OTL logfile created on: 2012-12-17 20:31:29 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = F:\_utilities\anty virus\fixitpc.pl
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd
 
6,00 Gb Total Physical Memory | 4,03 Gb Available Physical Memory | 67,13% Memory free
12,00 Gb Paging File | 9,97 Gb Available in Paging File | 83,15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195,31 Gb Total Space | 32,20 Gb Free Space | 16,49% Space Free | Partition Type: NTFS
Drive D: | 244,14 Gb Total Space | 67,80 Gb Free Space | 27,77% Space Free | Partition Type: NTFS
Drive E: | 146,48 Gb Total Space | 53,46 Gb Free Space | 36,50% Space Free | Partition Type: NTFS
Drive F: | 104,04 Gb Total Space | 1,19 Gb Free Space | 1,14% Space Free | Partition Type: NTFS
Drive G: | 19,93 Gb Total Space | 6,82 Gb Free Space | 34,20% Space Free | Partition Type: NTFS
Drive P: | 443,23 Gb Total Space | 5,11 Gb Free Space | 1,15% Space Free | Partition Type: NTFS
Drive Q: | 244,14 Gb Total Space | 2,20 Gb Free Space | 0,90% Space Free | Partition Type: NTFS
Drive X: | 488,28 Gb Total Space | 95,59 Gb Free Space | 19,58% Space Free | Partition Type: NTFS
Drive Y: | 443,23 Gb Total Space | 145,46 Gb Free Space | 32,82% Space Free | Partition Type: NTFS
 
Computer Name: HYPERMOTION-PC | User Name: hypermotion | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-12-12 19:02:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\_utilities\anty virus\fixitpc.pl\OTL.exe
PRC - [2012-11-22 23:29:33 | 000,878,480 | ---- | M] (Opera Software) -- C:\Program Files (x86)\_web\Opera\opera.exe
PRC - [2012-11-18 17:26:30 | 001,259,880 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-11-18 05:49:34 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012-11-14 12:24:43 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012-09-19 07:29:51 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Users\hypermotion\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
PRC - [2012-07-27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011-08-22 17:07:32 | 000,354,416 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2011-08-22 17:06:56 | 000,432,752 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2011-08-22 16:34:52 | 011,837,440 | ---- | M] () -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
PRC - [2011-08-22 15:28:42 | 000,079,872 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
PRC - [2011-08-19 20:51:48 | 000,423,536 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
PRC - [2011-08-19 20:32:40 | 000,423,536 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe
PRC - [2011-08-09 20:39:22 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2010-11-20 13:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2009-12-02 18:40:40 | 000,068,136 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe
PRC - [2009-09-24 06:50:10 | 003,520,256 | ---- | M] (Ghisler Software GmbH) -- C:\Program Files (x86)\TC UP\totalcmd.exe
PRC - [2009-08-20 17:42:38 | 001,560,576 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files (x86)\Ralink\Common\RaUI.exe
PRC - [2009-07-20 10:51:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009-07-14 21:53:00 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-02-20 20:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012-02-20 20:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009-08-20 21:59:58 | 000,860,160 | ---- | M] () -- C:\Program Files (x86)\Ralink\Common\RaWLAPI.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2012-03-11 20:13:24 | 002,815,496 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:[b]64bit:[/b] - [2011-08-09 20:39:22 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012-12-12 00:13:23 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-11-21 02:44:29 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-11-18 17:26:30 | 001,259,880 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-11-18 05:49:34 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012-11-14 12:24:43 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012-07-27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-07-03 17:16:13 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011-08-22 17:07:32 | 000,354,416 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2011-08-22 17:06:56 | 000,432,752 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2011-08-22 16:34:52 | 011,837,440 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe -- (VMwareHostd)
SRV - [2011-08-22 15:28:42 | 000,079,872 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2011-08-21 23:11:28 | 000,846,448 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
SRV - [2011-08-19 20:51:48 | 000,423,536 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe -- (vmware-converter-worker)
SRV - [2011-08-19 20:51:48 | 000,423,536 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe -- (vmware-converter-server)
SRV - [2011-08-19 20:32:40 | 000,423,536 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe -- (vmware-converter-agent)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-02-19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-12-02 18:40:40 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service)
SRV - [2009-07-20 10:51:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009-07-14 21:53:32 | 000,211,232 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe -- (RalinkRegistryWriter64)
SRV - [2009-07-14 21:53:00 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\Ralink\Common\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-11-11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2012-08-21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012-02-15 23:24:40 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:[b]64bit:[/b] - [2012-02-15 23:24:38 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:[b]64bit:[/b] - [2011-08-22 17:07:58 | 000,062,064 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:[b]64bit:[/b] - [2011-08-22 17:07:50 | 000,031,344 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\VMparport.sys -- (VMparport)
DRV:[b]64bit:[/b] - [2011-08-22 17:06:14 | 000,030,320 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:[b]64bit:[/b] - [2011-08-22 15:12:26 | 000,045,680 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:[b]64bit:[/b] - [2011-08-22 15:12:26 | 000,020,080 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:[b]64bit:[/b] - [2011-08-22 14:08:00 | 000,057,464 | ---- | M] (Cristalink Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SL3UsbNoSSL.sys -- (SL3UsbNoSSL)
DRV:[b]64bit:[/b] - [2011-08-22 14:08:00 | 000,057,464 | ---- | M] (Cristalink Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SL3Usb.sys -- (SL3Usb)
DRV:[b]64bit:[/b] - [2011-08-21 23:11:26 | 000,039,024 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:[b]64bit:[/b] - [2011-08-09 12:57:12 | 000,202,576 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:[b]64bit:[/b] - [2011-08-08 14:59:12 | 000,116,336 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:[b]64bit:[/b] - [2011-08-04 08:20:38 | 000,187,632 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:[b]64bit:[/b] - [2011-08-04 08:20:38 | 000,146,432 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:[b]64bit:[/b] - [2011-08-04 08:20:38 | 000,062,496 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:[b]64bit:[/b] - [2011-08-04 08:20:38 | 000,038,288 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:[b]64bit:[/b] - [2011-05-10 07:06:14 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:[b]64bit:[/b] - [2011-05-10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010-11-20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2010-05-25 07:45:52 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:[b]64bit:[/b] - [2010-05-25 07:45:38 | 000,020,568 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dgderdrv.sys -- (dgderdrv)
DRV:[b]64bit:[/b] - [2010-04-09 12:17:04 | 000,019,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:[b]64bit:[/b] - [2010-04-09 12:16:58 | 000,013,280 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:[b]64bit:[/b] - [2009-08-13 21:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 21:35:42 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-06-02 17:35:30 | 000,438,784 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr6164.sys -- (rt61x64)
DRV:[b]64bit:[/b] - [2008-12-12 14:58:14 | 000,045,056 | ---- | M] (Novation DMS Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvnusbaudio.sys -- (NvnUsbAudio)
DRV:[b]64bit:[/b] - [2008-08-28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:[b]64bit:[/b] - [2006-12-22 19:05:52 | 000,559,104 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrxusb.sys -- (athrusb)
DRV:[b]64bit:[/b] - [2006-01-19 17:33:26 | 000,493,440 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WlanBZ64.sys -- (SG762_64)
DRV - [2012-12-17 20:26:38 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2010-05-25 07:45:52 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2006-01-13 14:00:52 | 000,015,872 | ---- | M] (Flint Incorporation) [Kernel | System | Stopped] -- C:\Windows\SysWow64\drivers\vd_filedisk.sys -- (VD_FileDisk)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-200185167-954741587-1492870624-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = gamezona.org
IE - HKU\S-1-5-21-200185167-954741587-1492870624-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-200185167-954741587-1492870624-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-200185167-954741587-1492870624-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2D 6E 62 4D 27 60 CC 01  [binary data]
IE - HKU\S-1-5-21-200185167-954741587-1492870624-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKU\S-1-5-21-200185167-954741587-1492870624-1000\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-200185167-954741587-1492870624-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-200185167-954741587-1492870624-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-200185167-954741587-1492870624-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
IE - HKU\S-1-5-21-200185167-954741587-1492870624-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = gamezona.org
IE - HKU\S-1-5-21-200185167-954741587-1492870624-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-200185167-954741587-1492870624-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-200185167-954741587-1492870624-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2D 6E 62 4D 27 60 CC 01  [binary data]
IE - HKU\S-1-5-21-200185167-954741587-1492870624-1007\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKU\S-1-5-21-200185167-954741587-1492870624-1007\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-200185167-954741587-1492870624-1007\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-200185167-954741587-1492870624-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-200185167-954741587-1492870624-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-200185167-954741587-1492870624-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:62626
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..network.proxy.http: ""
FF - prefs.js..network.proxy.http_port: ""
FF - prefs.js..network.proxy.type: ""
FF - user.js - File not found
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\hypermotion\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\hypermotion\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2012-07-15 08:30:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\_web\Mozilla Firefox\components [2012-12-11 18:06:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\_web\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-07-15 08:38:52 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\_web\Mozilla Firefox\components [2012-12-11 18:06:36 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\_web\Mozilla Firefox\plugins
 
[2011-09-11 05:56:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\hypermotion\AppData\Roaming\mozilla\Extensions
[2012-11-08 19:22:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\hypermotion\AppData\Roaming\mozilla\Firefox\Profiles\ttgyp9nz.default\extensions
[2012-11-08 19:22:04 | 002,042,908 | ---- | M] () (No name found) -- C:\Users\hypermotion\AppData\Roaming\mozilla\firefox\profiles\ttgyp9nz.default\extensions\firebug@software.joehewitt.com.xpi
[2012-03-09 10:16:50 | 001,331,409 | ---- | M] () (No name found) -- C:\Users\hypermotion\AppData\Roaming\mozilla\firefox\profiles\ttgyp9nz.default\exwife\firebug@software.joehewitt.com.xpi
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\hypermotion\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\hypermotion\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\hypermotion\AppData\Local\Google\Chrome\Application\23.0.1271.97\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\hypermotion\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\hypermotion\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
 
O1 HOSTS File: ([2012-01-23 19:54:28 | 000,000,996 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 0.0.0.0 mpa.one.microsoft.com genuine.microsoft.com sls.microsoft.com 
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 66.98.148.65 auto.search.msn.com
O1 - Hosts: 66.98.148.65 auto.search.msn.es
O2 - BHO: (YouTube To ALLPlayer) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\PROGRA~2\ALLPLA~1\YOUTUB~1.DLL (ALLPlayer.org)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKU\S-1-5-21-200185167-954741587-1492870624-1000\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O3 - HKU\S-1-5-21-200185167-954741587-1492870624-1007\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O3 - HKU\S-1-5-21-200185167-954741587-1492870624-1007\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TC UP] C:\Program Files (x86)\TC UP\TC UP.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-200185167-954741587-1492870624-1000..\Run: [AQQ] C:\PROGRA~2\_web\WAPSTE~1\AQQ.exe (Creative Team S.A.)
O4 - HKU\S-1-5-21-200185167-954741587-1492870624-1007..\Run: [AQQ] C:\PROGRA~2\_web\WAPSTE~1\AQQ.exe (Creative Team S.A.)
O4 - HKU\S-1-5-21-200185167-954741587-1492870624-1007..\Run: [Integrated Driver] C:\Users\UpdatusUser\AppData\Roaming\A65E2\msess.exe File not found
O4 - HKU\S-1-5-21-200185167-954741587-1492870624-1007..\Run: [jushed] C:\ProgramData\jushed.exe File not found
O4 - HKU\S-1-5-21-200185167-954741587-1492870624-1007..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-200185167-954741587-1492870624-1007..\Run: [TpScrex] C:\ProgramData\TpScrex\TpScrex.exe /somering File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-200185167-954741587-1492870624-1007..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\hypermotion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\logstart.lnk = C:\games\Treasures Of Montezuma 3\logstart.vbs ()
F3:[b]64bit:[/b] - HKU\S-1-5-21-200185167-954741587-1492870624-1007 WinNT: Load - (C:\Users\UpdatusUser\AppData\Roaming\E2D0A\lvvm.exe) -  File not found
F3 - HKU\S-1-5-21-200185167-954741587-1492870624-1007 WinNT: Load - (C:\Users\UpdatusUser\AppData\Roaming\E2D0A\lvvm.exe) -  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6BFB0599-CBB0-4EA2-BDF0-02BF8BFE721C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{86B27358-9011-439C-B069-3B00B9423DA1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{86B27358-9011-439C-B069-3B00B9423DA1}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B43DCAE0-B770-4800-9612-E2F16DDB759C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4EC0565-156E-4D3C-8B1C-BDC1EC224F31}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B84DB2B9-F481-4DFA-9148-0D7DA7DC74DA}: DhcpNameServer = 192.168.1.1
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-200185167-954741587-1492870624-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-200185167-954741587-1492870624-1007 Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-02-25 06:38:51 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{cb3d8f8a-37db-11e1-9553-b4c8764f16ed}\Shell - "" = AutoRun
O33 - MountPoints2\{cb3d8f8a-37db-11e1-9553-b4c8764f16ed}\Shell\AutoRun\command - "" = H:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-12-17 20:01:59 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012-12-17 20:01:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2012-12-15 17:28:29 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012-12-15 17:28:28 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012-12-15 17:28:27 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012-12-15 17:28:27 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012-12-15 17:28:27 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012-12-15 17:28:27 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012-12-15 17:28:27 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012-12-15 17:28:27 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012-12-15 17:28:25 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012-12-15 17:28:25 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012-12-15 17:28:25 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012-12-15 17:28:25 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012-12-15 17:28:23 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012-12-15 17:28:22 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012-12-15 17:28:22 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012-12-13 23:26:22 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012-12-13 23:26:22 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012-12-13 23:26:22 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012-12-13 23:26:21 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012-12-13 23:26:18 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012-12-13 23:26:18 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012-12-13 23:26:18 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012-12-13 23:26:18 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012-12-13 23:26:18 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012-12-13 23:26:18 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012-12-13 23:26:18 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012-12-13 23:26:14 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012-12-13 23:26:14 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012-12-13 23:26:14 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012-12-13 23:26:14 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012-12-13 23:26:14 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012-12-13 23:26:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012-12-13 23:26:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012-12-13 23:26:13 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012-12-13 23:26:13 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012-12-13 23:26:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012-12-13 23:26:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012-12-13 23:26:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012-12-13 23:26:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012-12-13 23:26:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012-12-13 23:26:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012-12-13 23:26:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012-12-13 23:26:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012-12-13 23:26:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012-12-13 23:26:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012-12-13 23:26:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012-12-13 23:26:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012-12-13 23:26:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012-12-13 23:26:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012-12-13 23:26:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012-12-13 23:26:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012-12-13 23:26:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012-12-13 23:26:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012-12-13 23:26:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012-12-13 23:26:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012-12-13 23:26:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012-12-13 23:26:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012-12-13 23:26:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012-12-13 23:26:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012-12-13 23:26:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012-12-13 23:26:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012-12-13 23:26:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012-12-13 23:26:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012-12-13 23:26:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012-12-13 23:26:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012-12-13 23:26:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012-12-13 23:26:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012-12-13 23:26:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012-12-13 23:26:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012-12-13 23:26:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012-12-13 23:26:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012-12-13 23:26:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012-12-13 23:26:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012-12-13 23:26:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012-12-13 23:26:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012-12-13 23:26:11 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012-12-13 23:26:11 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012-12-13 23:26:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012-12-13 23:26:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012-12-13 23:26:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012-12-13 23:26:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012-12-13 23:26:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012-12-13 23:26:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012-12-13 23:26:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012-12-13 23:25:57 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012-12-13 23:25:57 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012-12-13 23:25:57 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012-12-13 23:25:57 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012-12-13 23:25:54 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2012-12-13 23:25:54 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2012-12-12 21:29:46 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2012-12-12 21:29:19 | 002,605,400 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2012-12-12 21:29:17 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2012-12-12 21:29:17 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2012-12-12 21:29:17 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2012-12-12 21:29:15 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2012-12-12 21:29:10 | 001,560,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2012-12-12 21:29:09 | 002,674,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2012-12-12 21:29:09 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2012-12-12 21:29:06 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2012-12-12 21:29:06 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2012-12-12 21:29:04 | 003,615,888 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2012-12-12 21:29:04 | 000,869,520 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2012-12-12 21:29:03 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2012-12-12 21:29:03 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2012-12-12 21:29:03 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2012-12-12 21:29:03 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2012-12-12 21:29:01 | 001,262,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2012-12-12 21:29:01 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012-12-12 21:29:00 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012-12-12 21:28:58 | 000,105,616 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2012-12-12 21:28:50 | 000,083,072 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBWrp64.dll
[2012-12-12 21:28:49 | 000,065,112 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBppld64.dll
[2012-12-12 21:28:49 | 000,060,504 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBPPCn64.dll
[2012-12-12 21:28:48 | 000,897,152 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBAPO64.dll
[2012-12-12 21:28:47 | 000,753,280 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBAPO32.dll
[2012-12-12 21:28:42 | 002,131,288 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2012-12-12 21:28:40 | 001,015,640 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2012-12-12 21:28:38 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2012-12-12 21:28:18 | 002,533,952 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012-12-12 21:28:04 | 000,202,336 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2012-12-12 21:28:04 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2012-12-12 21:24:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012-12-11 18:11:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012-12-11 18:11:41 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2012-12-11 18:11:03 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012-12-01 14:13:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA 3D Vision driver
[2012-12-01 14:13:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2012-12-01 14:08:22 | 026,811,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012-12-01 14:08:22 | 025,256,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012-12-01 14:08:22 | 020,335,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012-12-01 14:08:22 | 018,045,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012-12-01 14:08:22 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012-12-01 14:08:22 | 015,122,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012-12-01 14:08:22 | 012,542,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012-12-01 14:08:22 | 009,271,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012-12-01 14:08:22 | 007,819,016 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012-12-01 14:08:22 | 007,446,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2012-12-01 14:08:22 | 006,149,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2012-12-01 14:08:22 | 002,784,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012-12-01 14:08:22 | 002,606,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012-12-01 14:08:22 | 002,496,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012-12-01 14:08:22 | 002,226,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012-12-01 14:08:22 | 001,874,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012-11-21 23:34:48 | 000,000,000 | ---D | C] -- C:\Users\hypermotion\AppData\Roaming\Sony Creative Software Inc
[2012-11-18 13:58:07 | 000,000,000 | ---D | C] -- C:\Users\hypermotion\AppData\Roaming\Publish Providers
[2012-11-18 13:55:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2012-11-18 13:54:28 | 000,000,000 | ---D | C] -- C:\Users\hypermotion\AppData\Local\Sony
[2012-11-18 13:54:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2012-11-18 13:54:27 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2012-11-18 13:54:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2012-11-18 13:53:54 | 000,000,000 | ---D | C] -- C:\Users\hypermotion\AppData\Roaming\Sony
[2012-11-18 05:49:52 | 000,438,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-12-17 20:34:00 | 000,001,082 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-200185167-954741587-1492870624-1000UA.job
[2012-12-17 20:31:43 | 000,014,544 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-12-17 20:31:43 | 000,014,544 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-12-17 20:26:38 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2012-12-17 20:26:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-12-17 20:26:17 | 535,683,071 | -HS- | M] () -- C:\hiberfil.sys
[2012-12-17 20:13:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-12-16 08:34:00 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-200185167-954741587-1492870624-1000Core.job
[2012-12-16 04:41:58 | 004,849,896 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-12-12 00:13:21 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-12-12 00:13:21 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-12-11 18:11:46 | 000,001,786 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012-12-11 18:06:31 | 000,001,848 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012-12-09 15:25:36 | 000,324,350 | ---- | M] () -- C:\Users\hypermotion\Desktop\eq.jpg
[2012-12-09 06:11:18 | 001,721,534 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-12-09 06:11:18 | 001,020,884 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-12-09 06:11:18 | 000,493,992 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-12-09 06:11:18 | 000,444,056 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-12-09 06:11:18 | 000,006,562 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-12-01 09:19:00 | 000,001,686 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty Black Ops II.lnk
[2012-12-01 09:19:00 | 000,001,686 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty Black Ops II Zombie Mode.lnk
[2012-12-01 09:19:00 | 000,001,686 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty Black Ops II Multiplayer.lnk
[2012-11-21 14:10:20 | 003,123,272 | R--- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2012-11-18 17:26:30 | 026,811,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012-11-18 17:26:30 | 025,256,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012-11-18 17:26:30 | 020,335,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012-11-18 17:26:30 | 018,045,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012-11-18 17:26:30 | 017,559,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012-11-18 17:26:30 | 015,122,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012-11-18 17:26:30 | 014,953,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012-11-18 17:26:30 | 012,542,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012-11-18 17:26:30 | 009,271,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012-11-18 17:26:30 | 007,819,016 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012-11-18 17:26:30 | 007,446,192 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2012-11-18 17:26:30 | 006,149,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2012-11-18 17:26:30 | 002,816,824 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012-11-18 17:26:30 | 002,784,104 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012-11-18 17:26:30 | 002,606,440 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012-11-18 17:26:30 | 002,496,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012-11-18 17:26:30 | 002,226,024 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012-11-18 17:26:30 | 001,874,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012-11-18 17:26:30 | 001,805,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2012-11-18 17:26:30 | 001,504,104 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2012-11-18 17:26:30 | 000,014,446 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2012-11-18 14:12:36 | 000,920,364 | ---- | M] () -- C:\Users\hypermotion\Documents\01.mov
[2012-11-18 14:12:36 | 000,000,028 | ---- | M] () -- C:\Users\hypermotion\Documents\01.mov.sfl
[2012-11-18 14:09:47 | 002,557,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2012-11-18 14:09:47 | 000,118,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2012-11-18 14:09:47 | 000,063,336 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2012-11-18 14:09:34 | 003,311,464 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2012-11-18 14:09:32 | 006,223,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2012-11-18 13:55:13 | 000,001,041 | ---- | M] () -- C:\Users\Public\Desktop\Vegas Pro 12.0 (64-bit).lnk
[2012-11-18 13:44:50 | 000,007,096 | ---- | M] () -- C:\Users\hypermotion\UserCustomPreset_Audition.exe.vpr
[2012-11-18 05:49:52 | 000,438,632 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-12-12 21:29:01 | 000,293,889 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2012-12-11 18:11:46 | 000,001,786 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012-12-11 18:06:31 | 000,001,848 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012-12-09 15:25:34 | 000,324,350 | ---- | C] () -- C:\Users\hypermotion\Desktop\eq.jpg
[2012-12-01 14:08:22 | 000,014,446 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012-12-01 09:19:00 | 000,001,686 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty Black Ops II.lnk
[2012-12-01 09:19:00 | 000,001,686 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty Black Ops II Zombie Mode.lnk
[2012-12-01 09:19:00 | 000,001,686 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty Black Ops II Multiplayer.lnk
[2012-11-21 14:10:20 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012-11-18 14:12:36 | 000,000,028 | ---- | C] () -- C:\Users\hypermotion\Documents\01.mov.sfl
[2012-11-18 14:12:35 | 000,920,364 | ---- | C] () -- C:\Users\hypermotion\Documents\01.mov
[2012-11-18 13:55:13 | 000,001,041 | ---- | C] () -- C:\Users\Public\Desktop\Vegas Pro 12.0 (64-bit).lnk
[2012-11-18 13:44:50 | 000,007,096 | ---- | C] () -- C:\Users\hypermotion\UserCustomPreset_Audition.exe.vpr
[2012-07-17 21:22:23 | 000,005,632 | ---- | C] () -- C:\Users\hypermotion\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-04-11 19:16:23 | 000,001,456 | ---- | C] () -- C:\Users\hypermotion\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012-04-02 20:15:54 | 000,001,893 | ---- | C] () -- C:\Users\hypermotion\.TransferManager.db
[2012-02-06 17:54:52 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-02-06 17:54:47 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-01-31 00:15:42 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012-01-31 00:15:42 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012-01-31 00:15:42 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012-01-31 00:15:42 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011-12-17 08:51:30 | 000,295,018 | ---- | C] () -- C:\Windows\SysWow64\Install6x.dll
[2011-12-02 17:36:35 | 000,006,544 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011-10-24 18:38:37 | 000,002,892 | ---- | C] () -- C:\Windows\SysWow64\audcon.sys
[2011-10-24 18:36:41 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\ArtFfct.dll
[2011-10-24 18:09:08 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\FDlg.dll
[2011-10-22 13:33:15 | 000,007,607 | ---- | C] () -- C:\Users\hypermotion\AppData\Local\Resmon.ResmonCfg
[2011-09-30 17:40:38 | 000,000,600 | ---- | C] () -- C:\Users\hypermotion\AppData\Local\PUTTY.RND
[2011-09-11 02:12:44 | 000,011,910 | ---- | C] () -- C:\Windows\SysWow64\Genmidi.dll
[2011-09-11 02:12:44 | 000,011,910 | ---- | C] () -- C:\Windows\Genmidi.dll
[2011-08-29 21:43:25 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011-08-29 21:43:23 | 003,164,160 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2011-08-29 21:43:23 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2011-08-29 21:43:22 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011-08-29 21:43:22 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011-08-29 21:27:55 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011-08-29 21:27:55 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2011-08-21 22:48:36 | 000,000,132 | ---- | C] () -- C:\Users\hypermotion\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011-08-21 17:54:40 | 000,319,488 | ---- | C] () -- C:\Windows\SysWow64\AegisI5.exe
[2011-08-21 17:54:40 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\RT2661.bin
[2011-08-21 17:54:40 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\RT2561s.bin
[2011-08-21 17:54:40 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\RT2561.bin
[2011-04-09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011-10-24 17:59:48 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\Ableton
[2012-12-15 03:58:48 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\AMPSoft
[2011-12-02 19:00:30 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\Ashampoo
[2012-12-02 21:52:22 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\BESTplayer
[2012-12-02 19:53:13 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\Blue Cat Audio
[2011-10-22 12:49:01 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012-12-12 18:30:34 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\DAEMON Tools Lite
[2012-06-01 19:38:23 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\e-academy Inc
[2011-10-27 21:51:52 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\ESET
[2011-09-12 21:07:47 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\EurekaLog
[2012-06-23 22:35:39 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\Fatshark
[2011-10-12 19:52:25 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\Friday's games
[2012-12-01 14:06:37 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\Gmote
[2011-08-21 17:39:49 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\HEXelon
[2011-10-08 14:34:45 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\Lionhead Studios
[2011-10-22 13:33:02 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\Notepad++
[2012-07-14 09:24:55 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\Opera
[2012-11-19 21:48:48 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\PACE Anti-Piracy
[2012-11-14 11:54:17 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\PC Suite
[2011-12-10 19:33:48 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\Propellerhead Software
[2012-11-15 09:03:51 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\Publish Providers
[2012-02-06 17:54:44 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\PunkBuster
[2011-11-27 19:58:03 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\Rovio
[2012-06-24 14:09:42 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\runic games
[2012-03-30 16:25:14 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\Samsung
[2012-11-18 14:12:23 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\Sony
[2012-12-15 00:09:08 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\Sony Creative Software Inc
[2012-10-31 17:42:46 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\Steinberg
[2012-07-10 19:36:11 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\Stereoscopic Player
[2012-10-22 06:18:27 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\SumatraPDF
[2012-11-14 12:46:25 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\Theta
[2012-06-07 09:11:59 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\Ubisoft
[2012-12-01 14:22:38 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\uTorrent
[2011-10-21 15:00:02 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\Voxengo
[2012-11-20 19:32:42 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\VST3 Presets
[2011-09-11 03:28:29 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\Waves Audio
[2012-10-09 20:10:47 | 000,000,000 | ---D | M] -- C:\Users\hypermotion\AppData\Roaming\XnView
[2012-04-09 07:48:18 | 000,000,000 | ---D | M] -- C:\Users\mrHyper\AppData\Roaming\DAEMON Tools Lite
[2011-11-01 14:01:11 | 000,000,000 | ---D | M] -- C:\Users\mrHyper\AppData\Roaming\ESET
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 1280 bytes -> C:\Users\hypermotion\AppData\Local\Temp:QRCyHPQGBBwFO8JNX5
@Alternate Data Stream - 1243 bytes -> C:\Users\hypermotion\AppData\Local\8SgCE96Zzn:VueMC6O6405SHmGFU98XhSw

< End of report >