Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-11-2012 Ran by SYSTEM at 22-11-2012 18:35:19 Running from H:\ Windows 7 Home Premium (X64) OS Language: Polish The current controlset is ControlSet002 ==================== Registry (Whitelisted) =================== HKLM-x32\...\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation) HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [937920 2011-06-06] (Adobe Systems Incorporated) HKLM-x32\...\Run: [e-Kiosk] "D:\MAMA\e-Kiosk Reader\eGazetaST.exe" [x] HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.) HKU\Robert\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [1305408 2011-01-20] (DT Soft Ltd) HKU\Robert\...\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount [33120 2010-08-20] (Alcohol Soft Development Team) HKU\Robert\...\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray [1084840 2012-05-16] (Nokia) HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2010-11-20] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 94.72.64.10 94.72.64.11 ==================== Services (Whitelisted) =================== 2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [136616 2011-05-25] () 2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [66872 2012-04-08] () ==================== Drivers (Whitelisted) ===================== 1 dtsoftbus01; C:\Windows\System32\Drivers\dtsoftbus01.sys [254528 2011-10-03] (DT Soft Ltd) 3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] () 0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2012-02-23] (Duplex Secure Ltd.) 3 catchme; \??\C:\ComboFix\catchme.sys [x] 3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x] ==================== NetSvcs (Whitelisted) ==================== ==================== One Month Created Files and Folders ======== 2012-11-22 18:34 - 2012-11-22 18:34 - 00000000 ____D C:\FRST 2012-11-22 09:20 - 2012-11-22 09:20 - 00003240 ____N C:\bootsqm.dat 2012-11-16 16:36 - 2012-11-16 16:36 - 00015302 ____A C:\ComboFix.txt 2012-11-16 16:04 - 2012-11-16 16:04 - 00000000 ____D C:\Users\Robert\Documents\SimBin 2012-11-16 15:55 - 2012-11-16 15:55 - 00000628 ____A C:\Users\Robert\Desktop\Volvo - The Game.lnk 2012-11-16 15:54 - 2012-11-16 15:54 - 00000000 ____D C:\Program Files (x86)\SimBin 2012-11-16 15:54 - 2009-03-16 14:18 - 00521560 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_4.dll 2012-11-16 15:54 - 2009-03-16 14:18 - 00517448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll 2012-11-16 15:54 - 2009-03-16 14:18 - 00235352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll 2012-11-16 15:54 - 2009-03-16 14:18 - 00174936 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_4.dll 2012-11-16 15:54 - 2009-03-16 14:18 - 00073544 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_3.dll 2012-11-16 15:54 - 2009-03-16 14:18 - 00069448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll 2012-11-16 15:54 - 2009-03-16 14:18 - 00024920 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_6.dll 2012-11-16 15:54 - 2009-03-16 14:18 - 00022360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll 2012-11-16 15:54 - 2009-03-09 15:27 - 05425496 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_41.dll 2012-11-16 15:54 - 2009-03-09 15:27 - 02430312 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_41.dll 2012-11-16 15:54 - 2009-03-09 15:27 - 01846632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll 2012-11-16 15:54 - 2009-03-09 15:27 - 00520544 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_41.dll 2012-11-16 15:54 - 2009-03-09 15:27 - 00453456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll 2012-11-16 15:54 - 2008-10-15 07:03 - 00518480 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_3.dll 2012-11-16 15:54 - 2008-10-15 07:03 - 00514384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll 2012-11-16 15:54 - 2008-10-15 07:03 - 00235856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll 2012-11-16 15:54 - 2008-10-15 07:03 - 00175440 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_3.dll 2012-11-16 15:54 - 2008-10-15 07:03 - 00074576 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_2.dll 2012-11-16 15:54 - 2008-10-15 07:03 - 00070992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll 2012-11-16 15:54 - 2008-10-15 07:03 - 00025936 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_5.dll 2012-11-16 15:54 - 2008-10-15 07:03 - 00023376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll 2012-11-16 15:54 - 2008-10-15 06:22 - 05631312 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_40.dll 2012-11-16 15:54 - 2008-10-15 06:22 - 02605920 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_40.dll 2012-11-16 15:54 - 2008-10-15 06:22 - 02036576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll 2012-11-16 15:54 - 2008-10-15 06:22 - 00519000 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_40.dll 2012-11-16 15:54 - 2008-10-15 06:22 - 00452440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll 2012-11-16 15:54 - 2008-07-30 06:20 - 00513544 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_2.dll 2012-11-16 15:54 - 2008-07-30 06:20 - 00238088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll 2012-11-16 15:54 - 2008-07-30 06:20 - 00177672 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_2.dll 2012-11-16 15:54 - 2008-07-30 06:20 - 00072200 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_1.dll 2012-11-16 15:54 - 2008-07-10 11:00 - 04992520 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_39.dll 2012-11-16 15:54 - 2008-07-10 11:00 - 01942552 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_39.dll 2012-11-16 15:54 - 2008-07-10 11:00 - 00540688 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_39.dll 2012-11-16 15:54 - 2008-05-30 14:19 - 00511496 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_1.dll 2012-11-16 15:54 - 2008-05-30 14:19 - 00507400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll 2012-11-16 15:54 - 2008-05-30 14:18 - 00238088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll 2012-11-16 15:54 - 2008-05-30 14:18 - 00177672 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_1.dll 2012-11-16 15:54 - 2008-05-30 14:17 - 00068104 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_0.dll 2012-11-16 15:54 - 2008-05-30 14:17 - 00065032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll 2012-11-16 15:54 - 2008-05-30 14:17 - 00025608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll 2012-11-16 15:54 - 2008-05-30 14:16 - 00028168 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_4.dll 2012-11-16 15:54 - 2008-05-30 14:11 - 04991496 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_38.dll 2012-11-16 15:54 - 2008-05-30 14:11 - 03850760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll 2012-11-16 15:54 - 2008-05-30 14:11 - 01941528 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_38.dll 2012-11-16 15:54 - 2008-05-30 14:11 - 01491992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll 2012-11-16 15:54 - 2008-05-30 14:11 - 00540688 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_38.dll 2012-11-16 15:54 - 2008-05-30 14:11 - 00467984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll 2012-11-16 15:54 - 2008-03-05 16:04 - 00489480 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_0.dll 2012-11-16 15:54 - 2008-03-05 16:03 - 00479752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll 2012-11-16 15:54 - 2008-03-05 16:03 - 00238088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll 2012-11-16 15:54 - 2008-03-05 16:03 - 00177672 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_0.dll 2012-11-16 15:54 - 2008-03-05 16:00 - 00028168 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_3.dll 2012-11-16 15:54 - 2008-03-05 16:00 - 00025608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll 2012-11-16 15:54 - 2008-03-05 15:56 - 04910088 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_37.dll 2012-11-16 15:54 - 2008-03-05 15:56 - 03786760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll 2012-11-16 15:54 - 2008-03-05 15:56 - 01860120 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_37.dll 2012-11-16 15:54 - 2008-03-05 15:56 - 01420824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll 2012-11-16 15:54 - 2008-02-05 23:07 - 00529424 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_37.dll 2012-11-16 15:54 - 2008-02-05 23:07 - 00462864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll 2012-11-16 15:54 - 2007-10-22 03:40 - 00411656 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_10.dll 2012-11-16 15:54 - 2007-10-22 03:39 - 00267272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll 2012-11-16 15:54 - 2007-10-22 03:37 - 00021000 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_2.dll 2012-11-16 15:54 - 2007-10-22 03:37 - 00017928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll 2012-11-16 15:54 - 2007-10-12 15:14 - 05081608 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_36.dll 2012-11-16 15:54 - 2007-10-12 15:14 - 02006552 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_36.dll 2012-11-16 15:54 - 2007-10-12 15:14 - 01374232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll 2012-11-16 15:54 - 2007-10-02 09:56 - 00508264 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_36.dll 2012-11-16 15:54 - 2007-10-02 09:56 - 00444776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll 2012-11-16 15:54 - 2007-07-20 00:57 - 00411496 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_9.dll 2012-11-16 15:54 - 2007-07-20 00:57 - 00267112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll 2012-11-16 15:54 - 2007-07-19 18:14 - 05073256 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_35.dll 2012-11-16 15:54 - 2007-07-19 18:14 - 03727720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll 2012-11-16 15:54 - 2007-07-19 18:14 - 01985904 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_35.dll 2012-11-16 15:54 - 2007-07-19 18:14 - 01358192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll 2012-11-16 15:54 - 2007-07-19 18:14 - 00508264 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_35.dll 2012-11-16 15:54 - 2007-07-19 18:14 - 00444776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll 2012-11-16 15:54 - 2007-06-20 20:49 - 00409960 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_8.dll 2012-11-16 15:54 - 2007-06-20 20:46 - 00266088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll 2012-11-16 15:54 - 2007-05-16 16:45 - 04496232 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_34.dll 2012-11-16 15:54 - 2007-05-16 16:45 - 03497832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll 2012-11-16 15:54 - 2007-05-16 16:45 - 01401200 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_34.dll 2012-11-16 15:54 - 2007-05-16 16:45 - 01124720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll 2012-11-16 15:54 - 2007-05-16 16:45 - 00506728 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_34.dll 2012-11-16 15:54 - 2007-05-16 16:45 - 00443752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll 2012-11-16 15:54 - 2007-04-04 18:55 - 00403304 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_7.dll 2012-11-16 15:54 - 2007-04-04 18:55 - 00261480 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll 2012-11-16 15:54 - 2007-04-04 18:54 - 00107368 ____A (Microsoft Corporation) C:\Windows\System32\xinput1_3.dll 2012-11-16 15:54 - 2007-03-15 16:57 - 00506728 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_33.dll 2012-11-16 15:54 - 2007-03-15 16:57 - 00443752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll 2012-11-16 15:54 - 2007-03-12 16:42 - 04494184 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_33.dll 2012-11-16 15:54 - 2007-03-12 16:42 - 01400176 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_33.dll 2012-11-16 15:54 - 2007-03-12 16:42 - 01123696 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll 2012-11-16 15:54 - 2007-03-05 12:42 - 00017688 ____A (Microsoft Corporation) C:\Windows\System32\x3daudio1_1.dll 2012-11-16 15:54 - 2007-03-05 12:42 - 00015128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll 2012-11-16 15:54 - 2007-01-24 15:27 - 00393576 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_6.dll 2012-11-16 15:54 - 2007-01-24 15:27 - 00255848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll 2012-11-16 15:54 - 2006-12-08 12:02 - 00251672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll 2012-11-16 15:54 - 2006-12-08 12:00 - 00390424 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_5.dll 2012-11-16 15:54 - 2006-11-29 13:06 - 04398360 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_32.dll 2012-11-16 15:54 - 2006-11-29 13:06 - 03426072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll 2012-11-16 15:54 - 2006-11-29 13:06 - 00469264 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10.dll 2012-11-16 15:54 - 2006-11-29 13:06 - 00440080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll 2012-11-16 15:54 - 2006-09-28 16:05 - 03977496 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_31.dll 2012-11-16 15:54 - 2006-09-28 16:05 - 00237848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll 2012-11-16 15:54 - 2006-09-28 16:04 - 00364824 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_4.dll 2012-11-16 15:54 - 2006-07-28 09:31 - 00083736 ____A (Microsoft Corporation) C:\Windows\System32\xinput1_2.dll 2012-11-16 15:54 - 2006-07-28 09:30 - 00363288 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_3.dll 2012-11-16 15:54 - 2006-07-28 09:30 - 00236824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll 2012-11-16 15:54 - 2006-07-28 09:30 - 00062744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll 2012-11-16 15:54 - 2006-05-31 07:24 - 00230168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll 2012-11-16 15:54 - 2006-05-31 07:22 - 00354072 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_2.dll 2012-11-16 15:54 - 2006-03-31 12:41 - 03927248 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_30.dll 2012-11-16 15:54 - 2006-03-31 12:40 - 02388176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll 2012-11-16 15:54 - 2006-03-31 12:40 - 00352464 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_1.dll 2012-11-16 15:54 - 2006-03-31 12:39 - 00229584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll 2012-11-16 15:54 - 2006-03-31 12:39 - 00083664 ____A (Microsoft Corporation) C:\Windows\System32\xinput1_1.dll 2012-11-16 15:54 - 2006-03-31 12:39 - 00062672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll 2012-11-16 15:54 - 2006-02-03 08:43 - 03830992 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_29.dll 2012-11-16 15:54 - 2006-02-03 08:43 - 02332368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll 2012-11-16 15:54 - 2006-02-03 08:42 - 00355536 ____A (Microsoft Corporation) C:\Windows\System32\xactengine2_0.dll 2012-11-16 15:54 - 2006-02-03 08:42 - 00230096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll 2012-11-16 15:54 - 2006-02-03 08:41 - 00016592 ____A (Microsoft Corporation) C:\Windows\System32\x3daudio1_0.dll 2012-11-16 15:54 - 2006-02-03 08:41 - 00014032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll 2012-11-16 15:54 - 2005-12-05 18:09 - 03815120 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_28.dll 2012-11-16 15:54 - 2005-12-05 18:09 - 02323664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll 2012-11-16 15:54 - 2005-07-22 19:59 - 03807440 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_27.dll 2012-11-16 15:54 - 2005-07-22 19:59 - 02319568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll 2012-11-16 15:54 - 2005-05-26 15:34 - 03767504 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_26.dll 2012-11-16 15:54 - 2005-05-26 15:34 - 02297552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll 2012-11-16 15:54 - 2005-03-18 17:19 - 03823312 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_25.dll 2012-11-16 15:54 - 2005-03-18 17:19 - 02337488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll 2012-11-16 15:54 - 2005-02-05 19:45 - 03544272 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_24.dll 2012-11-16 15:54 - 2005-02-05 19:45 - 02222800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll 2012-11-14 19:21 - 2012-10-08 13:19 - 17811968 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2012-11-14 19:21 - 2012-10-08 12:42 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2012-11-14 19:21 - 2012-10-08 12:31 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2012-11-14 19:21 - 2012-10-08 12:24 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2012-11-14 19:21 - 2012-10-08 12:23 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2012-11-14 19:21 - 2012-10-08 12:22 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2012-11-14 19:21 - 2012-10-08 12:22 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2012-11-14 19:21 - 2012-10-08 12:20 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2012-11-14 19:21 - 2012-10-08 12:18 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2012-11-14 19:21 - 2012-10-08 12:17 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2012-11-14 19:21 - 2012-10-08 12:17 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2012-11-14 19:21 - 2012-10-08 12:15 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2012-11-14 19:21 - 2012-10-08 12:15 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2012-11-14 19:21 - 2012-10-08 12:13 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2012-11-14 19:21 - 2012-10-08 12:13 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2012-11-14 19:21 - 2012-10-08 12:09 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2012-11-14 19:21 - 2012-10-08 09:28 - 12320768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2012-11-14 19:21 - 2012-10-08 09:02 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2012-11-14 19:21 - 2012-10-08 08:56 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2012-11-14 19:21 - 2012-10-08 08:48 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2012-11-14 19:21 - 2012-10-08 08:48 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2012-11-14 19:21 - 2012-10-08 08:47 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2012-11-14 19:21 - 2012-10-08 08:46 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2012-11-14 19:21 - 2012-10-08 08:45 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2012-11-14 19:21 - 2012-10-08 08:44 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2012-11-14 19:21 - 2012-10-08 08:43 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2012-11-14 19:21 - 2012-10-08 08:43 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2012-11-14 19:21 - 2012-10-08 08:42 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2012-11-14 19:21 - 2012-10-08 08:41 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2012-11-14 19:21 - 2012-10-08 08:41 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2012-11-14 19:21 - 2012-10-08 08:40 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2012-11-14 19:21 - 2012-10-08 08:37 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2012-11-14 16:18 - 2012-11-16 16:36 - 00000000 ____D C:\Qoobox 2012-11-14 16:18 - 2012-11-14 16:29 - 00000000 ____D C:\Windows\erdnt 2012-11-14 16:18 - 2011-06-26 07:45 - 00256000 ____A C:\Windows\PEV.exe 2012-11-14 16:18 - 2010-11-07 18:20 - 00208896 ____A C:\Windows\MBR.exe 2012-11-14 16:18 - 2009-04-20 05:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe 2012-11-14 16:18 - 2000-08-31 01:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe 2012-11-14 16:18 - 2000-08-31 01:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe 2012-11-14 16:18 - 2000-08-31 01:00 - 00098816 ____A C:\Windows\sed.exe 2012-11-14 16:18 - 2000-08-31 01:00 - 00080412 ____A C:\Windows\grep.exe 2012-11-14 16:18 - 2000-08-31 01:00 - 00068096 ____A C:\Windows\zip.exe 2012-11-14 11:55 - 2012-10-18 19:25 - 03149824 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2012-11-14 11:55 - 2012-09-25 23:47 - 00078336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll 2012-11-14 11:55 - 2012-09-25 23:46 - 00095744 ____A (Microsoft Corporation) C:\Windows\System32\synceng.dll 2012-11-12 13:09 - 2012-11-22 18:27 - 00000000 ____D C:\Users\Robert\Desktop\Grease (1978) 2012-11-12 13:03 - 2009-08-05 22:13 - 617372659 ____A (SimBin ) C:\Users\Robert\Desktop\Volvo_TheGame_1.0_Setup.exe 2012-11-10 10:30 - 2012-11-10 10:30 - 00001131 ____A C:\Users\Robert\Desktop\GameLauncher.exe — skrót.lnk 2012-11-07 20:01 - 2012-11-07 20:01 - 00000000 ____D C:\Users\Robert\Documents\Need for Speed World 2012-11-07 07:22 - 2012-11-07 07:22 - 00004119 ____A C:\Windows\SysWOW64\jupdate-1.7.0_09-b05.log 2012-11-07 07:22 - 2012-09-24 23:16 - 00095208 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2012-11-07 07:22 - 2012-09-24 23:08 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2012-11-07 07:22 - 2012-09-24 23:07 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2012-11-05 20:29 - 2012-11-05 20:29 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Need for Speed World 2012-11-05 19:33 - 2012-11-05 19:34 - 00000000 ____D C:\Users\Robert\AppData\Local\Electronic_Arts_Inc 2012-11-05 19:33 - 2012-11-05 19:33 - 00000000 ____D C:\Users\All Users\Electronic Arts 2012-11-01 20:22 - 2012-11-02 23:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2012-10-30 21:02 - 2012-10-30 21:02 - 00000000 ____D C:\Users\Robert\Downloads\1seria 2012-10-30 21:01 - 2012-10-30 21:01 - 01124835 ____A C:\Users\Robert\Downloads\1seria.zip 2012-10-24 19:17 - 2012-10-24 19:17 - 00116988 ____A C:\Users\Robert\Downloads\SOCJOLOGIA jan turowski.rar ==================== One Month Modified Files and Folders ======= 2012-11-22 18:34 - 2012-11-22 18:34 - 00000000 ____D C:\FRST 2012-11-22 18:27 - 2012-11-12 13:09 - 00000000 ____D C:\Users\Robert\Desktop\Grease (1978) 2012-11-22 18:27 - 2012-08-12 12:58 - 00000000 ____D C:\Users\All Users\PMB Files 2012-11-22 18:27 - 2011-09-07 21:38 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2012-11-22 18:27 - 2011-09-07 02:54 - 00000000 ____D C:\users\Robert 2012-11-22 18:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\security 2012-11-22 18:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration 2012-11-22 18:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat 2012-11-22 18:26 - 2011-09-08 00:17 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Skype 2012-11-22 18:26 - 2011-09-08 00:14 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Gadu-Gadu 10 2012-11-22 18:26 - 2011-09-07 21:40 - 00000000 ____D C:\Users\All Users\NVIDIA 2012-11-22 09:20 - 2012-11-22 09:20 - 00003240 ____N C:\bootsqm.dat 2012-11-21 23:28 - 2012-02-19 18:02 - 00000000 ___AD C:\Users\Robert\Desktop\¯elazna dama 2012-11-21 17:19 - 2012-08-12 12:58 - 00000000 ____D C:\Users\Robert\AppData\Local\PMB Files 2012-11-19 23:36 - 2011-09-08 00:13 - 00000000 ____D C:\Users\All Users\OpenFM 2012-11-18 16:05 - 2011-09-08 02:49 - 01424835 ____A C:\Windows\WindowsUpdate.log 2012-11-18 16:01 - 2009-07-14 05:45 - 00010320 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2012-11-18 16:01 - 2009-07-14 05:45 - 00010320 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2012-11-18 15:43 - 2012-03-31 16:15 - 00000930 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2012-11-18 14:33 - 2009-07-14 18:55 - 00741328 ____A C:\Windows\System32\perfh015.dat 2012-11-18 14:33 - 2009-07-14 18:55 - 00155924 ____A C:\Windows\System32\perfc015.dat 2012-11-18 14:33 - 2009-07-14 06:13 - 01672256 ____A C:\Windows\System32\PerfStringBackup.INI 2012-11-18 14:29 - 2009-07-14 06:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2012-11-18 14:29 - 2009-07-14 05:51 - 00040174 ____A C:\Windows\setupact.log 2012-11-17 13:37 - 2011-09-10 11:23 - 00000000 ____D C:\Users\Robert\.gstreamer-0.10 2012-11-17 10:10 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\NDF 2012-11-16 16:38 - 2011-09-07 23:53 - 00479184 ____A C:\Windows\PFRO.log 2012-11-16 16:36 - 2012-11-16 16:36 - 00015302 ____A C:\ComboFix.txt 2012-11-16 16:36 - 2012-11-14 16:18 - 00000000 ____D C:\Qoobox 2012-11-16 16:35 - 2009-07-14 03:34 - 00000215 ____A C:\Windows\system.ini 2012-11-16 16:04 - 2012-11-16 16:04 - 00000000 ____D C:\Users\Robert\Documents\SimBin 2012-11-16 15:55 - 2012-11-16 15:55 - 00000628 ____A C:\Users\Robert\Desktop\Volvo - The Game.lnk 2012-11-16 15:54 - 2012-11-16 15:54 - 00000000 ____D C:\Program Files (x86)\SimBin 2012-11-16 15:54 - 2012-04-08 17:56 - 00078891 ____A C:\Windows\DirectX.log 2012-11-14 19:35 - 2009-07-14 05:45 - 00415552 ____A C:\Windows\System32\FNTCACHE.DAT 2012-11-14 19:28 - 2011-10-03 13:11 - 00000000 ____D C:\Users\All Users\Microsoft Help 2012-11-14 19:18 - 2011-09-07 23:05 - 66395536 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2012-11-14 19:17 - 2009-07-14 03:34 - 00000478 ____A C:\Windows\win.ini 2012-11-14 16:29 - 2012-11-14 16:18 - 00000000 ____D C:\Windows\erdnt 2012-11-10 10:30 - 2012-11-10 10:30 - 00001131 ____A C:\Users\Robert\Desktop\GameLauncher.exe — skrót.lnk 2012-11-07 20:01 - 2012-11-07 20:01 - 00000000 ____D C:\Users\Robert\Documents\Need for Speed World 2012-11-07 14:42 - 2011-09-08 00:41 - 00000000 ____D C:\Program Files (x86)\Opera 2012-11-07 07:22 - 2012-11-07 07:22 - 00004119 ____A C:\Windows\SysWOW64\jupdate-1.7.0_09-b05.log 2012-11-07 07:22 - 2012-04-13 10:44 - 00000000 ____D C:\Program Files (x86)\Java 2012-11-05 20:29 - 2012-11-05 20:29 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Need for Speed World 2012-11-05 19:34 - 2012-11-05 19:33 - 00000000 ____D C:\Users\Robert\AppData\Local\Electronic_Arts_Inc 2012-11-05 19:33 - 2012-11-05 19:33 - 00000000 ____D C:\Users\All Users\Electronic Arts 2012-11-03 09:30 - 2012-04-28 07:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2012-11-02 23:04 - 2012-11-01 20:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2012-10-30 21:02 - 2012-10-30 21:02 - 00000000 ____D C:\Users\Robert\Downloads\1seria 2012-10-30 21:01 - 2012-10-30 21:01 - 01124835 ____A C:\Users\Robert\Downloads\1seria.zip 2012-10-24 19:17 - 2012-10-24 19:17 - 00116988 ____A C:\Users\Robert\Downloads\SOCJOLOGIA jan turowski.rar ==================== Known DLLs (Whitelisted) ================= ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll [2011-09-08 20:41] - [2010-11-20 14:27] - 1008640 ____A (Microsoft Corporation) E573BD9AB55C8E333C202B9E255F972E C:\Windows\SysWOW64\User32.dll [2012-09-07 23:46] - [2012-09-07 23:46] - 0833024 ____A (Microsoft Corporation) 2C9CC9F492CA596B1B9FC1AE5E916356 C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2012-11-18 16:05:17 ==================== Memory info =========================== Percentage of memory in use: 10% Total physical RAM: 8190.18 MB Available physical RAM: 7365.42 MB Total Pagefile: 8188.32 MB Available Pagefile: 7368.21 MB Total Virtual: 8192 MB Available Virtual: 8191.9 MB ==================== Partitions ============================= 1 Drive c: () (Fixed) (Total:99.9 GB) (Free:17.69 GB) NTFS 2 Drive e: () (Fixed) (Total:500 GB) (Free:428.3 GB) NTFS 3 Drive f: () (Fixed) (Total:331.51 GB) (Free:331.41 GB) NTFS 5 Drive h: (KINGSTON) (Removable) (Total:3.65 GB) (Free:2.61 GB) FAT32 6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS 7 Drive y: (Zastrze¿one przez system) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)] Nr dysku Stan Rozmiar Wolne Dyn GPT -------- ------------- ------- ------- --- --- Dysk 0 Online 931 GB 0 B Dysk 1 Online 3745 MB 0 B Partitions of Disk 0: =============== Partycja ### Typ Rozmiar Przesuni©cie ------------- ---------------- ------- ------------ Partycja 1 Podstawowy 100 MB 1024 KB Partycja 2 Podstawowy 99 GB 101 MB Partycja 3 Podstawowy 500 GB 100 GB Partycja 4 Podstawowy 331 GB 600 GB ================================================================================== Disk: 0 Partycja 1 Typ : 07 Ukryta : Nie Aktywna : Tak Przesuni©cie w bajtach: 1048576 Wolumin ### Lit Etykieta Fs Typ Rozmiar Stan Info ----------- --- ----------- ----- ---------- ------- --------- -------- * Wolumin 1 Y Zastrze¾one NTFS Partycja 100 MB Zdrowy ========================================================= Disk: 0 Partycja 2 Typ : 07 Ukryta : Nie Aktywna : Nie Przesuni©cie w bajtach: 105906176 Wolumin ### Lit Etykieta Fs Typ Rozmiar Stan Info ----------- --- ----------- ----- ---------- ------- --------- -------- * Wolumin 2 C NTFS Partycja 99 GB Zdrowy ========================================================= Disk: 0 Partycja 3 Typ : 07 Ukryta : Nie Aktywna : Nie Przesuni©cie w bajtach: 107374182400 Wolumin ### Lit Etykieta Fs Typ Rozmiar Stan Info ----------- --- ----------- ----- ---------- ------- --------- -------- * Wolumin 3 E NTFS Partycja 500 GB Zdrowy ========================================================= Disk: 0 Partycja 4 Typ : 07 Ukryta : Nie Aktywna : Nie Przesuni©cie w bajtach: 644245094400 Wolumin ### Lit Etykieta Fs Typ Rozmiar Stan Info ----------- --- ----------- ----- ---------- ------- --------- -------- * Wolumin 4 F NTFS Partycja 331 GB Zdrowy ========================================================= Partitions of Disk 1: =============== Partycja ### Typ Rozmiar Przesuni©cie ------------- ---------------- ------- ------------ Partycja 1 Podstawowy 3741 MB 4032 KB ================================================================================== Disk: 1 Partycja 1 Typ : 0C Ukryta : Nie Aktywna : Nie Przesuni©cie w bajtach: 4128768 Wolumin ### Lit Etykieta Fs Typ Rozmiar Stan Info ----------- --- ----------- ----- ---------- ------- --------- -------- * Wolumin 5 H KINGSTON FAT32 Wymienny 3741 MB Zdrowy ========================================================= Last Boot: 2012-11-18 11:54 ==================== End Of Log =============================