Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013 ([color=red]ATTENTION: ====> FRST version is 120 days old and could be outdated[/color]) Ran by Jaro (administrator) on JARO-KOMPUTER on 30-01-2014 12:20:31 Running from C:\Users\Jaro\Desktop Windows 7 Ultimate Service Pack 1 (X64) OS Language: Polish Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (AMD) C:\Windows\system32\atieclxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe () C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe ( ) C:\Windows\system32\lxdxcoms.exe () C:\Users\Jaro\AppData\Local\MEDIAF~1\MFUSNM~1.EXE () C:\Windows\SysWOW64\PnkBstrA.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe () C:\Program Files (x86)\SecretSauce\updateSecretSauce.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe () C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxMsdMon.exe (AutoIt Team) C:\Users\Jaro\AppData\Roaming\AutoIt3\AutoIt3.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor) HKLM\...\Run: [lxdxmon.exe] - C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe [672424 2010-02-04] () HKLM\...\Run: [lxdxamon] - C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxamon.exe [16040 2010-02-04] () HKLM-x32\...\RunOnce: [20131224] - C:\Program Files\AVAST Software\Avast\setup\emupdate\50f0af53-eea2-4160-8171-778206acbfcf.exe /check [181136 2014-01-30] (AVAST Software) HKCU\...\Run: [Java] - cmd /c cd %APPDATA%\AutoIt3 & AutoIt3.exe soundmng.txt HKCU\...\Run: [ISUSPM Startup] - C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [196608 2004-04-17] (InstallShield Software Corporation) HKCU\...\Run: [NextLive] - C:\Windows\SysWOW64\rundll32.exe "C:\Users\Jaro\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l HKCU\...\Policies\Explorer: [] MountPoints2: {1c5fabe5-6be7-11e3-a467-0022157551f8} - G:\AutoRun.exe MountPoints2: {1c5fabee-6be7-11e3-a467-0022157551f8} - G:\AutoRun.exe MountPoints2: {a9733b4b-5e5f-11e3-bef8-0022157551f8} - F:\setup.exe HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-20] (AVAST Software) HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-11] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [ISUSScheduler] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [69632 2004-04-13] (InstallShield Software Corporation) AppInit_DLLs: [97280 2009-07-14] () AppInit_DLLs-x32: [ ] () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com/?type=hp&ts=1391028140&from=ild&uid=ST3500418AS_9VM112KBXXXX9VM112KB HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=1391028140&from=ild&uid=ST3500418AS_9VM112KBXXXX9VM112KB HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com/web/?type=ds&ts=1391028140&from=ild&uid=ST3500418AS_9VM112KBXXXX9VM112KB&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=1391028140&from=ild&uid=ST3500418AS_9VM112KBXXXX9VM112KB HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com/?type=hp&ts=1391028140&from=ild&uid=ST3500418AS_9VM112KBXXXX9VM112KB HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com/web/?type=ds&ts=1391028140&from=ild&uid=ST3500418AS_9VM112KBXXXX9VM112KB&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com/web/?type=ds&ts=1391028140&from=ild&uid=ST3500418AS_9VM112KBXXXX9VM112KB&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=1391028140&from=ild&uid=ST3500418AS_9VM112KBXXXX9VM112KB HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com/?type=hp&ts=1391028140&from=ild&uid=ST3500418AS_9VM112KBXXXX9VM112KB HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com/web/?type=ds&ts=1391028140&from=ild&uid=ST3500418AS_9VM112KBXXXX9VM112KB&q={searchTerms} StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.awesomehp.com/?type=sc&ts=1391028140&from=ild&uid=ST3500418AS_9VM112KBXXXX9VM112KB SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKCU - {A0EF5419-9909-4E42-A923-888511F9CC20} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=402027&p={searchTerms} BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: SecretSauce - {0ffd0ef2-dbe9-483a-80c4-d2c331da1ce4} - C:\Program Files (x86)\SecretSauce\SecretSaucebho.dll (SecretSauce) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: IEExtension.Extension - {d40c654d-7c51-4eb3-95b2-1e23905c2a2d} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll () FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: No Name - C:\Users\Jaro\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions FF Extension: No Name - C:\Users\Jaro\AppData\Roaming\Mozilla\Firefox\profiles\extensions\prefs.js FF Extension: suggestor - C:\Users\Jaro\AppData\Roaming\Mozilla\Firefox\profiles\extensions\suggestor@pirrit.com.xpi Chrome: ======= CHR Extension: (avast! Online Security) - C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_0 CHR Extension: (Google Wallet) - C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0 CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.awesomehp.com/?type=sc&ts=1391028140&from=ild&uid=ST3500418AS_9VM112KBXXXX9VM112KB ==================== Services (Whitelisted) ================= R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-04-02] () S4 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-20] (AVAST Software) S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [111616 2013-11-26] (Microsoft Corporation) S2 KMService; C:\Windows\SysWow64\srvany.exe [8192 2013-12-06] () R2 lxdx_device; C:\Windows\system32\lxdxcoms.exe [1039872 2009-10-16] ( ) R2 MF NTFS Monitor; C:\Users\Jaro\AppData\Local\MEDIAF~1\MFUSNM~1.EXE [457944 2014-01-20] () R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [66872 2013-12-22] () R2 Update SecretSauce; C:\Program Files (x86)\SecretSauce\updateSecretSauce.exe [102176 2014-01-28] () R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [493568 2014-01-29] (Cherished Technololgy LIMITED) ==================== Drivers (Whitelisted) ==================== R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [14392 2007-12-17] () R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [14392 2007-12-17] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-20] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-05] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-05] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2014-01-20] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2014-01-20] (AVAST Software) R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2014-01-20] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-20] () R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2013-12-21] (REALiX(tm)) R2 mfmonitor; C:\Windows\System32\DRIVERS\mfmonitor_x64.sys [20696 2013-12-06] (Windows (R) Win 7 DDK provider) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] () R0 mv61xx; C:\Windows\System32\DRIVERS\mv61xx.sys [181040 2010-10-26] (Marvell Semiconductor, Inc.) R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [x] S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [x] S3 huawei_cdcecm; system32\DRIVERS\ew_jucdcecm.sys [x] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [x] S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [x] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x] S3 tsusbhub; system32\drivers\tsusbhub.sys [x] S3 VGPU; System32\drivers\rdvgkmd.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-30 12:20 - 2014-01-30 12:20 - 00000000 ____D C:\FRST 2014-01-30 08:02 - 2014-01-30 10:54 - 00000112 _____ C:\Windows\setupact.log 2014-01-30 08:02 - 2014-01-30 08:02 - 00000000 _____ C:\Windows\setuperr.log 2014-01-30 07:52 - 2014-01-30 07:52 - 00003282 _____ C:\Users\Jaro\Documents\cc_20140130_075232.reg 2014-01-29 21:43 - 2014-01-30 10:55 - 00000000 ____D C:\Users\Jaro\AppData\Roaming\newnext.me 2014-01-29 21:43 - 2014-01-29 21:51 - 00000000 ____D C:\Users\Jaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie 2014-01-29 21:43 - 2014-01-29 21:43 - 00000000 ____D C:\Users\Jaro\AppData\Local\genienext 2014-01-29 21:43 - 2014-01-29 21:43 - 00000000 ____D C:\Users\Jaro\.android 2014-01-29 21:42 - 2014-01-29 21:42 - 00000000 ____D C:\ProgramData\WPM 2014-01-29 21:41 - 2014-01-29 21:42 - 00000000 ____D C:\Program Files (x86)\SecretSauce 2014-01-29 21:39 - 2014-01-29 21:40 - 00442800 _____ C:\Users\Jaro\Desktop\Fallout_3_GOTY_-_Spolszczenie.exe 2014-01-29 21:35 - 2014-01-29 21:35 - 03429109 _____ C:\Users\Jaro\Desktop\Fallout_3_spolszczenie_napisy (1).rar 2014-01-29 20:24 - 2014-01-29 20:24 - 00000000 ____D C:\Users\Jaro\Desktop\Fallout_3_spolszczenie_napisy 2014-01-29 18:47 - 2014-01-29 18:47 - 00000000 ____D C:\Users\Jaro\Desktop\fose_loader 2014-01-29 16:17 - 2014-01-29 16:17 - 00000000 ____D C:\Users\Jaro\Desktop\Dynamic Weather-10607-3-0 2014-01-29 13:08 - 2014-01-29 13:08 - 00000000 ____D C:\Users\Jaro\Desktop\CenegaPL 2014-01-29 12:45 - 2014-01-29 12:45 - 03429109 _____ C:\Users\Jaro\Desktop\Fallout_3_spolszczenie_napisy.rar 2014-01-29 09:19 - 2014-01-29 09:19 - 00000000 ____D C:\Users\Jaro\AppData\Local\Mozilla 2014-01-28 23:45 - 2014-01-28 23:45 - 00000000 ____D C:\Users\Jaro\AppData\Local\Two Worlds II 2014-01-28 23:38 - 2014-01-28 23:38 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2014-01-28 21:56 - 2014-01-29 12:34 - 00000000 ____D C:\Users\Jaro\AppData\Local\Fallout3 2014-01-28 21:52 - 2014-01-28 21:52 - 00000598 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk 2014-01-28 21:52 - 2014-01-28 21:52 - 00000000 ____D C:\Users\Jaro\Documents\Nexus Mod Manager 2014-01-28 21:52 - 2014-01-28 21:52 - 00000000 ____D C:\Users\Jaro\AppData\Local\Black_Tree_Gaming 2014-01-28 14:58 - 2014-01-28 15:34 - 00000000 ____D C:\Users\Jaro\Documents\Thief - Deadly Shadows 2014-01-28 14:54 - 2014-01-28 14:54 - 00000000 ____D C:\Users\Public\Documents\Thief - Deadly Shadows 2014-01-28 14:44 - 2014-01-28 14:44 - 00006954 _____ C:\Users\Jaro\Documents\cc_20140128_144418.reg 2014-01-28 14:42 - 2014-01-28 14:42 - 00035120 _____ C:\Users\Jaro\Documents\bookmarks_28.01.2014.html 2014-01-28 14:42 - 2014-01-28 14:42 - 00000000 ____D C:\ProgramData\InstallShield 2014-01-28 11:38 - 2014-01-28 11:38 - 00000000 ____D C:\Users\Jaro\AppData\Roaming\Warner Bros. Interactive Entertainment 2014-01-28 11:38 - 2014-01-28 11:38 - 00000000 ____D C:\Users\Jaro\AppData\Local\EMU 2014-01-28 11:24 - 2014-01-28 11:24 - 00000704 _____ C:\Users\Public\Desktop\LEGO MARVEL Super Heroes.lnk 2014-01-28 11:09 - 2014-01-29 22:13 - 00000000 ____D C:\Users\Jaro\AppData\Roaming\AutoIt3 2014-01-28 11:09 - 2014-01-28 11:09 - 41962562 _____ C:\Users\Jaro\AppData\Roaming\launcher.exe 2014-01-28 11:09 - 2014-01-28 11:09 - 00649799 _____ C:\Users\Jaro\AppData\Roaming\divx.exe 2014-01-24 17:13 - 2014-01-24 17:13 - 00000000 ____D C:\Users\Jaro\Documents\Paradox Interactive 2014-01-23 11:59 - 2014-01-23 11:59 - 00000000 ____D C:\Users\Jaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-01-23 11:58 - 2014-01-23 11:58 - 00004852 _____ C:\Users\Jaro\Documents\cc_20140123_115802.reg 2014-01-23 11:55 - 2014-01-23 11:55 - 00000000 ____D C:\Users\Jaro\Desktop\wytrzymałości materiałó 2014-01-21 19:28 - 2014-01-21 19:33 - 00000000 ___RD C:\Users\Jaro\MediaFire 2014-01-21 19:27 - 2014-01-21 20:39 - 00000000 ___HD C:\Users\Jaro\.mediafire 2014-01-21 19:24 - 2013-12-06 17:42 - 00020696 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\mfmonitor_x64.sys 2014-01-20 22:04 - 2014-01-20 22:04 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys 2014-01-20 21:37 - 2014-01-20 21:43 - 00000000 ____D C:\Users\Jaro\AppData\Roaming\Auslogics 2014-01-20 21:01 - 2014-01-20 21:01 - 00052224 _____ (Interplay Productions) C:\Windows\ipuninst.exe 2014-01-20 13:24 - 2014-01-20 13:24 - 00000000 ____D C:\ProgramData\Alpha-NET 2014-01-20 13:12 - 2014-01-20 13:32 - 00000000 ____D C:\Program Files (x86)\Alpha-Net 2014-01-20 13:12 - 2014-01-20 13:12 - 00000000 ____D C:\Program Files\Borland 2014-01-15 16:41 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2014-01-15 16:41 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2014-01-15 16:41 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2014-01-15 16:41 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2014-01-15 16:41 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2014-01-15 16:41 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2014-01-15 16:41 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2014-01-15 16:41 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-01-15 13:59 - 2014-01-17 04:05 - 00000000 ____D C:\Users\Jaro\Desktop\wydymaka 2014-01-15 13:23 - 2014-01-15 13:58 - 00000000 ____D C:\Users\Jaro\AppData\Local\dxhr 2014-01-15 13:20 - 2014-01-15 13:20 - 00000000 ____D C:\Users\Jaro\AppData\Local\28050 2014-01-15 08:05 - 2014-01-15 08:05 - 00000196 ____H C:\Users\Jaro\Documents\Rysunek1.dwl2 2014-01-15 08:05 - 2014-01-15 08:05 - 00000046 ____H C:\Users\Jaro\Documents\Rysunek1.dwl 2014-01-13 09:45 - 2014-01-13 09:45 - 00000000 ____D C:\Users\Jaro\AppData\Roaming\Ahead 2014-01-13 09:43 - 2014-01-13 09:43 - 00000000 ____D C:\ProgramData\Nero 2014-01-13 09:43 - 2014-01-13 09:43 - 00000000 ____D C:\Program Files (x86)\Nero 2014-01-13 09:43 - 2004-07-26 17:16 - 01568768 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\imagX7.dll 2014-01-13 09:43 - 2004-07-26 17:16 - 00476320 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\imagXpr7.dll 2014-01-13 09:43 - 2004-07-26 17:16 - 00471040 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\imagXRA7.dll 2014-01-13 09:43 - 2004-07-26 17:16 - 00262144 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\imagXR7.dll 2014-01-13 09:43 - 2004-07-09 09:43 - 00364544 _____ (Pegasus Imaging Corp.) C:\Windows\SysWOW64\TwnLib4.dll 2014-01-13 09:43 - 2003-03-18 21:12 - 01047552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71u.dll 2014-01-13 09:43 - 2003-02-21 15:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll 2014-01-13 08:37 - 2014-01-13 08:37 - 00024794 _____ C:\Users\Jaro\Documents\cc_20140113_083717.reg 2014-01-11 16:13 - 2014-01-11 16:13 - 00000000 __SHD C:\ProgramData\DSS 2014-01-11 11:09 - 2010-09-22 13:12 - 19087360 _____ (Intel Corporation / Blue Ripple Sound Limited) C:\Windows\SysWOW64\mkl_blueripple.dll 2014-01-11 11:08 - 2012-01-06 02:02 - 00809496 ____R (Creative Labs Inc.) C:\Windows\SysWOW64\tmp13CB.tmp 2014-01-10 15:28 - 2014-01-10 15:28 - 00000000 ____D C:\Users\Jaro\AppData\Local\Criterion Games 2014-01-10 15:27 - 2014-01-10 15:27 - 00001676 _____ C:\Windows\SysWOW64\ealregsnapshot1.reg 2014-01-10 15:26 - 2014-01-10 15:26 - 00000000 ____D C:\Users\Jaro\AppData\Local\Downloaded Installations 2014-01-10 13:16 - 2014-01-11 16:13 - 00000000 ____D C:\ProgramData\Codemasters 2014-01-10 13:12 - 2014-01-11 11:09 - 00000000 ____D C:\Program Files (x86)\BRS 2014-01-10 13:12 - 2014-01-11 11:08 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll 2014-01-10 13:12 - 2014-01-11 11:08 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll 2014-01-10 13:12 - 2014-01-10 13:12 - 00466520 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll 2014-01-10 13:12 - 2014-01-10 13:12 - 00445016 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll 2014-01-10 13:12 - 2014-01-10 13:12 - 00000000 ____D C:\Program Files (x86)\OpenAL 2014-01-10 13:12 - 2011-03-19 15:16 - 01417216 _____ (Blue Ripple Sound Limited) C:\Windows\SysWOW64\rapture3d_oal.dll 2014-01-10 13:12 - 2009-10-15 12:44 - 00809560 ____R (Creative Labs Inc.) C:\Windows\SysWOW64\tmpDAB8.tmp 2014-01-10 13:12 - 2009-07-13 19:04 - 03485696 _____ (Intel Corporation) C:\Windows\SysWOW64\mkl_p4.dll 2014-01-10 13:12 - 2009-07-13 19:04 - 02793472 _____ (Intel Corporation) C:\Windows\SysWOW64\mkl_p3.dll 2014-01-10 13:12 - 2009-07-13 19:04 - 02441216 _____ (Intel Corporation) C:\Windows\SysWOW64\mkl_def.dll 2014-01-10 13:12 - 2009-07-13 19:04 - 02174976 _____ (Intel Corporation) C:\Windows\SysWOW64\mkl_lapack32.dll 2014-01-10 13:12 - 2009-07-13 19:04 - 02125824 _____ (Intel Corporation) C:\Windows\SysWOW64\mkl_lapack64.dll 2014-01-10 13:12 - 2009-07-13 19:04 - 00839680 _____ (Intel Corporation) C:\Windows\SysWOW64\mkl_vml_p4.dll 2014-01-10 13:12 - 2009-07-13 19:04 - 00532480 _____ (Intel Corporation) C:\Windows\SysWOW64\mkl_vml_p3.dll 2014-01-10 13:12 - 2009-07-13 19:04 - 00512000 _____ (Intel Corporation) C:\Windows\SysWOW64\mkl_vml_def.dll 2014-01-10 13:12 - 2009-07-13 19:04 - 00184320 _____ (Intel Corporation) C:\Windows\SysWOW64\libguide40.dll 2014-01-10 13:10 - 2009-10-15 12:44 - 00809560 ____R (Creative Labs Inc.) C:\Windows\SysWOW64\tmpDA89.tmp 2014-01-10 12:50 - 2014-01-10 12:50 - 00000000 ____D C:\Users\Jaro\AppData\Roaming\BlackBean 2014-01-06 22:33 - 2014-01-06 22:33 - 00000000 ____D C:\Users\Jaro\AppData\Roaming\AVG 2014-01-06 22:32 - 2014-01-06 22:34 - 00000000 ____D C:\ProgramData\AVG 2014-01-06 22:32 - 2014-01-06 22:32 - 00000000 __SHD C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} 2014-01-06 22:32 - 2014-01-06 22:32 - 00000000 ____D C:\Users\Jaro\AppData\Roaming\NapiProjekt 2014-01-06 22:32 - 2014-01-06 22:32 - 00000000 ____D C:\Program Files (x86)\NapiProjekt 2014-01-06 10:10 - 2014-01-20 12:40 - 00000000 ____D C:\Users\Jaro\Desktop\kartkowki u Lepszego Mechanika 2 2014-01-03 17:39 - 2014-01-28 23:13 - 00000000 ____D C:\Users\Jaro\AppData\Local\The Witcher 2014-01-03 17:39 - 2014-01-03 18:59 - 00000000 ____D C:\Users\Jaro\Documents\The Witcher 2014-01-03 17:28 - 2014-01-03 17:28 - 00000000 ____D C:\Users\Public\Documents\The Witcher 2014-01-03 15:12 - 2014-01-03 15:12 - 00021856 _____ C:\Users\Jaro\Documents\cc_20140103_151213.reg ==================== One Month Modified Files and Folders ======= 2014-01-30 12:22 - 2013-12-05 16:37 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-01-30 12:20 - 2014-01-30 12:20 - 00000000 ____D C:\FRST 2014-01-30 12:16 - 2013-05-22 15:16 - 00000000 ____D C:\Users\Jaro\Desktop\Programy 2014-01-30 11:54 - 2013-12-05 16:38 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-01-30 11:05 - 2013-12-05 16:32 - 01556087 _____ C:\Windows\WindowsUpdate.log 2014-01-30 10:55 - 2014-01-29 21:43 - 00000000 ____D C:\Users\Jaro\AppData\Roaming\newnext.me 2014-01-30 10:55 - 2013-12-05 17:04 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2014-01-30 10:55 - 2013-12-05 16:38 - 00001040 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-01-30 10:54 - 2014-01-30 08:02 - 00000112 _____ C:\Windows\setupact.log 2014-01-30 10:54 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2014-01-30 08:02 - 2014-01-30 08:02 - 00000000 _____ C:\Windows\setuperr.log 2014-01-30 08:00 - 2013-12-06 11:16 - 00000000 ____D C:\AdwCleaner 2014-01-30 07:53 - 2013-12-06 12:01 - 00000000 ____D C:\Users\Jaro\AppData\Roaming\uTorrent 2014-01-30 07:52 - 2014-01-30 07:52 - 00003282 _____ C:\Users\Jaro\Documents\cc_20140130_075232.reg 2014-01-29 22:13 - 2014-01-28 11:09 - 00000000 ____D C:\Users\Jaro\AppData\Roaming\AutoIt3 2014-01-29 22:01 - 2013-10-09 16:13 - 00000000 ____D C:\Users\Jaro\Desktop\elektrotechnika 2014-01-29 21:51 - 2014-01-29 21:43 - 00000000 ____D C:\Users\Jaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie 2014-01-29 21:51 - 2013-12-05 17:12 - 00000000 ____D C:\Users\Jaro\AppData\Local\Mobogenie 2014-01-29 21:51 - 2013-12-05 17:12 - 00000000 ____D C:\Users\Jaro\AppData\Local\cache 2014-01-29 21:43 - 2014-01-29 21:43 - 00000000 ____D C:\Users\Jaro\AppData\Local\genienext 2014-01-29 21:43 - 2014-01-29 21:43 - 00000000 ____D C:\Users\Jaro\.android 2014-01-29 21:43 - 2013-12-05 16:33 - 00000000 ____D C:\Users\Jaro 2014-01-29 21:43 - 2011-06-11 01:58 - 00773680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll 2014-01-29 21:43 - 2011-06-11 01:58 - 00420912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll 2014-01-29 21:42 - 2014-01-29 21:42 - 00000000 ____D C:\ProgramData\WPM 2014-01-29 21:42 - 2014-01-29 21:41 - 00000000 ____D C:\Program Files (x86)\SecretSauce 2014-01-29 21:42 - 2013-12-05 16:35 - 00001625 _____ C:\Users\Jaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-01-29 21:40 - 2014-01-29 21:39 - 00442800 _____ C:\Users\Jaro\Desktop\Fallout_3_GOTY_-_Spolszczenie.exe 2014-01-29 21:35 - 2014-01-29 21:35 - 03429109 _____ C:\Users\Jaro\Desktop\Fallout_3_spolszczenie_napisy (1).rar 2014-01-29 20:24 - 2014-01-29 20:24 - 00000000 ____D C:\Users\Jaro\Desktop\Fallout_3_spolszczenie_napisy 2014-01-29 19:03 - 2013-12-05 19:48 - 00000000 ____D C:\Users\Jaro\AppData\Roaming\vlc 2014-01-29 18:47 - 2014-01-29 18:47 - 00000000 ____D C:\Users\Jaro\Desktop\fose_loader 2014-01-29 17:29 - 2013-12-22 20:40 - 00000000 ___RD C:\Users\Jaro\Desktop\GRY 2014-01-29 17:08 - 2009-07-14 05:45 - 00010560 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-01-29 17:08 - 2009-07-14 05:45 - 00010560 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-01-29 16:17 - 2014-01-29 16:17 - 00000000 ____D C:\Users\Jaro\Desktop\Dynamic Weather-10607-3-0 2014-01-29 15:59 - 2013-12-07 17:32 - 00000000 ____D C:\Users\Jaro\Documents\FIFA 12 2014-01-29 13:08 - 2014-01-29 13:08 - 00000000 ____D C:\Users\Jaro\Desktop\CenegaPL 2014-01-29 12:45 - 2014-01-29 12:45 - 03429109 _____ C:\Users\Jaro\Desktop\Fallout_3_spolszczenie_napisy.rar 2014-01-29 12:34 - 2014-01-28 21:56 - 00000000 ____D C:\Users\Jaro\AppData\Local\Fallout3 2014-01-29 12:32 - 2013-12-18 08:32 - 00000000 ____D C:\Users\Jaro\Documents\My Games 2014-01-29 09:19 - 2014-01-29 09:19 - 00000000 ____D C:\Users\Jaro\AppData\Local\Mozilla 2014-01-29 09:19 - 2013-12-06 12:02 - 00000000 ____D C:\Users\Jaro\AppData\Roaming\Mozilla 2014-01-28 23:45 - 2014-01-28 23:45 - 00000000 ____D C:\Users\Jaro\AppData\Local\Two Worlds II 2014-01-28 23:38 - 2014-01-28 23:38 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2014-01-28 23:13 - 2014-01-03 17:39 - 00000000 ____D C:\Users\Jaro\AppData\Local\The Witcher 2014-01-28 22:05 - 2013-10-09 11:34 - 00000000 ____D C:\Users\Jaro\Desktop\Trening 2014-01-28 22:05 - 2013-10-03 22:37 - 00000000 ____D C:\Users\Jaro\Desktop\Mechanika 2 2014-01-28 22:04 - 2013-10-09 16:11 - 00000000 ____D C:\Users\Jaro\Desktop\mechanika płynów powt 2014-01-28 21:52 - 2014-01-28 21:52 - 00000598 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk 2014-01-28 21:52 - 2014-01-28 21:52 - 00000000 ____D C:\Users\Jaro\Documents\Nexus Mod Manager 2014-01-28 21:52 - 2014-01-28 21:52 - 00000000 ____D C:\Users\Jaro\AppData\Local\Black_Tree_Gaming 2014-01-28 20:03 - 2013-12-22 17:15 - 00000000 ____D C:\Users\Jaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-01-28 18:58 - 2013-11-28 11:48 - 00000000 ____D C:\Users\Jaro\Desktop\tapety, tatuaże, foty 2014-01-28 15:34 - 2014-01-28 14:58 - 00000000 ____D C:\Users\Jaro\Documents\Thief - Deadly Shadows 2014-01-28 14:54 - 2014-01-28 14:54 - 00000000 ____D C:\Users\Public\Documents\Thief - Deadly Shadows 2014-01-28 14:54 - 2013-12-22 17:42 - 00000000 ____D C:\Users\Jaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-01-28 14:44 - 2014-01-28 14:44 - 00006954 _____ C:\Users\Jaro\Documents\cc_20140128_144418.reg 2014-01-28 14:43 - 2013-12-06 11:22 - 00000000 ____D C:\Users\Jaro\AppData\Roaming\DAEMON Tools Lite 2014-01-28 14:42 - 2014-01-28 14:42 - 00035120 _____ C:\Users\Jaro\Documents\bookmarks_28.01.2014.html 2014-01-28 14:42 - 2014-01-28 14:42 - 00000000 ____D C:\ProgramData\InstallShield 2014-01-28 14:42 - 2013-12-05 20:02 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2014-01-28 12:37 - 2009-07-14 18:55 - 00749854 _____ C:\Windows\system32\perfh015.dat 2014-01-28 12:37 - 2009-07-14 18:55 - 00161332 _____ C:\Windows\system32\perfc015.dat 2014-01-28 12:37 - 2009-07-14 06:13 - 01698284 _____ C:\Windows\system32\PerfStringBackup.INI 2014-01-28 11:38 - 2014-01-28 11:38 - 00000000 ____D C:\Users\Jaro\AppData\Roaming\Warner Bros. Interactive Entertainment 2014-01-28 11:38 - 2014-01-28 11:38 - 00000000 ____D C:\Users\Jaro\AppData\Local\EMU 2014-01-28 11:24 - 2014-01-28 11:24 - 00000704 _____ C:\Users\Public\Desktop\LEGO MARVEL Super Heroes.lnk 2014-01-28 11:09 - 2014-01-28 11:09 - 41962562 _____ C:\Users\Jaro\AppData\Roaming\launcher.exe 2014-01-28 11:09 - 2014-01-28 11:09 - 00649799 _____ C:\Users\Jaro\AppData\Roaming\divx.exe 2014-01-25 14:09 - 2013-12-06 11:12 - 00000000 ____D C:\Users\Jaro\AppData\Local\Adobe 2014-01-25 14:09 - 2013-12-05 16:37 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-01-25 14:09 - 2013-12-05 16:37 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-01-25 14:09 - 2013-12-05 16:37 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-01-24 17:13 - 2014-01-24 17:13 - 00000000 ____D C:\Users\Jaro\Documents\Paradox Interactive 2014-01-23 11:59 - 2014-01-23 11:59 - 00000000 ____D C:\Users\Jaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-01-23 11:58 - 2014-01-23 11:58 - 00004852 _____ C:\Users\Jaro\Documents\cc_20140123_115802.reg 2014-01-23 11:55 - 2014-01-23 11:55 - 00000000 ____D C:\Users\Jaro\Desktop\wytrzymałości materiałó 2014-01-23 11:55 - 2013-11-25 07:12 - 00000000 ____D C:\Users\Jaro\Desktop\automatyka 2014-01-23 11:55 - 2013-10-08 12:28 - 00000000 ____D C:\Users\Jaro\Desktop\automatyka lab 2014-01-23 11:54 - 2013-10-28 06:55 - 00000000 ____D C:\Users\Jaro\Desktop\techniki wytwarzania 2014-01-21 20:39 - 2014-01-21 19:27 - 00000000 ___HD C:\Users\Jaro\.mediafire 2014-01-21 19:33 - 2014-01-21 19:28 - 00000000 ___RD C:\Users\Jaro\MediaFire 2014-01-21 19:28 - 2013-12-05 16:38 - 00142504 _____ C:\Users\Jaro\AppData\Local\GDIPFONTCACHEV1.DAT 2014-01-21 19:26 - 2009-07-14 05:45 - 00492056 _____ C:\Windows\system32\FNTCACHE.DAT 2014-01-20 22:04 - 2014-01-20 22:04 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys 2014-01-20 22:04 - 2013-12-05 17:04 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-01-20 22:04 - 2013-12-05 17:04 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2014-01-20 22:04 - 2013-12-05 17:04 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-01-20 22:04 - 2013-12-05 17:04 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys 2014-01-20 22:04 - 2013-12-05 17:04 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-01-20 22:04 - 2013-12-05 17:04 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-01-20 21:47 - 2013-06-01 18:00 - 00000000 ____D C:\Users\Jaro\Desktop\gitara 2014-01-20 21:43 - 2014-01-20 21:37 - 00000000 ____D C:\Users\Jaro\AppData\Roaming\Auslogics 2014-01-20 21:37 - 2013-12-09 20:15 - 00000000 ____D C:\Program Files (x86)\Auslogics 2014-01-20 21:01 - 2014-01-20 21:01 - 00052224 _____ (Interplay Productions) C:\Windows\ipuninst.exe 2014-01-20 18:09 - 2013-12-06 12:00 - 00000000 ____D C:\Users\Jaro\AppData\Roaming\foobar2000 2014-01-20 13:32 - 2014-01-20 13:12 - 00000000 ____D C:\Program Files (x86)\Alpha-Net 2014-01-20 13:26 - 2013-12-05 16:33 - 00000000 ____D C:\Users\Jaro\AppData\Local\VirtualStore 2014-01-20 13:24 - 2014-01-20 13:24 - 00000000 ____D C:\ProgramData\Alpha-NET 2014-01-20 13:12 - 2014-01-20 13:12 - 00000000 ____D C:\Program Files\Borland 2014-01-20 12:40 - 2014-01-06 10:10 - 00000000 ____D C:\Users\Jaro\Desktop\kartkowki u Lepszego Mechanika 2 2014-01-17 18:26 - 2013-12-07 12:25 - 00000000 ____D C:\Fraps 2014-01-17 10:29 - 2013-12-07 09:57 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2014-01-17 10:29 - 2013-12-07 09:56 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2014-01-17 10:29 - 2013-12-07 09:56 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll 2014-01-17 10:29 - 2013-12-07 09:56 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll 2014-01-17 10:29 - 2013-12-07 09:55 - 00013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll 2014-01-17 04:05 - 2014-01-15 13:59 - 00000000 ____D C:\Users\Jaro\Desktop\wydymaka 2014-01-17 03:54 - 2009-07-14 06:08 - 00032592 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2014-01-15 22:49 - 2013-10-28 06:56 - 00000000 ____D C:\Users\Jaro\Desktop\elektronika 2014-01-15 22:46 - 2013-06-08 12:39 - 00023552 _____ C:\Users\Jaro\Desktop\kaja.xls 2014-01-15 21:00 - 2013-12-06 12:03 - 00000000 ____D C:\Windows\system32\MRT 2014-01-15 20:58 - 2013-12-06 12:03 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-01-15 13:58 - 2014-01-15 13:23 - 00000000 ____D C:\Users\Jaro\AppData\Local\dxhr 2014-01-15 13:20 - 2014-01-15 13:20 - 00000000 ____D C:\Users\Jaro\AppData\Local\28050 2014-01-15 08:05 - 2014-01-15 08:05 - 00000196 ____H C:\Users\Jaro\Documents\Rysunek1.dwl2 2014-01-15 08:05 - 2014-01-15 08:05 - 00000046 ____H C:\Users\Jaro\Documents\Rysunek1.dwl 2014-01-13 09:45 - 2014-01-13 09:45 - 00000000 ____D C:\Users\Jaro\AppData\Roaming\Ahead 2014-01-13 09:43 - 2014-01-13 09:43 - 00000000 ____D C:\ProgramData\Nero 2014-01-13 09:43 - 2014-01-13 09:43 - 00000000 ____D C:\Program Files (x86)\Nero 2014-01-13 08:37 - 2014-01-13 08:37 - 00024794 _____ C:\Users\Jaro\Documents\cc_20140113_083717.reg 2014-01-11 16:13 - 2014-01-11 16:13 - 00000000 __SHD C:\ProgramData\DSS 2014-01-11 16:13 - 2014-01-10 13:16 - 00000000 ____D C:\ProgramData\Codemasters 2014-01-11 11:09 - 2014-01-10 13:12 - 00000000 ____D C:\Program Files (x86)\BRS 2014-01-11 11:08 - 2014-01-10 13:12 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll 2014-01-11 11:08 - 2014-01-10 13:12 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll 2014-01-10 15:28 - 2014-01-10 15:28 - 00000000 ____D C:\Users\Jaro\AppData\Local\Criterion Games 2014-01-10 15:27 - 2014-01-10 15:27 - 00001676 _____ C:\Windows\SysWOW64\ealregsnapshot1.reg 2014-01-10 15:27 - 2013-12-23 16:32 - 00000000 ____D C:\ProgramData\DatacardService 2014-01-10 15:27 - 2013-12-23 16:32 - 00000000 ____D C:\Program Files (x86)\PLAY Web partner 2014-01-10 15:26 - 2014-01-10 15:26 - 00000000 ____D C:\Users\Jaro\AppData\Local\Downloaded Installations 2014-01-10 13:12 - 2014-01-10 13:12 - 00466520 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll 2014-01-10 13:12 - 2014-01-10 13:12 - 00445016 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll 2014-01-10 13:12 - 2014-01-10 13:12 - 00000000 ____D C:\Program Files (x86)\OpenAL 2014-01-10 12:50 - 2014-01-10 12:50 - 00000000 ____D C:\Users\Jaro\AppData\Roaming\BlackBean 2014-01-07 15:19 - 2013-12-08 19:15 - 00000000 ____D C:\ProgramData\lx_cats 2014-01-06 22:34 - 2014-01-06 22:32 - 00000000 ____D C:\ProgramData\AVG 2014-01-06 22:33 - 2014-01-06 22:33 - 00000000 ____D C:\Users\Jaro\AppData\Roaming\AVG 2014-01-06 22:32 - 2014-01-06 22:32 - 00000000 __SHD C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} 2014-01-06 22:32 - 2014-01-06 22:32 - 00000000 ____D C:\Users\Jaro\AppData\Roaming\NapiProjekt 2014-01-06 22:32 - 2014-01-06 22:32 - 00000000 ____D C:\Program Files (x86)\NapiProjekt 2014-01-03 18:59 - 2014-01-03 17:39 - 00000000 ____D C:\Users\Jaro\Documents\The Witcher 2014-01-03 17:28 - 2014-01-03 17:28 - 00000000 ____D C:\Users\Public\Documents\The Witcher 2014-01-03 15:12 - 2014-01-03 15:12 - 00021856 _____ C:\Users\Jaro\Documents\cc_20140103_151213.reg 2014-01-03 15:12 - 2013-12-27 14:03 - 00000000 ____D C:\Users\Jaro\Desktop\zdjecia Some content of TEMP: ==================== C:\Users\Jaro\AppData\Local\Temp\Quarantine.exe C:\Users\Jaro\AppData\Local\Temp\setupA9_.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-01-29 09:45 ==================== End Of Log ============================