OTL logfile created on: 11/25/2012 12:37:58 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Silvia\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.98 Gb Total Physical Memory | 5.18 Gb Available Physical Memory | 64.88% Memory free
15.96 Gb Paging File | 12.82 Gb Available in Paging File | 80.32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1845.50 Gb Total Space | 1759.37 Gb Free Space | 95.33% Space Free | Partition Type: NTFS
Computer Name: SILVIA-VAIO | User Name: Silvia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/11/25 12:11:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Silvia\Desktop\OTL.exe
PRC - [2012/11/20 09:27:42 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_110_ActiveX.exe
PRC - [2012/06/15 18:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360 Premier Edition\Engine\6.4.0.9\ccsvchst.exe
PRC - [2011/11/09 02:22:46 | 000,380,224 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/09/05 09:04:54 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/04/29 16:20:18 | 000,146,592 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011/04/26 11:08:30 | 000,183,432 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2011/04/26 11:08:30 | 000,064,704 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2011/02/23 13:05:04 | 000,105,024 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2011/02/14 13:45:08 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/02/14 13:44:56 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2011/02/14 13:23:50 | 000,044,736 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Care\VCService.exe
PRC - [2011/01/29 05:36:18 | 000,081,016 | ---- | M] (Sony of America Corporation) -- C:\Program Files\Sony\VAIO Care\listener.exe
PRC - [2011/01/12 17:00:42 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/01/12 17:00:38 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/11/26 23:55:42 | 000,398,176 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2010/07/29 00:40:56 | 000,311,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2010/06/10 15:12:04 | 001,141,000 | ---- | M] (Spare Backup, Inc.) -- C:\Program Files (x86)\Spare Backup\SpareTray.exe
PRC - [2010/05/20 15:15:00 | 000,110,736 | R--- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2010/03/11 13:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009/12/29 13:54:56 | 000,105,632 | ---- | M] (Corel) -- C:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe
PRC - [2007/06/05 12:20:32 | 000,177,704 | ---- | M] () -- C:\Windows\SysWOW64\PSIService.exe
========== Modules (No Company Name) ==========
MOD - [2012/11/15 09:30:46 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\c07aa49ffd41a39bffaf653289f44038\CustomMarshalers.ni.dll
MOD - [2012/11/15 09:29:13 | 000,475,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\6735246d68993bee06abd24deeb32983\IAStorUtil.ni.dll
MOD - [2012/11/15 09:29:13 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\0beca50c12eaf6f0bff6236eb72cc36e\IAStorCommon.ni.dll
MOD - [2012/11/15 09:18:01 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\03cfab5534482e8fc313ead6edc19100\System.Web.ni.dll
MOD - [2012/11/15 09:17:57 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll
MOD - [2012/11/15 09:17:39 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
MOD - [2012/11/15 09:17:34 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
MOD - [2012/11/15 09:17:33 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\70705382a499703e7a595fada80b04e6\Accessibility.ni.dll
MOD - [2012/11/15 09:17:26 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll
MOD - [2012/11/15 09:17:22 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll
MOD - [2012/11/15 09:17:19 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
MOD - [2012/11/15 09:17:18 | 007,988,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
MOD - [2012/11/15 09:17:09 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
MOD - [2011/08/03 13:59:19 | 008,007,680 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2010/11/20 19:24:01 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2008/08/06 14:57:22 | 000,629,248 | ---- | M] () -- C:\Program Files (x86)\Spare Backup\sqlite3.dll
========== Services (SafeList) ==========
SRV:64bit: - [2012/01/13 09:55:10 | 001,256,040 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent)
SRV:64bit: - [2011/08/12 15:35:30 | 000,971,704 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV:64bit: - [2011/07/19 03:45:52 | 000,104,096 | ---- | M] (Atheros Communication Inc.) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe -- (DCDhcpService)
SRV:64bit: - [2011/05/24 05:00:00 | 000,652,016 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:64bit: - [2011/02/18 21:15:06 | 000,099,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:64bit: - [2011/02/18 21:02:08 | 000,385,336 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV:64bit: - [2011/02/14 16:54:50 | 000,550,080 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:64bit: - [2011/02/14 13:23:50 | 000,044,736 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Care\VCService.exe -- (VCService)
SRV:64bit: - [2011/01/29 05:36:18 | 000,259,192 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV:64bit: - [2011/01/20 11:27:18 | 000,286,936 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 17:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 17:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/04/03 11:46:52 | 000,072,192 | ---- | M] (Nalpeiron Ltd.) [Auto | Stopped] -- C:\Windows\SysNative\nlsInterface.exe -- (nlsInterface)
SRV - [2012/11/20 09:27:42 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/06/15 18:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360 Premier Edition\Engine\6.4.0.9\ccSvcHst.exe -- (N360)
SRV - [2011/11/09 02:22:46 | 000,380,224 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/09/05 09:04:54 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/07/28 23:45:42 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/04/29 16:20:18 | 000,146,592 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011/04/29 16:19:22 | 000,091,296 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2011/04/26 11:08:30 | 000,064,704 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2011/02/23 13:05:04 | 000,105,024 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2011/02/21 11:55:08 | 000,113,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2011/02/21 11:55:08 | 000,067,232 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2011/02/15 15:30:18 | 000,047,104 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe -- (Oasis2Service)
SRV - [2011/02/14 13:45:08 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/02/14 13:44:56 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011/01/20 11:16:26 | 000,887,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2011/01/12 17:00:42 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/11/26 23:55:42 | 000,398,176 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2010/09/30 02:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
SRV - [2010/05/20 15:15:00 | 000,110,736 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/11 13:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010/02/24 04:05:12 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
SRV - [2010/02/24 04:05:02 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/05/19 12:13:20 | 000,057,344 | ---- | M] (Nalpeiron Ltd.) [Auto | Stopped] -- C:\Windows\SysWOW64\ASTSRV.EXE -- (ASTSRV)
SRV - [2007/06/05 12:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PSIService.exe -- (ProtexisLicensing)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/08/05 12:43:17 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/07/05 18:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012/07/05 18:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012/06/06 20:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\ccsetx64.sys -- (ccSet_N360)
DRV:64bit: - [2012/05/21 17:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\symefa64.sys -- (SymEFA)
DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/11/16 19:37:59 | 000,405,624 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\symnets.sys -- (SymNetS)
DRV:64bit: - [2011/11/16 19:17:49 | 000,190,072 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\ironx64.sys -- (SymIRON)
DRV:64bit: - [2011/08/15 22:51:40 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0604000.009\symds64.sys -- (SymDS)
DRV:64bit: - [2011/07/11 23:13:36 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/06/21 00:03:42 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/06/20 17:19:25 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/04/29 16:19:36 | 000,288,416 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011/04/29 16:19:36 | 000,283,296 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011/04/29 16:19:36 | 000,166,048 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011/04/29 16:19:36 | 000,109,216 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2011/04/29 16:19:36 | 000,059,040 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011/04/29 16:19:36 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011/04/29 16:19:36 | 000,029,344 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011/04/29 16:19:34 | 000,259,232 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011/03/10 22:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/14 13:44:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011/02/12 18:10:55 | 000,413,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/02/12 12:19:25 | 000,026,176 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NWLowRider.sys -- (NWLowRider)
DRV:64bit: - [2011/02/12 12:19:25 | 000,014,400 | ---- | M] (n/a) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NWWakeFilterLR.sys -- (NWWakeFilterLR)
DRV:64bit: - [2011/02/09 23:41:47 | 000,102,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci)
DRV:64bit: - [2011/02/09 23:41:45 | 000,098,816 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsnxc64.sys -- (risdsnpe)
DRV:64bit: - [2010/12/10 12:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/12/10 12:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/11/20 19:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 19:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 19:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 19:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 19:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/20 05:34:04 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010/11/20 05:34:04 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010/11/20 03:35:34 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010/11/20 03:35:22 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010/04/26 12:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2010/03/19 02:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/09/28 04:07:26 | 001,106,688 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVerAVF2.sys -- (AVerAVF2)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 12:35:02 | 000,281,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1y60x64.sys -- (e1yexpress)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/26 13:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2007/04/17 10:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV - [2012/11/24 16:22:16 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20121124.005\ex64.sys -- (NAVEX15)
DRV - [2012/11/24 16:22:16 | 000,126,112 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20121124.005\eng64.sys -- (NAVENG)
DRV - [2012/10/23 15:34:23 | 001,384,608 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20121106.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/08/31 16:27:23 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20121123.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012/08/08 20:16:03 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {4BCD2E01-47BD-4B2C-9FF9-88D0F2B42812}
IE - HKCU\..\SearchScopes\{4BCD2E01-47BD-4B2C-9FF9-88D0F2B42812}: "URL" = http://www.google.co...age={startPage}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2011/09/16 16:28:10 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2011/09/16 16:28:10 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\IPSFFPlgn\ [2012/08/05 12:43:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\coFFPlgn\ [2012/11/25 08:25:58 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\6.4.0.9\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\6.4.0.9\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll ()
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\6.4.0.9\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe File not found
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Spare Backup] C:\Program Files (x86)\Spare Backup\SpareTray.exe (Spare Backup, Inc.)
O4 - HKLM..\Run: [Standby] C:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe (Corel)
O4 - HKLM..\Run: [StartNowToolbarHelper] "C:\Program Files (x86)\StartNow Toolbar\ToolbarHelper.exe" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5807C4A1-9AB2-4215-9296-AF11E6AA4D5F}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EB70AA3D-C9D0-4DDF-B3EC-402BB51CA20C}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/11/25 12:11:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Silvia\Desktop\OTL.exe
[2012/11/25 10:17:00 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{67A5F1CB-1F78-4DD7-9834-09D49892735D}
[2012/11/25 08:26:26 | 000,000,000 | R--D | C] -- C:\Users\Silvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2012/11/25 08:25:50 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/11/24 21:10:56 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{AB02B259-5DE8-4818-8F7A-7F8D7944F077}
[2012/11/24 12:39:20 | 000,000,000 | ---D | C] -- C:\Users\Silvia\Documents\Slingo Mystery 2 Documents
[2012/11/24 12:39:20 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Roaming\funkitron
[2012/11/24 09:10:31 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{54D520D5-3500-4BA2-8866-649B3CD3223C}
[2012/11/23 21:10:05 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{A131042C-EB88-4446-9C18-A0FFE9B7B802}
[2012/11/23 18:00:03 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Roaming\Brabl
[2012/11/23 18:00:03 | 000,000,000 | ---D | C] -- C:\Users\Silvia\.gstreamer-0.10
[2012/11/23 18:00:03 | 000,000,000 | ---D | C] -- C:\Users\Silvia\.gnome2
[2012/11/23 16:10:32 | 000,000,000 | ---D | C] -- C:\Users\Silvia\Documents\The Lonely Hearts Murders CE
[2012/11/23 16:10:32 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Roaming\MagicIndie
[2012/11/23 09:09:52 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{BCC6A19A-9692-4489-9F8C-7F1AB93366FE}
[2012/11/22 16:05:46 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{7E76388B-1208-4910-B437-A5F515B14596}
[2012/11/22 09:42:42 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{20541B3B-5A86-4056-846B-A1AB415E73EA}
[2012/11/21 21:42:30 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{6D12BF16-9641-4073-96BC-E268ADECC11C}
[2012/11/21 09:42:05 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{8E023910-6752-438D-A262-9016D877E4F3}
[2012/11/20 21:41:51 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{DB25C40D-A7E1-458B-B412-0EDD89A530FB}
[2012/11/20 09:41:26 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{474581D1-BEE1-431C-A1F0-52DEC778CFC5}
[2012/11/19 08:44:48 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{231C4A33-0E78-46B8-BB1F-1E6F3DB26A80}
[2012/11/18 20:44:36 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{8F1CC5CC-3A66-445D-9E24-898A0C0D642A}
[2012/11/18 08:44:22 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{B7D03E99-6F15-4491-9172-1A0A0E3B38C5}
[2012/11/17 09:35:44 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{D1384996-F2FC-47FD-B513-8E5A35789C51}
[2012/11/16 21:35:31 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{9FADA969-0E76-46FA-898B-B5D246A9A4D3}
[2012/11/16 09:35:07 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{C1497A10-EBD5-4043-89C0-6541FB1B70BF}
[2012/11/15 21:34:54 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{F3F3C744-9B8E-482D-B5E0-788B66CF37CE}
[2012/11/15 14:02:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\%LOCALAPPDATA%
[2012/11/15 09:34:29 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{A605E376-35BC-4617-8A56-96C398868E5A}
[2012/11/14 19:55:58 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{1BF56E49-B1D6-4D5A-A8E3-42B91EEDCACC}
[2012/11/14 07:55:45 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{09B1EE32-A5E0-4795-A631-5823813A4F0C}
[2012/11/13 08:35:15 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{FFCE1427-15C1-49C5-A3A0-F9FC5109F274}
[2012/11/12 18:32:43 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{D2B2A900-E856-43F6-92C2-53E87B67534B}
[2012/11/12 06:32:19 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{559E68A2-4786-416B-9DE5-56ED637AE7EB}
[2012/11/11 18:32:07 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{D939E777-C51E-4BA0-A15C-C96B37B8E9E8}
[2012/11/11 06:31:42 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{5FE31A92-6D8F-4689-94A1-7DA4CE9B7CB6}
[2012/11/10 18:31:30 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{053B452B-AB73-41FB-99E7-14852E1B69B8}
[2012/11/10 06:31:05 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{F961F69E-4464-46DE-B712-AAEB33B3D2B1}
[2012/11/09 18:30:53 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{58A80E91-CF1B-4B01-8BEF-CA81B8912AFE}
[2012/11/09 15:31:24 | 000,000,000 | ---D | C] -- C:\fools game
[2012/11/09 06:30:29 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{E0406049-C95D-4910-9841-BE7423C21172}
[2012/11/08 18:30:15 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{8AE35BC2-757C-49C5-89AC-A58D8F438092}
[2012/11/08 06:30:03 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{A5701616-6A83-408B-AD49-3B6A5AB120B9}
[2012/11/07 18:29:51 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{9DEC87DD-FA40-47A3-AD12-621648515AE8}
[2012/11/07 06:29:27 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{B55503DF-721A-4989-8448-C599DCEF418E}
[2012/11/06 18:29:13 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{4FEB5C98-41D5-4EB4-9657-04D25301C701}
[2012/11/06 06:29:00 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{6C334B4F-BD41-4B2A-924F-615590B06E74}
[2012/11/05 18:28:48 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{3B7F2C57-EA49-4B3C-83BE-7F43E75C14F3}
[2012/11/05 06:28:36 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{521CB662-A023-417E-9E62-AE11BAD22956}
[2012/11/04 18:28:19 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{8E0FD06F-63CC-448E-9D94-9AA16EC5198A}
[2012/11/04 06:28:06 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{293479C4-73DD-45CB-A30F-F88B676A95D9}
[2012/11/03 18:27:54 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{ABD87454-6387-409F-ADD1-95405E8F707C}
[2012/11/03 06:27:41 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{9DB10A84-4DCA-48E6-B961-DE492671472C}
[2012/11/02 18:27:28 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{B515022A-56AD-4495-80F0-068A08F960DE}
[2012/11/02 06:27:16 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{3D49D4EC-16EB-4CDE-B386-8396B0CB8800}
[2012/11/01 18:27:03 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{2EFE6BD6-EF96-4515-B597-A7BE57C8A5C8}
[2012/11/01 06:26:49 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{FFC710BA-0F34-4928-9D25-F68FDC319D0E}
[2012/10/31 18:26:37 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{ED1FB83C-3BAE-4E48-ACF9-AA75979D0F6A}
[2012/10/31 06:26:25 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{F562E841-C7C2-40B2-A229-0C68FC7AD64F}
[2012/10/30 18:26:12 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{073722BB-6A07-4DB2-8C4C-E39D2EA16BE4}
[2012/10/30 17:16:58 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{F65A4A23-37A8-412F-81A5-474EDDEF4B46}
[2012/10/30 05:16:34 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{5EAF5B8F-DAFD-40C4-8693-9B0D998B192C}
[2012/10/29 17:16:22 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{A840E6D1-33E7-4C99-B318-CB3A35A16746}
[2012/10/29 05:16:09 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{E3D33C8C-568E-4D63-97F8-E6E4C9AB8F7D}
[2012/10/28 17:15:45 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{B3CF5BB3-D026-4D48-9169-EC4CC09A53BB}
[2012/10/26 16:09:51 | 000,000,000 | ---D | C] -- C:\Users\Silvia\AppData\Local\{DCD24C22-59FF-444A-B73E-D647E14A9A67}
[2002/09/03 14:19:17 | 002,000,896 | ---- | C] (Auto FX Software) -- C:\Program Files (x86)\DS_PlugIn.8bf
[2002/09/03 14:19:03 | 008,043,520 | ---- | C] (Auto FX Software) -- C:\Program Files (x86)\DS.exe
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/11/25 12:11:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Silvia\Desktop\OTL.exe
[2012/11/25 11:46:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/11/25 08:36:01 | 000,021,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/25 08:36:01 | 000,021,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/25 08:30:34 | 000,779,266 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/11/25 08:30:34 | 000,661,892 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/11/25 08:30:34 | 000,121,810 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/11/25 08:25:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/11/25 08:25:38 | 416,572,173 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/11/25 08:25:34 | 2132,725,759 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/24 10:58:19 | 000,001,370 | ---- | M] () -- C:\Users\Public\Desktop\More Great Games.lnk
[2012/11/19 15:16:36 | 000,002,828 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2012/11/15 09:16:02 | 000,461,416 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/11/09 16:17:41 | 000,001,195 | ---- | M] () -- C:\Users\Silvia\Desktop\The Fool and his Money - Shortcut.lnk
[2012/10/31 12:09:34 | 000,000,023 | ---- | M] () -- C:\test.xml
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/11/25 08:25:38 | 416,572,173 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/11/24 10:58:19 | 000,001,370 | ---- | C] () -- C:\Users\Public\Desktop\More Great Games.lnk
[2012/11/14 20:12:58 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/11/14 20:05:47 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/11/09 16:17:41 | 000,001,195 | ---- | C] () -- C:\Users\Silvia\Desktop\The Fool and his Money - Shortcut.lnk
[2011/09/08 16:12:06 | 000,000,016 | ---- | C] () -- C:\Windows\Wininit.ini
[2011/09/08 16:12:00 | 000,035,328 | ---- | C] () -- C:\Windows\INETWH32.DLL
[2011/09/08 16:12:00 | 000,009,136 | ---- | C] () -- C:\Windows\INETWH16.DLL
[2011/09/08 16:12:00 | 000,004,528 | ---- | C] () -- C:\Windows\SETBROWS.EXE
[2011/09/02 15:42:28 | 000,002,828 | ---- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2011/08/07 14:29:37 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011/07/29 00:18:56 | 000,340,992 | ---- | C] () -- C:\Windows\SysWow64\SonyVideoProcessor.dll
[2011/07/28 23:16:24 | 000,000,226 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011/02/10 15:03:27 | 000,775,244 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
========== ZeroAccess Check ==========
[2009/07/13 20:55:00 | 000,000,227 | ---- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 21:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 20:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 19:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012/04/05 16:50:01 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\4 Friends Games
[2011/08/07 16:50:12 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\Alawar Entertainment
[2011/12/14 16:16:01 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\Alawar Stargaze
[2012/04/23 13:26:56 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\Alien Skin
[2012/05/21 16:01:42 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\Artifex Mundi
[2012/04/01 16:31:13 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\Artogon
[2012/07/11 16:06:14 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\BlamGames
[2012/05/14 17:01:42 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\Blue Tea Games
[2012/07/20 13:02:33 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\Boomzap
[2012/11/23 18:00:03 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\Brabl
[2012/01/26 16:29:21 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\Casual Box
[2011/12/23 18:24:27 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\casualArts
[2012/04/27 13:36:23 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\DailyMagic
[2011/10/31 16:17:56 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\DieselPuppet
[2012/05/27 13:43:14 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\Eipix
[2012/06/14 15:06:57 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\Elephant Games
[2011/10/13 16:33:30 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\Enki Games
[2012/03/28 17:10:06 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\EntwinedSoD
[2012/07/07 17:19:56 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\ERS G-Studio
[2012/06/30 11:59:42 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\ERS Game Studios
[2012/07/26 17:34:44 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\Faerie Solitaire
[2011/08/31 14:59:00 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\Fenomen Games
[2012/08/20 15:58:28 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\Filter Forge
[2012/01/26 18:03:08 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\FlyWheelGames
[2012/03/17 17:18:53 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\Friday's games
[2012/11/24 12:39:20 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\funkitron
[2012/06/20 16:13:36 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\Fuzzy Bug Interactive
[2012/04/05 14:45:42 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\GameMill Entertainment
[2012/07/01 14:42:09 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\Gogii
[2011/09/02 16:42:24 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\Jasc
[2012/11/23 16:10:32 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\MagicIndie
[2011/10/04 14:45:51 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\MediaArt
[2012/03/30 17:09:45 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\My Games
[2011/12/11 17:01:52 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\PlayFavoriteGames
[2011/09/24 15:42:35 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\PlayPond
[2011/08/09 17:10:00 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\Princess Isabella CE
[2012/04/30 11:04:40 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\Silverback Productions
[2012/11/25 12:11:48 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\Spare Backup
[2011/08/26 15:32:59 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\Tific
[2011/09/02 17:07:42 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\Ulead Systems
[2011/09/25 15:52:14 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\Vast Studios
[2011/08/12 15:52:20 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\Windows Live Writer
[2012/06/01 12:34:19 | 000,000,000 | ---D | M] -- C:\Users\Silvia\AppData\Roaming\World-LooM
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 256 bytes -> C:\ProgramData\TEMP:2B40A7DB
@Alternate Data Stream - 254 bytes -> C:\ProgramData\TEMP:1A8854EC
@Alternate Data Stream - 251 bytes -> C:\ProgramData\TEMP:7BFFC6A9
@Alternate Data Stream - 249 bytes -> C:\ProgramData\TEMP:1B96CF22
@Alternate Data Stream - 248 bytes -> C:\ProgramData\TEMP:3C4BD225
@Alternate Data Stream - 248 bytes -> C:\ProgramData\TEMP:12D21A9A
@Alternate Data Stream - 245 bytes -> C:\ProgramData\TEMP:2F70C0B4
@Alternate Data Stream - 243 bytes -> C:\ProgramData\TEMP:E8AEB2BF
@Alternate Data Stream - 243 bytes -> C:\ProgramData\TEMP:244E4E3A
@Alternate Data Stream - 241 bytes -> C:\ProgramData\TEMP:FB4262DE
@Alternate Data Stream - 241 bytes -> C:\ProgramData\TEMP:BE0654D6
@Alternate Data Stream - 239 bytes -> C:\ProgramData\TEMP:C368C9EA
@Alternate Data Stream - 239 bytes -> C:\ProgramData\TEMP:B3A5945E
@Alternate Data Stream - 238 bytes -> C:\ProgramData\TEMP:00D99749
@Alternate Data Stream - 237 bytes -> C:\ProgramData\TEMP:1604D047
@Alternate Data Stream - 236 bytes -> C:\ProgramData\TEMP:774C075A
@Alternate Data Stream - 236 bytes -> C:\ProgramData\TEMP:4E79C4F8
@Alternate Data Stream - 235 bytes -> C:\ProgramData\TEMP:DAB09BDB
@Alternate Data Stream - 235 bytes -> C:\ProgramData\TEMP:5E8C18F1
@Alternate Data Stream - 232 bytes -> C:\ProgramData\TEMP:F56BE392
@Alternate Data Stream - 231 bytes -> C:\ProgramData\TEMP:4F852702
@Alternate Data Stream - 229 bytes -> C:\ProgramData\TEMP:E6B95E40
@Alternate Data Stream - 229 bytes -> C:\ProgramData\TEMP:C78DADEA
@Alternate Data Stream - 226 bytes -> C:\ProgramData\TEMP:DC7EDF41
@Alternate Data Stream - 226 bytes -> C:\ProgramData\TEMP:71112705
@Alternate Data Stream - 225 bytes -> C:\ProgramData\TEMP:FCBEDCFD
@Alternate Data Stream - 225 bytes -> C:\ProgramData\TEMP:68B61847
@Alternate Data Stream - 224 bytes -> C:\ProgramData\TEMP:AED4A2B7
@Alternate Data Stream - 224 bytes -> C:\ProgramData\TEMP:A8ADEA55
@Alternate Data Stream - 223 bytes -> C:\ProgramData\TEMP:E6708F08
@Alternate Data Stream - 223 bytes -> C:\ProgramData\TEMP:13019F4B
@Alternate Data Stream - 223 bytes -> C:\ProgramData\TEMP:02CC0035
@Alternate Data Stream - 222 bytes -> C:\ProgramData\TEMP:BCFEA004
@Alternate Data Stream - 222 bytes -> C:\ProgramData\TEMP:B6D84F71
@Alternate Data Stream - 219 bytes -> C:\ProgramData\TEMP:AFC732F7
@Alternate Data Stream - 217 bytes -> C:\ProgramData\TEMP:DBEF355E
@Alternate Data Stream - 216 bytes -> C:\ProgramData\TEMP:20EB6823
@Alternate Data Stream - 213 bytes -> C:\ProgramData\TEMP:C67CB31A
@Alternate Data Stream - 213 bytes -> C:\ProgramData\TEMP:1CDEDE11
@Alternate Data Stream - 209 bytes -> C:\ProgramData\TEMP:7B2BB690
@Alternate Data Stream - 208 bytes -> C:\ProgramData\TEMP:95D2904B
@Alternate Data Stream - 196 bytes -> C:\ProgramData\TEMP:3D36932D
@Alternate Data Stream - 193 bytes -> C:\ProgramData\TEMP:00E13FD6
@Alternate Data Stream - 188 bytes -> C:\ProgramData\TEMP:7242ED0C
@Alternate Data Stream - 184 bytes -> C:\ProgramData\TEMP:FC1DB46C
@Alternate Data Stream - 182 bytes -> C:\ProgramData\TEMP:59B83946
@Alternate Data Stream - 168 bytes -> C:\ProgramData\TEMP:590253A0
@Alternate Data Stream - 167 bytes -> C:\ProgramData\TEMP:DA6732F9
@Alternate Data Stream - 165 bytes -> C:\ProgramData\TEMP:2C295645
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:6CF828C2
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:319D783D
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:CBAB74CB
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:0410A323
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:2D133896
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:D026A5A4
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:88E8CC2E
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:DBC3D477
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:1E942FB9
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:A798AA1A
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:1E68D1C6
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:5ECEFF17
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:B36361EE
< End of report >
THANKS SILVIA