Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by SYSTEM on MININT-1A36UVP on 16-10-2013 07:37:12
Running from H:\
Windows 7 Professional (X64) OS Language: Polish
Internet Explorer Version 9
Boot Mode: Recovery

The current controlset is ControlSet001
[b]ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.[/b]

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HPPowerAssistant] - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2919992 2011-01-26] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [HotKeysCmds] - C:\windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [835072 2011-01-27] (IDT, Inc.)
HKLM\...\Run: [MfeEpePcMonitor] - C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [200704 2011-02-09] ()
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2918656 2011-01-12] (ESET)
HKLM\...\RunOnce: [*Restore] - C:\windows\system32\rstrui.exe /RUNONCE [296960 2009-07-13] (Microsoft Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM-x32\...\Run: [PDF Complete] - C:\Program Files (x86)\PDF Complete\pdfsty.exe [656920 2011-02-01] (PDF Complete Inc)
HKLM-x32\...\Run: [QLBController] - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [299576 2011-01-28] (Hewlett-Packard Company)
HKLM-x32\...\Run: [File Sanitizer] - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12274688 2011-02-07] (Hewlett-Packard)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] - c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [HP HD Webcam [Fixed]_Monitor] - C:\Program Files (x86)\HP HD Webcam [Fixed]\monitor.exe [267128 2010-11-26] ()
HKLM-x32\...\Run: [DTRun] - c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [517456 2010-11-24] (ArcSoft Inc.)
HKLM-x32\...\Run: [HPConnectionManager] - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [94264 2011-04-05] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [HPQuickWebProxy] - c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [76344 2011-02-10] (Hewlett-Packard Company)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-05-22] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [540056 2012-08-08] (Lavasoft)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-11] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [hpqSRMon] - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [NPSStartup] - [x]
HKU\hp\...\Run: [OscarEditor] - C:\Program Files (x86)\OSCAR Editor\OscarEditor.exe [2865152 2008-07-30] ()
HKU\hp\...\Run: [Google Update] - C:\Users\hp\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-05-09] (Google Inc.)
HKU\hp\...\Run: [EPSON SX218 Series] - C:\windows\system32\spool\DRIVERS\x64\3\E_IATIGDE.EXE /FU "C:\windows\TEMP\E_S23C9.tmp" /EF "HKCU"
HKU\hp\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\hp\...\Run: [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-05-22] (Samsung)
HKU\hp\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1813928 2013-10-08] (Valve Corporation)
HKU\hp\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-05-22] (Samsung)
HKU\hp\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-05-22] (Samsung)
HKU\hp\...\Run: [EPSON SX218 Series (Kopia 1)] - C:\windows\system32\spool\DRIVERS\x64\3\E_IATIGDE.EXE /FU "C:\windows\TEMP\E_S371E.tmp" /EF "HKCU"
HKU\hp\...\Run: [Akamai NetSession Interface] - C:\Users\hp\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-04] (Akamai Technologies, Inc.)
Lsa: [Notification Packages] EpePcNp64 DPPassFilter scecli

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [481104 2011-02-11] (DigitalPersona, Inc.)
S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [42360 2011-01-12] (ESET)
S2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [810144 2011-01-12] (ESET)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [464480 2011-02-03] (Hewlett-Packard Company)
S3 HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2011-01-12] (Hewlett-Packard Development Company, L.P)
S2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company)
S2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [281656 2011-01-28] (Hewlett-Packard Company)
S2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1318912 2011-02-09] ()
S2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
S2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-10] (ArcSoft, Inc.)
S2 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-03-07] (Xobni Corporation)

==================== Drivers (Whitelisted) ====================

S3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-10] (ArcSoft, Inc.)
S3 BTMNET; C:\Windows\System32\DRIVERS\btmnet.sys [30208 2010-07-16] (Motorola, Inc.)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [63336 2011-02-07] (Hewlett-Packard Company)
S1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-27] (DT Soft Ltd)
S2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [170640 2010-12-21] (ESET)
S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [141264 2010-12-21] (ESET)
S2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [125296 2010-12-21] (ESET)
S3 FsUsbExDisk; C:\windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-05-22] ()
S3 FsUsbExDisk; C:\windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-05-22] ()
S0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [168008 2011-02-09] (McAfee, Inc.)
S2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-26] (CACE Technologies, Inc.)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2012-05-01] (Duplex Secure Ltd.)
S3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2611704 2011-01-12] (Sunplus Technology)
S1 SBRE; \??\C:\windows\system32\drivers\SBREdrv.sys [x]
S3 usj; \??\C:\AeriaGames\EdenEternal\avital\ussjcs64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-16 07:36 - 2013-10-16 07:36 - 00000000 ____D C:\FRST
2013-10-09 04:31 - 2013-10-10 06:12 - 00000000 ____D C:\Users\hp\Desktop\Block_A serwis
2013-10-07 00:57 - 2013-10-07 01:16 - 00000000 ____D C:\Users\hp\Desktop\+72m
2013-10-06 19:41 - 2013-10-14 07:09 - 00000728 _____ C:\Windows\setupact.log
2013-10-06 19:41 - 2013-10-06 19:41 - 00000000 _____ C:\Windows\setuperr.log
2013-10-06 11:15 - 2013-10-06 11:15 - 00179816 _____ C:\Users\hp\Documents\cc_20131006_211520.reg
2013-10-06 11:15 - 2013-10-06 11:15 - 00000082 _____ C:\Users\hp\Documents\cc_20131006_211510.reg
2013-10-02 11:19 - 2013-10-02 12:40 - 00002678 _____ C:\Users\hp\Downloads\MULTIMAX_AQUARIUS_12865597_130501_131002.csv
2013-09-30 21:48 - 2013-09-30 21:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-24 23:45 - 2013-09-24 23:45 - 00000000 ____D C:\Users\hp\Desktop\rys. STABATEC

==================== One Month Modified Files and Folders =======

2013-10-16 07:36 - 2013-10-16 07:36 - 00000000 ____D C:\FRST
2013-10-16 07:11 - 2013-09-04 09:34 - 00000000 ____D C:\Users\hp\AppData\Local\Akamai
2013-10-16 07:11 - 2012-04-16 04:48 - 00000000 ____D C:\users\hp
2013-10-16 07:11 - 2011-05-09 17:51 - 00000000 ____D C:\ProgramData\FLEXnet
2013-10-16 07:11 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\AppCompat
2013-10-16 07:10 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2013-10-15 07:19 - 2011-05-09 17:55 - 00000000 ____D C:\ProgramData\PDFC
2013-10-15 06:30 - 2012-04-18 01:08 - 00000000 ____D C:\Users\hp\Documents\Pliki programu Outlook
2013-10-15 06:29 - 2013-07-21 20:00 - 00183162 _____ C:\Users\hp\Desktop\ZESTAWIENIE_ZUSATZARBEITEN wersja 19.09.2012 Rafał.xlsx
2013-10-14 20:46 - 2012-05-16 11:53 - 00001040 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-14 20:46 - 2012-05-09 09:15 - 00001046 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-213107383-3148883814-2946656539-1001UA.job
2013-10-14 19:46 - 2012-05-16 11:53 - 00001036 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-14 19:46 - 2012-05-09 09:15 - 00000994 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-213107383-3148883814-2946656539-1001Core.job
2013-10-14 19:41 - 2012-05-16 11:53 - 00004036 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-14 19:41 - 2012-05-16 11:53 - 00003784 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-14 19:41 - 2012-05-09 09:15 - 00004010 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-213107383-3148883814-2946656539-1001UA
2013-10-14 19:41 - 2012-05-09 09:15 - 00003614 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-213107383-3148883814-2946656539-1001Core
2013-10-14 07:17 - 2009-07-13 20:45 - 00020944 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-14 07:17 - 2009-07-13 20:45 - 00020944 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-14 07:12 - 2012-10-09 06:19 - 01790145 _____ C:\Windows\WindowsUpdate.log
2013-10-14 07:09 - 2013-10-06 19:41 - 00000728 _____ C:\Windows\setupact.log
2013-10-14 07:09 - 2013-07-08 06:03 - 00000000 ____D C:\Program Files (x86)\Steam
2013-10-14 07:09 - 2012-10-09 01:44 - 00000000 ____D C:\ProgramData\Ad-Aware Browsing Protection
2013-10-14 07:09 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-10 21:06 - 2012-04-26 09:07 - 00000000 ____D C:\Users\hp\Documents\prywatne
2013-10-10 20:09 - 2012-04-23 10:34 - 00000000 ____D C:\Users\hp\AppData\Roaming\Skype
2013-10-10 06:19 - 2012-07-12 01:57 - 00000000 ____D C:\Users\hp\Desktop\Nowy folder (3)
2013-10-10 06:12 - 2013-10-09 04:31 - 00000000 ____D C:\Users\hp\Desktop\Block_A serwis
2013-10-10 05:31 - 2013-01-22 23:52 - 00000672 _____ C:\Users\hp\Documents\plot.log
2013-10-10 05:12 - 2012-04-28 01:44 - 00000000 ____D C:\Users\hp\Desktop\Nowy folder
2013-10-10 05:11 - 2011-05-09 17:48 - 00742932 _____ C:\Windows\System32\perfh015.dat
2013-10-10 05:11 - 2011-05-09 17:48 - 00156566 _____ C:\Windows\System32\perfc015.dat
2013-10-10 05:11 - 2009-07-13 21:13 - 01671400 _____ C:\Windows\System32\PerfStringBackup.INI
2013-10-09 05:54 - 2012-04-23 04:36 - 00000000 ____D C:\Users\hp\AppData\Roaming\Mozilla
2013-10-08 23:05 - 2012-04-25 01:18 - 00000000 ____D C:\Users\hp\Desktop\Rafał M
2013-10-08 02:04 - 2013-08-05 23:53 - 00038164 _____ C:\Users\hp\Desktop\BA-099 Anlage Entfernen von Gitterrosten 130711.xlsm
2013-10-07 01:16 - 2013-10-07 00:57 - 00000000 ____D C:\Users\hp\Desktop\+72m
2013-10-06 19:41 - 2013-10-06 19:41 - 00000000 _____ C:\Windows\setuperr.log
2013-10-06 11:15 - 2013-10-06 11:15 - 00179816 _____ C:\Users\hp\Documents\cc_20131006_211520.reg
2013-10-06 11:15 - 2013-10-06 11:15 - 00000082 _____ C:\Users\hp\Documents\cc_20131006_211510.reg
2013-10-06 11:09 - 2012-05-09 00:45 - 00000000 ____D C:\Users\hp\AppData\Roaming\DAEMON Tools Lite
2013-10-06 11:08 - 2013-06-15 05:59 - 00000000 ____D C:\Windows\Minidump
2013-10-06 11:08 - 2012-07-09 03:43 - 00000000 ____D C:\Users\hp\AppData\Local\CrashDumps
2013-10-04 22:40 - 2013-09-04 10:33 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-10-03 02:07 - 2012-04-16 04:56 - 00000000 ____D C:\Users\hp\Documents\Moje odebrane pliki
2013-10-02 12:40 - 2013-10-02 11:19 - 00002678 _____ C:\Users\hp\Downloads\MULTIMAX_AQUARIUS_12865597_130501_131002.csv
2013-10-01 19:40 - 2013-09-04 09:34 - 00000000 ____D C:\AeriaGames
2013-10-01 19:36 - 2012-05-03 10:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-01 08:02 - 2012-04-23 04:36 - 00000000 ____D C:\Users\hp\AppData\Local\Mozilla
2013-09-30 21:59 - 2013-01-30 10:37 - 00023349 _____ C:\Users\hp\Desktop\Bezet.xlsx
2013-09-30 21:48 - 2013-09-30 21:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-30 20:59 - 2013-07-30 02:49 - 00116206 ____R C:\Users\hp\Desktop\VT A-381.xlsx
2013-09-28 22:25 - 2013-01-06 03:56 - 00000000 ____D C:\GOG Games
2013-09-25 02:40 - 2013-07-10 03:33 - 00040384 _____ C:\Users\hp\Desktop\1.sly
2013-09-24 23:45 - 2013-09-24 23:45 - 00000000 ____D C:\Users\hp\Desktop\rys. STABATEC

==================== Known DLLs (Whitelisted) ================

[2009-07-13 15:38] - [2009-07-13 17:41] - 0041984 ____A () C:\Windows\System32\LPK.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

4
Restore point made on: 2013-10-03 20:50:43
Restore point made on: 2013-10-04 22:40:15
Restore point made on: 2013-10-13 22:15:56
Restore point made on: 2013-10-14 20:58:04

==================== Memory info =========================== 

Percentage of memory in use: 16%
Total physical RAM: 4030.37 MB
Available physical RAM: 3374.25 MB
Total Pagefile: 4028.52 MB
Available Pagefile: 3374.56 MB
Total Virtual: 8192 MB
Available Virtual: 8191.87 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:676.2 GB) (Free:393.49 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_RECOVERY) (Fixed) (Total:17.14 GB) (Free:2.59 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:4.98 GB) (Free:2.13 GB) FAT32
Drive h: (FLASHPEN) (Removable) (Total:0.95 GB) (Free:0.63 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.12 GB) (Free:0.12 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.25 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 5DF0BA83)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=676 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=5 GB) - (Type=0C)

========================================================
Disk: 1 (Size: 979 MB) (Disk ID: 00000000)
Partition 1: (Active) - (Size=979 MB) - (Type=0B)


LastRegBack: 2013-10-10 22:24

==================== End Of Log ============================