Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014 01
Ran by SYSTEM on MININT-EE4PCI6 on 12-10-2014 08:43:00
Running from H:\Znajomi\robak\step6
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Polski (Polska)
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet002
[b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b]

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10135584 2010-03-26] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-22] (Alcor Micro Corp.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [7350912 2010-02-04] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-01-05] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2010-01-22] (NEC Electronics Corporation)
HKLM-x32\...\Run: [NBKeyScan] => C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2221352 2008-02-18] (Nero AG)
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [2532352 2013-08-04] (MyHeritage)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\USER\...\Run: [Google Update] => C:\Users\USER\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-04-01] (Google Inc.)
HKU\USER\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\USER\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1828136 2008-02-28] (Nero AG)
HKU\USER\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-08-30] (Google Inc.)
HKU\USER\...\Run: [Google+ Auto Backup] => C:\Users\USER\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3746120 2014-08-12] (Google Inc.)
HKU\USER\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [113768 2010-06-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [101992 2010-06-23] (NVIDIA Corporation)

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-02-18] (Nero AG)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [529704 2008-02-28] (Nero AG)
S2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-20] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-09 22:30 - 2014-10-09 22:30 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-09 22:29 - 2014-10-09 22:29 - 00918440 _____ (Oracle Corporation) C:\Users\USER\Downloads\chromeinstall-7u67.exe
2014-10-09 16:52 - 2014-10-09 16:52 - 00000000 ____D () C:\Windows\System32\appmgmt
2014-10-08 08:38 - 2014-10-12 08:43 - 00000000 ____D () C:\FRST
2014-10-06 15:44 - 2014-10-06 15:45 - 00002370 _____ () C:\Users\USER\Desktop\Google Chrome.lnk
2014-10-05 11:36 - 2014-10-09 16:46 - 00000000 ____D () C:\Users\USER\Desktop\2007-09-30 001
2014-10-01 12:17 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2014-10-01 12:17 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-24 07:26 - 2014-09-09 23:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2014-09-24 07:26 - 2014-09-09 22:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-16 20:49 - 2014-09-16 20:56 - 00000000 ____D () C:\Users\USER\Desktop\2014-09-16
2014-09-15 12:25 - 2014-09-15 12:25 - 00000000 ____D () C:\Users\USER\Desktop\2014-09-15 pismo toyota

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-12 07:19 - 2010-11-24 17:55 - 00117810 _____ () C:\Windows\PFRO.log
2014-10-12 07:19 - 2010-11-24 17:18 - 01242307 _____ () C:\Windows\WindowsUpdate.log
2014-10-12 07:16 - 2011-08-30 20:14 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-12 07:13 - 2009-07-14 05:45 - 00026544 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-12 07:13 - 2009-07-14 05:45 - 00026544 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-12 07:08 - 2011-08-23 06:56 - 00003982 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{EB28C304-2733-43E1-B637-790B7D0BB57E}
2014-10-12 07:07 - 2009-07-14 18:55 - 00740688 _____ () C:\Windows\System32\perfh015.dat
2014-10-12 07:07 - 2009-07-14 18:55 - 00156230 _____ () C:\Windows\System32\perfc015.dat
2014-10-12 07:07 - 2009-07-14 06:13 - 01670590 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-10-12 07:03 - 2011-06-18 21:16 - 00000000 ____D () C:\Users\USER\Tracing
2014-10-12 07:03 - 2011-04-01 11:21 - 00000000 ____D () C:\Users\USER\AppData\Roaming\Skype
2014-10-12 07:02 - 2011-08-30 20:14 - 00001040 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-12 07:02 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-12 07:02 - 2009-07-14 05:51 - 00197992 _____ () C:\Windows\setupact.log
2014-10-11 02:58 - 2014-08-31 16:08 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-11 02:58 - 2011-04-01 10:55 - 00001054 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4198088824-986625612-194678947-1000UA.job
2014-10-10 23:34 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\System32\NDF
2014-10-10 23:34 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-10-09 16:51 - 2011-04-01 10:55 - 00001002 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4198088824-986625612-194678947-1000Core.job
2014-10-04 09:46 - 2014-03-02 06:51 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-10-04 09:46 - 2011-04-01 11:21 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-04 09:46 - 2011-04-01 11:21 - 00000000 ____D () C:\ProgramData\Skype
2014-10-01 12:36 - 2014-01-02 22:26 - 00000000 ____D () C:\Users\USER\Desktop\U JACKA
2014-10-01 12:08 - 2009-07-14 06:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-25 07:56 - 2014-08-31 16:08 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-25 07:56 - 2014-08-31 16:08 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-25 07:56 - 2011-07-11 21:46 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-24 07:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-09-23 11:25 - 2013-10-20 12:04 - 00013030 _____ () C:\Users\USER\AppData\Local\PDOXUSRS.NET
2014-09-15 20:49 - 2013-08-11 19:52 - 00000000 ____D () C:\Users\USER\Desktop\2013 duszniki
2014-09-15 08:06 - 2011-04-01 13:57 - 00278152 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe

==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points  =========================

Restore point made on: 2014-09-21 18:09:22
Restore point made on: 2014-09-24 08:07:01
Restore point made on: 2014-09-30 08:25:52
Restore point made on: 2014-10-01 12:36:53
Restore point made on: 2014-10-09 16:52:16
Restore point made on: 2014-10-09 16:58:16
Restore point made on: 2014-10-09 22:30:41
Restore point made on: 2014-10-09 22:34:29
Restore point made on: 2014-10-12 07:09:31

==================== Memory info =========================== 

Percentage of memory in use: 15%
Total physical RAM: 3884.47 MB
Available physical RAM: 3282.25 MB
Total Pagefile: 3882.67 MB
Available Pagefile: 3269.99 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:100 GB) (Free:30.54 GB) NTFS
Drive e: (Dysk lokalny) (Fixed) (Total:197.99 GB) (Free:195.85 GB) NTFS
Drive f: (GSP1RMCPRXFREO_PL_DVD) (CDROM) (Total:2.98 GB) (Free:0 GB) UDF
Drive h: (128MB) (Removable) (Total:0.11 GB) (Free:0.02 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: F20A5652)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=198 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 114.4 MB) (Disk ID: 73CBD576)
Partition 1: (Active) - (Size=114 MB) - (Type=06)


LastRegBack: 2014-10-10 22:56

==================== End Of Log ============================