OTL logfile created on: 2014-02-21 16:42:47 - Run 6 OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Ja\Downloads Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,25 Gb Total Physical Memory | 2,03 Gb Available Physical Memory | 62,40% Memory free 6,49 Gb Paging File | 5,19 Gb Available in Paging File | 79,89% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 465,66 Gb Total Space | 93,87 Gb Free Space | 20,16% Space Free | Partition Type: NTFS Computer Name: JA-KOMPUTER | User Name: Ja | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 180 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-02-16 08:46:51 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2014-02-04 14:56:50 | 001,677,648 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe PRC - [2014-02-04 10:37:28 | 000,375,056 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe PRC - [2013-12-06 21:51:54 | 000,209,408 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2013-12-06 16:04:32 | 000,276,992 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe PRC - [2013-11-18 21:59:36 | 000,590,352 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgcsrvx.exe PRC - [2013-11-11 22:02:14 | 003,478,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe PRC - [2013-11-07 22:03:50 | 004,956,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgui.exe PRC - [2013-11-07 22:00:48 | 000,680,976 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgemcx.exe PRC - [2013-10-28 23:24:02 | 000,729,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgrsx.exe PRC - [2013-10-28 23:17:36 | 000,892,976 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgnsx.exe PRC - [2013-09-24 01:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe PRC - [2013-09-05 15:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013-05-05 22:32:56 | 000,388,352 | ---- | M] (Scarlet.Crush Productions) -- C:\ScpServer\bin\ScpService.exe PRC - [2012-08-02 10:06:51 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Ja\Downloads\OTL.exe PRC - [2010-11-20 03:17:48 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010-11-20 03:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014-02-16 08:46:51 | 003,578,992 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2014-02-16 08:46:51 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014-02-04 14:56:50 | 001,677,648 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2014-02-04 10:37:28 | 000,375,056 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc) SRV - [2013-12-11 20:40:36 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2013-12-11 18:04:31 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013-12-06 21:51:54 | 000,209,408 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2013-12-06 16:04:32 | 000,276,992 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV - [2013-11-11 22:02:14 | 003,478,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent) SRV - [2013-09-24 01:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe -- (avgwd) SRV - [2013-09-05 15:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013-09-05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013-05-28 16:49:13 | 000,049,152 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\BattlEye\BEService.exe -- (BEService) SRV - [2013-05-05 22:32:56 | 000,388,352 | ---- | M] (Scarlet.Crush Productions) [Auto | Running] -- C:\ScpServer\bin\ScpService.exe -- (Ds3Service) SRV - [2012-01-18 13:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion) SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva407.sys -- (XDva407) DRV - File not found [File_System | On_Demand | Stopped] -- C:\gry\Game Booster 3\Driver\WinRing0.sys -- (WinRing0_1_2_0) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt) DRV - [2013-12-06 22:51:04 | 011,527,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2013-12-06 22:51:04 | 011,527,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2013-12-06 21:20:32 | 000,501,248 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2013-11-05 21:50:48 | 000,120,600 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgdiskx.sys -- (Avgdiskx) DRV - [2013-11-04 21:57:30 | 000,209,176 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver) DRV - [2013-10-31 23:00:28 | 000,176,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2013-10-31 22:30:08 | 000,222,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx) DRV - [2013-10-24 22:28:32 | 000,147,768 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX) DRV - [2013-10-01 00:49:38 | 000,102,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2013-09-24 15:52:20 | 000,077,312 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService) DRV - [2013-09-19 23:05:04 | 000,050,432 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys -- (AODDriver4.2.0) DRV - [2013-09-17 00:57:26 | 000,022,840 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim) DRV - [2013-09-10 00:43:20 | 000,027,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86) DRV - [2013-08-01 15:08:52 | 000,193,848 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2013-05-05 22:32:48 | 000,033,024 | ---- | M] (Scarlet.Crush Productions) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ScpVBus.sys -- (ScpVBus) DRV - [2013-03-30 16:56:56 | 000,279,712 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2013-03-30 16:56:55 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2013-01-06 15:54:16 | 000,023,456 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DrvAgent32.sys -- (DrvAgent32) DRV - [2012-06-09 11:25:41 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2011-12-23 10:52:10 | 000,090,736 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) DRV - [2010-11-20 03:30:16 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010-11-20 03:30:16 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010-11-20 03:30:16 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010-11-20 01:24:42 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010-11-20 01:21:16 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2010-11-20 01:06:38 | 000,117,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST) DRV - [2010-11-20 00:59:46 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010-11-20 00:14:46 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010-11-20 00:14:42 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2010-08-23 16:31:08 | 000,011,456 | R--- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsIO.sys -- (AsIO) DRV - [2010-05-20 16:27:44 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) DRV - [2010-03-01 10:43:16 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039bus.sys -- (s1039bus) DRV - [2010-03-01 10:43:12 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdm.sys -- (s1039mdm) DRV - [2010-03-01 10:43:12 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mgmt.sys -- (s1039mgmt) DRV - [2010-03-01 10:43:12 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039obex.sys -- (s1039obex) DRV - [2010-03-01 10:43:12 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdfl.sys -- (s1039mdfl) DRV - [2010-03-01 10:43:10 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039unic.sys -- (s1039unic) DRV - [2010-03-01 10:43:10 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039nd5.sys -- (s1039nd5) DRV - [2010-01-27 03:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf) DRV - [2009-07-17 12:36:30 | 000,013,216 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor) DRV - [2009-03-25 16:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm) DRV - [2009-03-25 16:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic) DRV - [2009-03-25 16:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt) DRV - [2009-03-25 16:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex) DRV - [2009-03-25 16:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus) DRV - [2009-03-25 16:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5) DRV - [2009-03-25 16:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl) DRV - [2009-03-18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2009-02-03 16:36:58 | 000,059,000 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01) DRV - [2006-06-14 15:56:56 | 000,013,680 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis.com/web/?type=ds&ts=1388523169&from=cor&uid=WDCXWD5000AZRX-00A8LB0_WD-WMC1U377518675186&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis.com/web/?type=ds&ts=1388523169&from=cor&uid=WDCXWD5000AZRX-00A8LB0_WD-WMC1U377518675186&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si=43251&st=home&tid=3623&ver=3.1&ts=1367846070841&tguid=43251-3623-1367846070841-BECAC9D111A3B10EA8652BBA783B3F73 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.bing.com/search?q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si=43251&st=chrome&tid=3623&ver=3.1&ts=1367846070841&tguid=43251-3623-1367846070841-BECAC9D111A3B10EA8652BBA783B3F73&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si=43251&st=chrome&tid=3623&ver=3.1&ts=1367846070841&tguid=43251-3623-1367846070841-BECAC9D111A3B10EA8652BBA783B3F73&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/search?q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si=43251&st=home&tid=3623&ver=3.1&ts=1367846070841&tguid=43251-3623-1367846070841-BECAC9D111A3B10EA8652BBA783B3F73 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si=43251&st=home&tid=3623&ver=3.1&ts=1367846070841&tguid=43251-3623-1367846070841-BECAC9D111A3B10EA8652BBA783B3F73 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.certified-toolbar.com?si=43251&st=bs&tid=3623&ver=3.1&ts=1367846070841&tguid=43251-3623-1367846070841-BECAC9D111A3B10EA8652BBA783B3F73&q={searchTerms} IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.certified-toolbar.com?si=43251&st=bs&tid=3623&ver=2.9&ts=1367846070841&tguid=43251-3623-1367846070841-BECAC9D111A3B10EA8652BBA783B3F73&q={searchTerms} IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.mocaflix.com/?l=1&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis.com/web/?type=ds&ts=1388523169&from=cor&uid=WDCXWD5000AZRX-00A8LB0_WD-WMC1U377518675186&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis.com/web/?type=ds&ts=1388523169&from=cor&uid=WDCXWD5000AZRX-00A8LB0_WD-WMC1U377518675186&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certified-toolbar.com?si=43251&st=home&tid=3623&ver=3.1&ts=1367846070841&tguid=43251-3623-1367846070841-BECAC9D111A3B10EA8652BBA783B3F73 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certified-toolbar.com?si=43251&st=chrome&tid=3623&ver=3.1&ts=1367846070841&tguid=43251-3623-1367846070841-BECAC9D111A3B10EA8652BBA783B3F73&q= IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certified-toolbar.com?si=43251&st=chrome&tid=3623&ver=3.1&ts=1367846070841&tguid=43251-3623-1367846070841-BECAC9D111A3B10EA8652BBA783B3F73&q= IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certified-toolbar.com?si=43251&st=home&tid=3623&ver=3.1&ts=1367846070841&tguid=43251-3623-1367846070841-BECAC9D111A3B10EA8652BBA783B3F73 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certified-toolbar.com?si=43251&st=home&tid=3623&ver=3.1&ts=1367846070841&tguid=43251-3623-1367846070841-BECAC9D111A3B10EA8652BBA783B3F73 IE - HKCU\..\SearchScopes,DefaultScope = {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.certified-toolbar.com?si=43251&st=bs&tid=3623&ver=2.9&ts=1367846070841&tguid=43251-3623-1367846070841-BECAC9D111A3B10EA8652BBA783B3F73&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npnxgameEU.dll (Nexon) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Ja\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014-02-16 08:46:48 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-05-11 19:36:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ja\AppData\Roaming\mozilla\Extensions [2014-02-13 18:42:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ja\AppData\Roaming\mozilla\Firefox\Profiles\g3rd9gbx.default-1369740492541\extensions [2014-02-16 08:46:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2014-02-16 08:46:51 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://search.certified-toolbar.com?si=43251&st=home&tid=3623&ver=3.1&ts=1367846070841&tguid=43251-3623-1367846070841-BECAC9D111A3B10EA8652BBA783B3F73 CHR - Extension: No name found = C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\dghejoldgoiogjolgdkdeehnldkoaoif\1\ CHR - Extension: No name found = C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\hggpkhijoeadmdfmlbdepfbngmhaldci\3.5.0.0_0\ O1 HOSTS File: ([2014-01-02 13:10:09 | 000,000,870 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 64.120.230.218 karachan.org www.karachan.org O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices) O2 - BHO: (continueytoesaave) - {6CF4BCD6-4A43-F5EF-E8B0-7A22F9D7E0A2} - C:\ProgramData\continueytoesaave\513de073a1a4a.dll File not found O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [AVG-Secure-Search-Update_0913b] C:\Users\Ja\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid 7428941a924b47d0b54f19294685dba0-5ec0df5c7ad297c48671080a2d9e94ef07673fe6 --CMPID 0913b File not found O4 - HKCU..\Run: [Raptr] C:\Program Files\Raptr\raptrstub.exe (Raptr, Inc) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: 4game.com ([]https in Trusted sites) O15 - HKCU\..Trusted Ranges: Range1 ([https] in Trusted sites) O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 10.51.2) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.51.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B27168B0-80C1-457C-802D-890670BEFE64}: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{76e66cb8-0549-11e2-9066-c86000613253}\Shell - "" = AutoRun O33 - MountPoints2\{76e66cb8-0549-11e2-9066-c86000613253}\Shell\AutoRun\command - "" = H:\setup.exe O33 - MountPoints2\{e1e9711a-ac6b-11e1-b035-c86000613253}\Shell - "" = AutoRun O33 - MountPoints2\{e1e9711a-ac6b-11e1-b035-c86000613253}\Shell\AutoRun\command - "" = G:\Startme.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 180 Days ==========[/color] [2014-02-21 14:29:23 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Joymax [2014-02-20 20:21:56 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Roaming\savedata [2014-02-20 20:21:56 | 000,000,000 | ---D | C] -- C:\Users\Ja\Documents\g-senjou no maou english savedata [2014-02-20 17:11:30 | 000,000,000 | ---D | C] -- C:\Program Files\Sapphire TRIXX [2014-02-20 15:38:17 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2014-02-20 15:37:45 | 000,000,000 | ---D | C] -- C:\Program Files\AMD AVT [2014-02-20 15:37:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center [2014-02-20 15:23:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache [2014-02-20 15:19:28 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved [2014-02-20 15:19:18 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Roaming\library_dir [2014-02-20 15:19:07 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Roaming\Raptr [2014-02-20 15:18:51 | 000,000,000 | ---D | C] -- C:\Program Files\Raptr [2014-02-20 11:19:43 | 000,000,000 | ---D | C] -- C:\Users\Ja\Documents\Vindictus EU [2014-02-20 10:59:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon [2014-02-20 09:39:13 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Local\Akamai [2014-02-16 08:46:47 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2014-02-09 15:39:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pokemon ROM Downloader [2014-02-09 15:39:55 | 000,000,000 | ---D | C] -- C:\Program Files\Pokemon ROM Downloader [2014-02-05 13:39:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2014-02-05 13:39:36 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi [2014-01-31 20:13:52 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2014-01-31 20:13:48 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2014-01-31 20:13:48 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe [2014-01-31 20:13:48 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2014-01-30 20:09:54 | 000,000,000 | ---D | C] -- C:\Users\Ja\Documents\Witcher 2 [2014-01-30 20:09:54 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Local\The Witcher 2 [2014-01-10 18:19:34 | 000,000,000 | ---D | C] -- C:\Users\Ja\Application Data [2014-01-03 21:07:29 | 000,000,000 | ---D | C] -- C:\Games [2014-01-03 21:06:13 | 000,000,000 | ---D | C] -- C:\Program Files\Nexus Mod Manager [2014-01-03 20:50:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TSEV Skyrim LE [2014-01-03 14:01:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S4League [2014-01-01 14:00:07 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2013-12-31 22:07:56 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Local\Vidalia [2013-12-31 22:04:45 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Roaming\tor [2013-12-31 21:53:44 | 000,000,000 | ---D | C] -- C:\Users\Ja\.android [2013-12-31 21:53:43 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Local\cache [2013-12-31 21:53:42 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Local\genienext [2013-12-31 21:53:41 | 000,000,000 | ---D | C] -- C:\Users\Ja\Documents\Mobogenie [2013-12-31 21:53:41 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Local\Mobogenie [2013-12-31 21:53:10 | 000,000,000 | ---D | C] -- C:\ProgramData\WPM [2013-12-31 21:53:00 | 000,000,000 | ---D | C] -- C:\Program Files\Mobogenie [2013-12-31 21:44:17 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Roaming\QtProject [2013-12-31 21:40:22 | 000,000,000 | ---D | C] -- C:\Qt [2013-12-31 19:58:22 | 000,000,000 | ---D | C] -- C:\tor [2013-12-30 14:18:30 | 000,000,000 | ---D | C] -- C:\Users\Ja\.rscrevolution [2013-12-30 13:59:46 | 000,000,000 | ---D | C] -- C:\Users\Ja\RSCEmulation [2013-12-10 21:07:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drive Rescue [2013-12-10 21:07:55 | 000,000,000 | ---D | C] -- C:\Program Files\Drive Rescue [2013-12-10 14:33:20 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Roaming\Sony Creative Software Inc [2013-12-07 09:26:38 | 000,000,000 | ---D | C] -- C:\mu [2013-12-06 23:08:00 | 000,142,304 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\amdhcp32.dll [2013-12-06 23:06:50 | 000,071,704 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll [2013-12-06 23:06:50 | 000,071,704 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll [2013-12-06 22:51:04 | 011,527,680 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmdag.sys [2013-12-06 22:38:28 | 000,083,968 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\OpenVideo.dll [2013-12-06 22:38:18 | 000,073,728 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\OVDecode.dll [2013-12-06 22:35:36 | 024,860,160 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\amdocl.dll [2013-12-06 22:33:24 | 000,057,344 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2013-12-06 22:26:40 | 000,114,688 | ---- | C] (AMD) -- C:\Windows\System32\coinst_13.251.dll [2013-12-06 22:13:02 | 000,368,640 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe [2013-12-06 22:12:50 | 000,052,224 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll [2013-12-06 22:12:40 | 000,049,152 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll [2013-12-06 22:09:18 | 014,302,208 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll [2013-12-06 21:58:50 | 022,157,824 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll [2013-12-06 21:53:08 | 000,030,720 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll [2013-12-06 21:52:36 | 000,493,056 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe [2013-12-06 21:51:54 | 000,209,408 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe [2013-12-06 21:50:28 | 000,164,352 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll [2013-12-06 21:22:48 | 000,090,112 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdave32.dll [2013-12-06 21:22:34 | 000,080,896 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atisamu32.dll [2013-12-06 21:22:08 | 000,069,632 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll [2013-12-06 21:21:54 | 000,096,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll [2013-12-06 21:20:32 | 000,501,248 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys [2013-12-06 21:18:12 | 000,043,520 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\ati2erec.dll [2013-12-05 22:00:42 | 000,000,000 | ---D | C] -- C:\Users\Ja\Desktop\Nowy folder (2) [2013-11-26 13:31:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [2013-11-24 12:28:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [2013-11-24 09:41:17 | 000,000,000 | ---D | C] -- C:\Program Files\4game [2013-11-23 12:04:10 | 000,000,000 | ---D | C] -- C:\Users\Ja\Documents\EA Games [2013-11-23 12:03:50 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll [2013-11-20 17:12:28 | 000,000,000 | ---D | C] -- C:\Users\Ja\Documents\The Witcher [2013-11-20 17:12:28 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Local\The Witcher [2013-11-14 17:55:53 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Roaming\Nero [2013-11-14 17:54:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero [2013-11-14 17:54:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero [2013-11-14 17:54:39 | 000,000,000 | ---D | C] -- C:\Program Files\Nero [2013-11-14 17:54:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero [2013-11-12 21:05:12 | 000,033,024 | ---- | C] (Scarlet.Crush Productions) -- C:\Windows\System32\drivers\ScpVBus.sys [2013-11-12 21:05:11 | 001,461,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01009.dll [2013-11-12 21:05:11 | 000,851,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinUSBCoInstaller2.dll [2013-11-12 21:02:24 | 000,000,000 | ---D | C] -- C:\ScpServer [2013-11-12 20:58:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories [2013-11-12 20:58:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Xbox 360 Accessories [2013-11-05 21:50:48 | 000,120,600 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgdiskx.sys [2013-11-04 21:57:30 | 000,209,176 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidsdriverx.sys [2013-11-04 21:12:05 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2013-11-04 21:10:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com [2013-10-31 23:00:28 | 000,176,952 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys [2013-10-31 22:30:08 | 000,222,520 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avglogx.sys [2013-10-24 22:28:32 | 000,147,768 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidshx.sys [2013-10-09 19:36:17 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Roaming\AVG2014 [2013-10-09 19:32:25 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2014 [2013-10-09 19:27:25 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Local\Avg2014 [2013-10-05 14:38:45 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Local\WarThunder [2013-10-05 14:38:45 | 000,000,000 | ---D | C] -- C:\ProgramData\WarThunder [2013-10-02 17:06:07 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Local\LogMeIn [2013-10-02 17:06:07 | 000,000,000 | ---D | C] -- C:\ProgramData\LogMeIn [2013-10-01 00:49:38 | 000,102,712 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys [2013-09-29 18:10:54 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aspyr Media, Inc [2013-09-24 15:52:20 | 000,077,312 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\AtihdW73.sys [2013-09-24 15:50:42 | 000,084,480 | ---- | C] (TODO: ) -- C:\Windows\System32\DelayAPO.dll [2013-09-17 00:57:26 | 000,022,840 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidsshimx.sys [2013-09-15 15:18:53 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Roaming\Unity [2013-09-11 15:00:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle [2013-09-11 15:00:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2013-09-11 15:00:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [2013-09-10 00:43:20 | 000,027,448 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgrkx86.sys [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 180 Days ==========[/color] [2014-02-21 16:45:44 | 000,014,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014-02-21 16:45:44 | 000,014,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014-02-21 16:38:16 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2014-02-21 16:38:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014-02-21 16:38:13 | 2615,762,944 | -HS- | M] () -- C:\hiberfil.sys [2014-02-21 15:58:38 | 003,932,160 | -HS- | M] () -- C:\Users\Ja\NTUSER.DAT [2014-02-21 15:58:35 | 001,135,938 | -H-- | M] () -- C:\Users\Ja\AppData\Local\IconCache.db [2014-02-21 15:42:55 | 001,664,708 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2014-02-21 15:42:55 | 000,730,322 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2014-02-21 15:42:55 | 000,652,488 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2014-02-21 15:42:55 | 000,154,436 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2014-02-21 15:42:55 | 000,120,890 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2014-02-21 15:38:45 | 275,371,073 | ---- | M] () -- C:\Windows\MEMORY.DMP [2014-01-27 21:17:56 | 000,013,473 | ---- | M] () -- C:\post regiment.m3u [2014-01-10 18:23:51 | 011,032,996 | ---- | M] () -- C:\Users\Ja\Documents\marshland.sav [2014-01-10 18:23:51 | 000,012,306 | ---- | M] () -- C:\Users\Ja\Documents\000245.tga [2013-12-18 21:10:01 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2013-12-18 21:04:13 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2013-12-18 21:04:09 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2013-12-18 21:03:46 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe [2013-12-11 18:04:31 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013-12-11 18:04:31 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013-12-07 09:35:26 | 000,012,007 | ---- | M] () -- C:\may.m3u [2013-12-06 23:08:00 | 000,142,304 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\amdhcp32.dll [2013-12-06 23:06:50 | 000,071,704 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll [2013-12-06 23:06:50 | 000,071,704 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll [2013-12-06 23:03:24 | 000,126,336 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll [2013-12-06 23:02:14 | 000,098,496 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll [2013-12-06 23:00:42 | 001,100,216 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\aticfx32.dll [2013-12-06 22:59:26 | 008,406,024 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atidxx32.dll [2013-12-06 22:58:34 | 008,287,008 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdva.dll [2013-12-06 22:57:44 | 006,630,232 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdag.dll [2013-12-06 22:51:04 | 011,527,680 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmdag.sys [2013-12-06 22:38:46 | 000,200,704 | ---- | M] () -- C:\Windows\System32\clinfo.exe [2013-12-06 22:38:28 | 000,083,968 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\OpenVideo.dll [2013-12-06 22:38:18 | 000,073,728 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\OVDecode.dll [2013-12-06 22:35:36 | 024,860,160 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\amdocl.dll [2013-12-06 22:33:24 | 000,057,344 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2013-12-06 22:26:40 | 000,114,688 | ---- | M] (AMD) -- C:\Windows\System32\coinst_13.251.dll [2013-12-06 22:13:28 | 000,550,456 | ---- | M] () -- C:\Windows\System32\atiapfxx.blb [2013-12-06 22:13:02 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe [2013-12-06 22:12:50 | 000,052,224 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll [2013-12-06 22:12:40 | 000,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll [2013-12-06 22:09:18 | 014,302,208 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll [2013-12-06 21:58:50 | 022,157,824 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll [2013-12-06 21:53:18 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atidemgy.dll [2013-12-06 21:53:08 | 000,030,720 | ---- | M] (AMD) -- C:\Windows\System32\atimuixx.dll [2013-12-06 21:52:36 | 000,493,056 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe [2013-12-06 21:51:54 | 000,209,408 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe [2013-12-06 21:50:28 | 000,164,352 | ---- | M] (AMD) -- C:\Windows\System32\atitmmxx.dll [2013-12-06 21:31:16 | 003,461,040 | ---- | M] () -- C:\Windows\System32\atiumdva.cap [2013-12-06 21:22:48 | 000,090,112 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdave32.dll [2013-12-06 21:22:34 | 000,080,896 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atisamu32.dll [2013-12-06 21:22:26 | 000,825,344 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll [2013-12-06 21:22:08 | 000,069,632 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll [2013-12-06 21:21:54 | 000,096,768 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll [2013-12-06 21:20:32 | 000,501,248 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys [2013-12-06 21:18:12 | 000,043,520 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\ati2erec.dll [2013-12-06 16:44:26 | 000,038,912 | ---- | M] () -- C:\Windows\System32\kdbsdk32.dll [2013-12-05 21:08:24 | 000,064,104 | ---- | M] () -- C:\Users\Ja\AppData\Local\GDIPFONTCACHEV1.DAT [2013-12-05 19:49:05 | 000,293,792 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013-11-12 21:10:43 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_xusb21_01009.Wdf [2013-11-12 21:10:31 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_WinUsb_01009.Wdf [2013-11-05 21:50:48 | 000,120,600 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgdiskx.sys [2013-11-04 21:57:30 | 000,209,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidsdriverx.sys [2013-11-01 09:08:32 | 000,721,296 | ---- | M] () -- C:\Windows\System32\atiicdxx.dat [2013-10-31 23:00:28 | 000,176,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys [2013-10-31 22:30:08 | 000,222,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avglogx.sys [2013-10-29 22:02:46 | 000,000,057 | ---- | M] () -- C:\1.bat [2013-10-24 22:28:32 | 000,147,768 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidshx.sys [2013-10-01 00:49:38 | 000,102,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys [2013-09-30 21:48:16 | 000,047,887 | ---- | M] () -- C:\Windows\atiogl.xml [2013-09-28 18:59:07 | 000,281,688 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr [2013-09-26 22:14:10 | 000,083,552 | ---- | M] () -- C:\Windows\System32\ativce02.dat [2013-09-24 15:52:20 | 000,077,312 | ---- | M] (Advanced Micro Devices) -- C:\Windows\System32\drivers\AtihdW73.sys [2013-09-24 15:50:42 | 000,084,480 | ---- | M] (TODO: ) -- C:\Windows\System32\DelayAPO.dll [2013-09-17 00:57:26 | 000,022,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidsshimx.sys [2013-09-12 17:31:04 | 000,233,776 | ---- | M] () -- C:\Windows\System32\ativvaxy_cik_nd.dat [2013-09-12 17:30:56 | 000,234,036 | ---- | M] () -- C:\Windows\System32\ativvaxy_cik.dat [2013-09-10 00:43:20 | 000,027,448 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgrkx86.sys [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-02-21 15:47:06 | 001,135,938 | -H-- | C] () -- C:\Users\Ja\AppData\Local\IconCache.db [2014-01-26 19:27:10 | 000,013,473 | ---- | C] () -- C:\post regiment.m3u [2014-01-10 18:23:51 | 011,032,996 | ---- | C] () -- C:\Users\Ja\Documents\marshland.sav [2014-01-10 18:23:51 | 000,012,306 | ---- | C] () -- C:\Users\Ja\Documents\000245.tga [2013-12-07 09:31:35 | 000,012,007 | ---- | C] () -- C:\may.m3u [2013-12-06 22:38:46 | 000,200,704 | ---- | C] () -- C:\Windows\System32\clinfo.exe [2013-12-06 22:13:28 | 000,550,456 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb [2013-12-06 21:31:16 | 003,461,040 | ---- | C] () -- C:\Windows\System32\atiumdva.cap [2013-12-06 16:44:26 | 000,038,912 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll [2013-11-12 21:10:43 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_xusb21_01009.Wdf [2013-11-12 21:10:31 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_WinUsb_01009.Wdf [2013-11-01 09:08:32 | 000,721,296 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2013-10-29 16:36:34 | 000,000,057 | ---- | C] () -- C:\1.bat [2013-09-30 21:48:16 | 000,047,887 | ---- | C] () -- C:\Windows\atiogl.xml [2013-09-26 22:14:10 | 000,083,552 | ---- | C] () -- C:\Windows\System32\ativce02.dat [2013-09-12 17:31:04 | 000,233,776 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik_nd.dat [2013-09-12 17:30:56 | 000,234,036 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik.dat [2013-05-25 10:21:46 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat [2013-05-06 16:23:01 | 000,023,624 | ---- | C] () -- C:\Windows\Launcher.exe [2013-05-05 16:54:29 | 000,138,032 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2013-05-05 16:54:23 | 000,281,688 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2013-05-05 16:53:59 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2013-04-30 17:10:26 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat [2013-04-30 17:10:25 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat [2013-04-30 17:10:23 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat [2013-03-30 16:56:56 | 000,279,712 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2013-03-30 16:56:55 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2013-03-29 03:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\System32\amdocl_ld32.exe [2013-03-29 03:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\System32\amdocl_as32.exe [2013-03-14 15:35:47 | 000,000,231 | ---- | C] () -- C:\Windows\RomeTW.ini [2013-02-24 14:37:42 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe [2013-02-19 19:34:11 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib [2012-12-28 12:29:11 | 000,000,951 | ---- | C] () -- C:\Windows\oregon.ini [2012-11-02 12:24:20 | 000,139,152 | ---- | C] () -- C:\Users\Ja\AppData\Roaming\PnkBstrK.sys [2012-11-02 12:23:44 | 000,794,408 | ---- | C] () -- C:\Windows\System32\pbsvc.exe [2012-11-01 16:03:20 | 000,000,285 | ---- | C] () -- C:\Windows\EReg072.dat [2012-11-01 16:03:04 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll [2012-10-21 13:51:59 | 000,000,898 | ---- | C] () -- C:\Windows\vampire.ini [2012-10-14 12:07:14 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll [2012-10-14 12:07:14 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll [2012-10-14 12:07:14 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll [2012-09-16 14:16:07 | 000,008,192 | ---- | C] () -- C:\Windows\d3dx.dat [2012-09-02 15:52:58 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI [2012-08-30 07:49:35 | 000,027,520 | ---- | C] () -- C:\Users\Ja\AppData\Local\dt.dat [2012-08-27 18:49:58 | 000,000,414 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2012-08-02 21:05:27 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2012-08-02 21:05:25 | 000,053,600 | ---- | C] () -- C:\Windows\System32\dosx.exe [2012-08-02 21:05:21 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2012-08-01 21:45:02 | 000,000,071 | ---- | C] () -- C:\Windows\wininit.ini [2012-07-10 08:50:37 | 000,109,056 | ---- | C] () -- C:\Windows\System32\un-gamma.exe [2012-06-29 16:55:54 | 000,000,000 | ---- | C] () -- C:\Windows\startup.INI [2012-06-17 20:18:37 | 000,006,656 | ---- | C] () -- C:\Users\Ja\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-06-07 20:48:16 | 000,000,047 | ---- | C] () -- C:\Users\Ja\AppData\Roaming\TheHunterSettings_live.cfg [2012-06-07 20:47:11 | 000,011,863 | ---- | C] () -- C:\Users\Ja\AppData\Roaming\TheHunterSettings_live.bin [2012-05-27 19:32:49 | 006,908,648 | ---- | C] () -- C:\Windows\System32\SpoonUninstall.exe [2012-05-27 19:32:49 | 000,017,680 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp Music Converter.dat [2012-05-12 13:54:58 | 000,200,468 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT [2012-05-12 13:53:30 | 000,045,882 | ---- | C] () -- C:\Windows\Ascd_log.ini [2012-05-12 13:48:10 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2012-05-12 13:48:05 | 000,036,495 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2012-05-11 20:27:33 | 000,064,104 | ---- | C] () -- C:\Users\Ja\AppData\Local\GDIPFONTCACHEV1.DAT [2012-05-11 06:56:45 | 001,664,708 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI [2012-05-11 06:53:30 | 003,932,160 | -HS- | C] () -- C:\Users\Ja\NTUSER.DAT [2012-05-11 06:53:30 | 000,524,288 | -HS- | C] () -- C:\Users\Ja\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms [2012-05-11 06:53:30 | 000,524,288 | -HS- | C] () -- C:\Users\Ja\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms [2012-05-11 06:53:30 | 000,065,536 | -HS- | C] () -- C:\Users\Ja\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf [2012-05-11 06:53:30 | 000,000,020 | -HS- | C] () -- C:\Users\Ja\ntuser.ini [2012-05-11 00:50:04 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [color=#E56717]========== Files - Unicode (All) ==========[/color] [2013-02-21 19:32:34 | 000,627,273 | ---- | M] ()(C:\Users\Ja\Documents\hista_krzy?owka 001.jpg) -- C:\Users\Ja\Documents\hista_krzyżówka 001.jpg [2013-02-21 19:30:49 | 000,627,273 | ---- | C] ()(C:\Users\Ja\Documents\hista_krzy?owka 001.jpg) -- C:\Users\Ja\Documents\hista_krzyżówka 001.jpg (C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rze?nik) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rzeźnik (C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Piraci Nowego ?wiata) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Piraci Nowego Świata [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 24 bytes -> C:\Windows:EAE72C03FCA39CCC @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:96D0C06F < End of report >