OTL logfile created on: 2012-08-04 00:13:52 - Run 2 OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Suwak\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 2,68 Gb Available Physical Memory | 66,98% Memory free 7,90 Gb Paging File | 6,32 Gb Available in Paging File | 79,93% Paging File free Paging file location(s): [Binary data over 100 bytes] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 105,93 Gb Total Space | 20,76 Gb Free Space | 19,60% Space Free | Partition Type: NTFS Drive D: | 126,85 Gb Total Space | 27,45 Gb Free Space | 21,64% Space Free | Partition Type: NTFS Drive E: | 7,00 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive F: | 14,52 Gb Total Space | 0,92 Gb Free Space | 6,34% Space Free | Partition Type: FAT32 Computer Name: SUWAK123 | User Name: Suwak | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-08-03 20:35:08 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Suwak\Desktop\OTL.exe PRC - [2012-06-18 17:44:33 | 000,874,384 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe PRC - [2012-06-16 02:17:22 | 003,553,216 | ---- | M] (Xfire Inc.) -- C:\Program Files (x86)\Xfire\Xfire.exe PRC - [2009-06-26 07:17:02 | 000,724,992 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\GHOST\Tilt.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2009-06-26 07:17:02 | 000,724,992 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\GHOST\Tilt.exe [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012-06-26 18:21:54 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2012-06-26 12:11:44 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV:[b]64bit:[/b] - [2011-08-22 07:57:20 | 000,534,832 | ---- | M] (COMODO) [Disabled | Stopped] -- C:\Program Files\COMODO\Unite\EzVpnSvc.exe -- (EzVpnSvc) SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012-07-19 18:08:04 | 000,738,152 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService) SRV - [2012-06-22 10:32:12 | 000,625,816 | ---- | M] (Pandora.TV) [Disabled | Stopped] -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe -- (PanService) SRV - [2012-06-05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-04-10 14:50:21 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-03-27 11:14:50 | 000,489,256 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012-02-10 03:30:02 | 000,136,616 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe -- (AODService) SRV - [2011-03-01 19:29:58 | 000,130,976 | ---- | M] (Futuremark Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service) SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-06-26 19:36:26 | 010,256,384 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2012-06-26 17:22:10 | 000,367,616 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2012-05-22 14:26:10 | 000,147,288 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:[b]64bit:[/b] - [2012-05-14 08:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:[b]64bit:[/b] - [2012-03-05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1) DRV:[b]64bit:[/b] - [2012-03-05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01) DRV:[b]64bit:[/b] - [2012-02-09 08:06:36 | 000,125,376 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu) DRV:[b]64bit:[/b] - [2011-06-10 08:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2011-04-14 11:01:46 | 000,020,888 | ---- | M] (Comodo, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cmdatp.sys -- (ATP) DRV:[b]64bit:[/b] - [2011-02-08 08:20:44 | 000,029,696 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IpopTap.sys -- (IpopTap) DRV:[b]64bit:[/b] - [2010-11-28 22:50:38 | 000,044,672 | R--- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV:[b]64bit:[/b] - [2010-11-09 16:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135) DRV:[b]64bit:[/b] - [2010-06-16 23:15:36 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie) DRV:[b]64bit:[/b] - [2010-02-18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:[b]64bit:[/b] - [2009-09-16 08:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t) DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (1394hub) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-03-18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV - [2012-02-10 03:28:14 | 000,056,448 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys -- (AODDriver4.1.0) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local [color=#E56717]========== FireFox ==========[/color] FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll () FF - HKLM\Software\MozillaPlugins\@comodo.com/EasyvpnLvn: C:\Program Files\COMODO\Unite\npEasyVpnLVN.dll (COMODO) FF - HKLM\Software\MozillaPlugins\@comodo.com/EasyvpnRdp: C:\Program Files\COMODO\Unite\NpRdpView.dll ( ) FF - HKLM\Software\MozillaPlugins\@comodo.com/EasyvpnVnc: C:\Program Files\COMODO\Unite\NpVncView.dll ( ) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll File not found FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox\components [2012-04-03 07:37:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox\plugins [2012-06-18 15:16:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Suwak\AppData\Roaming\mozilla\Extensions [2012-08-04 00:06:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Suwak\AppData\Roaming\mozilla\Firefox\extensions [2012-08-04 00:06:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Suwak\AppData\Roaming\mozilla\Firefox\Profiles\79lbkczj.default\extensions File not found (No name found) -- C:\USERS\SUWAK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\79LBKCZJ.DEFAULT\EXTENSIONS\{687578B9-7132-4A7A-80E4-30EE31099E03} O1 HOSTS File: ([2012-07-10 15:54:40 | 000,000,156 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 mp02.maniaplanet.com O1 - Hosts: 127.0.0.1 mp01.maniaplanet.com O1 - Hosts: 127.0.0.1 mp03.maniaplanet.com O1 - Hosts: 127.0.0.1 game.maniaplanet.com O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation) O2 - BHO: (FiltrateIE Class) - {B5D4581D-ED6A-4905-A267-25BAF7BE79C1} - C:\Windows\SysWOW64\SafeIE.dll () O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [Tilt] C:\Program Files (x86)\GIGABYTE\GHOST\Tilt.exe () O4 - Startup: C:\Users\Suwak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: WellGet - {35980F6E-A258-4E50-953D-813BB8556899} - D:\Program Files (x86)\Gry\Wellget2\WellGet.exe () O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.152.34 62.233.233.233 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3241BD32-714C-483B-A588-FFB19AA8E9E9}: DhcpNameServer = 194.204.152.34 62.233.233.233 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D42CB9E0-24B8-425F-8F26-A43D2497DA01}: DhcpNameServer = 7.254.254.254 O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012-08-02 19:55:01 | 000,000,386 | RHS- | M] () - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010-06-02 07:30:12 | 000,000,046 | -H-- | M] () - E:\autorun.inf -- [ UDF ] O32 - AutoRun File - [2012-08-03 20:03:36 | 000,000,135 | ---- | M] () - F:\autorun.inf -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-08-04 00:03:14 | 000,000,000 | ---D | C] -- C:\_OTL [2012-08-03 20:35:08 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\Suwak\Desktop\OTL.exe [2012-08-03 19:03:26 | 005,073,240 | ---- | C] (Microsoft Corporation) -- C:\Users\Suwak\Desktop\vcredist_x86.exe [2012-08-02 21:28:50 | 000,000,000 | ---D | C] -- C:\Users\Suwak\Documents\DragonNest [2012-08-02 20:51:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cherry De Games [2012-08-02 20:32:14 | 2637,650,812 | ---- | C] (Shanda Games International) -- C:\Users\Suwak\Desktop\DNClientVer68_20120731.exe [2012-08-02 16:01:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net [2012-08-02 15:33:35 | 000,000,000 | ---D | C] -- C:\Users\Suwak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCraft II [2012-08-02 15:17:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II [2012-08-02 15:17:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarCraft II [2012-08-02 15:17:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment [2012-08-02 15:14:05 | 000,000,000 | ---D | C] -- C:\Users\Suwak\Desktop\StarCraft II [2012-08-01 11:36:04 | 000,000,000 | ---D | C] -- C:\Users\Suwak\Desktop\Merlin S4 napisy [2012-08-01 11:30:34 | 000,000,000 | ---D | C] -- C:\Users\Suwak\Desktop\Merlin S04 [2012-07-31 16:14:12 | 000,424,624 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll [2012-07-31 16:14:12 | 000,418,480 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll [2012-07-31 16:14:12 | 000,138,472 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll [2012-07-31 16:14:12 | 000,115,432 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll [2012-07-31 16:14:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL [2012-07-30 15:10:03 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Tunngle [2012-07-30 15:10:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle [2012-07-30 14:54:25 | 003,859,712 | ---- | C] (Tunngle.net GmbH ) -- C:\Users\Suwak\Desktop\Tunngle_Setup_v4.4.1.3.exe [2012-07-28 15:41:44 | 000,000,000 | ---D | C] -- C:\Users\Suwak\Documents\The KMPlayer [2012-07-28 15:39:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PANDORATV [2012-07-28 15:39:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PANDORA.TV [2012-07-28 15:39:49 | 000,000,000 | ---D | C] -- C:\Users\Suwak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer [2012-07-28 15:39:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The KMPlayer [2012-07-26 19:22:08 | 000,000,000 | ---D | C] -- C:\Users\Suwak\Documents\Eidos [2012-07-26 19:19:46 | 000,713,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\opengl32 (2).dll [2012-07-26 17:43:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conflict Denied Ops [2012-07-25 20:32:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA [2012-07-25 20:30:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paradox Interactive [2012-07-24 21:15:00 | 000,000,000 | ---D | C] -- C:\Users\Suwak\Desktop\Mc serwer kurwaa - Kopia [2012-07-24 14:08:57 | 000,000,000 | ---D | C] -- C:\Users\Suwak\Desktop\world_the_end [2012-07-22 17:53:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE [2012-07-22 17:52:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIGABYTE [2012-07-21 17:45:07 | 000,000,000 | ---D | C] -- C:\Users\Suwak\AppData\Local\Chromium [2012-07-21 17:45:02 | 000,000,000 | ---D | C] -- C:\Users\Suwak\AppData\Local\Arktos [2012-07-21 17:44:26 | 000,000,000 | ---D | C] -- C:\Users\Suwak\Documents\Arktos [2012-07-21 17:44:25 | 000,000,000 | ---D | C] -- C:\Users\Suwak\AppData\Local\CrashRpt [2012-07-21 10:35:18 | 000,000,000 | ---D | C] -- C:\Users\Suwak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2012-07-21 10:35:11 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2012-07-21 10:35:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT [2012-07-21 10:35:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2012-07-21 10:35:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies [2012-07-21 10:35:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies [2012-07-21 10:34:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2012-07-21 10:32:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies [2012-07-21 10:32:35 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2012-07-21 10:00:57 | 000,044,672 | R--- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\usbfilter.sys [2012-07-13 20:18:33 | 000,000,000 | ---D | C] -- C:\Users\Suwak\Desktop\AoX Fan Site Kit - Big [2012-07-13 14:21:37 | 000,839,152 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll [2012-07-13 14:21:36 | 000,955,888 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll [2012-07-13 14:21:36 | 000,268,784 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2012-07-13 14:21:29 | 000,189,424 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe [2012-07-13 14:21:29 | 000,188,912 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe [2012-07-13 14:21:23 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012-07-12 12:09:01 | 000,000,000 | ---D | C] -- C:\download [2012-07-10 16:27:34 | 000,000,000 | ---D | C] -- C:\Users\Suwak\Documents\My Cheat Tables [2012-07-10 15:49:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrackMania 2 [2012-07-08 20:48:17 | 000,000,000 | ---D | C] -- C:\Users\Suwak\Documents\Dungeon Siege [2012-07-06 19:49:42 | 000,000,000 | ---D | C] -- C:\Users\Suwak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RandyRants.com [2012-07-06 19:49:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RandyRants.com [2012-07-06 19:26:03 | 000,000,000 | ---D | C] -- C:\Users\Suwak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KeyTweak [2012-07-06 19:26:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyTweak [2012-07-06 19:26:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KeyTweak [1 C:\Users\Suwak\*.tmp files -> C:\Users\Suwak\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-08-04 00:20:36 | 000,026,048 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-08-04 00:20:36 | 000,026,048 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-08-04 00:12:06 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl [2012-08-04 00:12:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-08-04 00:11:57 | 3220,676,608 | -HS- | M] () -- C:\hiberfil.sys [2012-08-04 00:10:27 | 000,614,903 | ---- | M] () -- C:\Users\Suwak\Desktop\adwcleaner.exe [2012-08-04 00:07:09 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-08-03 21:23:25 | 000,164,134 | ---- | M] () -- C:\Users\Suwak\Desktop\sk.zip [2012-08-03 20:35:08 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Suwak\Desktop\OTL.exe [2012-08-03 20:04:23 | 001,661,232 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-08-03 20:04:23 | 000,737,242 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-08-03 20:04:23 | 000,651,450 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-08-03 20:04:23 | 000,153,930 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-08-03 20:04:23 | 000,120,382 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-08-03 19:06:22 | 005,073,240 | ---- | M] (Microsoft Corporation) -- C:\Users\Suwak\Desktop\vcredist_x86.exe [2012-08-03 12:49:22 | 000,001,137 | ---- | M] () -- C:\Users\Suwak\Desktop\Terraria — skrót.lnk [2012-08-03 12:47:59 | 000,000,791 | ---- | M] () -- C:\Users\Public\Desktop\Dragon Nest.lnk [2012-08-02 20:03:01 | 000,017,470 | ---- | M] () -- C:\Users\Suwak\Documents\asdaadasdasd.reg [2012-08-02 16:51:27 | 039,683,330 | ---- | M] () -- C:\Users\Suwak\Desktop\sc2-1.4.4-plPL.exe [2012-08-02 16:49:51 | 000,000,757 | ---- | M] () -- C:\Users\Suwak\Desktop\WellGet.lnk [2012-08-02 16:11:58 | 2637,650,812 | ---- | M] (Shanda Games International) -- C:\Users\Suwak\Desktop\DNClientVer68_20120731.exe [2012-08-02 15:30:49 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk [2012-08-02 11:35:03 | 089,440,894 | ---- | M] () -- C:\Users\Suwak\Desktop\Super Mario Eternal Chaos.zip [2012-08-01 11:25:16 | 007,054,336 | ---- | M] () -- C:\Users\Suwak\Desktop\xnafx40_redist.msi [2012-07-31 16:14:12 | 000,424,624 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll [2012-07-31 16:14:12 | 000,418,480 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll [2012-07-31 16:14:12 | 000,138,472 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll [2012-07-31 16:14:12 | 000,115,432 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll [2012-07-30 15:33:05 | 000,443,200 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-07-30 15:10:03 | 000,000,991 | ---- | M] () -- C:\Users\Public\Desktop\Tunngle beta.lnk [2012-07-30 14:54:49 | 003,859,712 | ---- | M] (Tunngle.net GmbH ) -- C:\Users\Suwak\Desktop\Tunngle_Setup_v4.4.1.3.exe [2012-07-30 14:51:19 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Access.dat [2012-07-30 14:12:44 | 011,601,815 | ---- | M] () -- C:\Users\Suwak\Desktop\craftbukkit-1.2.5-R5.0.jar [2012-07-28 15:39:49 | 000,001,035 | ---- | M] () -- C:\Users\Suwak\Desktop\KMPlayer.lnk [2012-07-26 19:21:30 | 000,000,876 | ---- | M] () -- C:\Users\Public\Desktop\Conflict Denied Ops.lnk [2012-07-25 20:34:02 | 000,000,876 | ---- | M] () -- C:\Users\Public\Desktop\Magicka.lnk [2012-07-25 19:52:54 | 000,004,818 | ---- | M] () -- C:\Users\Suwak\Desktop\Wydruk gwarancji.mht [2012-07-24 13:54:43 | 000,000,483 | ---- | M] () -- C:\Users\Suwak\Desktop\server - Kopia.properties [2012-07-23 14:00:10 | 034,410,651 | ---- | M] () -- C:\Users\Suwak\Desktop\LB Photo Realism Compressed x256.zip [2012-07-22 20:07:37 | 000,000,612 | ---- | M] () -- C:\Users\Suwak\Windows_7_MouseFix_TextSize(DPI)=125%_Scale=1-to-1_@6-of-11.reg [2012-07-22 17:53:08 | 000,002,711 | ---- | M] () -- C:\Users\Public\Desktop\GHOST.lnk [2012-07-21 20:18:41 | 000,001,325 | ---- | M] () -- C:\Users\Suwak\Desktop\RSUpdate — skrót.lnk [2012-07-20 13:15:04 | 000,000,823 | ---- | M] () -- C:\Users\Suwak\Desktop\Soldat — skrót.lnk [2012-07-19 17:25:16 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012-07-18 12:45:28 | 000,001,311 | ---- | M] () -- C:\Users\Suwak\Desktop\SkyrimLauncher — skrót.lnk [2012-07-16 21:48:39 | 000,000,000 | -H-- | M] () -- C:\Users\Suwak\Documents\Default.rdp [2012-07-15 18:09:56 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Graj w League of Legends.lnk [2012-07-13 14:25:22 | 000,000,082 | ---- | M] () -- C:\Users\Suwak\Desktop\MinecraftSP.bat [2012-07-13 14:21:24 | 000,955,888 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll [2012-07-13 14:21:24 | 000,839,152 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll [2012-07-13 14:21:24 | 000,268,784 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2012-07-13 14:21:24 | 000,189,424 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe [2012-07-13 14:21:24 | 000,188,912 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe [2012-07-10 19:38:26 | 000,026,294 | ---- | M] () -- C:\Users\Suwak\Documents\mmmm.reg [2012-07-10 15:54:40 | 000,000,156 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2012-07-10 15:49:53 | 000,000,950 | ---- | M] () -- C:\Users\Suwak\Desktop\TrackMania 2.lnk [2012-07-06 19:49:42 | 000,003,057 | ---- | M] () -- C:\Users\Suwak\Desktop\SharpKeys.lnk [1 C:\Users\Suwak\*.tmp files -> C:\Users\Suwak\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-08-04 00:10:27 | 000,614,903 | ---- | C] () -- C:\Users\Suwak\Desktop\adwcleaner.exe [2012-08-03 21:23:25 | 000,164,134 | ---- | C] () -- C:\Users\Suwak\Desktop\sk.zip [2012-08-03 12:49:24 | 000,001,137 | ---- | C] () -- C:\Users\Suwak\Desktop\Terraria — skrót.lnk [2012-08-02 20:51:08 | 000,000,791 | ---- | C] () -- C:\Users\Public\Desktop\Dragon Nest.lnk [2012-08-02 20:03:00 | 000,017,470 | ---- | C] () -- C:\Users\Suwak\Documents\asdaadasdasd.reg [2012-08-02 16:47:47 | 039,683,330 | ---- | C] () -- C:\Users\Suwak\Desktop\sc2-1.4.4-plPL.exe [2012-08-02 15:17:54 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk [2012-08-02 11:25:29 | 089,440,894 | ---- | C] () -- C:\Users\Suwak\Desktop\Super Mario Eternal Chaos.zip [2012-08-01 11:25:02 | 007,054,336 | ---- | C] () -- C:\Users\Suwak\Desktop\xnafx40_redist.msi [2012-07-30 15:10:03 | 000,000,991 | ---- | C] () -- C:\Users\Public\Desktop\Tunngle beta.lnk [2012-07-30 14:11:54 | 011,601,815 | ---- | C] () -- C:\Users\Suwak\Desktop\craftbukkit-1.2.5-R5.0.jar [2012-07-28 15:39:49 | 000,001,035 | ---- | C] () -- C:\Users\Suwak\Desktop\KMPlayer.lnk [2012-07-26 17:43:53 | 000,000,876 | ---- | C] () -- C:\Users\Public\Desktop\Conflict Denied Ops.lnk [2012-07-25 20:30:45 | 000,000,876 | ---- | C] () -- C:\Users\Public\Desktop\Magicka.lnk [2012-07-25 19:52:54 | 000,004,818 | ---- | C] () -- C:\Users\Suwak\Desktop\Wydruk gwarancji.mht [2012-07-24 13:54:46 | 000,000,483 | ---- | C] () -- C:\Users\Suwak\Desktop\server - Kopia.properties [2012-07-23 13:55:43 | 034,410,651 | ---- | C] () -- C:\Users\Suwak\Desktop\LB Photo Realism Compressed x256.zip [2012-07-22 20:07:37 | 000,000,612 | ---- | C] () -- C:\Users\Suwak\Windows_7_MouseFix_TextSize(DPI)=125%_Scale=1-to-1_@6-of-11.reg [2012-07-22 17:53:08 | 000,002,711 | ---- | C] () -- C:\Users\Public\Desktop\GHOST.lnk [2012-07-21 20:18:42 | 000,001,325 | ---- | C] () -- C:\Users\Suwak\Desktop\RSUpdate — skrót.lnk [2012-07-16 21:48:39 | 000,000,000 | -H-- | C] () -- C:\Users\Suwak\Documents\Default.rdp [2012-07-13 14:23:07 | 000,139,783 | ---- | C] () -- C:\Users\Suwak\Desktop\MinecraftSP.jar [2012-07-13 14:23:07 | 000,000,082 | ---- | C] () -- C:\Users\Suwak\Desktop\MinecraftSP.bat [2012-07-12 12:06:44 | 000,000,757 | ---- | C] () -- C:\Users\Suwak\Desktop\WellGet.lnk [2012-07-10 19:38:25 | 000,026,294 | ---- | C] () -- C:\Users\Suwak\Documents\mmmm.reg [2012-07-10 16:26:38 | 000,007,139 | ---- | C] () -- C:\Users\Suwak\Documents\ultra.Profile.Gbx [2012-07-10 15:49:53 | 000,000,950 | ---- | C] () -- C:\Users\Suwak\Desktop\TrackMania 2.lnk [2012-07-06 19:49:42 | 000,003,057 | ---- | C] () -- C:\Users\Suwak\Desktop\SharpKeys.lnk [2012-07-02 11:25:09 | 000,000,371 | ---- | C] () -- C:\Users\Suwak\Grupa domowa — skrót.lnk [2012-06-16 02:17:24 | 000,042,432 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll [2012-06-06 14:16:08 | 000,000,730 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2012-05-10 16:35:16 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2012-03-09 06:31:26 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012-03-09 06:31:26 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012-01-14 18:52:09 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat [2012-01-08 11:41:51 | 001,636,610 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012-01-05 12:24:22 | 000,007,599 | ---- | C] () -- C:\Users\Suwak\AppData\Local\Resmon.ResmonCfg [2012-01-04 17:29:27 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011-09-13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat < End of report >