wklejto.pl

Dodane przez: ~Anonim (2012-07-06 19:39) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
246.
247.
248.
249.
250.
251.
252.
253.
254.
255.
256.
257.
258.
259.
260.
261.
262.
263.
264.
265.
266.
267.
268.
269.
270.
271.
272.
273.
274.
275.
276.
277.
278.
279.
280.
281.
282.
283.
284.
285.
286.
287.
288.
289.
290.
291.
292.
293.
294.
295.
296.
297.
298.
299.
300.
301.
302.
303.
304.
305.
306.
307.
308.
309.
310.
311.
312.
313.
314.
315.
316.
317.
318.
319.
320.
321.
322.
323.
324.
325.
326.
327.
328.
329.
330.
331.
332.
333.
334.
335.
336.
337.
338.
339.
340.
341.
342.
343.
344.
345.
346.
347.
348.
349.
350.
351.
352.
353.
354.
355.
356.
357.
358.
359.
360.
361.
362.
363.
364.
365.
366.
367.
368.
369.
370.
371.
372.
373.
374.
375.
376.
377.
378.
379.
380.
381.
382.
383.
384.
385.
386.
387.
388.
389.
390.
391.
392.
393.
394.
395.
396.
397.
398.
399.
400.
401.
402.
403.
404.
405.
406.
407.
408.
409.
410.
411.
412.
413.
414.
415.
416.
417.
418.
419.
420.
421.
422.
423.
424.
425.
426.
427.
428.
429.
430.
431.
432.
433.
434.
435.
436.
437.
438.
439.
440.
441.
442.
443.
444.
445.
446.
447.
448.
449.
450.
451.
452.
453.
454.
455.
456.
457.
458.
459.
460.
461.
462.
463.
464.
465.
466.
467.
468.
469.
470.
471.
472.
473.
474.
475.
476.
477.
478.
479.
480.
481.
482.
483.
484.
485.
486.
487.
488.
489.
490.
491.
492.
493.
494.
495.
496.
497.
498.
499.
500.
501.
502.
503.
504.
505.
506.
507.
508.
509.
510.
511.
512.
513.
514.
515.
516.
517.
518.
519.
520.
521.
522.
523.
524.
525.
526.
527.
528.
529.
530.
531.
532.
533.
534.
535.
536.
537.
538.
539.
540.
541.
542.
543.
544.
545.
546.
547.
548.
549.
550.
551.
552.
553.
554.
555.
556.
557.
558.
559.
560.
561.
562.
563.
564.
565.
566.
567.
568.
569.
570.
571.
572.
573.
574.
575.
576.
577.
578.
579.
580.
581.
582.
583.
584.
585.
586.
587.
588.
589.
590.
591.
592.
593.
594.
595.
596.
597.
598.
599.
600.
601.
602.
603.
604.
605.
606.
607.
608.
609.
610.
611.
612.
613.
614.
615.
616.
617.
618.
619.
620.
621.
622.
623.
624.
625.
626.
627.
628.
629.
630.
631.
632.
633.
634.
635.
636.
637.
638.
639.
640.
641.
642.
643.
OTL logfile created on: 2012-07-06 19:28:03 - Run 1
OTL by OldTimer - Version 3.2.53.1     Folder = C:\Users\RedDragonFire\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
4,00 Gb Total Physical Memory | 2,26 Gb Available Physical Memory | 56,63% Memory free
7,99 Gb Paging File | 5,70 Gb Available in Paging File | 71,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 59,90 Gb Total Space | 9,38 Gb Free Space | 15,66% Space Free | Partition Type: NTFS
Drive D: | 100,00 Gb Total Space | 0,47 Gb Free Space | 0,47% Space Free | Partition Type: NTFS
Drive E: | 7,92 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive G: | 100,00 Gb Total Space | 0,94 Gb Free Space | 0,94% Space Free | Partition Type: NTFS
Drive J: | 100,00 Gb Total Space | 5,58 Gb Free Space | 5,58% Space Free | Partition Type: NTFS
Drive M: | 100,00 Gb Total Space | 46,70 Gb Free Space | 46,70% Space Free | Partition Type: NTFS
Drive X: | 1397,25 Gb Total Space | 43,89 Gb Free Space | 3,14% Space Free | Partition Type: NTFS
Drive Z: | 5,75 Gb Total Space | 5,70 Gb Free Space | 99,03% Space Free | Partition Type: NTFS
 
Computer Name: SORANULTIMATE | User Name: RedDragonFire | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-07-06 19:20:40 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\RedDragonFire\Desktop\OTL.exe
PRC - [2012-06-15 03:02:55 | 000,400,352 | ---- | M] (Mozilla Messaging) -- J:\ThunderBird\thunderbird.exe
PRC - [2012-06-07 07:15:36 | 003,491,264 | ---- | M] (Tonec Inc.) -- J:\Internet Download Manager\IDMan.exe
PRC - [2012-05-15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012-01-19 11:46:40 | 000,076,288 | ---- | M] (Freemake) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
PRC - [2012-01-12 15:52:57 | 000,296,232 | ---- | M] (CyberLink) -- J:\Power DVD\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
PRC - [2012-01-12 15:52:55 | 000,087,336 | ---- | M] (CyberLink Corp.) -- J:\Power DVD\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
PRC - [2012-01-12 15:52:55 | 000,075,048 | ---- | M] (CyberLink) -- J:\Power DVD\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
PRC - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011-12-24 12:24:36 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- J:\Kaspersky pure 2.0\avp.exe
PRC - [2011-10-12 04:01:17 | 000,292,136 | ---- | M] (CyberLink) -- J:\Power DVD\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
PRC - [2011-10-12 04:01:08 | 000,075,048 | ---- | M] (CyberLink) -- J:\Power DVD\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
PRC - [2011-09-14 15:48:18 | 000,083,240 | ---- | M] () -- J:\Power DVD\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
PRC - [2010-11-20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe
PRC - [2010-05-25 14:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- J:\Internet Download Manager\IEMonitor.exe
PRC - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- J:\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009-12-21 17:34:38 | 000,743,992 | ---- | M] (Infowatch) -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-06-15 03:02:30 | 000,021,984 | ---- | M] () -- J:\ThunderBird\nsldappr32v60.dll
MOD - [2012-06-15 03:02:28 | 000,162,784 | ---- | M] () -- J:\ThunderBird\nsldap32v60.dll
MOD - [2012-06-15 03:02:20 | 001,977,312 | ---- | M] () -- J:\ThunderBird\mozjs.dll
MOD - [2012-05-13 09:57:59 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2011-08-31 08:31:22 | 000,004,096 | ---- | M] () -- C:\Users\RedDragonFire\AppData\Local\Microsoft\Windows Sidebar\Gadgets\MonitorSystemu.Gadget\binaries\MonitorSystemu.Utils.dll
MOD - [2011-03-17 00:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012-06-22 15:33:21 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-06-20 19:57:22 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-06-15 00:17:46 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-05-15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-05-15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012-05-03 08:31:10 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-03-28 10:05:52 | 003,417,376 | ---- | M] () [Disabled | Stopped] -- c:\program files (x86)\common files\akamai/netsession_win_6c825ce.dll -- (Akamai)
SRV - [2012-01-19 11:46:40 | 000,076,288 | ---- | M] (Freemake) [Auto | Running] -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver)
SRV - [2012-01-12 15:52:57 | 000,296,232 | ---- | M] (CyberLink) [Auto | Running] -- J:\Power DVD\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe -- (CyberLink PowerDVD 12 Media Server Service)
SRV - [2012-01-12 15:52:55 | 000,087,336 | ---- | M] (CyberLink Corp.) [Auto | Running] -- J:\Power DVD\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe -- (CLHNServiceForPowerDVD12)
SRV - [2012-01-12 15:52:55 | 000,075,048 | ---- | M] (CyberLink) [Auto | Running] -- J:\Power DVD\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe -- (CyberLink PowerDVD 12 Media Server Monitor Service)
SRV - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-12-24 12:24:36 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Stopped] -- J:\Kaspersky pure 2.0\avp.exe -- (AVP)
SRV - [2011-10-12 04:01:17 | 000,292,136 | ---- | M] (CyberLink) [Auto | Running] -- J:\Power DVD\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe -- (CyberLink PowerDVD 11.0 Service)
SRV - [2011-10-12 04:01:08 | 000,075,048 | ---- | M] (CyberLink) [Auto | Running] -- J:\Power DVD\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe -- (CyberLink PowerDVD 11.0 Monitor Service)
SRV - [2011-09-14 15:48:18 | 000,083,240 | ---- | M] () [Auto | Running] -- J:\Power DVD\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe -- (CLHNServiceForPowerDVD)
SRV - [2011-09-04 10:54:54 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
SRV - [2011-06-12 11:43:28 | 051,740,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- J:\Ofice 2010 Plu\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2011-05-03 22:18:00 | 004,137,464 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- J:\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009-12-21 17:34:38 | 000,743,992 | ---- | M] (Infowatch) [Auto | Running] -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe -- (CSObjectsSrv)
SRV - [2009-08-24 22:16:12 | 000,544,768 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- J:\Ashampoo HDD Control\DfSdkS.exe -- (DfSdkS)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-09-08 07:59:00 | 000,575,488 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007-05-31 18:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007-05-31 18:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2012-07-06 11:29:01 | 000,639,280 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:[b]64bit:[/b] - [2012-04-23 13:26:26 | 000,154,272 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:[b]64bit:[/b] - [2012-04-12 00:30:00 | 000,708,200 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012-02-09 08:06:36 | 000,125,376 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:[b]64bit:[/b] - [2011-10-20 11:48:00 | 000,458,032 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Unknown] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:[b]64bit:[/b] - [2011-10-20 11:48:00 | 000,013,616 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
DRV:[b]64bit:[/b] - [2011-09-19 21:58:44 | 000,057,480 | ---- | M] (NetFilterSDK.com) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\networx.sys -- (networx)
DRV:[b]64bit:[/b] - [2011-08-22 09:14:20 | 000,503,352 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2011-05-19 15:55:34 | 000,120,920 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011-03-10 18:36:24 | 000,029,488 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:[b]64bit:[/b] - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2010-04-06 18:33:10 | 000,030,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btnetBus.sys -- (btnetBUs)
DRV:[b]64bit:[/b] - [2010-04-06 18:32:48 | 000,027,016 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV:[b]64bit:[/b] - [2010-04-06 18:32:46 | 000,023,944 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BtHidBus.sys -- (BtHidBus)
DRV:[b]64bit:[/b] - [2009-12-30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:[b]64bit:[/b] - [2009-12-21 17:39:40 | 000,051,712 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM) Realtek Virtual Miniport Driver for Teaming (NDIS 6.0)
DRV:[b]64bit:[/b] - [2009-12-21 17:39:40 | 000,051,712 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT) Realtek Teaming Protocol Driver (NDIS 6.0)
DRV:[b]64bit:[/b] - [2009-12-14 12:44:24 | 000,085,048 | ---- | M] (Infowatch) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\CSCrySec.sys -- (CSCrySec)
DRV:[b]64bit:[/b] - [2009-12-14 12:44:24 | 000,066,104 | ---- | M] (Infowatch) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys -- (CSVirtualDiskDrv)
DRV:[b]64bit:[/b] - [2009-11-02 20:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:[b]64bit:[/b] - [2009-08-13 08:38:24 | 000,029,184 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcp.sys -- (BthAvrcp)
DRV:[b]64bit:[/b] - [2009-07-20 04:27:34 | 000,027,136 | ---- | M] (Realtek                                            ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-07-14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (1394hub)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-05-18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2008-08-28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:[b]64bit:[/b] - [2007-12-03 04:20:54 | 000,024,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT) Realtek Vlan Protocol Driver (NDIS 6.2)
DRV - [2012-02-09 17:26:43 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2011-10-27 08:18:45 | 000,082,928 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- J:\Power DVD\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys -- (ntk_PowerDVD12)
DRV - [2011-09-16 10:36:34 | 000,148,976 | ---- | M] (CyberLink Corp.) [2011/10/28 14:39:45] [Kernel | Auto | Running] -- J:\Power DVD\PowerDVD11\Common\NavFilter\000.fcl -- ({329F96B6-DF1E-4328-BFDA-39EA953C1312})
DRV - [2011-09-14 15:48:19 | 000,075,248 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- J:\Power DVD\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys -- (ntk_PowerDVD)
DRV - [2010-03-22 11:19:50 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\npf.sys -- (npf)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2004-12-30 23:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
IE - HKLM\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-115546106-2109980760-4076868271-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.daum.net/
IE - HKU\S-1-5-21-115546106-2109980760-4076868271-1000\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-115546106-2109980760-4076868271-1000\..\SearchScopes,DefaultScope = {F9894945-835A-4361-B8BC-D6F6517FC4DA}
IE - HKU\S-1-5-21-115546106-2109980760-4076868271-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-115546106-2109980760-4076868271-1000\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
IE - HKU\S-1-5-21-115546106-2109980760-4076868271-1000\..\SearchScopes\{3A40E547-20FD-44a2-94D0-1C98342D1507}: "URL" = http://search.daum.net/search?nil_profile=ie&ref_code=ms&q={searchTerms}
IE - HKU\S-1-5-21-115546106-2109980760-4076868271-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
IE - HKU\S-1-5-21-115546106-2109980760-4076868271-1000\..\SearchScopes\{F9894945-835A-4361-B8BC-D6F6517FC4DA}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
IE - HKU\S-1-5-21-115546106-2109980760-4076868271-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-115546106-2109980760-4076868271-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;*.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - user.js - File not found
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: J:\OFICE2~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: J:\I tunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\RedDragonFire\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: J:\Adobe Reader X\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: J:\Kaspersky pure 2.0\FFExt\linkfilter@kaspersky.ru [2012-07-06 12:08:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: J:\Kaspersky pure 2.0\FFExt\virtualKeyboard@kaspersky.ru [2012-07-06 12:08:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: J:\Kaspersky pure 2.0\FFExt\KavAntiBanner@Kaspersky.ru [2012-07-06 12:08:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: J:\FireFox\components [2012-07-03 11:09:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: J:\FireFox\plugins [2012-07-04 09:31:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: J:\Thunderbird\components [2012-06-25 15:26:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Plugins: J:\Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: J:\ThunderBird Beta\components [2012-06-27 15:19:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: J:\ThunderBird Beta\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\RedDragonFire\AppData\Roaming\IDM\idmmzcc5 [2012-06-22 14:04:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Components: J:\Thunderbird\components [2012-06-25 15:26:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Plugins: J:\Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\RedDragonFire\AppData\Roaming\IDM\idmmzcc5 [2012-06-22 14:04:26 | 000,000,000 | ---D | M]
 
[2012-07-03 11:09:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\RedDragonFire\AppData\Roaming\mozilla\Extensions
[2012-06-25 15:37:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\RedDragonFire\AppData\Roaming\mozilla\Firefox\Profiles\a1sqfw5x.default\extensions
[2012-06-25 15:41:11 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\RedDragonFire\AppData\Roaming\mozilla\Firefox\Profiles\a1sqfw5x.default\extensions\support@lastpass.com
[2012-07-06 10:20:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\RedDragonFire\AppData\Roaming\mozilla\Firefox\Profiles\s8dkvw0j.default\extensions
[2012-07-04 09:49:13 | 000,000,000 | ---D | M] ("NetVideoHunter") -- C:\Users\RedDragonFire\AppData\Roaming\mozilla\Firefox\Profiles\s8dkvw0j.default\extensions\netvideohunter@netvideohunter.com
[2012-07-03 11:28:48 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\RedDragonFire\AppData\Roaming\mozilla\Firefox\Profiles\s8dkvw0j.default\extensions\support@lastpass.com
[2011-09-22 10:30:44 | 000,002,046 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml
 
O1 HOSTS File: ([2011-10-12 11:49:20 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - J:\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:[b]64bit:[/b] - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\RedDragonFire\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)
O2:[b]64bit:[/b] - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - J:\Kaspersky pure 2.0\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:[b]64bit:[/b] - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - J:\Ofice 2010 Plu\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - J:\Ofice 2010 Plu\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - J:\Kaspersky pure 2.0\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - J:\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\RedDragonFire\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - J:\Kaspersky pure 2.0\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - J:\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - J:\Kaspersky pure 2.0\klwtbbho.dll (Kaspersky Lab ZAO)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (&NetWorx Desk Band) - {FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - J:\NetWorx\deskband.dll (SoftPerfect Research)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [NetWorx] J:\NetWorx\networx.exe (SoftPerfect Research)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AVP] J:\Kaspersky pure 2.0\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [Driver Genius]  File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-115546106-2109980760-4076868271-1000..\Run: [GG] C:\Users\RedDragonFire\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-115546106-2109980760-4076868271-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-115546106-2109980760-4076868271-1000..\Run: [Steam] G:\Steam\Steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] J:\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:[b]64bit:[/b] - Extra context menu item: ???????? ?? ????????? ??????? DM - Reg Error: Value error. File not found
O8:[b]64bit:[/b] - Extra context menu item: ???????? ??? ??? ?????? Download Master - Reg Error: Value error. File not found
O8:[b]64bit:[/b] - Extra context menu item: ???????? ??? ?????? Download Master - Reg Error: Value error. File not found
O8:[b]64bit:[/b] - Extra context menu item: Çŕęŕ÷ŕňü ÂŃĹ ďđč ďîěîůč Download Master - J:\Download Master\dmieall.htm File not found
O8:[b]64bit:[/b] - Extra context menu item: Çŕęŕ÷ŕňü ďđč ďîěîůč Download Master - J:\Download Master\dmie.htm File not found
O8:[b]64bit:[/b] - Extra context menu item: Ďĺđĺäŕňü íŕ óäŕëĺííóţ çŕęŕ÷ęó DM - J:\Download Master\remdown.htm File not found
O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - J:\Ofice 2010 Plu\Office14\EXCEL.EXE (Microsoft Corporation)
O8:[b]64bit:[/b] - Extra context menu item: Ściągnij przez IDM - J:\Internet Download Manager\IEExt.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Ściągnij wideo FLV przez IDM z 10 ostatnio żądanych - J:\Internet Download Manager\IEGetVL2.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Ściągnij wszystkie linki przez IDM - J:\Internet Download Manager\IEGetAll.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Ściągnij zawartość wideo FLV przez IDM - J:\Internet Download Manager\IEGetVL.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Закачать ВСЕ при помощи Download Master - Reg Error: Value error. File not found
O8:[b]64bit:[/b] - Extra context menu item: Закачать при помощи Download Master - Reg Error: Value error. File not found
O8:[b]64bit:[/b] - Extra context menu item: Передать на удаленную закачку DM - Reg Error: Value error. File not found
O8 - Extra context menu item: ???????? ?? ????????? ??????? DM - Reg Error: Value error. File not found
O8 - Extra context menu item: ???????? ??? ??? ?????? Download Master - Reg Error: Value error. File not found
O8 - Extra context menu item: ???????? ??? ?????? Download Master - Reg Error: Value error. File not found
O8 - Extra context menu item: Çŕęŕ÷ŕňü ÂŃĹ ďđč ďîěîůč Download Master - J:\Download Master\dmieall.htm File not found
O8 - Extra context menu item: Çŕęŕ÷ŕňü ďđč ďîěîůč Download Master - J:\Download Master\dmie.htm File not found
O8 - Extra context menu item: Ďĺđĺäŕňü íŕ óäŕëĺííóţ çŕęŕ÷ęó DM - J:\Download Master\remdown.htm File not found
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - J:\Ofice 2010 Plu\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Ściągnij przez IDM - J:\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Ściągnij wideo FLV przez IDM z 10 ostatnio żądanych - J:\Internet Download Manager\IEGetVL2.htm ()
O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - J:\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Ściągnij zawartość wideo FLV przez IDM - J:\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Закачать ВСЕ при помощи Download Master - Reg Error: Value error. File not found
O8 - Extra context menu item: Закачать при помощи Download Master - Reg Error: Value error. File not found
O8 - Extra context menu item: Передать на удаленную закачку DM - Reg Error: Value error. File not found
O9:[b]64bit:[/b] - Extra Button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - J:\Kaspersky pure 2.0\x64\ievkbd.dll (Kaspersky Lab ZAO)
O9:[b]64bit:[/b] - Extra Button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - J:\Kaspersky pure 2.0\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - J:\Kaspersky pure 2.0\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - J:\Kaspersky pure 2.0\klwtbbho.dll (Kaspersky Lab ZAO)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16:[b]64bit:[/b] - DPF: {AEA3991E-3109-4C98-989E-33994FEB1A91} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri64_4.4.26.0.cab (SysInfo Class)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Key error.)
O16:[b]64bit:[/b] - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.24.16.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88717523-08C9-4712-9CFA-709E579A8C23}: DhcpNameServer = 172.24.16.2
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - J:\Ofice 2010 Plu\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-03-31 10:08:02 | 000,000,082 | R--- | M] () - E:\Autorun.inf -- [ UDF ]
O32 - AutoRun File - [2012-03-01 15:43:08 | 000,000,000 | ---D | M] - M:\Automatycznie dodaj do iTunes -- [ NTFS ]
O32 - AutoRun File - [2011-05-09 17:35:02 | 000,000,000 | -HSD | M] - X:\AUTORUN -- [ NTFS ]
O32 - AutoRun File - [2011-05-09 17:35:02 | 000,000,000 | -HSD | M] - X:\AUTORUN -- [ NTFS ]
O33 - MountPoints2\{91791c3d-cbec-11e0-b4fa-00241dd78d31}\Shell - "" = AutoRun
O33 - MountPoints2\{91791c3d-cbec-11e0-b4fa-00241dd78d31}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{91791c51-cbec-11e0-b4fa-00241dd78d31}\Shell - "" = AutoRun
O33 - MountPoints2\{91791c51-cbec-11e0-b4fa-00241dd78d31}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{91791c5c-cbec-11e0-b4fa-00241dd78d31}\Shell - "" = AutoRun
O33 - MountPoints2\{91791c5c-cbec-11e0-b4fa-00241dd78d31}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{b448cc4e-cbcb-11e0-8737-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{b448cc4e-cbcb-11e0-8737-806e6f6e6963}\Shell\AutoRun\command - "" = E:\cda_menu.exe -- [2010-08-03 14:51:45 | 004,685,312 | R--- | M] ()
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-07-06 19:21:22 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\RedDragonFire\Desktop\OTL.exe
[2012-07-06 18:59:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012-07-06 18:59:30 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012-07-06 11:29:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky PURE 2.0
[2012-07-06 11:29:35 | 000,085,048 | ---- | C] (Infowatch) -- C:\Windows\SysNative\drivers\CSCrySec.sys
[2012-07-06 11:29:35 | 000,066,104 | ---- | C] (Infowatch) -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys
[2012-07-06 11:29:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InfoWatch
[2012-07-06 11:29:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012-07-06 11:29:01 | 000,639,280 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2012-07-05 19:16:15 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2012-07-05 19:15:54 | 002,605,400 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2012-07-05 19:15:54 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2012-07-05 19:15:54 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2012-07-05 19:15:54 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2012-07-05 19:15:54 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2012-07-05 19:15:52 | 002,674,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2012-07-05 19:15:52 | 001,560,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2012-07-05 19:15:51 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2012-07-05 19:15:50 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2012-07-05 19:15:50 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2012-07-05 19:15:49 | 003,615,888 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2012-07-05 19:15:49 | 000,869,520 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2012-07-05 19:15:49 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2012-07-05 19:15:49 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2012-07-05 19:15:49 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2012-07-05 19:15:49 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2012-07-05 19:15:48 | 001,262,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2012-07-05 19:15:48 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012-07-05 19:15:48 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012-07-05 19:15:46 | 000,105,616 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2012-07-05 19:15:38 | 000,083,072 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBWrp64.dll
[2012-07-05 19:15:37 | 000,897,152 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBAPO64.dll
[2012-07-05 19:15:37 | 000,753,280 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBAPO32.dll
[2012-07-05 19:15:37 | 000,065,112 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBppld64.dll
[2012-07-05 19:15:37 | 000,060,504 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBPPCn64.dll
[2012-07-05 19:15:31 | 002,131,288 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2012-07-05 19:15:29 | 001,015,640 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2012-07-05 19:15:29 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2012-07-05 19:15:14 | 002,533,952 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012-07-05 19:15:01 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2012-07-05 19:15:00 | 000,202,336 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2012-07-05 13:11:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Genius Professional Edition
[2012-07-05 13:11:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver-Soft
[2012-07-04 21:58:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Screen To Video
[2012-07-04 21:58:43 | 000,000,000 | ---D | C] -- C:\Users\RedDragonFire\AppData\Roaming\FreeScreenToVideo
[2012-07-04 21:58:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Screen To Video
[2012-07-04 13:28:00 | 000,000,000 | ---D | C] -- C:\Users\RedDragonFire\AppData\Local\Daedalic Entertainment
[2012-07-04 12:16:48 | 000,000,000 | ---D | C] -- C:\Users\RedDragonFire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2012-07-04 12:16:04 | 000,000,000 | ---D | C] -- C:\Users\RedDragonFire\AppData\Local\Deployment
[2012-07-04 08:43:52 | 000,000,000 | ---D | C] -- C:\Users\RedDragonFire\Desktop\Driver Genius Professional.ACT.DownServ.Com
[2012-07-03 14:22:34 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012-07-03 14:22:34 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012-07-03 11:05:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012-07-03 11:05:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012-07-02 14:32:48 | 000,050,704 | ---- | C] (CACE Technologies, Inc.) -- C:\Windows\SysWow64\drivers\npf.sys
[2012-07-02 14:32:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aHisoft
[2012-06-30 20:30:46 | 000,000,000 | ---D | C] -- C:\Users\RedDragonFire\AppData\Roaming\Opera
[2012-06-30 20:30:46 | 000,000,000 | ---D | C] -- C:\Users\RedDragonFire\AppData\Local\Opera
[2012-06-29 19:16:35 | 000,000,000 | ---D | C] -- C:\Users\RedDragonFire\Desktop\Redakai w poszukiwaniu kairu
[2012-06-26 19:10:41 | 000,000,000 | ---D | C] -- C:\Users\RedDragonFire\Desktop\Nowy folder
[2012-06-26 19:09:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games
[2012-06-26 17:05:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Rockstar Games
[2012-06-24 21:47:18 | 000,708,200 | ---- | C] (Realtek                                            ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2012-06-24 21:47:18 | 000,074,344 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll
[2012-06-24 21:04:59 | 000,000,000 | ---D | C] -- C:\Users\RedDragonFire\AppData\Local\Chromium
[2012-06-23 13:46:58 | 000,000,000 | ---D | C] -- C:\Users\RedDragonFire\Desktop\Ben ultimate Alien
[2012-06-22 16:19:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012-06-22 16:19:29 | 000,772,592 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012-06-22 16:19:29 | 000,227,824 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012-06-22 14:53:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Spigot
[2012-06-22 14:51:56 | 000,000,000 | ---D | C] -- C:\ProgramData\YTD YouTube Downloader & Converter
[2012-06-22 14:51:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD YouTube Downloader & Converter
[2012-06-22 14:51:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GreenTree Applications
[2012-06-22 11:47:08 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012-06-22 11:47:08 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012-06-22 11:47:08 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012-06-22 11:47:02 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012-06-22 11:47:02 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012-06-22 11:47:02 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012-06-22 11:46:56 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012-06-22 11:46:56 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012-06-21 12:34:46 | 000,000,000 | ---D | C] -- C:\Users\RedDragonFire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Daum
[2012-06-20 20:14:16 | 000,000,000 | ---D | C] -- C:\Users\RedDragonFire\AppData\Roaming\Tropico 3
[2012-06-20 20:02:36 | 000,000,000 | ---D | C] -- C:\Users\RedDragonFire\AppData\Local\Macromedia
[2012-06-20 19:59:13 | 000,000,000 | ---D | C] -- C:\Users\RedDragonFire\AppData\Roaming\InstallShield
[2012-06-20 19:37:48 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012-06-20 19:37:48 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012-06-20 19:37:48 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012-06-20 19:37:48 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012-06-20 19:37:47 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012-06-20 19:37:47 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012-06-20 19:37:47 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012-06-20 19:37:47 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012-06-20 19:37:46 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012-06-20 19:37:46 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012-06-20 19:37:46 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012-06-20 19:37:46 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012-06-20 19:37:45 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012-06-20 18:39:22 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012-06-20 18:39:22 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012-06-20 18:39:22 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012-06-20 18:39:17 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012-06-20 18:39:16 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012-06-20 18:39:16 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012-06-20 18:39:12 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2012-06-20 18:39:10 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012-06-20 18:39:07 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012-06-20 18:39:07 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012-06-07 08:18:01 | 000,154,272 | ---- | C] (Tonec Inc.) -- C:\Windows\SysNative\drivers\idmwfp.sys
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-07-06 19:20:40 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\RedDragonFire\Desktop\OTL.exe
[2012-07-06 19:09:03 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-07-06 18:59:31 | 000,000,644 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-07-06 11:50:56 | 000,043,020 | ---- | M] () -- C:\Users\RedDragonFire\Desktop\Przechwytywanie.PNG
[2012-07-06 11:45:49 | 000,108,138 | ---- | M] () -- C:\Users\RedDragonFire\Desktop\kacperv.jpg
[2012-07-06 11:36:03 | 000,528,504 | ---- | M] () -- C:\Users\RedDragonFire\Desktop\KAcper.jpg
[2012-07-06 11:30:01 | 000,152,233 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat
[2012-07-06 11:30:01 | 000,107,177 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat
[2012-07-06 11:29:01 | 000,639,280 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2012-07-06 11:27:37 | 000,021,200 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-07-06 11:27:37 | 000,021,200 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-07-06 11:20:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-07-06 11:20:02 | 3217,678,336 | -HS- | M] () -- C:\hiberfil.sys
[2012-07-05 13:11:56 | 000,001,217 | ---- | M] () -- C:\Users\RedDragonFire\Desktop\Driver Genius Professional Edition.lnk
[2012-07-04 21:58:44 | 000,001,144 | ---- | M] () -- C:\Users\RedDragonFire\Desktop\Free Screen To Video.lnk
[2012-07-04 21:58:04 | 000,001,180 | ---- | M] () -- C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk
[2012-07-04 21:18:33 | 072,286,268 | ---- | M] () -- C:\Users\RedDragonFire\Desktop\Husband makes wife feel like a  - XNXXCOM.flv
[2012-07-04 19:15:13 | 000,055,456 | ---- | M] () -- C:\Users\RedDragonFire\Desktop\Passwords Database.pws
[2012-07-04 18:26:41 | 000,010,995 | ---- | M] () -- C:\Users\RedDragonFire\Desktop\Verba.m3u
[2012-07-04 13:17:32 | 000,000,646 | ---- | M] () -- C:\Users\Public\Desktop\A NEW BEGINNING - ODRODZENIE.lnk
[2012-07-04 12:16:48 | 000,000,346 | ---- | M] () -- C:\Users\RedDragonFire\Desktop\MMDoC-PDCLive Launcher.appref-ms
[2012-07-03 15:47:01 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2012-07-03 15:47:01 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2012-07-03 15:47:01 | 000,122,904 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2012-07-03 15:47:01 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2012-07-03 15:47:00 | 000,002,113 | ---- | M] () -- C:\Users\Public\Desktop\WinDS PRO.lnk
[2012-07-03 11:09:22 | 000,000,593 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-07-03 10:59:58 | 000,010,662 | ---- | M] () -- C:\Users\RedDragonFire\Desktop\bookmarks-2012-07-03.json
[2012-07-02 14:32:48 | 000,000,680 | ---- | M] () -- C:\Users\Public\Desktop\Video Download Studio.lnk
[2012-06-30 20:30:40 | 000,000,452 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2012-06-27 15:19:38 | 000,000,736 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012-06-26 19:20:11 | 000,001,966 | ---- | M] () -- C:\Users\RedDragonFire\Documents\ax_files.xml
[2012-06-26 10:46:08 | 000,016,158 | ---- | M] () -- C:\Users\RedDragonFire\Desktop\bookmarks.html
[2012-06-25 22:00:55 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-06-23 13:42:12 | 000,073,728 | ---- | M] () -- C:\Users\RedDragonFire\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-06-22 16:19:11 | 000,772,592 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012-06-22 16:19:11 | 000,687,600 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012-06-22 16:19:11 | 000,227,824 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012-06-22 16:19:11 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012-06-22 16:19:11 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012-06-22 15:33:21 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-06-22 15:33:21 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-06-22 15:02:18 | 000,269,825 | ---- | M] () -- C:\Users\RedDragonFire\Desktop\http___s.ytimg.com_yt_swfbin_watch_as3-vflTL1Rpm.swf
[2012-06-22 14:51:55 | 000,001,427 | ---- | M] () -- C:\Users\Public\Desktop\YTD YouTube Downloader & Converter.lnk
[2012-06-21 12:43:16 | 000,000,608 | ---- | M] () -- C:\Users\Public\Desktop\PotPlayer x64.lnk
[2012-06-21 12:35:23 | 000,000,648 | ---- | M] () -- C:\Users\RedDragonFire\Desktop\PotPlayer x64 Playback Only.lnk
[2012-06-21 12:35:23 | 000,000,624 | ---- | M] () -- C:\Users\RedDragonFire\Desktop\PotPlayer x64.lnk
[2012-06-20 19:56:00 | 004,979,152 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-06-20 19:47:20 | 001,681,786 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-06-20 19:47:20 | 000,737,730 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-06-20 19:47:20 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-06-20 19:47:20 | 000,154,418 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-06-20 19:47:20 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-06-19 13:31:00 | 000,293,889 | ---- | M] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2012-06-08 16:23:58 | 000,083,072 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBWrp64.dll
[2012-06-08 16:21:18 | 000,897,152 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBAPO64.dll
[2012-06-08 16:21:18 | 000,753,280 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBAPO32.dll
[2012-06-08 16:18:46 | 003,615,888 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-07-06 18:59:31 | 000,000,644 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-07-06 11:50:56 | 000,043,020 | ---- | C] () -- C:\Users\RedDragonFire\Desktop\Przechwytywanie.PNG
[2012-07-06 11:45:48 | 000,108,138 | ---- | C] () -- C:\Users\RedDragonFire\Desktop\kacperv.jpg
[2012-07-06 11:36:03 | 000,528,504 | ---- | C] () -- C:\Users\RedDragonFire\Desktop\KAcper.jpg
[2012-07-06 11:30:01 | 000,152,233 | ---- | C] () -- C:\Windows\SysNative\drivers\klin.dat
[2012-07-06 11:30:01 | 000,107,177 | ---- | C] () -- C:\Windows\SysNative\drivers\klick.dat
[2012-07-05 19:15:48 | 000,293,889 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2012-07-05 13:11:56 | 000,001,217 | ---- | C] () -- C:\Users\RedDragonFire\Desktop\Driver Genius Professional Edition.lnk
[2012-07-04 21:58:44 | 000,001,144 | ---- | C] () -- C:\Users\RedDragonFire\Desktop\Free Screen To Video.lnk
[2012-07-04 21:58:04 | 000,001,180 | ---- | C] () -- C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk
[2012-07-04 21:05:51 | 072,286,268 | ---- | C] () -- C:\Users\RedDragonFire\Desktop\Husband makes wife feel like a  - XNXXCOM.flv
[2012-07-04 19:15:05 | 000,055,456 | ---- | C] () -- C:\Users\RedDragonFire\Desktop\Passwords Database.pws
[2012-07-04 18:26:41 | 000,010,995 | ---- | C] () -- C:\Users\RedDragonFire\Desktop\Verba.m3u
[2012-07-04 13:17:32 | 000,000,646 | ---- | C] () -- C:\Users\Public\Desktop\A NEW BEGINNING - ODRODZENIE.lnk
[2012-07-04 12:16:48 | 000,000,346 | ---- | C] () -- C:\Users\RedDragonFire\Desktop\MMDoC-PDCLive Launcher.appref-ms
[2012-07-04 08:58:11 | 002,007,040 | ---- | C] () -- C:\Users\RedDragonFire\Desktop\Patch.EXE
[2012-07-03 14:34:43 | 000,002,113 | ---- | C] () -- C:\Users\Public\Desktop\WinDS PRO.lnk
[2012-07-03 11:09:22 | 000,000,593 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-07-03 11:09:22 | 000,000,593 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012-07-03 10:59:58 | 000,010,662 | ---- | C] () -- C:\Users\RedDragonFire\Desktop\bookmarks-2012-07-03.json
[2012-07-02 14:32:48 | 000,000,680 | ---- | C] () -- C:\Users\Public\Desktop\Video Download Studio.lnk
[2012-06-30 20:30:40 | 000,000,452 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2012-06-30 20:30:40 | 000,000,452 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2012-06-27 15:19:38 | 000,000,736 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012-06-26 10:46:08 | 000,016,158 | ---- | C] () -- C:\Users\RedDragonFire\Desktop\bookmarks.html
[2012-06-22 15:02:17 | 000,269,825 | ---- | C] () -- C:\Users\RedDragonFire\Desktop\http___s.ytimg.com_yt_swfbin_watch_as3-vflTL1Rpm.swf
[2012-06-22 14:51:55 | 000,001,427 | ---- | C] () -- C:\Users\Public\Desktop\YTD YouTube Downloader & Converter.lnk
[2012-06-21 12:43:16 | 000,000,608 | ---- | C] () -- C:\Users\Public\Desktop\PotPlayer x64.lnk
[2012-06-21 12:35:23 | 000,000,648 | ---- | C] () -- C:\Users\RedDragonFire\Desktop\PotPlayer x64 Playback Only.lnk
[2012-06-21 12:35:23 | 000,000,624 | ---- | C] () -- C:\Users\RedDragonFire\Desktop\PotPlayer x64.lnk
[2012-06-20 23:14:22 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-05-26 21:40:42 | 002,668,032 | ---- | C] () -- C:\Windows\SysWow64\elsword.exe
[2012-05-26 21:24:24 | 000,017,408 | ---- | C] () -- C:\Users\RedDragonFire\AppData\Local\WebpageIcons.db
[2012-05-15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012-04-06 10:03:13 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2012-02-27 16:31:09 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012-02-27 16:31:09 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012-02-27 16:31:08 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012-02-12 21:36:06 | 000,000,000 | ---- | C] () -- C:\Users\RedDragonFire\AppData\Roaming\initdebug.nfo
[2012-01-26 23:47:46 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2012-01-18 17:31:10 | 000,000,131 | ---- | C] () -- C:\Windows\EurekaLog.ini
[2012-01-18 17:29:09 | 000,210,032 | ---- | C] () -- C:\Windows\SysWow64\DBCLIENT.DLL
[2012-01-14 15:25:03 | 000,716,813 | ---- | C] () -- C:\Windows\unins000.exe
[2012-01-14 15:25:03 | 000,158,056 | ---- | C] () -- C:\Windows\unins000.dat
[2011-12-22 21:36:11 | 000,010,498 | ---- | C] () -- C:\Windows\Q-Dir.ini
[2011-12-05 18:41:43 | 000,005,023 | ---- | C] () -- C:\ProgramData\mxnhytee.feu
[2011-11-15 20:12:30 | 000,026,489 | ---- | C] () -- C:\Windows\scunin.dat
[2011-10-01 09:41:31 | 001,637,758 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011-09-11 10:50:30 | 000,172,109 | ---- | C] () -- C:\Windows\hpoins29.dat
[2011-09-11 10:50:30 | 000,000,457 | ---- | C] () -- C:\Windows\hpomdl29.dat
[2011-09-04 10:55:32 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
[2011-08-30 19:52:24 | 000,007,600 | ---- | C] () -- C:\Users\RedDragonFire\AppData\Local\Resmon.ResmonCfg
[2011-08-30 10:07:18 | 000,000,600 | ---- | C] () -- C:\Users\RedDragonFire\AppData\Roaming\winscp.rnd
[2011-08-21 19:34:02 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI
[2011-08-21 19:19:40 | 000,073,728 | ---- | C] () -- C:\Users\RedDragonFire\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-08-21 14:45:58 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011-08-23 16:25:42 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\aHisoft
[2012-07-06 10:28:07 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\AIMP3
[2012-04-16 12:32:25 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\Ashampoo
[2011-11-30 16:57:23 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\Azureus
[2012-06-20 20:19:49 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\BESTplayer
[2011-12-21 15:13:03 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\BitComet
[2011-08-23 12:11:06 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\Boilsoft
[2011-12-11 17:24:34 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\BSplayer
[2011-12-10 20:17:01 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\BSplayer Pro
[2011-11-22 14:41:35 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\Complitly
[2011-10-01 14:52:56 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\CreateInstall Free
[2012-07-06 19:26:42 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\DMCache
[2011-12-29 16:31:28 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\Download Master
[2011-10-04 14:58:42 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\ErnestColt
[2012-01-24 21:39:52 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\FileZilla
[2011-12-18 13:12:13 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\FOG Downloader
[2011-09-09 13:15:39 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\FreeArc
[2011-08-31 14:28:04 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\FreeFileSync
[2012-07-04 23:24:34 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\FreeScreenToVideo
[2012-02-28 22:33:47 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\Gadu-Gadu 10
[2012-07-06 19:27:06 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\GG
[2011-09-02 18:37:36 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\GHISLER
[2012-05-07 10:45:17 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\HellShare Upload Manager
[2012-07-05 18:21:59 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\IDM
[2012-01-17 12:27:37 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\ipla
[2012-06-02 11:52:07 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\IrfanView
[2011-10-14 20:44:36 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\Kalypso Media
[2011-11-25 18:51:31 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\Mount&Blade With Fire and Sword
[2011-08-23 15:53:31 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\Moyea
[2012-04-19 15:05:57 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\NapiProjekt
[2012-06-30 20:30:46 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\Opera
[2011-11-17 17:26:04 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\Origin
[2011-08-21 15:16:46 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\PLAY ONLINE
[2011-12-22 23:17:57 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\Q-Dir
[2011-09-14 17:33:32 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\RedDotGames
[2012-05-29 19:38:11 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\Subtitle Edit
[2012-06-25 15:41:15 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\Thunderbird
[2012-06-20 20:26:47 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\Tropico 3
[2011-11-23 16:46:52 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\Ubisoft
[2012-07-05 19:11:58 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\uTorrent
[2012-05-31 12:23:06 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\VitySoft
[2011-11-27 12:43:53 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\wargaming.net
[2011-12-11 18:37:27 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\We Open Eyes
[2011-12-21 16:09:13 | 000,000,000 | ---D | M] -- C:\Users\RedDragonFire\AppData\Roaming\WinAVI
[2012-07-05 09:56:58 | 000,002,242 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
< End of report >
 
Wygenerowano w 0.420s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!