Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 Ran by Maciek (administrator) on MACIEK-ASUS on 22-03-2014 11:41:52 Running from C:\Users\Maciek\Downloads\aa\laptop Windows 7 Professional Service Pack 1 (X64) OS Language: Polish Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (PandoraTV) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe () C:\Program Files (x86)\Dtella@MS\dtella.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-02-22] (Intel Corporation) HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [NBKeyScan] - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2221352 2008-06-08] (Nero AG) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-4290132301-2688213890-8098309-1000\...\Run: [GG] - C:\Users\Maciek\AppData\Local\GG\Application\gghub.exe [4047424 2013-12-10] (GG Network S.A.) HKU\S-1-5-21-4290132301-2688213890-8098309-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd) HKU\S-1-5-21-4290132301-2688213890-8098309-1000\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1821888 2014-02-25] (Valve Corporation) HKU\S-1-5-21-4290132301-2688213890-8098309-1000\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1840424 2008-06-24] (Nero AG) HKU\S-1-5-21-4290132301-2688213890-8098309-1000\...\Run: [DVDclone] - wscript.exe //B "C:\Users\Maciek\AppData\Local\Temp\DVDclone.vbs" <===== ATTENTION HKU\S-1-5-21-4290132301-2688213890-8098309-1000\...\Run: [7a2b0d6f82e4732be772a4c50aa180dc] - .. [0 2014-03-22] () HKU\S-1-5-21-4290132301-2688213890-8098309-1000\...\Run: [Link] - wscript.exe //B "C:\Users\Maciek\AppData\Local\Temp\Link.vbs" <===== ATTENTION AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-02-08] (NVIDIA Corporation) AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [148528 2014-02-08] (NVIDIA Corporation) AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [148528 2014-02-08] (NVIDIA Corporation) AppInit_DLLs-x32: ,C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148528 2014-02-08] (NVIDIA Corporation) ==================== Internet (Whitelisted) ==================== BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF ProfilePath: C:\Users\Maciek\AppData\Roaming\Mozilla\Firefox\Profiles\4w779nij.default FF SelectedSearchEngine: Google FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Maciek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft) Chrome: ======= CHR HomePage: hxxp://www.google.com CHR RestoreOnStartup: "hxxp://www.google.com" CHR Extension: (No Name) - C:\Users\Maciek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdnelaepemgkhfkmejhmknhghbmbdpp [2013-04-12] ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG) R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-06-08] (Nero AG) R3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [537896 2008-06-24] (Nero AG) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation) R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [625304 2012-09-28] (Pandora.TV) R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-07-04] () ==================== Drivers (Whitelisted) ==================== R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-03-15] () R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-19] (Avira Operations GmbH & Co. KG) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-04-09] (DT Soft Ltd) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-03-15] () R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation) S3 ASUSProcObsrv; \??\E:\I386\AsPrOb64.sys [X] S3 OSFMount; \??\C:\Program Files\OSFMount\OSFMount.sys [X] S0 vmci; system32\DRIVERS\vmci.sys [X] S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X] U3 ufdyyaod; \??\C:\Users\Maciek\AppData\Local\Temp\ufdyyaod.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-03-22 11:36 - 2014-03-22 11:41 - 00000000 ____D () C:\FRST 2014-03-22 11:03 - 2014-03-22 11:04 - 00000717 _____ () C:\Users\Maciek\Desktop\GMER prescan.txt 2014-03-21 21:54 - 2014-03-21 21:54 - 00000000 ____D () C:\ProgramData\3DMGAME 2014-03-21 21:39 - 2014-03-22 09:23 - 00000000 ____D () C:\Users\Maciek\Downloads\Yaiba_Ninja_Gaiden_Z-GameWorks 2014-03-21 21:38 - 2014-03-21 21:38 - 00017115 _____ () C:\Users\Maciek\Downloads\[www.tnt24.info] YAIBA Ninja Gaiden Z _2014_ [ENG Steam-Rip-RG GameWorks].torrent 2014-03-21 18:42 - 2014-03-21 18:42 - 00016233 _____ () C:\Users\Maciek\Downloads\[www.tnt24.info] Toy Soldiers [MULTI8][3DM].torrent 2014-03-19 11:19 - 2014-03-19 11:19 - 00000000 ____D () C:\Users\Maciek\AppData\Roaming\.mono 2014-03-19 11:19 - 2014-03-19 11:19 - 00000000 ____D () C:\ProgramData\.mono 2014-03-18 20:24 - 2014-03-18 20:24 - 00000000 ____D () C:\Program Files (x86)\Paradox Interactive 2014-03-18 19:53 - 2014-03-18 19:53 - 00000000 ____D () C:\ProgramData\Firefly Studios 2014-03-18 19:52 - 2014-03-18 19:57 - 00000000 ____D () C:\Users\Maciek\Documents\Stronghold 2 2014-03-18 19:43 - 2014-03-18 19:43 - 00024666 _____ () C:\Users\Maciek\Downloads\[www.tnt24.info] Deus Ex The Fall _2014_ [Multi5-ENG] [RELOADED].torrent 2014-03-18 15:47 - 2014-03-20 12:58 - 00000000 ____D () C:\Program Files (x86)\Firefly Studios 2014-03-16 10:09 - 2014-03-18 15:00 - 00000000 ____D () C:\Users\Maciek\Documents\Gothic3 2014-03-15 22:43 - 2014-03-15 22:43 - 00023482 _____ () C:\Users\Maciek\Downloads\Supernatural.S09E10.HDTV.x264-LOL.txt 2014-03-15 22:36 - 2014-03-15 22:40 - 226446698 _____ () C:\Users\Maciek\Downloads\Supernatural.S09E10.HDTV.x264-LOL.mp4 2014-03-15 20:12 - 2014-03-15 21:13 - 225816334 _____ () C:\Users\Maciek\Downloads\BabyGotBoobs - Brooklyn's Big Icy Tits - Brooklyn Chase.mp4 2014-03-15 20:04 - 2014-03-18 21:54 - 00000000 ____D () C:\Users\Maciek\Downloads\King.Arthur.The.Roleplaying.Wargame.Collection-PROPHET 2014-03-15 10:20 - 2014-03-15 10:20 - 00000000 ____D () C:\Windows\1C4551A64743409391E41477CD655043.TMP 2014-03-14 17:08 - 2014-03-14 17:08 - 00000000 ____D () C:\Users\Maciek\Downloads\Kagney Lynn Karter (Office Party Mayhem! 26.01.11)HD 2014-03-14 12:48 - 2014-03-14 12:48 - 00111127 _____ () C:\Users\Maciek\Downloads\Age of Empires II HD Edition - Reload.torrent 2014-03-13 19:18 - 2014-03-13 19:18 - 00000000 ____D () C:\Users\Maciek\Documents\DogsOfWar 2014-03-13 15:04 - 2014-03-13 15:49 - 00000000 ____D () C:\Users\Maciek\Downloads\PlayboyPlus.14.03.13.Tiana.Nicole.Sofa.Climax.XXX.1080p.MP4-KTR[rarbg] 2014-03-13 14:14 - 2014-03-13 14:15 - 00000000 ____D () C:\ProgramData\Package Cache 2014-03-13 13:34 - 2014-03-18 19:49 - 00000000 ____D () C:\Users\Maciek\Downloads\Twierdza 2 - Stronghold 2 Deluxe [PL][ISO][1.4.1] 2014-03-12 23:48 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-03-12 23:48 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-03-12 23:48 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-03-12 23:48 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-03-12 23:48 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-03-12 23:48 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-03-12 23:48 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-03-12 23:48 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-03-12 23:48 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-03-12 23:48 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-03-12 23:48 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-03-12 23:48 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-03-12 23:48 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-03-12 23:48 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-03-12 23:48 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-03-12 23:48 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-03-12 23:48 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-03-12 23:48 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-03-12 23:48 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-03-12 23:48 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-03-12 23:48 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-03-12 23:48 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-03-12 23:48 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-03-12 23:48 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-03-12 23:48 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-03-12 23:48 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-03-12 23:48 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-03-12 23:48 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-03-12 23:48 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-03-12 23:48 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-03-12 23:48 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-03-12 23:48 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-03-12 23:48 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-03-12 23:48 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-03-12 23:48 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-03-12 23:48 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-03-12 23:48 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-03-12 23:48 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-03-12 23:48 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-03-12 23:48 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-03-12 23:29 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-03-12 23:29 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2014-03-12 23:29 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2014-03-12 23:29 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2014-03-12 23:24 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-03-12 23:24 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-03-12 23:24 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-03-12 23:24 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-03-12 17:06 - 2014-03-12 17:06 - 05777288 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2014-03-09 22:23 - 2014-03-09 22:23 - 00000000 ____D () C:\Users\Maciek\AppData\Local\Setup Integrity Check 2014-03-09 13:34 - 2014-03-18 19:44 - 00000000 ____D () C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-03-09 13:16 - 2014-03-16 10:09 - 00001064 _____ () C:\Windows\KB893803v2.log 2014-03-06 17:57 - 2014-03-06 17:57 - 00000000 ____D () C:\Users\Maciek\AppData\Local\NVIDIA Corporation 2014-03-06 17:55 - 2014-03-06 17:55 - 00000000 ____D () C:\Windows\SysWOW64\NV 2014-03-06 17:55 - 2014-03-06 17:55 - 00000000 ____D () C:\Windows\system32\NV 2014-03-06 17:54 - 2014-03-06 17:54 - 00001343 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk 2014-03-06 17:53 - 2014-03-13 14:57 - 00000000 ____D () C:\Users\Maciek\AppData\Local\NVIDIA 2014-03-06 17:53 - 2014-02-05 10:31 - 01048152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2014-03-06 17:53 - 2014-02-05 10:30 - 01179576 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2014-03-06 17:52 - 2014-03-06 17:52 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2014-03-06 17:49 - 2014-02-08 19:34 - 31432480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2014-03-06 17:49 - 2014-02-08 19:34 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-03-06 17:49 - 2014-02-08 19:34 - 23683360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2014-03-06 17:49 - 2014-02-08 19:34 - 18257576 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2014-03-06 17:49 - 2014-02-08 19:34 - 17715784 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2014-03-06 17:49 - 2014-02-08 19:34 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2014-03-06 17:49 - 2014-02-08 19:34 - 15740232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2014-03-06 17:49 - 2014-02-08 19:34 - 14669032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2014-03-06 17:49 - 2014-02-08 19:34 - 12324640 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-03-06 17:49 - 2014-02-08 19:34 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-03-06 17:49 - 2014-02-08 19:34 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-03-06 17:49 - 2014-02-08 19:34 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2014-03-06 17:49 - 2014-02-08 19:34 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2014-03-06 17:49 - 2014-02-08 19:34 - 03142432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-03-06 17:49 - 2014-02-08 19:34 - 03090184 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2014-03-06 17:49 - 2014-02-08 19:34 - 02956576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2014-03-06 17:49 - 2014-02-08 19:34 - 02782496 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2014-03-06 17:49 - 2014-02-08 19:34 - 02713728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2014-03-06 17:49 - 2014-02-08 19:34 - 02410784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2014-03-06 17:49 - 2014-02-08 19:34 - 00947296 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2014-03-06 17:49 - 2014-02-08 19:34 - 00892192 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2014-03-06 17:49 - 2014-02-08 19:34 - 00875296 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2014-03-06 17:49 - 2014-02-08 19:34 - 00863520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2014-03-06 17:49 - 2014-02-08 19:34 - 00844576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2014-03-06 17:49 - 2014-02-08 19:34 - 00832424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2014-03-06 17:49 - 2014-02-08 19:34 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2014-03-06 17:49 - 2014-02-08 19:34 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2014-03-06 17:49 - 2014-02-08 19:34 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys 2014-03-06 17:49 - 2013-12-27 19:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2014-03-06 17:49 - 2013-12-27 19:42 - 00035104 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2014-03-06 17:49 - 2013-12-27 19:42 - 00033056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2014-03-06 17:34 - 2014-02-08 19:34 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433489.dll 2014-03-06 17:34 - 2014-02-08 19:34 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433489.dll 2014-03-06 17:16 - 2014-03-06 17:29 - 276927952 _____ (NVIDIA Corporation) C:\Users\Maciek\Downloads\334.89-notebook-win8-win7-64bit-international-whql.exe 2014-03-06 17:11 - 2014-03-06 17:11 - 00000000 ____D () C:\Users\Maciek\AppData\Local\Skyrim 2014-03-03 15:59 - 2014-03-03 15:59 - 00000000 ____D () C:\Program Files (x86)\R.G.Games 2014-03-03 15:14 - 2014-03-03 15:14 - 00000000 ___RD () C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-03-01 20:28 - 2014-03-01 21:04 - 00000000 ____D () C:\Users\Maciek\AppData\Roaming\Awesomium 2014-02-28 22:56 - 2014-02-28 23:11 - 00000000 ____D () C:\Users\Maciek\Downloads\Total War ROME II [MULTI][PCDVD][Update 9 Incl DLC][RELOADED][WwW.GamesTorrents.CoM] 2014-02-28 20:32 - 2014-02-28 20:56 - 00000000 ____D () C:\Users\Maciek\Downloads\Total.War.ROME.II.Update.9.Incl.DLC-RELOADED 2014-02-28 20:20 - 2014-02-28 20:26 - 00000000 ____D () C:\Users\Maciek\Downloads\Total.War.ROME.II.Update.8.1.Incl.DLC-RELOADED 2014-02-28 15:42 - 2014-03-21 10:01 - 00000000 ____D () C:\Users\Maciek\Downloads\Game Of Bones_ Winter Is Cumming (Zero Tolerance) NEW 2013 (Split Scenes) 2014-02-24 17:25 - 2014-02-24 17:25 - 00026258 _____ () C:\Users\Maciek\Downloads\Thief_2014-[PC_Game_Complete_Collection_Cracked]-Full-VERSION.torrent 2014-02-22 22:11 - 2014-02-22 22:11 - 00000000 ____D () C:\Użytkownicy 2014-02-22 22:09 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll 2014-02-22 20:30 - 2014-02-22 20:30 - 00000000 ____D () C:\Users\Maciek\AppData\Local\Risen2 2014-02-22 18:54 - 2014-02-22 18:54 - 00000000 ____D () C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP 2014-02-20 20:51 - 2014-02-20 20:51 - 00000000 ____D () C:\Users\Maciek\AppData\Local\Daedalic Entertainment GmbH ==================== One Month Modified Files and Folders ======= 2014-03-22 11:41 - 2014-03-22 11:36 - 00000000 ____D () C:\FRST 2014-03-22 11:40 - 2013-12-18 19:01 - 00000000 ____D () C:\Users\Maciek\Downloads\aa 2014-03-22 11:39 - 2013-10-02 19:32 - 00000000 ____D () C:\Users\Maciek\Desktop\Dokumenty 2014-03-22 11:13 - 2014-02-19 13:00 - 00000000 ____D () C:\Users\Maciek\AppData\Roaming\uTorrent 2014-03-22 11:12 - 2013-08-13 11:38 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-03-22 11:04 - 2014-03-22 11:03 - 00000717 _____ () C:\Users\Maciek\Desktop\GMER prescan.txt 2014-03-22 10:54 - 2013-04-09 17:51 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-03-22 09:23 - 2014-03-21 21:39 - 00000000 ____D () C:\Users\Maciek\Downloads\Yaiba_Ninja_Gaiden_Z-GameWorks 2014-03-22 09:18 - 2009-07-14 05:45 - 00024704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-03-22 09:18 - 2009-07-14 05:45 - 00024704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-03-22 09:16 - 2013-04-09 22:23 - 01478788 _____ () C:\Windows\WindowsUpdate.log 2014-03-22 09:14 - 2013-04-09 21:24 - 00000000 ____D () C:\Users\Maciek\AppData\Roaming\GG 2014-03-22 09:11 - 2009-07-14 05:51 - 00094189 _____ () C:\Windows\setupact.log 2014-03-22 09:10 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-03-21 21:54 - 2014-03-21 21:54 - 00000000 ____D () C:\ProgramData\3DMGAME 2014-03-21 21:38 - 2014-03-21 21:38 - 00017115 _____ () C:\Users\Maciek\Downloads\[www.tnt24.info] YAIBA Ninja Gaiden Z _2014_ [ENG Steam-Rip-RG GameWorks].torrent 2014-03-21 18:42 - 2014-03-21 18:42 - 00016233 _____ () C:\Users\Maciek\Downloads\[www.tnt24.info] Toy Soldiers [MULTI8][3DM].torrent 2014-03-21 10:01 - 2014-02-28 15:42 - 00000000 ____D () C:\Users\Maciek\Downloads\Game Of Bones_ Winter Is Cumming (Zero Tolerance) NEW 2013 (Split Scenes) 2014-03-20 12:58 - 2014-03-18 15:47 - 00000000 ____D () C:\Program Files (x86)\Firefly Studios 2014-03-19 22:43 - 2013-04-09 21:44 - 00000000 ____D () C:\Users\Maciek\AppData\Roaming\vlc 2014-03-19 17:17 - 2013-10-08 15:42 - 00000000 ____D () C:\Users\Maciek\Desktop\pentagram 2014-03-19 11:19 - 2014-03-19 11:19 - 00000000 ____D () C:\Users\Maciek\AppData\Roaming\.mono 2014-03-19 11:19 - 2014-03-19 11:19 - 00000000 ____D () C:\ProgramData\.mono 2014-03-18 21:54 - 2014-03-15 20:04 - 00000000 ____D () C:\Users\Maciek\Downloads\King.Arthur.The.Roleplaying.Wargame.Collection-PROPHET 2014-03-18 20:24 - 2014-03-18 20:24 - 00000000 ____D () C:\Program Files (x86)\Paradox Interactive 2014-03-18 19:57 - 2014-03-18 19:52 - 00000000 ____D () C:\Users\Maciek\Documents\Stronghold 2 2014-03-18 19:53 - 2014-03-18 19:53 - 00000000 ____D () C:\ProgramData\Firefly Studios 2014-03-18 19:49 - 2014-03-13 13:34 - 00000000 ____D () C:\Users\Maciek\Downloads\Twierdza 2 - Stronghold 2 Deluxe [PL][ISO][1.4.1] 2014-03-18 19:46 - 2013-04-09 22:52 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-03-18 19:44 - 2014-03-09 13:34 - 00000000 ____D () C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-03-18 19:43 - 2014-03-18 19:43 - 00024666 _____ () C:\Users\Maciek\Downloads\[www.tnt24.info] Deus Ex The Fall _2014_ [Multi5-ENG] [RELOADED].torrent 2014-03-18 16:01 - 2013-08-23 09:12 - 00000000 ____D () C:\Windows\system32\MRT 2014-03-18 16:00 - 2013-08-23 09:12 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-03-18 15:59 - 2013-04-09 17:58 - 00000000 ____D () C:\Users\Maciek\AppData\Roaming\Macromedia 2014-03-18 15:43 - 2013-08-04 16:41 - 00000000 ____D () C:\Users\Maciek\Desktop\NUMERY DLA DARKA 2014-03-18 15:00 - 2014-03-16 10:09 - 00000000 ____D () C:\Users\Maciek\Documents\Gothic3 2014-03-16 10:09 - 2014-03-09 13:16 - 00001064 _____ () C:\Windows\KB893803v2.log 2014-03-15 22:43 - 2014-03-15 22:43 - 00023482 _____ () C:\Users\Maciek\Downloads\Supernatural.S09E10.HDTV.x264-LOL.txt 2014-03-15 22:40 - 2014-03-15 22:36 - 226446698 _____ () C:\Users\Maciek\Downloads\Supernatural.S09E10.HDTV.x264-LOL.mp4 2014-03-15 21:13 - 2014-03-15 20:12 - 225816334 _____ () C:\Users\Maciek\Downloads\BabyGotBoobs - Brooklyn's Big Icy Tits - Brooklyn Chase.mp4 2014-03-15 10:20 - 2014-03-15 10:20 - 00000000 ____D () C:\Windows\1C4551A64743409391E41477CD655043.TMP 2014-03-15 10:20 - 2013-08-21 13:55 - 00314016 _____ () C:\Windows\system32\Drivers\atksgt.sys 2014-03-15 10:20 - 2013-08-21 13:55 - 00043680 _____ () C:\Windows\system32\Drivers\lirsgt.sys 2014-03-15 10:20 - 2013-04-09 23:04 - 00488132 _____ () C:\Windows\DirectX.log 2014-03-14 17:08 - 2014-03-14 17:08 - 00000000 ____D () C:\Users\Maciek\Downloads\Kagney Lynn Karter (Office Party Mayhem! 26.01.11)HD 2014-03-14 12:48 - 2014-03-14 12:48 - 00111127 _____ () C:\Users\Maciek\Downloads\Age of Empires II HD Edition - Reload.torrent 2014-03-13 19:18 - 2014-03-13 19:18 - 00000000 ____D () C:\Users\Maciek\Documents\DogsOfWar 2014-03-13 15:49 - 2014-03-13 15:04 - 00000000 ____D () C:\Users\Maciek\Downloads\PlayboyPlus.14.03.13.Tiana.Nicole.Sofa.Climax.XXX.1080p.MP4-KTR[rarbg] 2014-03-13 14:57 - 2014-03-06 17:53 - 00000000 ____D () C:\Users\Maciek\AppData\Local\NVIDIA 2014-03-13 14:15 - 2014-03-13 14:14 - 00000000 ____D () C:\ProgramData\Package Cache 2014-03-13 13:13 - 2009-07-14 05:45 - 00479632 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-03-13 13:12 - 2013-08-05 13:24 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-03-13 13:12 - 2013-08-05 13:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-03-13 12:45 - 2013-06-01 11:54 - 00000000 ____D () C:\Users\Maciek\Documents\My Games 2014-03-13 09:42 - 2013-05-21 22:18 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-03-12 17:06 - 2014-03-12 17:06 - 05777288 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2014-03-12 17:06 - 2013-04-09 17:51 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-03-12 17:06 - 2013-04-09 17:51 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-03-12 17:06 - 2013-04-09 17:51 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-03-10 22:47 - 2014-01-15 17:04 - 00000000 ____D () C:\Users\Maciek\AppData\Roaming\TheBannerSaga 2014-03-10 22:47 - 2013-08-28 11:30 - 00000000 ____D () C:\Users\Maciek\AppData\Roaming\AlawarEntertainment 2014-03-10 22:47 - 2013-05-18 14:43 - 00000000 ____D () C:\Users\Maciek\AppData\Roaming\Thunder Wolves 2014-03-10 13:57 - 2013-06-03 23:39 - 00000000 ____D () C:\Games 2014-03-10 13:57 - 2013-04-09 23:37 - 00000000 ____D () C:\Users\Maciek\AppData\Local\SKIDROW 2014-03-10 11:46 - 2013-08-29 16:56 - 00000000 ____D () C:\AdwCleaner 2014-03-10 10:09 - 2010-11-21 04:47 - 00039958 _____ () C:\Windows\PFRO.log 2014-03-09 22:43 - 2013-11-16 02:21 - 00000000 ____D () C:\Users\Maciek\AppData\Local\Game Updater 2014-03-09 22:23 - 2014-03-09 22:23 - 00000000 ____D () C:\Users\Maciek\AppData\Local\Setup Integrity Check 2014-03-09 22:21 - 2014-01-12 21:47 - 00000115 _____ () C:\Users\Maciek\AppData\Roaming\default.pls 2014-03-06 17:57 - 2014-03-06 17:57 - 00000000 ____D () C:\Users\Maciek\AppData\Local\NVIDIA Corporation 2014-03-06 17:57 - 2013-04-09 19:03 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-03-06 17:55 - 2014-03-06 17:55 - 00000000 ____D () C:\Windows\SysWOW64\NV 2014-03-06 17:55 - 2014-03-06 17:55 - 00000000 ____D () C:\Windows\system32\NV 2014-03-06 17:55 - 2013-04-09 19:04 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-03-06 17:54 - 2014-03-06 17:54 - 00001343 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk 2014-03-06 17:53 - 2013-04-09 19:03 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-03-06 17:53 - 2013-04-09 19:02 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-03-06 17:52 - 2014-03-06 17:52 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2014-03-06 17:29 - 2014-03-06 17:16 - 276927952 _____ (NVIDIA Corporation) C:\Users\Maciek\Downloads\334.89-notebook-win8-win7-64bit-international-whql.exe 2014-03-06 17:11 - 2014-03-06 17:11 - 00000000 ____D () C:\Users\Maciek\AppData\Local\Skyrim 2014-03-03 16:33 - 2013-04-12 18:26 - 00000000 ____D () C:\ProgramData\Steam 2014-03-03 16:26 - 2013-08-12 09:00 - 00000000 ____D () C:\Windows\SysWOW64\directx 2014-03-03 16:22 - 2013-08-12 09:00 - 00000000 ___HD () C:\Windows\msdownld.tmp 2014-03-03 15:59 - 2014-03-03 15:59 - 00000000 ____D () C:\Program Files (x86)\R.G.Games 2014-03-03 15:14 - 2014-03-03 15:14 - 00000000 ___RD () C:\Users\Maciek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-03-02 00:38 - 2011-04-12 14:32 - 00000000 ___RD () C:\Users\Public\Recorded TV 2014-03-01 21:07 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar 2014-03-01 21:04 - 2014-03-01 20:28 - 00000000 ____D () C:\Users\Maciek\AppData\Roaming\Awesomium 2014-03-01 09:50 - 2014-02-12 14:33 - 00000000 ____D () C:\Users\Maciek\Documents\MercurySteam 2014-03-01 07:05 - 2014-03-12 23:48 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-03-01 06:17 - 2014-03-12 23:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-03-01 06:16 - 2014-03-12 23:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-03-01 05:58 - 2014-03-12 23:48 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-03-01 05:52 - 2014-03-12 23:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-03-01 05:51 - 2014-03-12 23:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-03-01 05:42 - 2014-03-12 23:48 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-03-01 05:40 - 2014-03-12 23:48 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-03-01 05:37 - 2014-03-12 23:48 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-03-01 05:33 - 2014-03-12 23:48 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-03-01 05:33 - 2014-03-12 23:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-03-01 05:32 - 2014-03-12 23:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-03-01 05:30 - 2014-03-12 23:48 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-03-01 05:23 - 2014-03-12 23:48 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-03-01 05:17 - 2014-03-12 23:48 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-03-01 05:11 - 2014-03-12 23:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-03-01 05:02 - 2014-03-12 23:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-03-01 04:54 - 2014-03-12 23:48 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-03-01 04:52 - 2014-03-12 23:48 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-03-01 04:51 - 2014-03-12 23:48 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-03-01 04:47 - 2014-03-12 23:48 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-03-01 04:43 - 2014-03-12 23:48 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-03-01 04:43 - 2014-03-12 23:48 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-03-01 04:42 - 2014-03-12 23:48 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-03-01 04:40 - 2014-03-12 23:48 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-03-01 04:38 - 2014-03-12 23:48 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-03-01 04:37 - 2014-03-12 23:48 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-03-01 04:35 - 2014-03-12 23:48 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-03-01 04:18 - 2014-03-12 23:48 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-03-01 04:16 - 2014-03-12 23:48 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-03-01 04:14 - 2014-03-12 23:48 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-03-01 04:10 - 2014-03-12 23:48 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-03-01 04:03 - 2014-03-12 23:48 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-03-01 04:00 - 2014-03-12 23:48 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-03-01 03:57 - 2014-03-12 23:48 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-03-01 03:38 - 2014-03-12 23:48 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-03-01 03:32 - 2014-03-12 23:48 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-03-01 03:27 - 2014-03-12 23:48 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-03-01 03:25 - 2014-03-12 23:48 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-03-01 03:25 - 2014-03-12 23:48 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-02-28 23:11 - 2014-02-28 22:56 - 00000000 ____D () C:\Users\Maciek\Downloads\Total War ROME II [MULTI][PCDVD][Update 9 Incl DLC][RELOADED][WwW.GamesTorrents.CoM] 2014-02-28 20:56 - 2014-02-28 20:32 - 00000000 ____D () C:\Users\Maciek\Downloads\Total.War.ROME.II.Update.9.Incl.DLC-RELOADED 2014-02-28 20:26 - 2014-02-28 20:20 - 00000000 ____D () C:\Users\Maciek\Downloads\Total.War.ROME.II.Update.8.1.Incl.DLC-RELOADED 2014-02-27 01:15 - 2013-04-12 18:36 - 01672054 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-02-27 01:15 - 2011-04-12 14:21 - 00750342 _____ () C:\Windows\system32\perfh015.dat 2014-02-27 01:15 - 2011-04-12 14:21 - 00161762 _____ () C:\Windows\system32\perfc015.dat 2014-02-27 01:14 - 2009-07-14 06:13 - 01672054 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-02-24 19:42 - 2013-06-25 18:38 - 00000000 ____D () C:\Users\Maciek\AppData\Roaming\Milestone 2014-02-24 17:25 - 2014-02-24 17:25 - 00026258 _____ () C:\Users\Maciek\Downloads\Thief_2014-[PC_Game_Complete_Collection_Cracked]-Full-VERSION.torrent 2014-02-23 11:25 - 2014-02-17 16:51 - 00000000 ____D () C:\Users\Maciek\AppData\Roaming\Carbon 2014-02-23 11:25 - 2013-04-15 16:33 - 00000000 ____D () C:\Users\Maciek\AppData\Roaming\LibreOffice 2014-02-23 11:19 - 2013-06-08 12:01 - 00000000 ____D () C:\Users\Maciek\AppData\Roaming\Mathsoft 2014-02-23 11:19 - 2013-05-15 16:04 - 00000000 ____D () C:\Users\Maciek\AppData\Roaming\Day 1 Studios 2014-02-22 22:11 - 2014-02-22 22:11 - 00000000 ____D () C:\Użytkownicy 2014-02-22 20:30 - 2014-02-22 20:30 - 00000000 ____D () C:\Users\Maciek\AppData\Local\Risen2 2014-02-22 18:54 - 2014-02-22 18:54 - 00000000 ____D () C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP 2014-02-21 09:37 - 2009-07-14 06:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-02-20 20:51 - 2014-02-20 20:51 - 00000000 ____D () C:\Users\Maciek\AppData\Local\Daedalic Entertainment GmbH 2014-02-20 10:00 - 2014-02-19 23:32 - 00000000 ____D () C:\Users\Maciek\Downloads\PodryWacze.E243.Policyjna.grupa.w.akcji.2014 Some content of TEMP: ==================== C:\Users\Maciek\AppData\Local\Temp\avgnt.exe C:\Users\Maciek\AppData\Local\Temp\Awesomenauts.exe C:\Users\Maciek\AppData\Local\Temp\BingBarSetup-Partner.exe C:\Users\Maciek\AppData\Local\Temp\bitool.dll C:\Users\Maciek\AppData\Local\Temp\BRSVC_1743404_hlp.exe C:\Users\Maciek\AppData\Local\Temp\drm_dialogs.dll C:\Users\Maciek\AppData\Local\Temp\drm_dyndata_7400005.dll C:\Users\Maciek\AppData\Local\Temp\ggdrive-menu.exe C:\Users\Maciek\AppData\Local\Temp\ggdrive-overlay.exe C:\Users\Maciek\AppData\Local\Temp\installstats.exe C:\Users\Maciek\AppData\Local\Temp\Quarantine.exe C:\Users\Maciek\AppData\Local\Temp\_is9E71.exe C:\Users\Maciek\AppData\Local\Temp\_isB3CC.exe C:\Users\Maciek\AppData\Local\Temp\_isDDAA.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-03-21 12:50 ==================== End Of Log ============================