OTL logfile created on: 2012-05-06 16:15:38 - Run 1
OTL by OldTimer - Version 3.2.42.2     Folder = C:\G_Lange\Install
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
5,90 Gb Total Physical Memory | 3,98 Gb Available Physical Memory | 67,46% Memory free
11,79 Gb Paging File | 9,74 Gb Available in Paging File | 82,63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 679,00 Gb Total Space | 619,65 Gb Free Space | 91,26% Space Free | Partition Type: NTFS
 
Computer Name: DOM | User Name: gregorie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-05-06 16:04:19 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\G_Lange\Install\OTL.exe
PRC - [2012-04-03 22:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011-11-25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2011-10-18 19:50:10 | 001,001,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2011-10-18 19:50:04 | 001,354,064 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2011-10-18 19:49:52 | 000,936,272 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2011-10-18 19:49:48 | 000,846,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
PRC - [2011-10-17 23:01:00 | 001,999,168 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011-10-17 01:00:22 | 000,380,224 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011-10-01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011-10-01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011-09-22 18:14:16 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
PRC - [2011-09-22 18:06:12 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
PRC - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2011-09-21 18:30:12 | 004,109,312 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
PRC - [2011-06-29 16:52:54 | 000,474,176 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
PRC - [2011-06-28 03:26:30 | 002,022,976 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
PRC - [2011-04-13 18:39:14 | 000,503,942 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2010-12-21 02:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010-12-21 02:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010-12-17 18:25:22 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
PRC - [2010-11-17 18:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2009-01-26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-04-30 13:31:01 | 001,358,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\d362f68d3bf954ba55a4494a659492af\System.WorkflowServices.ni.dll
MOD - [2012-04-30 11:56:55 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\507b4ca18da9d2fde2e51a1f04593443\System.Web.ni.dll
MOD - [2012-04-30 11:56:47 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\74a20fd1d8b92e1ade5e6fd5ae9ce247\PresentationFramework.ni.dll
MOD - [2012-04-30 11:56:37 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\262285b3d0afafc5059f3fe9be69bff5\System.Windows.Forms.ni.dll
MOD - [2012-04-30 11:56:32 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8177623eac8f15cf95b587625439eac7\System.Drawing.ni.dll
MOD - [2012-04-30 11:56:30 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\1a1c5635be904aeb7c1dccf64abd2102\PresentationCore.ni.dll
MOD - [2012-04-30 06:39:01 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\0113a0162fe157bb4f0130a60bbcad1a\System.ServiceModel.Web.ni.dll
MOD - [2012-04-30 06:38:58 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\fa1161af51ab42a61bfac9d02d469a06\System.Xml.Linq.ni.dll
MOD - [2012-04-30 06:38:17 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\f01c5c76d0a19516a37b7bd191a02cda\System.Core.ni.dll
MOD - [2012-04-30 06:37:52 | 001,083,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\d939fca96c3645bb8806ea8ae43cc0ca\System.IdentityModel.ni.dll
MOD - [2012-04-30 06:37:51 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bc96c5c6e644452270ff7c3d066ff713\System.Runtime.Serialization.ni.dll
MOD - [2012-04-30 06:37:50 | 017,478,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\b74950292d5681795d9d2c1a72a79952\System.ServiceModel.ni.dll
MOD - [2012-04-30 06:37:50 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\281b67b96a2dd473dad4d222da0ca514\SMDiagnostics.ni.dll
MOD - [2012-04-28 22:29:51 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\74fcc0f56435d0396f9524cd4293d3e5\PresentationFramework.Aero.ni.dll
MOD - [2012-04-28 22:29:14 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll
MOD - [2012-04-28 22:29:12 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
MOD - [2012-04-28 22:29:02 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll
MOD - [2012-04-28 22:29:00 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
MOD - [2011-12-21 04:51:40 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2011-12-20 20:02:43 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011-10-17 23:01:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
MOD - [2011-09-22 18:14:16 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
MOD - [2011-06-29 16:52:54 | 000,474,176 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
MOD - [2011-06-28 03:26:30 | 002,022,976 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
MOD - [2011-06-28 03:25:30 | 000,058,944 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\DataService.dll
MOD - [2011-06-25 07:21:46 | 000,322,624 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\en-US\UI\ManagerUI.dll
MOD - [2011-06-25 07:20:26 | 000,565,968 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll
MOD - [2010-12-17 18:25:22 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
MOD - [2010-11-25 06:44:02 | 000,375,280 | ---- | M] () -- c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll
MOD - [2010-11-21 14:53:09 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_pl_b77a5c561934e089\System.Runtime.Serialization.resources.dll
MOD - [2010-11-17 18:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2010-03-22 23:52:42 | 006,776,832 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll
MOD - [2010-03-17 04:28:28 | 000,326,144 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll
MOD - [2010-03-17 04:28:16 | 000,635,904 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll
MOD - [2010-03-17 04:28:04 | 001,926,144 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll
MOD - [2010-03-12 03:52:34 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll
MOD - [2010-03-12 03:52:34 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll
MOD - [2010-03-05 23:07:58 | 000,125,952 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll
MOD - [2010-03-05 23:07:58 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2012-05-06 00:42:08 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-04-21 03:16:42 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-04-03 22:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-02-29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011-11-25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) @C:\Program Files (x86)
SRV - [2011-10-18 19:50:10 | 001,001,808 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2011-10-18 19:50:04 | 001,354,064 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2011-10-18 19:49:52 | 000,936,272 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2011-10-17 23:01:00 | 001,999,168 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011-10-17 01:00:22 | 000,380,224 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011-10-01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011-10-01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011-09-22 18:06:12 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2010-12-21 02:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010-12-21 02:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010-11-25 13:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010-11-25 13:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2011-07-29 13:54:56 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\epmntdrv.sys -- (epmntdrv)
DRV - [2011-07-29 13:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://pl.v9.com/?utm_source=b&utm_medium=prs
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://pl.v9.com/?utm_source=b&utm_medium=prs
IE - HKLM\..\SearchScopes,DefaultScope = {E1F277E1-0FFE-4B77-8573-9DEC6D048936}
IE - HKLM\..\SearchScopes\{E1F277E1-0FFE-4B77-8573-9DEC6D048936}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
IE - HKU\S-1-5-21-3125317220-3072646238-1386388314-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://google.pl
IE - HKU\S-1-5-21-3125317220-3072646238-1386388314-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.pl
IE - HKU\S-1-5-21-3125317220-3072646238-1386388314-1002\..\SearchScopes,DefaultScope = {3680358B-F931-49D6-AF7E-4A952F3A3B30}
IE - HKU\S-1-5-21-3125317220-3072646238-1386388314-1002\..\SearchScopes\{3680358B-F931-49D6-AF7E-4A952F3A3B30}: "URL" = http://www.google.com/search?hl=pl&q={searchTerms}
IE - HKU\S-1-5-21-3125317220-3072646238-1386388314-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\gregorie\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\gregorie\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-05-04 12:32:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-04-28 21:23:35 | 000,000,000 | ---D | M]
 
[2012-05-04 12:32:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gregorie\AppData\Roaming\mozilla\Extensions
[2012-05-05 12:56:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gregorie\AppData\Roaming\mozilla\Firefox\Profiles\c2gyhefa.default\extensions
[2012-05-05 19:26:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-05-05 19:26:57 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012-04-21 03:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012-04-21 04:18:44 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012-04-21 04:18:44 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2012-04-21 04:18:44 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012-04-21 04:18:44 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012-05-06 14:09:52 | 000,000,428 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\v9.xml
[2012-04-21 04:18:44 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-04-21 04:18:44 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\gregorie\AppData\Local\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\gregorie\AppData\Local\Google\Chrome\Application\18.0.1025.168\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\gregorie\AppData\Local\Google\Chrome\Application\18.0.1025.168\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U27 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\gregorie\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\gregorie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Szukaj w Google = C:\Users\gregorie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Skype Click to Call = C:\Users\gregorie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: Gmail = C:\Users\gregorie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\hosts
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3125317220-3072646238-1386388314-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3125317220-3072646238-1386388314-1002..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3125317220-3072646238-1386388314-1002..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3125317220-3072646238-1386388314-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9B698520-1301-4DA8-A26D-A65E9F1F6E12}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\WINDOWS\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-05-06 15:45:02 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012-05-06 15:45:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HijackThis
[2012-05-06 15:11:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012-05-06 15:11:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012-05-06 14:09:57 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Roaming\WinRAR
[2012-05-06 14:09:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-05-06 14:09:56 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-05-06 14:09:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\v9Soft
[2012-05-06 14:06:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Doom 3
[2012-05-06 13:58:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DOOM 3
[2012-05-06 11:26:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2012-05-06 11:26:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012-05-06 11:25:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2012-05-06 11:25:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2012-05-06 11:24:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2012-05-06 11:23:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2012-05-06 11:23:40 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Local\Microsoft Help
[2012-05-06 11:23:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012-05-06 11:23:22 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012-05-06 10:19:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012-05-06 10:14:43 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Roaming\DAEMON Tools Lite
[2012-05-06 10:14:39 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012-05-05 21:48:43 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications
[2012-05-05 19:34:00 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Roaming\SoftGrid Client
[2012-05-05 19:34:00 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Local\SoftGrid Client
[2012-05-05 19:33:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012-05-05 19:33:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Application Virtualization Client
[2012-05-05 19:33:19 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Roaming\TP
[2012-05-05 19:32:06 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Roaming\Shark007
[2012-05-05 19:32:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Shark007
[2012-05-05 19:31:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs
[2012-05-05 19:30:56 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Roaming\Win7codecs
[2012-05-05 19:30:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Win7codecs
[2012-05-05 19:30:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Win7codecs
[2012-05-05 19:26:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012-05-05 19:26:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012-05-05 19:25:45 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Roaming\Skype
[2012-05-04 20:50:28 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012-05-04 20:47:16 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Roaming\wargaming.net
[2012-05-04 20:47:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012-05-04 20:42:05 | 008,769,696 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012-05-04 20:38:43 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-05-04 19:01:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EASEUS Partition Master 9.1.1 Home Edition
[2012-05-04 19:01:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EASEUS
[2012-05-04 18:28:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Home Edition 7.1
[2012-05-04 18:28:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MiniTool Partition Wizard Home Edition 7.1
[2012-05-04 15:17:19 | 000,000,000 | ---D | C] -- C:\Users\gregorie\SyncUP
[2012-05-04 12:32:13 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Roaming\Mozilla
[2012-05-04 12:32:13 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Local\Mozilla
[2012-05-04 12:32:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012-05-04 12:32:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012-05-04 12:32:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012-05-04 12:30:00 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012-05-04 12:29:40 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Local\Google
[2012-05-04 12:29:24 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Local\Deployment
[2012-05-04 12:29:24 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Local\Apps
[2012-05-04 02:29:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012-05-04 00:40:51 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Roaming\Roxio Burn
[2012-05-03 21:49:44 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012-05-03 21:47:25 | 000,090,112 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe
[2012-05-03 21:47:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DreamCatcher
[2012-05-03 21:36:48 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Roaming\Macrovision
[2012-05-03 21:36:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DreamCatcher
[2012-04-30 12:08:14 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Local\ElevatedDiagnostics
[2012-04-30 11:30:11 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Roaming\Python-Eggs
[2012-04-30 11:30:10 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Roaming\BitLord
[2012-04-30 11:29:52 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord
[2012-04-30 11:29:13 | 000,000,000 | ---D | C] -- C:\Users\gregorie\Documents\BitLord
[2012-04-30 11:29:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitLord 2
[2012-04-30 09:26:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative
[2012-04-30 08:24:53 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Local\Adobe
[2012-04-30 07:57:38 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Local\Sonic_Solutions
[2012-04-29 08:25:18 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Local\Diagnostics
[2012-04-28 23:13:32 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Local\Nero_AG
[2012-04-28 22:26:54 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012-04-28 22:22:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012-04-28 22:21:57 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012-04-28 22:21:56 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012-04-28 22:21:56 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012-04-28 22:21:56 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012-04-28 22:21:55 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012-04-28 22:19:55 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012-04-28 22:19:54 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012-04-28 21:24:17 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Roaming\ESET
[2012-04-28 21:24:17 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Local\ESET
[2012-04-28 21:23:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2012-04-28 21:23:34 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2012-04-28 21:21:33 | 000,000,000 | ---D | C] -- C:\G_Lange
[2012-04-28 20:54:00 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Local\Nero
[2012-04-28 20:53:59 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Roaming\Nero
[2012-04-28 20:41:36 | 000,000,000 | ---D | C] -- C:\Users\gregorie\Moje pliki kopii zapasowych
[2012-04-28 20:40:37 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012-04-28 20:40:36 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012-04-28 20:40:32 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012-04-28 20:40:29 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012-04-28 20:40:25 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012-04-28 20:40:18 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012-04-28 20:39:49 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012-04-28 20:37:18 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012-04-28 20:36:46 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Roaming\Adobe
[2012-04-28 20:36:14 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Local\Dell
[2012-04-28 20:36:13 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Roaming\Roxio
[2012-04-28 20:36:09 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Roaming\Leadertech
[2012-04-28 20:36:07 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Roaming\Creative
[2012-04-28 20:35:32 | 000,000,000 | R--D | C] -- C:\Users\gregorie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012-04-28 20:35:32 | 000,000,000 | R--D | C] -- C:\Users\gregorie\Searches
[2012-04-28 20:35:32 | 000,000,000 | R--D | C] -- C:\Users\gregorie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012-04-28 20:35:25 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Roaming\Identities
[2012-04-28 20:35:23 | 000,000,000 | R--D | C] -- C:\Users\gregorie\Contacts
[2012-04-28 20:35:21 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Local\VirtualStore
[2012-04-28 20:35:13 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Roaming\Intel
[2012-04-28 20:35:08 | 000,000,000 | -HSD | C] -- C:\Users\gregorie\Ustawienia lokalne
[2012-04-28 20:35:08 | 000,000,000 | -HSD | C] -- C:\Users\gregorie\AppData\Local\Temporary Internet Files
[2012-04-28 20:35:08 | 000,000,000 | -HSD | C] -- C:\Users\gregorie\Szablony
[2012-04-28 20:35:08 | 000,000,000 | -HSD | C] -- C:\Users\gregorie\SendTo
[2012-04-28 20:35:08 | 000,000,000 | -HSD | C] -- C:\Users\gregorie\Recent
[2012-04-28 20:35:08 | 000,000,000 | -HSD | C] -- C:\Users\gregorie\PrintHood
[2012-04-28 20:35:08 | 000,000,000 | -HSD | C] -- C:\Users\gregorie\NetHood
[2012-04-28 20:35:08 | 000,000,000 | -HSD | C] -- C:\Users\gregorie\Documents\Moje wideo
[2012-04-28 20:35:08 | 000,000,000 | -HSD | C] -- C:\Users\gregorie\Documents\Moje obrazy
[2012-04-28 20:35:08 | 000,000,000 | -HSD | C] -- C:\Users\gregorie\Moje dokumenty
[2012-04-28 20:35:08 | 000,000,000 | -HSD | C] -- C:\Users\gregorie\Documents\Moja muzyka
[2012-04-28 20:35:08 | 000,000,000 | -HSD | C] -- C:\Users\gregorie\Menu Start
[2012-04-28 20:35:08 | 000,000,000 | -HSD | C] -- C:\Users\gregorie\AppData\Local\Historia
[2012-04-28 20:35:08 | 000,000,000 | -HSD | C] -- C:\Users\gregorie\Dane aplikacji
[2012-04-28 20:35:08 | 000,000,000 | -HSD | C] -- C:\Users\gregorie\AppData\Local\Dane aplikacji
[2012-04-28 20:35:08 | 000,000,000 | -HSD | C] -- C:\Users\gregorie\Cookies
[2012-04-28 20:35:06 | 000,000,000 | --SD | C] -- C:\Users\gregorie\AppData\Roaming\Microsoft
[2012-04-28 20:35:06 | 000,000,000 | R--D | C] -- C:\Users\gregorie\Videos
[2012-04-28 20:35:06 | 000,000,000 | R--D | C] -- C:\Users\gregorie\Saved Games
[2012-04-28 20:35:06 | 000,000,000 | R--D | C] -- C:\Users\gregorie\Pictures
[2012-04-28 20:35:06 | 000,000,000 | R--D | C] -- C:\Users\gregorie\Music
[2012-04-28 20:35:06 | 000,000,000 | R--D | C] -- C:\Users\gregorie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012-04-28 20:35:06 | 000,000,000 | R--D | C] -- C:\Users\gregorie\Links
[2012-04-28 20:35:06 | 000,000,000 | R--D | C] -- C:\Users\gregorie\Favorites
[2012-04-28 20:35:06 | 000,000,000 | R--D | C] -- C:\Users\gregorie\Downloads
[2012-04-28 20:35:06 | 000,000,000 | R--D | C] -- C:\Users\gregorie\Documents
[2012-04-28 20:35:06 | 000,000,000 | R--D | C] -- C:\Users\gregorie\Desktop
[2012-04-28 20:35:06 | 000,000,000 | R--D | C] -- C:\Users\gregorie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012-04-28 20:35:06 | 000,000,000 | -H-D | C] -- C:\Users\gregorie\AppData
[2012-04-28 20:35:06 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Local\Temp
[2012-04-28 20:35:06 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Local\SoftThinks
[2012-04-28 20:35:06 | 000,000,000 | ---D | C] -- C:\Users\gregorie\Roaming
[2012-04-28 20:35:06 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Local\Microsoft
[2012-04-28 20:35:06 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Roaming\Media Center Programs
[2012-04-28 20:35:06 | 000,000,000 | ---D | C] -- C:\Users\gregorie\AppData\Roaming\Macromedia
[2012-04-24 17:18:49 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-04-24 17:15:17 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione
[2012-04-24 17:15:17 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony
[2012-04-24 17:15:17 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit
[2012-04-24 17:15:17 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo
[2012-04-24 17:15:17 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy
[2012-04-24 17:15:17 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka
[2012-04-24 17:15:17 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start
[2012-04-24 17:15:17 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2012-04-24 17:15:17 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-05-06 15:51:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-05-06 15:51:05 | 453,640,191 | -HS- | M] () -- C:\hiberfil.sys
[2012-05-06 15:45:02 | 000,003,013 | ---- | M] () -- C:\Users\gregorie\Desktop\HiJackThis.lnk
[2012-05-06 15:42:07 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-05-06 15:34:01 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3125317220-3072646238-1386388314-1002UA.job
[2012-05-06 15:11:34 | 000,001,264 | ---- | M] () -- C:\Users\gregorie\Desktop\Spybot - Search & Destroy.lnk
[2012-05-06 14:06:05 | 000,001,517 | ---- | M] () -- C:\Users\Public\Desktop\Doom 3.lnk
[2012-05-06 14:06:02 | 000,000,339 | ---- | M] () -- C:\Windows\doom3.ini
[2012-05-06 12:34:00 | 000,001,018 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3125317220-3072646238-1386388314-1002Core.job
[2012-05-06 10:19:46 | 000,001,956 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012-05-06 00:49:28 | 001,689,266 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-05-06 00:42:08 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-05-06 00:42:08 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-05-06 00:42:02 | 008,769,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012-05-04 19:01:16 | 000,001,436 | ---- | M] () -- C:\Users\Public\Desktop\EASEUS Partition Master 9.1.1 Home Edition.lnk
[2012-05-04 14:30:40 | 000,000,363 | ---- | M] () -- C:\Users\gregorie\Desktop\Komputer.lnk
[2012-05-04 02:29:57 | 000,000,784 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-05-03 21:47:25 | 000,001,834 | ---- | M] () -- C:\Users\gregorie\Desktop\Uruchom Painkiller - Battle Out Of Hell!.lnk
[2012-05-01 03:19:15 | 000,000,218 | ---- | M] () -- C:\Users\gregorie\.recently-used.xbel
[2012-04-30 15:11:25 | 000,001,084 | ---- | M] () -- C:\Users\gregorie\Desktop\regedit.lnk
[2012-04-30 11:29:52 | 000,002,029 | ---- | M] () -- C:\Users\gregorie\Desktop\BitLord.lnk
[2012-04-28 23:45:37 | 000,002,767 | ---- | M] () -- C:\Users\Public\Desktop\SyncUP.lnk
[2012-04-28 04:33:17 | 000,151,249 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-05-06 15:45:02 | 000,003,013 | ---- | C] () -- C:\Users\gregorie\Desktop\HiJackThis.lnk
[2012-05-06 15:11:34 | 000,001,264 | ---- | C] () -- C:\Users\gregorie\Desktop\Spybot - Search & Destroy.lnk
[2012-05-06 14:06:05 | 000,001,517 | ---- | C] () -- C:\Users\Public\Desktop\Doom 3.lnk
[2012-05-06 14:06:02 | 000,000,339 | ---- | C] () -- C:\Windows\doom3.ini
[2012-05-06 10:19:46 | 000,001,956 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012-05-04 20:38:43 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-05-04 19:01:16 | 000,001,436 | ---- | C] () -- C:\Users\Public\Desktop\EASEUS Partition Master 9.1.1 Home Edition.lnk
[2012-05-04 19:01:15 | 002,469,760 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe
[2012-05-04 19:01:15 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe
[2012-05-04 19:01:15 | 000,019,840 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll
[2012-05-04 19:01:15 | 000,008,456 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys
[2012-05-04 19:01:14 | 000,014,216 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys
[2012-05-04 14:30:40 | 000,000,363 | ---- | C] () -- C:\Users\gregorie\Desktop\Komputer.lnk
[2012-05-04 12:32:11 | 000,001,240 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012-05-04 12:29:41 | 000,001,070 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3125317220-3072646238-1386388314-1002UA.job
[2012-05-04 12:29:41 | 000,001,018 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3125317220-3072646238-1386388314-1002Core.job
[2012-05-04 02:29:57 | 000,000,784 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-05-03 21:47:25 | 000,001,834 | ---- | C] () -- C:\Users\gregorie\Desktop\Uruchom Painkiller - Battle Out Of Hell!.lnk
[2012-05-01 03:19:15 | 000,000,218 | ---- | C] () -- C:\Users\gregorie\.recently-used.xbel
[2012-04-30 15:11:24 | 000,001,084 | ---- | C] () -- C:\Users\gregorie\Desktop\regedit.lnk
[2012-04-30 11:29:52 | 000,002,029 | ---- | C] () -- C:\Users\gregorie\Desktop\BitLord.lnk
[2012-04-28 20:35:50 | 000,001,487 | ---- | C] () -- C:\Users\gregorie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012-04-28 20:35:36 | 000,001,549 | ---- | C] () -- C:\Users\gregorie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012-04-24 17:15:51 | 000,001,939 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dokumentacja pomocy firmy Dell.lnk
[2012-03-22 19:01:32 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012-03-15 07:40:28 | 004,826,112 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2012-01-09 20:45:18 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011-12-21 04:33:08 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011-12-21 04:33:05 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011-12-21 04:33:04 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011-12-21 04:33:03 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011-12-21 04:33:02 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011-12-07 20:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2011-02-15 11:58:50 | 001,689,266 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2012-05-06 13:13:02 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\BitLord
[2012-05-06 15:02:57 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\DAEMON Tools Lite
[2012-04-28 21:24:17 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\ESET
[2012-04-28 20:36:09 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\Leadertech
[2012-04-30 11:30:11 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\Python-Eggs
[2012-05-05 19:32:06 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\Shark007
[2012-05-06 10:27:00 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\SoftGrid Client
[2012-05-05 19:34:07 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\TP
[2012-05-04 20:47:16 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\wargaming.net
[2012-05-05 19:30:56 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\Win7codecs
[2009-07-14 07:08:49 | 000,012,190 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
[color=#A23BEC]< C:\*.* >[/color]
[2011-12-21 04:09:38 | 000,004,107 | RH-- | M] () -- C:\dell.sdr
[2007-11-07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007-11-07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007-11-07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007-11-07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007-11-07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007-11-07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007-11-07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007-11-07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007-11-07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2011-12-21 03:33:06 | 000,001,182 | ---- | M] () -- C:\freefallprotection.log
[2007-11-07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2012-05-06 15:51:05 | 453,640,191 | -HS- | M] () -- C:\hiberfil.sys
[2007-11-07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2007-11-07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007-11-07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007-11-07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007-11-07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007-11-07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007-11-07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007-11-07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007-11-07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007-11-07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007-11-07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2012-05-06 15:51:09 | 2036,510,719 | -HS- | M] () -- C:\pagefile.sys
[2007-11-07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007-11-07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007-11-07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI
 
[color=#A23BEC]< D:\*.*      >[/color]
 
[color=#A23BEC]< E:\*.*     >[/color]
 
[color=#A23BEC]< F:\*.*  >[/color]
 
[color=#A23BEC]< G:\*.* >[/color]
 
[color=#A23BEC]< H:\*.* >[/color]
 
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]
 
[color=#A23BEC]< %APPDATA%\*. >[/color]
[2012-05-04 15:16:13 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\Adobe
[2012-05-06 13:13:02 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\BitLord
[2012-04-28 20:36:07 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\Creative
[2012-05-06 15:02:57 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\DAEMON Tools Lite
[2012-04-28 21:24:17 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\ESET
[2012-04-28 20:35:25 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\Identities
[2012-04-28 20:35:13 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\Intel
[2012-04-28 20:36:09 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\Leadertech
[2011-12-21 04:12:05 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\Macromedia
[2012-05-03 21:36:48 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\Macrovision
[2011-12-21 04:27:53 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\Media Center Programs
[2012-05-06 15:45:02 | 000,000,000 | --SD | M] -- C:\Users\gregorie\AppData\Roaming\Microsoft
[2012-05-04 12:32:24 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\Mozilla
[2012-04-28 20:53:59 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\Nero
[2012-04-30 11:30:11 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\Python-Eggs
[2012-04-28 20:36:13 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\Roxio
[2012-05-04 00:40:51 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\Roxio Burn
[2012-05-05 19:32:06 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\Shark007
[2012-05-05 19:28:50 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\Skype
[2012-05-06 10:27:00 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\SoftGrid Client
[2012-05-05 19:34:07 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\TP
[2012-05-04 20:47:16 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\wargaming.net
[2012-05-05 19:30:56 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\Win7codecs
[2012-05-06 14:10:15 | 000,000,000 | ---D | M] -- C:\Users\gregorie\AppData\Roaming\WinRAR
 
[color=#A23BEC]< %SYSTEMDRIVE%\*. /mp /s >[/color]
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\WINDOWS\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
[color=#A23BEC]< MD5 for: BEEP.SYS  >[/color]
[2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys
[2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys
 
[color=#A23BEC]< MD5 for: EXPLORER.EXE  >[/color]
[2011-12-21 04:51:49 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011-12-21 04:51:49 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\WINDOWS\explorer.exe
[2011-12-21 04:51:49 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011-12-21 04:51:49 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010-11-21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011-12-21 04:51:49 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\WINDOWS\SysWOW64\explorer.exe
[2011-12-21 04:51:49 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010-11-21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
 
[color=#A23BEC]< MD5 for: IASTOR.SYS  >[/color]
[2011-01-13 03:51:44 | 000,439,320 | ---- | M] (Intel Corporation) MD5=D469B77687E12FE43E344806740B624D -- C:\Drivers\Chipset_IRST\f6flpy-x64\iaStor.sys
[2011-01-13 03:51:44 | 000,439,320 | ---- | M] (Intel Corporation) MD5=D469B77687E12FE43E344806740B624D -- C:\Windows\SysNative\drivers\iaStor.sys
[2011-01-13 03:51:44 | 000,439,320 | ---- | M] (Intel Corporation) MD5=D469B77687E12FE43E344806740B624D -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_a36325196df56f7d\iaStor.sys
[2011-01-13 03:51:44 | 000,439,320 | ---- | M] (Intel Corporation) MD5=D469B77687E12FE43E344806740B624D -- C:\Windows\SysNative\DriverStore\FileRepository\iastor.inf_amd64_neutral_e3082ac13af8d3bf\iaStor.sys
 
[color=#A23BEC]< MD5 for: NDIS.SYS  >[/color]
[2011-12-21 04:51:15 | 000,950,656 | ---- | M] (Microsoft Corporation) MD5=303310C91F8C0740ED1C76851C759874 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.21628_none_066fff3d4bd0b870\ndis.sys
[2010-11-21 05:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\WINDOWS\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2011-12-21 04:51:15 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=C38B8AE57F78915905064A9A24DC1586 -- C:\Windows\SysNative\drivers\ndis.sys
[2011-12-21 04:51:15 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=C38B8AE57F78915905064A9A24DC1586 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17530_none_05d3903632c269df\ndis.sys
 
[color=#A23BEC]< MD5 for: NTFS.SYS  >[/color]
[2010-11-21 05:23:55 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=05D78AA5CB5F3F5C31160BDB955D0B7C -- C:\WINDOWS\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17514_none_04972f2c338b23d4\ntfs.sys
[2011-12-21 04:51:46 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=87B104128D4D3BA3C13098BAEBF38082 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.21680_none_04d11b5b4ce521d9\ntfs.sys
[2011-12-21 04:51:46 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=A2F74975097F52A00745F9637451FDD8 -- C:\Windows\SysNative\drivers\ntfs.sys
[2011-12-21 04:51:46 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=A2F74975097F52A00745F9637451FDD8 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17577_none_0459508233b9177f\ntfs.sys
 
[color=#A23BEC]< MD5 for: SVCHOST.EXE  >[/color]
[2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\WINDOWS\SysWOW64\svchost.exe
[2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\WINDOWS\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009-07-14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009-07-14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\WINDOWS\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
 
[color=#A23BEC]< MD5 for: USERINIT.EXE  >[/color]
[2010-11-21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\WINDOWS\SysWOW64\userinit.exe
[2010-11-21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\WINDOWS\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010-11-21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010-11-21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
[color=#A23BEC]< MD5 for: WINLOGON.EXE  >[/color]
[2010-11-21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010-11-21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
 
[color=#A23BEC]< %systemroot%\system32\ws2_32.dll /md5 >[/color]
[2010-11-21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\system32\ws2_32.dll
 
[color=#A23BEC]< %systemroot%\system32\kernel32.dll /md5 >[/color]
[2011-12-21 04:51:53 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=99C3F8E9CC59D95666EB8D8A8B4C2BEB -- C:\Windows\system32\kernel32.dll
 
[color=#A23BEC]< %systemroot%\system32\user32.dll /md5 >[/color]
[2010-11-21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\system32\user32.dll
 
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
 
[color=#E56717]========== Restore Points Found ==========[/color]
 
[color=#E56717]========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========[/color]
[C:\Users\All Users] ->  -> Unknown point type

< End of report >