Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-12-2014 Ran by SYSTEM on MiniXP on 04-12-2014 21:57:57 Running from C:\Users\AiR\Downloads Platform: Windows 7 Home Premium (X86) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Recovery The current controlset is ControlSet002 [b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b] Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5075104 2014-02-24] (ESET) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation) HKU\AiR\...\Run: [ALLUpdate] => C:\Program Files\ALLPlayer\ALLUpdate.exe [2765256 2014-11-03] (ALLPlayer Group Ltd.) ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1343408 2014-02-24] (ESET) S2 FoxitCloudUpdateService; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242912 2014-09-11] (Foxit Software Inc.) S2 TuneUp.UtilitiesSvc; "C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe" [X] S2 UxTuneUp; %SystemRoot%\System32\uxtuneup.dll [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 CisUtMonitor; C:\Windows\System32\DRIVERS\CisUtMonitor.sys [27600 2014-08-07] (CrystalIdea Software) S1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [188808 2013-09-17] (ESET) S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [134248 2013-09-17] (ESET) S2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [174400 2013-09-17] (ESET) S1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37416 2013-09-17] (ESET) S0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [49240 2013-09-17] (ESET) S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] () S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-13] (Ralink Technology Corp.) S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [507136 2006-12-05] (PixArt Imaging Inc.) S4 nvvad_WaveExtensible; system32\drivers\nvvad32v.sys [X] S3 TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-04 14:06 - 2014-12-04 14:07 - 01110016 _____ (Farbar) C:\Users\AiR\Downloads\FRST(1).exe 2014-12-04 10:41 - 2014-12-04 10:41 - 00031462 _____ () C:\Users\AiR\Downloads\Shortcut.txt 2014-12-04 10:37 - 2014-12-04 10:41 - 00018856 _____ () C:\Users\AiR\Downloads\Addition.txt 2014-12-04 10:36 - 2014-12-04 21:57 - 00003102 _____ () C:\Users\AiR\Downloads\FRST.txt 2014-12-04 10:36 - 2014-12-04 21:55 - 00000000 ____D () C:\FRST 2014-12-03 22:14 - 2014-12-03 22:14 - 00014997 _____ () C:\Users\AiR\Downloads\Niezniszczalni 3 - The Expendables 3 2014 [TC] [BDRip] [XviD-KiT] [Lektor PL][Torrenty.org].torrent 2014-12-03 22:14 - 2014-12-03 22:14 - 00003095 _____ () C:\Users\AiR\Downloads\Colfer Eoin - Kompleks Atlantydy [PDF] [PL][Torrenty.org].torrent 2014-12-03 00:30 - 2014-12-03 00:32 - 05734906 _____ () C:\Users\AiR\Downloads\milionik.rar 2014-12-02 23:15 - 2014-12-02 23:15 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-12-01 22:54 - 2014-12-01 22:54 - 00003247 _____ () C:\Users\AiR\Downloads\Jak uzywac auta podczas mrozu [PDF] [PL][Torrenty.org].torrent 2014-12-01 22:32 - 2014-12-01 22:35 - 11292301 _____ () C:\Users\AiR\Downloads\Ian Douglas - Star Carrier #5 - Ciemna materia.rar 2014-11-30 20:45 - 2014-11-30 20:46 - 21912282 _____ () C:\Users\AiR\Downloads\hd-converter-pro.zip 2014-11-30 20:43 - 2014-11-30 20:43 - 21679360 _____ () C:\Users\AiR\Downloads\video-converter-pro.zip 2014-11-30 20:13 - 2014-11-30 20:13 - 00002661 _____ () C:\Users\AiR\Downloads\Nonstead - Mortka Marcin [PDF MOBI EPUB] [PL][Torrenty.org].torrent 2014-11-30 20:10 - 2014-11-30 20:10 - 00004909 _____ () C:\Users\AiR\Downloads\Tablet w samochodzie - zrob to sam [PDF] [PL][Torrenty.org].torrent 2014-11-30 20:10 - 2014-11-30 20:10 - 00004331 _____ () C:\Users\AiR\Downloads\Test 10 opon zimowych do auta [PDF] [PL][Torrenty.org].torrent 2014-11-30 20:10 - 2014-11-30 20:10 - 00003829 _____ () C:\Users\AiR\Downloads\Jak zamontowac czujniki parkowania w aucie [PDF] [PL][Torrenty.org].torrent 2014-11-29 22:59 - 2014-11-29 23:01 - 03673242 _____ () C:\Users\AiR\Downloads\sruba.rar 2014-11-26 11:37 - 2014-11-26 11:37 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2014-11-24 19:33 - 2014-11-24 19:35 - 02378489 _____ () C:\Users\AiR\Downloads\Dan Simmons - Terror.epub 2014-11-23 18:02 - 2014-11-23 18:13 - 09931878 _____ () C:\Users\AiR\Downloads\Julia Bernard - Czarownice z Wolfensteinu. Pierścień i sito._Pobrane_z_5fantastic.pl_.rar 2014-11-23 18:02 - 2014-11-23 18:04 - 06747833 _____ () C:\Users\AiR\Downloads\wyborek.rar 2014-11-19 16:34 - 2014-11-11 02:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll 2014-11-19 16:34 - 2014-11-11 02:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\System32\pku2u.dll 2014-11-18 19:38 - 2014-11-18 19:38 - 02314347 _____ () C:\Users\AiR\Downloads\mata1i2.rar 2014-11-18 01:22 - 2014-11-18 01:22 - 00257220 _____ () C:\Windows\msxml4-KB2758694-enu.LOG 2014-11-17 22:58 - 2014-11-17 22:58 - 00000000 ____D () C:\Program Files\K-Lite Codec Pack 2014-11-17 22:58 - 2014-11-03 12:39 - 00218712 _____ () C:\Windows\System32\unrar.dll 2014-11-17 22:35 - 2014-11-17 22:35 - 00000981 _____ () C:\Users\AiR\Desktop\ALLPlayer.lnk 2014-11-17 22:35 - 2014-11-17 22:35 - 00000000 ____D () C:\Program Files\Napisy24 2014-11-17 22:35 - 2014-11-17 22:35 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-11-17 22:35 - 2011-06-02 00:10 - 00644608 _____ () C:\Windows\System32\xvidcore.dll 2014-11-17 22:34 - 2014-11-17 22:35 - 00000000 ____D () C:\Program Files\ALLPlayer 2014-11-17 22:34 - 2013-04-05 19:26 - 02106368 _____ () C:\Windows\System32\ac3filter.ax 2014-11-17 22:34 - 2013-04-05 19:26 - 00276992 _____ (IntelleSoft) C:\Windows\System32\BugTrap.dll 2014-11-17 22:34 - 2007-10-07 13:36 - 00258048 _____ () C:\Windows\System32\libFLAC.dll 2014-11-17 21:54 - 2014-11-17 21:54 - 00000000 ____D () C:\Users\AiR\AppData\Roaming\Nero 2014-11-17 21:53 - 2014-11-17 21:53 - 00002889 _____ () C:\Users\Public\Desktop\Nero 2014.lnk 2014-11-17 21:52 - 2014-11-17 21:53 - 00000000 ____D () C:\Program Files\Common Files\Nero 2014-11-17 21:52 - 2014-11-17 21:52 - 00000000 ____D () C:\Program Files\Nero 2014-11-17 21:40 - 2014-11-17 21:40 - 00000000 ____D () C:\Program Files\MSXML 4.0 2014-11-17 21:39 - 2010-05-26 10:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_43.dll 2014-11-17 21:39 - 2010-05-26 10:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\System32\d3dcsx_43.dll 2014-11-17 21:11 - 2014-11-17 21:11 - 00000000 ____D () C:\Users\AiR\AppData\Local\My Games 2014-11-17 21:11 - 2009-09-04 16:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_5.dll 2014-11-17 21:11 - 2009-09-04 16:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_5.dll 2014-11-17 21:11 - 2009-09-04 16:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\System32\XAPOFX1_3.dll 2014-11-17 21:11 - 2009-09-04 16:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\System32\d3dcsx_42.dll 2014-11-17 21:11 - 2009-09-04 16:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_42.dll 2014-11-17 21:11 - 2009-09-04 16:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_42.dll 2014-11-17 21:11 - 2009-09-04 16:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_42.dll 2014-11-17 21:11 - 2009-09-04 16:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\System32\d3dx11_42.dll 2014-11-17 21:11 - 2009-03-16 13:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_4.dll 2014-11-17 21:11 - 2009-03-16 13:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_4.dll 2014-11-17 21:11 - 2009-03-16 13:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\System32\X3DAudio1_6.dll 2014-11-17 21:11 - 2009-03-09 14:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_41.dll 2014-11-17 21:11 - 2009-03-09 14:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_41.dll 2014-11-17 21:11 - 2009-03-09 14:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_41.dll 2014-11-17 21:11 - 2008-10-27 09:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_3.dll 2014-11-17 21:11 - 2008-10-27 09:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_3.dll 2014-11-17 21:11 - 2008-10-27 09:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\System32\XAPOFX1_2.dll 2014-11-17 21:11 - 2008-10-27 09:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\System32\X3DAudio1_5.dll 2014-11-17 21:11 - 2008-10-15 05:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_40.dll 2014-11-17 21:11 - 2008-10-15 05:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_40.dll 2014-11-17 21:11 - 2008-10-15 05:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_40.dll 2014-11-17 21:11 - 2008-07-31 09:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_2.dll 2014-11-17 21:11 - 2008-07-31 09:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\System32\XAPOFX1_1.dll 2014-11-17 21:11 - 2008-07-31 09:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_2.dll 2014-11-17 21:11 - 2008-07-10 10:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_39.dll 2014-11-17 21:11 - 2008-07-10 10:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_39.dll 2014-11-17 21:11 - 2008-07-10 10:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_39.dll 2014-11-17 21:11 - 2008-05-30 13:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_1.dll 2014-11-17 21:11 - 2008-05-30 13:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_1.dll 2014-11-17 21:11 - 2008-05-30 13:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\System32\XAPOFX1_0.dll 2014-11-17 21:11 - 2008-05-30 13:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\System32\X3DAudio1_4.dll 2014-11-17 21:11 - 2008-05-30 13:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_38.dll 2014-11-17 21:11 - 2008-05-30 13:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_38.dll 2014-11-17 21:11 - 2008-05-30 13:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_38.dll 2014-11-17 21:11 - 2008-03-05 15:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_0.dll 2014-11-17 21:11 - 2008-03-05 15:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_0.dll 2014-11-17 21:11 - 2008-03-05 15:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\System32\X3DAudio1_3.dll 2014-11-17 21:11 - 2008-03-05 14:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_37.dll 2014-11-17 21:11 - 2008-03-05 14:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_37.dll 2014-11-17 21:11 - 2008-02-05 22:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_37.dll 2014-11-17 21:11 - 2007-10-22 02:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_10.dll 2014-11-17 21:11 - 2007-10-22 02:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\System32\X3DAudio1_2.dll 2014-11-17 21:11 - 2007-10-12 14:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_36.dll 2014-11-17 21:11 - 2007-10-12 14:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_36.dll 2014-11-17 21:11 - 2007-10-02 08:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_36.dll 2014-11-17 21:11 - 2007-07-19 23:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_9.dll 2014-11-17 21:11 - 2007-07-19 17:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_35.dll 2014-11-17 21:11 - 2007-07-19 17:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_35.dll 2014-11-17 21:11 - 2007-07-19 17:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_35.dll 2014-11-17 21:11 - 2007-06-20 19:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_8.dll 2014-11-17 21:11 - 2007-05-16 15:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_34.dll 2014-11-17 21:11 - 2007-05-16 15:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_34.dll 2014-11-17 21:11 - 2007-05-16 15:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_34.dll 2014-11-17 21:11 - 2007-04-04 17:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_7.dll 2014-11-17 21:11 - 2007-04-04 17:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\System32\xinput1_3.dll 2014-11-17 21:11 - 2007-03-15 15:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_33.dll 2014-11-17 21:11 - 2007-03-12 15:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_33.dll 2014-11-17 21:11 - 2007-03-12 15:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_33.dll 2014-11-17 21:11 - 2007-03-05 11:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\System32\x3daudio1_1.dll 2014-11-17 21:11 - 2007-01-24 14:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_6.dll 2014-11-17 21:11 - 2006-12-08 11:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_5.dll 2014-11-17 21:11 - 2006-11-29 12:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_32.dll 2014-11-17 21:11 - 2006-11-29 12:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10.dll 2014-11-17 21:11 - 2006-09-28 15:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_31.dll 2014-11-17 21:11 - 2006-09-28 15:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_4.dll 2014-11-17 21:11 - 2006-07-28 08:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_3.dll 2014-11-17 21:11 - 2006-07-28 08:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\System32\xinput1_2.dll 2014-11-17 21:11 - 2006-05-31 06:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_2.dll 2014-11-17 21:11 - 2006-03-31 11:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_30.dll 2014-11-17 21:11 - 2006-03-31 11:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_1.dll 2014-11-17 21:11 - 2006-03-31 11:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\System32\xinput1_1.dll 2014-11-17 21:11 - 2006-02-03 07:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_29.dll 2014-11-17 21:11 - 2006-02-03 07:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_0.dll 2014-11-17 21:11 - 2006-02-03 07:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\System32\x3daudio1_0.dll 2014-11-17 21:11 - 2005-12-05 17:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_28.dll 2014-11-17 21:11 - 2005-07-22 18:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_27.dll 2014-11-17 21:11 - 2005-05-26 14:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_26.dll 2014-11-17 21:11 - 2005-03-18 16:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_25.dll 2014-11-17 21:11 - 2005-02-05 18:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_24.dll 2014-11-16 20:53 - 2014-11-16 20:54 - 06918856 _____ () C:\Users\AiR\Downloads\Cholewa Michał - Gambit #3 - Forta.rar 2014-11-16 00:40 - 2014-11-16 00:42 - 06885417 _____ () C:\Users\AiR\Downloads\Antologia - Epidemie i zarazy.rar 2014-11-15 23:30 - 2014-11-15 23:31 - 04355074 _____ () C:\Users\AiR\Downloads\Herbert Frank, Raksom Bill - _wiat Pandory #1 - Epizod z Jezusem.rar 2014-11-15 19:57 - 2014-11-15 19:57 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2014-11-15 19:56 - 2014-12-04 10:56 - 00000000 ____D () C:\Program Files\Steam 2014-11-15 19:56 - 2014-11-20 23:46 - 00000000 ____D () C:\Program Files\Common Files\Steam 2014-11-15 19:56 - 2014-11-15 19:56 - 00000925 _____ () C:\Users\Public\Desktop\Steam.lnk 2014-11-15 19:30 - 2014-11-15 19:30 - 00096680 _____ (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll 2014-11-15 19:30 - 2014-11-15 19:30 - 00000000 ____D () C:\Program Files\Java 2014-11-15 19:30 - 2014-11-15 19:30 - 00000000 ____D () C:\Program Files\Common Files\Java 2014-11-15 17:53 - 2014-11-25 19:55 - 00000000 ____D () C:\Users\AiR\AppData\Roaming\Foxit Software 2014-11-15 17:53 - 2014-11-15 17:53 - 00002095 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk 2014-11-15 17:53 - 2014-11-15 17:53 - 00000000 ____D () C:\Users\Public\Foxit Software 2014-11-15 17:53 - 2014-11-15 17:53 - 00000000 ____D () C:\Program Files\Foxit Software 2014-11-14 23:03 - 2014-11-14 23:03 - 07092395 _____ () C:\Users\AiR\Downloads\Kamsza Wiera - Odblaski Eterny 02 - Od wojny do wojny.rar 2014-11-14 23:03 - 2014-11-14 23:03 - 04154382 _____ () C:\Users\AiR\Downloads\Raduchowska Martyna - Szamanka od umarlaków 01.rar 2014-11-14 23:03 - 2014-11-14 23:03 - 04017862 _____ () C:\Users\AiR\Downloads\Beckett Chris - Ciemny Eden.rar 2014-11-14 23:03 - 2014-11-14 23:03 - 03929078 _____ () C:\Users\AiR\Downloads\Resnick Mike - Egzekutor 2 - Powrót Egzekutora.rar 2014-11-14 23:03 - 2014-11-14 23:03 - 01709642 _____ () C:\Users\AiR\Downloads\Martyna Raduchowska - Demon luster.epub 2014-11-14 23:02 - 2014-11-14 23:03 - 06589144 _____ () C:\Users\AiR\Downloads\Vandermeer Jeff - Unicestwienie.rar 2014-11-14 23:02 - 2014-11-14 23:02 - 11688743 _____ () C:\Users\AiR\Downloads\Kittredge Caitlin - Żelazny Kodeks 01 Zelazny cierń.rar 2014-11-14 23:02 - 2014-11-14 23:02 - 03652038 _____ () C:\Users\AiR\Downloads\Dibben Damian - Strażnicy historii 03 - Chiński ekspres.rar 2014-11-14 23:02 - 2014-11-14 23:02 - 02720918 _____ () C:\Users\AiR\Downloads\C J - 005.rar 2014-11-14 21:12 - 2014-11-27 22:46 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe 2014-11-14 21:12 - 2014-11-27 22:46 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl 2014-11-14 21:12 - 2014-11-14 21:12 - 00000000 ____D () C:\Windows\System32\Macromed 2014-11-14 21:12 - 2014-11-14 21:12 - 00000000 ____D () C:\Users\AiR\AppData\Roaming\Macromedia 2014-11-14 21:12 - 2014-11-14 21:12 - 00000000 ____D () C:\Users\AiR\AppData\Local\Macromedia 2014-11-14 21:11 - 2014-11-14 21:12 - 00000000 ____D () C:\Users\AiR\AppData\Local\Adobe 2014-11-12 21:29 - 2014-11-12 21:29 - 00000000 ____D () C:\Users\AiR\AppData\Roaming\NVIDIA 2014-11-12 21:24 - 2014-11-29 14:42 - 00000000 ____D () C:\Users\AiR\Documents\TG 2014-11-12 19:54 - 2014-11-12 19:55 - 00001348 _____ () C:\Users\AiR\Desktop\TheBat.lnk 2014-11-12 19:26 - 2014-11-12 19:26 - 00000000 ____D () C:\Users\AiR\AppData\Roaming\The Bat! 2014-11-12 19:25 - 2014-11-12 19:25 - 00000000 ____D () C:\Program Files\The Bat! 2014-11-12 19:16 - 2014-11-07 19:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2014-11-12 19:16 - 2014-11-06 03:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2014-11-12 19:16 - 2014-11-06 03:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll 2014-11-12 19:16 - 2014-11-06 03:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2014-11-12 19:16 - 2014-11-06 03:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2014-11-12 19:16 - 2014-11-06 03:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll 2014-11-12 19:16 - 2014-11-06 03:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2014-11-12 19:16 - 2014-11-06 03:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll 2014-11-12 19:16 - 2014-11-06 03:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2014-11-12 19:16 - 2014-11-06 03:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2014-11-12 19:16 - 2014-11-06 03:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2014-11-12 19:16 - 2014-11-06 03:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll 2014-11-12 19:16 - 2014-11-06 02:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2014-11-12 19:16 - 2014-11-06 02:59 - 00102912 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe 2014-11-12 19:16 - 2014-11-06 02:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll 2014-11-12 19:16 - 2014-11-06 02:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe 2014-11-12 19:16 - 2014-11-06 02:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll 2014-11-12 19:16 - 2014-11-06 02:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll 2014-11-12 19:16 - 2014-11-06 02:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll 2014-11-12 19:16 - 2014-11-06 02:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2014-11-12 19:16 - 2014-11-06 02:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll 2014-11-12 19:16 - 2014-11-06 02:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2014-11-12 19:16 - 2014-11-06 02:22 - 00683008 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2014-11-12 19:16 - 2014-11-06 02:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2014-11-12 19:16 - 2014-11-06 02:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2014-11-12 19:16 - 2014-11-06 02:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll 2014-11-12 19:16 - 2014-11-06 02:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2014-11-12 19:16 - 2014-11-06 01:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll 2014-11-12 19:16 - 2014-11-06 01:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2014-11-12 19:16 - 2014-11-06 01:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2014-11-12 19:15 - 2014-11-05 17:50 - 00254464 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll 2014-11-12 19:15 - 2014-11-05 17:50 - 00203776 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll 2014-11-12 19:15 - 2014-11-05 17:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll 2014-11-12 19:15 - 2014-10-25 01:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\System32\packager.dll 2014-11-12 19:15 - 2014-10-18 01:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\System32\oleaut32.dll 2014-11-12 19:15 - 2014-10-14 01:56 - 00136632 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys 2014-11-12 19:15 - 2014-10-14 01:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\System32\msi.dll 2014-11-12 19:15 - 2014-10-14 01:50 - 01059840 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll 2014-11-12 19:15 - 2014-10-14 01:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\System32\termsrv.dll 2014-11-12 19:15 - 2014-10-14 01:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\System32\msaudite.dll 2014-11-12 19:15 - 2014-10-14 01:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\System32\adtschema.dll 2014-11-12 19:15 - 2014-10-10 00:45 - 02379264 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys 2014-11-12 19:15 - 2014-10-03 01:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\System32\audiosrv.dll 2014-11-12 19:15 - 2014-10-03 01:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\System32\AUDIOKSE.dll 2014-11-12 19:15 - 2014-10-03 01:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\System32\AudioEng.dll 2014-11-12 19:15 - 2014-10-03 01:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\System32\EncDump.dll 2014-11-12 19:15 - 2014-10-03 01:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\AudioSes.dll 2014-11-12 19:15 - 2014-09-19 09:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll 2014-11-12 19:15 - 2014-09-19 09:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll 2014-11-12 19:15 - 2014-09-19 09:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll 2014-11-12 19:15 - 2014-09-19 09:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\System32\wdigest.dll 2014-11-12 19:15 - 2014-09-19 09:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll 2014-11-12 19:15 - 2014-09-19 09:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll 2014-11-12 19:15 - 2014-08-21 06:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\System32\msxml3.dll 2014-11-12 19:15 - 2014-08-21 06:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\msxml3r.dll 2014-11-12 19:15 - 2014-08-12 01:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\System32\IMJP10K.DLL ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-04 21:55 - 2014-10-26 09:48 - 00000000 ____D () C:\users\AiR 2014-12-04 20:44 - 2009-07-14 04:39 - 00030203 _____ () C:\Windows\setupact.log 2014-12-04 14:24 - 2009-07-14 04:34 - 00028128 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-12-04 14:24 - 2009-07-14 04:34 - 00028128 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-12-04 14:21 - 2011-04-12 05:08 - 00740422 _____ () C:\Windows\System32\perfh015.dat 2014-12-04 14:21 - 2011-04-12 05:08 - 00155996 _____ () C:\Windows\System32\perfc015.dat 2014-12-04 14:21 - 2010-11-20 21:01 - 01670518 _____ () C:\Windows\System32\PerfStringBackup.INI 2014-12-04 14:16 - 2014-10-26 09:48 - 01392171 _____ () C:\Windows\WindowsUpdate.log 2014-12-03 21:34 - 2014-10-26 12:38 - 00125399 _____ () C:\Users\AiR\Documents\0 budzet.xlsx 2014-12-03 21:24 - 2014-10-26 11:29 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-12-03 00:16 - 2014-10-26 12:38 - 00001068 _____ () C:\Users\AiR\Documents\rki.txt 2014-11-24 13:04 - 2014-10-26 10:32 - 00229000 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe 2014-11-20 21:53 - 2014-10-26 12:43 - 00000000 ____D () C:\Users\AiR\AppData\Local\HP 2014-11-20 21:45 - 2014-10-26 12:38 - 00082128 _____ () C:\Users\AiR\Documents\gondek 2014v1.xlsx 2014-11-20 15:03 - 2014-10-26 12:19 - 00000000 ____D () C:\Users\AiR\AppData\Local\Microsoft Help 2014-11-18 00:13 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\System32\pl-PL 2014-11-17 22:56 - 2014-10-26 10:09 - 00000000 ____D () C:\z programy 2014-11-17 21:53 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\Cursors 2014-11-17 21:11 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-11-17 21:11 - 2009-07-14 02:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-11-15 17:53 - 2009-07-14 02:37 - 00000000 ___RD () C:\users\Public 2014-11-15 16:44 - 2010-11-20 21:48 - 00026222 _____ () C:\Windows\PFRO.log 2014-11-13 02:52 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\rescache 2014-11-12 22:00 - 2009-07-14 02:37 - 00000000 ____D () C:\Windows\System32\NDF 2014-11-12 21:33 - 2014-10-26 09:50 - 00086144 _____ () C:\Users\AiR\AppData\Local\GDIPFONTCACHEV1.DAT 2014-11-12 21:29 - 2014-10-26 10:39 - 00000000 ____D () C:\Users\AiR\AppData\Local\NVIDIA Corporation 2014-11-12 19:21 - 2009-07-14 04:33 - 00341840 _____ () C:\Windows\System32\FNTCACHE.DAT 2014-11-12 19:20 - 2014-10-26 11:23 - 00000000 ___SD () C:\Windows\System32\CompatTel 2014-11-12 19:17 - 2014-10-26 11:06 - 00000000 ____D () C:\Windows\System32\MRT 2014-11-12 19:16 - 2014-10-26 11:06 - 100445232 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe ==================== Known DLLs (Whitelisted) ============ ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe [2014-04-11 16:08] - [2014-04-11 16:08] - 2616320 ____A (Microsoft Corporation) C:\Windows\System32\winlogon.exe [2014-10-26 10:50] - [2014-07-17 01:39] - 0304128 ____A (Microsoft Corporation) C:\Windows\System32\wininit.exe [2009-07-13 23:36] - [2009-07-14 01:14] - 0096256 ____A (Microsoft Corporation) C:\Windows\System32\svchost.exe [2009-07-13 23:19] - [2009-07-14 01:14] - 0020992 ____A (Microsoft Corporation) C:\Windows\System32\services.exe [2009-07-13 23:11] - [2009-07-14 01:14] - 0259072 ____A (Microsoft Corporation) C:\Windows\System32\User32.dll [2010-11-20 21:29] - [2010-11-20 21:29] - 0811520 ____A (Microsoft Corporation) C:\Windows\System32\userinit.exe [2010-11-20 21:29] - [2010-11-20 21:29] - 0026624 ____A (Microsoft Corporation) C:\Windows\System32\rpcss.dll [2010-11-20 21:29] - [2010-11-20 21:29] - 0376832 ____A (Microsoft Corporation) ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected. C:\Windows\System32\Drivers\volsnap.sys [2010-11-20 21:29] - [2010-11-20 21:29] - 0245632 ____A (Microsoft Corporation) ==================== EXE Association (whitelisted) ============= ==================== Restore Points ========================= Restore point made on: 2014-11-18 01:22:49 Restore point made on: 2014-11-20 11:55:51 Restore point made on: 2014-11-25 18:11:09 Restore point made on: 2014-11-28 22:13:32 Restore point made on: 2014-12-02 20:59:39 ==================== Memory info =========================== Percentage of memory in use: 9% Total physical RAM: 3574.99 MB Available physical RAM: 3217.91 MB Total Pagefile: 3344.2 MB Available Pagefile: 2262.65 MB Total Virtual: 2047.88 MB Available Virtual: 2007.44 MB ==================== Drives ================================ Drive b: (RamDrive) (Fixed) (Total:0.98 GB) (Free:0.97 GB) NTFS Drive c: () (Fixed) (Total:111.79 GB) (Free:63.54 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive e: () (Fixed) (Total:97.66 GB) (Free:56.35 GB) NTFS Drive f: () (Fixed) (Total:244.04 GB) (Free:30.5 GB) NTFS Drive g: () (Fixed) (Total:221.62 GB) (Free:212.71 GB) NTFS Drive h: (DATA) (Fixed) (Total:368.09 GB) (Free:15.66 GB) NTFS Drive i: (HBCD 14.1) (CDROM) (Total:0.51 GB) (Free:0 GB) CDFS Drive x: (Mini Xp) (Fixed) (Total:0.23 GB) (Free:0.23 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 8C9AD233) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=244 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=221.6 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 5418ACE3) Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 09290929) Partition 1: (Active) - (Size=97.7 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=8 MB) - (Type=OF Extended) Partition 3: (Not Active) - (Size=368.1 GB) - (Type=07 NTFS) LastRegBack: 2014-11-25 18:45 ==================== End Of Log ============================