -- C:\Users\Owner\Desktop\Snapshot_20130222.jpg
[2013/02/22 22:56:44 | 000,010,591 | ---- | C] () -- C:\Users\Owner\Desktop\twerk.jpg
[2013/02/15 00:45:17 | 000,000,816 | ---- | C] () -- C:\Users\Owner\Desktop\TERA.lnk
[2013/02/14 22:22:17 | 000,000,928 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-129326238-4119731486-2921773998-1000UA.job
[2013/02/14 22:22:07 | 000,000,906 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-129326238-4119731486-2921773998-1000Core.job
[2013/02/14 21:12:00 | 002,060,241 | ---- | C] () -- C:\Users\Owner\Desktop\TERA_Wallpaper_74_.jpg
[2013/02/14 20:40:30 | 000,079,757 | ---- | C] () -- C:\Program Files (x86)\man_boobs_health_18bd8hd-18bd8hh.jpg
[2013/02/06 20:55:01 | 000,000,032 | ---- | C] () -- C:\Users\Owner\jagex_cl_runescape_LIVE.dat
[2012/12/14 17:21:16 | 071,053,520 | ---- | C] () -- C:\Users\Owner\tbone is a [bleep].wav
[2012/08/08 22:40:54 | 000,275,456 | ---- | C] () -- C:\Users\Owner\Video call snapshot 3.png
[2012/08/08 22:40:54 | 000,234,106 | ---- | C] () -- C:\Users\Owner\Video call snapshot 2.png
[2012/08/08 22:40:54 | 000,108,347 | ---- | C] () -- C:\Users\Owner\Video call snapshot 1.png
[2012/07/14 19:45:03 | 004,503,728 | ---- | C] () -- C:\ProgramData\to_r0tsef.pad
[2012/04/18 21:04:20 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr (1).exe
[2012/04/18 06:45:39 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012/02/05 13:45:40 | 000,283,032 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/02/05 13:45:19 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/09/20 18:42:05 | 000,000,000 | ---- | C] () -- C:\Users\Owner\AppData\Local\{1A22CB7A-B256-4FF8-9079-C702B34D2260}
[2011/09/19 01:07:46 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2011/09/19 01:07:32 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2011/07/21 16:01:35 | 000,000,000 | ---- | C] () -- C:\Users\Owner\AppData\Local\{A8129AAF-F531-4BDA-AE8D-25B4082505A4}
[2011/06/29 00:03:53 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011/06/17 23:32:32 | 000,000,632 | RHS- | C] () -- C:\Users\Owner\ntuser.pol
[2011/04/17 14:32:30 | 000,073,220 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2011/04/17 14:32:30 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2011/04/17 14:32:30 | 000,029,114 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2011/04/17 14:32:30 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2011/04/17 14:32:30 | 000,021,021 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2011/04/17 14:32:30 | 000,015,670 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2011/04/17 14:32:30 | 000,013,280 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2011/04/17 14:32:30 | 000,010,673 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2011/04/17 14:32:30 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2011/04/17 14:32:30 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2011/04/17 14:32:30 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2011/04/17 14:32:30 | 000,001,137 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2011/04/17 14:32:30 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2011/04/17 14:32:30 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2011/04/17 14:32:30 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2011/04/17 14:32:30 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2011/04/17 13:55:33 | 000,000,079 | ---- | C] () -- C:\Windows\ENX625.ini
[2010/10/02 22:01:00 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/08/14 23:26:18 | 000,000,093 | ---- | C] () -- C:\Users\Owner\AppData\Local\fusioncache.dat
[2010/06/13 16:05:25 | 000,000,087 | ---- | C] () -- C:\Users\Owner\jagex_runescape_preferences2.dat
[2010/06/13 16:05:25 | 000,000,000 | ---- | C] () -- C:\Users\Owner\jagex__preferences3.dat
[2010/06/13 16:03:42 | 000,000,045 | ---- | C] () -- C:\Users\Owner\jagex_runescape_preferences.dat
[2009/09/25 16:06:38 | 000,007,512 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2009/05/24 11:39:44 | 000,097,792 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2006/11/02 09:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 11:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 11:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 01:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 00:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 20:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Alternate Data Streams ==========
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:70B3C619
< End of report >