Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-08-2013 Ran by SYSTEM on 08-08-2013 12:04:30 Running from H:\ Windows 7 Ultimate (X64) OS Language: Polish Internet Explorer Version 10 Boot Mode: Recovery The current controlset is ControlSet001 [b]ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.[/b] ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-28] (Realtek Semiconductor) HKLM\...\Run: [snp325] - C:\Windows\vsnp325.exe [835584 2007-05-10] () HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-27] (NVIDIA Corporation) HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation) HKLM-x32\...\Run: [XFastUsb] - C:\Program Files (x86)\XFastUsb\XFastUsb.exe [4838912 2012-11-24] (FNet Co., Ltd.) HKLM-x32\...\Run: [FixCamera] - C:\Windows\FixCamera.exe [20480 2007-02-12] () HKLM-x32\...\Run: [tsnp325] - C:\Windows\tsnp325.exe [270336 2007-04-21] () HKLM-x32\...\Run: [GrooveMonitor] - "D:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [x] HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Bonus.SSR.FR11] - "D:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun [x] HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM-x32\...\Run: [Rapoo RP24G] - D:\Program Files (x86)\Rapoo\RP24G\RP24G_Config.exe [x] HKLM-x32\...\Run: [HDD Regenerator] - "D:\Program Files (x86)\HDD Regenerator\Shell.exe" /0 [x] HKU\Matheo\...\Run: [Fatal1tySTU] - [x] HKU\Matheo\...\Run: [zASRockInstantBoot] - [x] HKU\Matheo\...\Run: [DAEMON Tools Lite] - "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x] HKU\Matheo\...\Run: [7 Taskbar Tweaker] - "D:\Users\Matheo\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe" -hidewnd [x] HKU\Matheo\...\Run: [GG] - C:\Users\Matheo\AppData\Local\GG\Application\gghub.exe [3365440 2013-07-29] (GG Network S.A.) AppInit_DLLs: C:\PROGRA~1\NVIDIA~1\NVSTRE~1\rxinput.dll [653600 2013-07-27] (NVIDIA Corporation) AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll [593696 2013-07-27] (NVIDIA Corporation) ==================== Services (Whitelisted) ================= S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14984480 2013-07-27] (NVIDIA Corporation) S2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-06-21] () S2 ABBYY.Licensing.FineReader.Professional.11.0; "D:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe" -service [x] S2 avast! Antivirus; "D:\Program Files\AVAST Software\Avast\AvastSvc.exe" [x] S2 hddrsrv; D:\Program Files (x86)\HDD Regenerator\hrsrv.exe [x] S3 Microsoft Office Groove Audit Service; "D:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe" [x] ==================== Drivers (Whitelisted) ==================== S1 AsrHidFilter; C:\Windows\System32\DRIVERS\AsrHidFilter.sys [17928 2010-12-22] (ASRock Inc.) S1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-11-25] (DT Soft Ltd) S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [31808 2012-11-24] (FNet Co., Ltd.) S1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2012-11-24] (FNet Co., Ltd.) S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39712 2013-05-14] (NVIDIA Corporation) S3 rp24gms; C:\Windows\System32\drivers\rp24gms.sys [18944 2011-08-03] () S3 SNP325; C:\Windows\System32\DRIVERS\snp325.sys [10642176 2007-05-07] (Sonix Co. Ltd.) S2 aswFsBlk; No ImagePath S2 aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [x] S1 aswRdr; \SystemRoot\System32\Drivers\aswrdr2.sys [x] S0 aswRvrt; No ImagePath S1 aswSnx; No ImagePath S1 aswSP; No ImagePath S1 aswTdi; No ImagePath S0 aswVmm; No ImagePath S3 FLASHSYS; \??\D:\Program Files (x86)\MSI\Live Update 4\LU4\FLASHSYS64.sys [x] S3 MSICDSetup; \??\E:\CDriver64.sys [x] S3 NTIOLib_1_0_4; \??\D:\Program Files (x86)\MSI\Live Update 4\LU4\NTIOLib_X64.sys [x] S3 PCAlertDriver; \??\D:\Program Files (x86)\MSI\PC Alert 4\NTGLM7X64.sys [x] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x] S3 tsusbhub; system32\drivers\tsusbhub.sys [x] S3 VGPU; System32\drivers\rdvgkmd.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-08-06 19:37 - 2013-08-06 19:37 - 00003120 _____ C:\Windows\System32\Tasks\YourFile DownloaderUpdate 2013-08-06 19:37 - 2013-08-06 19:37 - 00001975 _____ C:\Users\Public\Desktop\YourFile Downloader.lnk 2013-08-06 19:37 - 2013-08-06 19:37 - 00000000 ____D C:\Users\Matheo\AppData\Roaming\YourFileDownloader 2013-08-06 19:37 - 2013-08-06 19:37 - 00000000 ____D C:\Program Files (x86)\YourFileDownloader 2013-08-06 19:32 - 2013-08-06 19:32 - 00001744 _____ C:\Users\Public\Desktop\HDD Regenerator.lnk 2013-08-06 19:31 - 2013-08-06 19:31 - 00000000 ____D C:\Users\Matheo\AppData\Local\Downloaded Installations 2013-08-06 19:15 - 2013-08-06 19:15 - 00001141 _____ C:\Users\Matheo\Desktop\GG.lnk 2013-08-05 18:38 - 2011-01-23 18:25 - 00154119 _____ C:\Users\Matheo\Desktop\Memtest86+ USB Installer.exe 2013-08-05 18:35 - 2013-08-05 18:35 - 00127860 _____ C:\Users\Matheo\Desktop\memtest86+-4.20.usb.installer.zip 2013-08-05 18:18 - 2013-08-05 18:18 - 00000000 ____D C:\Users\Matheo\Desktop\memtest86+-4.20 2013-08-05 17:55 - 2013-08-05 17:55 - 00000968 _____ C:\Users\Matheo\Desktop\FurMark.lnk 2013-08-05 16:16 - 2013-08-05 16:16 - 00000000 __SHD C:\found.000 2013-08-05 16:03 - 2013-08-05 16:03 - 00010688 ____N C:\bootsqm.dat 2013-08-03 10:48 - 2013-08-03 10:48 - 00000000 ____D C:\NvidiaLogging 2013-08-03 10:47 - 2013-05-14 20:28 - 00039712 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvvad64v.sys 2013-08-03 10:47 - 2013-05-14 20:27 - 00029984 _____ (NVIDIA Corporation) C:\Windows\System32\nvaudcap64v.dll 2013-08-03 10:47 - 2013-05-14 20:27 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2013-07-30 22:54 - 2013-07-30 22:54 - 00000000 ____D C:\Users\Matheo\AppData\Roaming\Day 1 Studios 2013-07-30 22:41 - 2013-07-31 10:56 - 00000000 ____D C:\Users\Matheo\Documents\NFS SHIFT 2013-07-30 22:41 - 2013-07-30 22:41 - 00001072 _____ C:\Users\Public\Desktop\Need for Speed - Shift.lnk 2013-07-30 22:41 - 2013-07-30 22:41 - 00000000 ____D C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP 2013-07-30 22:28 - 2013-07-30 22:28 - 00000221 _____ C:\Users\Matheo\Desktop\F.E.A.R. 3.url 2013-07-30 22:11 - 2013-07-30 22:22 - 00000706 _____ C:\Users\Public\Desktop\Steam.lnk 2013-07-30 18:30 - 2013-07-30 18:30 - 00000788 _____ C:\Users\Public\Desktop\Test Drive Unlimited 2.lnk 2013-07-29 17:23 - 2013-07-29 17:23 - 00000000 ____D C:\ProgramData\APN 2013-07-29 15:58 - 2013-07-29 15:58 - 00000849 _____ C:\Users\Matheo\Desktop\Need for Speed Pro Street.lnk 2013-07-27 21:28 - 2013-07-27 21:31 - 00000360 _____ C:\Users\Matheo\AppData\Roaming\burnaware.ini 2013-07-27 21:17 - 2013-07-27 21:17 - 00000745 _____ C:\Users\Public\Desktop\BurnAware Free.lnk 2013-07-27 18:32 - 2013-07-27 18:39 - 00000000 ____D C:\Users\Matheo\Documents\NFS ProStreet 2013-07-27 15:16 - 2013-07-27 15:18 - 00000000 ____D C:\Users\Matheo\AppData\Local\NFS Underground 2 2013-07-27 11:53 - 2013-07-27 11:53 - 00000000 ____D C:\Users\Matheo\AppData\Roaming\Dofus-5 2013-07-27 10:34 - 2013-07-27 10:34 - 00000000 ____D C:\Users\Matheo\AppData\Roaming\Dofus-4 2013-07-27 09:50 - 2013-07-27 09:50 - 00000000 ____D C:\Users\Matheo\AppData\Roaming\Reg 2013-07-27 09:49 - 2013-07-27 09:49 - 00001347 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2013-07-15 00:08 - 2013-07-15 00:08 - 00000000 ____H C:\Windows\System32\Drivers\Msft_User_wpdcomp_01_09_00.Wdf 2013-07-14 17:03 - 2013-07-14 17:03 - 00000000 ____D C:\Windows\System32\appmgmt 2013-07-14 16:58 - 2013-08-05 15:51 - 00000000 ____D C:\Program Files\WDCSAM 2013-07-14 16:58 - 2013-07-14 16:58 - 00000000 ____D C:\Program Files\DIFX 2013-07-14 16:25 - 2013-07-14 16:25 - 00287784 _____ C:\Windows\Minidump\071413-11824-01.dmp 2013-07-14 16:24 - 2013-07-14 16:24 - 00291296 _____ C:\Windows\Minidump\071413-19843-01.dmp 2013-07-12 12:26 - 2013-07-12 12:26 - 00001490 _____ C:\Users\Matheo\Desktop\CoDWaW LanFixed.lnk 2013-07-12 11:46 - 2013-07-12 11:46 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2013-07-12 11:45 - 2013-06-21 13:06 - 27781920 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll 2013-07-12 11:45 - 2013-06-21 13:06 - 25256224 _____ (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll 2013-07-12 11:45 - 2013-06-21 13:06 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2013-07-12 11:45 - 2013-06-21 13:06 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2013-07-12 11:45 - 2013-06-21 13:06 - 15144928 _____ (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll 2013-07-12 11:45 - 2013-06-21 13:06 - 11235104 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys 2013-07-12 11:45 - 2013-06-21 13:06 - 09239344 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll 2013-07-12 11:45 - 2013-06-21 13:06 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2013-07-12 11:45 - 2013-06-21 13:06 - 07641832 _____ (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll 2013-07-12 11:45 - 2013-06-21 13:06 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2013-07-12 11:45 - 2013-06-21 13:06 - 02953504 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll 2013-07-12 11:45 - 2013-06-21 13:06 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2013-07-12 11:45 - 2013-06-21 13:06 - 02363680 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll 2013-07-12 11:45 - 2013-06-21 13:06 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2013-07-12 11:45 - 2013-06-21 13:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispco6432049.dll 2013-07-12 11:45 - 2013-06-21 13:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6432049.dll 2013-07-12 11:45 - 2013-06-21 13:06 - 00925648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2013-07-12 11:45 - 2013-06-21 13:06 - 00572704 _____ (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll 2013-07-12 11:45 - 2013-06-21 13:06 - 00570656 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll 2013-07-12 11:45 - 2013-06-21 13:06 - 00467232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2013-07-12 11:45 - 2013-06-21 13:06 - 00465184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2013-07-12 11:45 - 2013-06-21 13:06 - 00266448 _____ (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll 2013-07-12 11:45 - 2013-06-21 13:06 - 00218592 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll 2013-07-12 11:45 - 2013-06-21 13:06 - 00214448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2013-07-12 11:45 - 2013-06-21 13:06 - 00181488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2013-07-12 11:10 - 2013-07-12 11:10 - 01353641 _____ C:\Windows\unins000.exe 2013-07-12 11:10 - 2013-07-12 11:10 - 00022904 _____ C:\Windows\unins000.dat 2013-07-12 11:10 - 2011-08-03 10:09 - 00018944 _____ () C:\Windows\System32\Drivers\rp24gms.sys 2013-07-09 20:58 - 2013-06-12 00:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-07-09 20:58 - 2013-06-12 00:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-07-09 20:58 - 2013-06-12 00:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-07-09 20:58 - 2013-06-12 00:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-07-09 20:58 - 2013-06-12 00:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-07-09 20:58 - 2013-06-12 00:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-07-09 20:58 - 2013-06-12 00:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-07-09 20:58 - 2013-06-12 00:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-07-09 20:58 - 2013-06-12 00:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-07-09 20:58 - 2013-06-12 00:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-07-09 20:58 - 2013-06-12 00:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-07-09 20:58 - 2013-06-12 00:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-07-09 20:58 - 2013-06-12 00:42 - 00033280 _____ C:\Windows\SysWOW64\iernonce.dll 2013-07-09 20:58 - 2013-06-12 00:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-07-09 20:58 - 2013-06-12 00:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-07-09 20:58 - 2013-06-12 00:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2013-07-09 20:58 - 2013-06-12 00:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-07-09 20:58 - 2013-06-12 00:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-07-09 20:58 - 2013-06-12 00:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-07-09 20:58 - 2013-06-12 00:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-07-09 20:58 - 2013-06-12 00:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-07-09 20:58 - 2013-06-12 00:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-07-09 20:58 - 2013-06-12 00:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-07-09 20:58 - 2013-06-12 00:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll 2013-07-09 20:58 - 2013-06-12 00:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2013-07-09 20:58 - 2013-06-12 00:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-07-09 20:58 - 2013-06-12 00:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2013-07-09 20:58 - 2013-06-11 23:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-07-09 20:58 - 2013-06-11 23:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe 2013-07-09 20:58 - 2013-06-07 04:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-07-09 20:58 - 2013-06-07 03:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-07-09 20:56 - 2013-07-09 20:56 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-07-09 20:56 - 2013-07-09 20:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-07-09 20:09 - 2013-07-09 20:09 - 00000000 ____D C:\Users\Patrycja\AppData\Roaming\Skype 2013-07-09 18:50 - 2013-06-05 04:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys 2013-07-09 18:50 - 2013-06-04 07:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\System32\qedit.dll 2013-07-09 18:50 - 2013-06-04 05:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2013-07-09 18:50 - 2013-05-06 07:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL 2013-07-09 18:50 - 2013-05-06 05:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2013-07-09 18:49 - 2013-04-10 00:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2013-07-09 18:49 - 2013-04-02 23:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll 126 ==================== One Month Modified Files and Folders ======= 2013-08-08 12:01 - 2013-08-08 12:01 - 00000000 ____D C:\FRST 2013-08-07 13:39 - 2009-07-14 00:32 - 00000000 _____ C:\Windows\SysWOW64\cngaudit.dll 2013-08-06 23:47 - 2012-11-24 16:58 - 01903584 _____ C:\Windows\WindowsUpdate.log 2013-08-06 23:47 - 2009-07-14 18:55 - 00737954 _____ C:\Windows\System32\perfh015.dat 2013-08-06 23:47 - 2009-07-14 18:55 - 00154642 _____ C:\Windows\System32\perfc015.dat 2013-08-06 23:47 - 2009-07-14 06:13 - 01663464 _____ C:\Windows\System32\PerfStringBackup.INI 2013-08-06 23:47 - 2009-07-14 05:45 - 00010240 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-08-06 23:47 - 2009-07-14 05:45 - 00010240 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-08-06 23:43 - 2013-06-25 09:36 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-08-06 23:43 - 2013-06-09 20:38 - 00022735 _____ C:\Windows\setupact.log 2013-08-06 23:43 - 2012-12-04 19:35 - 00000000 ____D C:\ProgramData\NVIDIA 2013-08-06 23:43 - 2012-11-24 19:17 - 00000000 ____D C:\Users\Matheo\AppData\Roaming\GG 2013-08-06 23:43 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-08-06 19:37 - 2013-08-06 19:37 - 00003120 _____ C:\Windows\System32\Tasks\YourFile DownloaderUpdate 2013-08-06 19:37 - 2013-08-06 19:37 - 00001975 _____ C:\Users\Public\Desktop\YourFile Downloader.lnk 2013-08-06 19:37 - 2013-08-06 19:37 - 00000000 ____D C:\Users\Matheo\AppData\Roaming\YourFileDownloader 2013-08-06 19:37 - 2013-08-06 19:37 - 00000000 ____D C:\Program Files (x86)\YourFileDownloader 2013-08-06 19:32 - 2013-08-06 19:32 - 00001744 _____ C:\Users\Public\Desktop\HDD Regenerator.lnk 2013-08-06 19:31 - 2013-08-06 19:31 - 00000000 ____D C:\Users\Matheo\AppData\Local\Downloaded Installations 2013-08-06 19:28 - 2012-11-24 18:40 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-08-06 19:24 - 2012-11-24 18:57 - 00017764 _____ C:\Windows\PFRO.log 2013-08-06 19:15 - 2013-08-06 19:15 - 00001141 _____ C:\Users\Matheo\Desktop\GG.lnk 2013-08-06 19:15 - 2012-11-24 19:17 - 00000000 ____D C:\Users\Matheo\AppData\Local\GG 2013-08-06 18:06 - 2012-12-15 18:16 - 00003148 _____ C:\Windows\System32\Tasks\SidebarExecute 2013-08-06 16:57 - 2013-06-25 09:36 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-08-06 15:27 - 2012-12-15 23:20 - 00000000 ____D C:\Users\Matheo\AppData\Roaming\teamspeak2 2013-08-06 15:26 - 2012-11-26 18:01 - 00000008 _____ C:\Users\Matheo\AppData\Roaming\DofusAppId0_4 2013-08-06 15:26 - 2012-11-25 13:31 - 00000008 _____ C:\Users\Matheo\AppData\Roaming\DofusAppId0_1 2013-08-06 12:23 - 2012-11-25 13:31 - 00000000 ____D C:\Users\Matheo\AppData\Roaming\Dofus2 2013-08-06 12:20 - 2012-11-25 13:32 - 00000008 _____ C:\Users\Matheo\AppData\Roaming\DofusAppId0_2 2013-08-06 11:58 - 2012-11-25 13:31 - 00000117 _____ C:\Users\Matheo\AppData\Roaming\D2Info0 2013-08-06 10:43 - 2012-11-25 14:24 - 00000000 ____D C:\Users\Matheo\AppData\Roaming\foobar2000 2013-08-06 00:18 - 2012-11-25 13:35 - 00000008 _____ C:\Users\Matheo\AppData\Roaming\DofusAppId0_3 2013-08-05 18:35 - 2013-08-05 18:35 - 00127860 _____ C:\Users\Matheo\Desktop\memtest86+-4.20.usb.installer.zip 2013-08-05 18:18 - 2013-08-05 18:18 - 00000000 ____D C:\Users\Matheo\Desktop\memtest86+-4.20 2013-08-05 17:55 - 2013-08-05 17:55 - 00000968 _____ C:\Users\Matheo\Desktop\FurMark.lnk 2013-08-05 16:16 - 2013-08-05 16:16 - 00000000 __SHD C:\found.000 2013-08-05 16:03 - 2013-08-05 16:03 - 00010688 ____N C:\bootsqm.dat 2013-08-05 15:51 - 2013-07-14 16:58 - 00000000 ____D C:\Program Files\WDCSAM 2013-08-03 10:48 - 2013-08-03 10:48 - 00000000 ____D C:\NvidiaLogging 2013-08-03 10:48 - 2012-12-04 19:34 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2013-08-03 10:48 - 2012-11-24 18:59 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2013-07-31 21:58 - 2013-06-25 09:38 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-07-31 11:00 - 2012-12-03 18:41 - 00000000 ____D C:\Users\Matheo\AppData\Roaming\NVIDIA 2013-07-31 10:56 - 2013-07-30 22:41 - 00000000 ____D C:\Users\Matheo\Documents\NFS SHIFT 2013-07-30 22:54 - 2013-07-30 22:54 - 00000000 ____D C:\Users\Matheo\AppData\Roaming\Day 1 Studios 2013-07-30 22:41 - 2013-07-30 22:41 - 00001072 _____ C:\Users\Public\Desktop\Need for Speed - Shift.lnk 2013-07-30 22:41 - 2013-07-30 22:41 - 00000000 ____D C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP 2013-07-30 22:28 - 2013-07-30 22:28 - 00000221 _____ C:\Users\Matheo\Desktop\F.E.A.R. 3.url 2013-07-30 22:22 - 2013-07-30 22:11 - 00000706 _____ C:\Users\Public\Desktop\Steam.lnk 2013-07-30 19:36 - 2013-06-17 20:58 - 00000000 ____D C:\Windows\SysWOW64\directx 2013-07-30 18:31 - 2012-11-25 13:57 - 00278958 _____ C:\Windows\DirectX.log 2013-07-30 18:30 - 2013-07-30 18:30 - 00000788 _____ C:\Users\Public\Desktop\Test Drive Unlimited 2.lnk 2013-07-30 12:37 - 2012-12-01 18:38 - 00103736 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2013-07-29 21:14 - 2012-12-01 18:38 - 00103736 _____ C:\Windows\SysWOW64\PnkBstrB.ex0 2013-07-29 18:20 - 2012-12-01 18:39 - 00281872 _____ C:\Windows\SysWOW64\PnkBstrB.xtr 2013-07-29 17:23 - 2013-07-29 17:23 - 00000000 ____D C:\ProgramData\APN 2013-07-29 15:58 - 2013-07-29 15:58 - 00000849 _____ C:\Users\Matheo\Desktop\Need for Speed Pro Street.lnk 2013-07-29 15:54 - 2012-08-29 00:43 - 00000000 ____D C:\Users\Matheo\Documents\Poradniki 2013-07-27 21:31 - 2013-07-27 21:28 - 00000360 _____ C:\Users\Matheo\AppData\Roaming\burnaware.ini 2013-07-27 21:17 - 2013-07-27 21:17 - 00000745 _____ C:\Users\Public\Desktop\BurnAware Free.lnk 2013-07-27 21:07 - 2013-05-24 07:26 - 00000000 ____D C:\Users\Matheo\Desktop\My Shared Folder 2013-07-27 18:39 - 2013-07-27 18:32 - 00000000 ____D C:\Users\Matheo\Documents\NFS ProStreet 2013-07-27 18:36 - 2013-03-16 11:01 - 00000000 ____D C:\Users\Matheo\AppData\Local\Torch 2013-07-27 18:32 - 2012-12-01 18:33 - 00000000 ____D C:\Users\Matheo\AppData\Local\PunkBuster 2013-07-27 15:18 - 2013-07-27 15:16 - 00000000 ____D C:\Users\Matheo\AppData\Local\NFS Underground 2 2013-07-27 13:34 - 2013-03-16 11:02 - 00002211 _____ C:\Users\Matheo\Desktop\Torch.lnk 2013-07-27 12:15 - 2012-11-26 18:07 - 00000008 _____ C:\Users\Matheo\AppData\Roaming\DofusAppId0_5 2013-07-27 11:53 - 2013-07-27 11:53 - 00000000 ____D C:\Users\Matheo\AppData\Roaming\Dofus-5 2013-07-27 10:34 - 2013-07-27 10:34 - 00000000 ____D C:\Users\Matheo\AppData\Roaming\Dofus-4 2013-07-27 10:08 - 2012-11-26 12:05 - 00000000 ____D C:\Users\Matheo\AppData\Roaming\Skype 2013-07-27 09:50 - 2013-07-27 09:50 - 00000000 ____D C:\Users\Matheo\AppData\Roaming\Reg 2013-07-27 09:49 - 2013-07-27 09:49 - 00001347 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2013-07-26 12:33 - 2013-04-01 17:48 - 00001179 _____ C:\Users\Matheo\Desktop\7+ Taskbar Tweaker.lnk 2013-07-26 12:33 - 2012-11-24 19:17 - 00000000 ___SD C:\Users\Matheo\GG dysk 2013-07-24 20:40 - 2012-11-26 12:10 - 00000000 ____D C:\Users\Ewa\AppData\Roaming\Skype 2013-07-18 18:57 - 2009-07-14 06:08 - 00032604 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-07-15 00:08 - 2013-07-15 00:08 - 00000000 ____H C:\Windows\System32\Drivers\Msft_User_wpdcomp_01_09_00.Wdf 2013-07-14 17:03 - 2013-07-14 17:03 - 00000000 ____D C:\Windows\System32\appmgmt 2013-07-14 16:58 - 2013-07-14 16:58 - 00000000 ____D C:\Program Files\DIFX 2013-07-14 16:58 - 2013-06-16 22:08 - 00153952 _____ C:\Windows\DPINST.LOG 2013-07-14 16:25 - 2013-07-14 16:25 - 00287784 _____ C:\Windows\Minidump\071413-11824-01.dmp 2013-07-14 16:25 - 2012-12-12 15:52 - 00000000 ____D C:\Windows\Minidump 2013-07-14 16:24 - 2013-07-14 16:24 - 00291296 _____ C:\Windows\Minidump\071413-19843-01.dmp 2013-07-13 11:52 - 2013-06-25 09:36 - 00004044 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-07-13 11:52 - 2013-06-25 09:36 - 00003792 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-07-13 11:31 - 2013-06-16 22:12 - 00000000 ____D C:\ProgramData\Sony Ericsson 2013-07-13 11:31 - 2013-06-16 22:12 - 00000000 ____D C:\Program Files (x86)\Sony Ericsson 2013-07-13 11:27 - 2013-06-16 22:08 - 00002026 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk 2013-07-13 11:27 - 2012-11-24 18:26 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-07-12 12:26 - 2013-07-12 12:26 - 00001490 _____ C:\Users\Matheo\Desktop\CoDWaW LanFixed.lnk 2013-07-12 11:46 - 2013-07-12 11:46 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2013-07-12 11:10 - 2013-07-12 11:10 - 01353641 _____ C:\Windows\unins000.exe 2013-07-12 11:10 - 2013-07-12 11:10 - 00022904 _____ C:\Windows\unins000.dat 2013-07-10 12:50 - 2009-07-14 19:09 - 00000000 ____D C:\Program Files\Windows Journal 2013-07-10 12:50 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Defender 2013-07-10 12:50 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2013-07-10 12:50 - 2009-07-14 05:45 - 00419232 _____ C:\Windows\System32\FNTCACHE.DAT 2013-07-09 20:59 - 2013-01-08 20:45 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-07-09 20:59 - 2012-11-29 17:54 - 78185248 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe 2013-07-09 20:56 - 2013-07-09 20:56 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-07-09 20:56 - 2013-07-09 20:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-07-09 20:09 - 2013-07-09 20:09 - 00000000 ____D C:\Users\Patrycja\AppData\Roaming\Skype 2013-07-09 20:09 - 2012-11-26 12:05 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk 2013-07-09 20:09 - 2012-11-26 12:05 - 00000000 ____D C:\ProgramData\Skype ==================== Known DLLs (Whitelisted) ================ [2009-07-14 00:44] - [2009-07-14 02:15] - 0000000 ____A () C:\Windows\SysWOW64\clbcatq.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= ==================== Memory info =========================== Percentage of memory in use: 16% Total physical RAM: 4072.01 MB Available physical RAM: 3415.01 MB Total Pagefile: 4070.16 MB Available Pagefile: 3398.51 MB Total Virtual: 8192 MB Available Virtual: 8191.85 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:60.1 GB) (Free:17.78 GB) NTFS (Disk=0 Partition=2) Drive d: () (Fixed) (Total:465.76 GB) (Free:162.25 GB) NTFS (Disk=1 Partition=1) Drive f: () (Fixed) (Total:51.59 GB) (Free:45.9 GB) NTFS (Disk=0 Partition=3) Drive h: (HDDREG) (Removable) (Total:1.92 GB) (Free:1.92 GB) FAT (Disk=2 Partition=1) Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Drive y: (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS (Disk=0 Partition=1) ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: DB4490E9) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=60 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=52 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 079B079B) Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (Size: 4 GB) (Disk ID: 00000000) Partition 1: (Active) - (Size=2 GB) - (Type=06) LastRegBack: 2013-08-02 11:33 ==================== End Of Log ============================