Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01 ([color=red]ATTENTION: ====> FRST version is 29 days old and could be outdated[/color]) Ran by PTYLLO (administrator) on PTYLLO-RSA on 11-04-2014 11:00:36 Running from J:\! OTL\a Microsoft Windows 7 Home Premium (X86) OS Language: Polish Internet Explorer Version 9 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (AMD) C:\Windows\system32\atieclxx.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Nero AG) C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe (Protexis Inc.) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Microsoft Corporation) C:\Windows\System32\tcpsvcs.exe (TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE () C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Creative Technology Ltd.) C:\Windows\V0770Mon.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe () C:\Program Files\Unlocker\UnlockerAssistant.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe () C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe () C:\Program Files\GIGABYTE\AppCenter\ApCent.exe (Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe (TC UP Team) C:\Program Files\TC UP\TC UP.exe (Ghisler Software GmbH) C:\Program Files\TC UP\TOTALCMD.EXE (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Systweak Inc) C:\Program Files\Advanced Driver Updater\adu.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (TC UP Team) C:\Program Files\TC UP\TC UP.exe (Ghisler Software GmbH) C:\Program Files\TC UP\TOTALCMD.EXE (OldTimer Tools) J:\! OTL\a\OTL.exe () J:\! OTL\a\gmer.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation) HKLM\...\Run: [V0770Mon.exe] - C:\Windows\V0770Mon.exe [32884 2012-06-01] (Creative Technology Ltd.) HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard) HKLM\...\Run: [hpqSRMon] - C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard) HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12021464 2014-01-23] (Realtek Semiconductor) HKLM\...\Run: [UnlockerAssistant] - C:\Program Files\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] () HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\RunOnce: [PreRun] - C:\Program Files\GIGABYTE\AppCenter\PreRun.exe [8192 2013-04-29] () HKU\S-1-5-21-623532874-284264790-1930585317-1000\...\Run: [IDMan] - C:\Program Files\Internet Download Manager\IDMan.exe [3829328 2014-03-18] (Tonec Inc.) HKU\S-1-5-21-623532874-284264790-1930585317-1000\...\MountPoints2: {83ca622c-89a3-11e3-8466-94de80d76d45} - L:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-623532874-284264790-1930585317-1000\...\MountPoints2: {8792b14c-88db-11e3-be0d-806e6f6e6963} - F:\Run.exe HKU\S-1-5-21-623532874-284264790-1930585317-1000\...\MountPoints2: {ab10078a-91dd-11e3-9676-94de80d76d45} - R:\autorun.exe HKU\S-1-5-21-623532874-284264790-1930585317-1000\...\MountPoints2: {ab10078c-91dd-11e3-9676-94de80d76d45} - P:\setup.exe GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank BHO: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.) BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: GBHO.BHO - {c20391ee-b6fd-4a35-9f1b-2892dda5b107} - C:\Windows\system32\mscoree.dll (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Toolbar: HKLM - Smart Recovery 2 - {a011d643-4a67-4934-a775-46139847d7f2} - C:\Windows\system32\mscoree.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.1.254 FireFox: ======== FF ProfilePath: C:\Users\PTYLLO\AppData\Roaming\Mozilla\Firefox\Profiles\kmsl2yes.default-1396685597232 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.) FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\PTYLLO\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Extension: leethax.net extension - C:\Users\PTYLLO\AppData\Roaming\Mozilla\Firefox\Profiles\kmsl2yes.default-1396685597232\Extensions\leethax@leethax.net.xpi [2014-04-05] FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\PTYLLO\AppData\Roaming\IDM\idmmzcc5 FF Extension: IDM CC - C:\Users\PTYLLO\AppData\Roaming\IDM\idmmzcc5 [2014-04-05] FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\PTYLLO\AppData\Roaming\IDM\idmmzcc5 FF Extension: IDM CC - C:\Users\PTYLLO\AppData\Roaming\IDM\idmmzcc5 [2014-04-05] Chrome: ======= CHR HomePage: hxxp://www.google.pl/ CHR DefaultSearchKeyword: google.co.uk CHR Extension: (IDM Integration Module) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2014-01-29] CHR Extension: (Google Wallet) - C:\Users\PTYLLO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-29] CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2014-04-03] ========================== Services (Whitelisted) ================= S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] () S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279024 2013-05-24] (Intel Corporation) S3 DfSdkS; C:\Program Files\Ashampoo\Ashampoo UnInstaller 5\DfSdkS.exe [406016 2009-08-24] (mst software GmbH, Germany) R2 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-10] (Nero AG) S3 ICCS; C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [171632 2013-01-02] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [583680 2013-02-13] (Intel(R) Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [637912 2013-02-13] (Intel(R) Corporation) R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-04-11] (Intel Corporation) S4 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG) R2 OS Selector; C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe [2139400 2011-11-15] () R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () ==================== Drivers (Whitelisted) ==================== S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [26112 2010-04-29] (Google Inc) R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [18512 2013-02-19] () S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW73.sys [77824 2013-12-19] () S3 etdrv; C:\Windows\etdrv.sys [17488 2014-04-11] (Windows (R) 2000 DDK provider) S3 gdrv; C:\Windows\gdrv.sys [17488 2014-04-11] (Windows (R) 2000 DDK provider) S3 HTCAND32; C:\Windows\System32\Drivers\ANDROIDUSB.sys [26112 2010-04-29] (Google Inc) S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV32.sys [105984 2009-10-27] (QUALCOMM Incorporated) R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [538608 2013-04-30] (Intel Corporation) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [26608 2013-04-30] (Intel Corporation) R3 ICCWDT; C:\Windows\System32\DRIVERS\ICCWDT.sys [22040 2010-08-18] (Intel Corporation) R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16880 2013-04-26] (Intel Corporation) R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [361968 2013-04-26] (Intel Corporation) R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [793072 2013-04-26] (Intel Corporation) R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [56432 2013-01-11] (Intel Corporation) S3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [199528 2011-12-02] (Realtek Semiconductor Corp.) R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [91016 2012-08-27] (Renesas Electronics Corporation) R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [181128 2012-08-27] (Renesas Electronics Corporation) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324096 2014-02-09] (Duplex Secure Ltd.) R2 UI5IFS; C:\Program Files\Ashampoo\Ashampoo UnInstaller 5\IFS32.sys [33632 2013-05-08] () S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [19536 2013-05-06] () R3 V0770Vid; C:\Windows\System32\DRIVERS\V0770Vid.sys [325376 2012-06-01] (Creative Technology Ltd.) R1 VD_FileDisk; C:\Windows\system32\Drivers\VD_FileDisk.sys [24680 2011-01-26] (CaptainFlint Software) U3 ao4y9jki; C:\Windows\system32\Drivers\ao4y9jki.sys [0 ] (VIA Technologies Inc.,Ltd) S2 BDRSDRV; No ImagePath U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () <===== ATTENTION Necurs Rootkit? U4 vsserv; U3 pwldakod; \??\C:\Users\PTYLLO\AppData\Local\Temp\pwldakod.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-11 10:51 - 2014-04-11 10:51 - 00275722 _____ () C:\ProgramData\1397209841.bdinstall.bin 2014-04-11 10:51 - 2014-04-11 10:51 - 00000000 ____D () C:\Program Files\Bitdefender 2014-04-11 10:46 - 2014-02-18 19:48 - 00693464 _____ (Realtek ) C:\Windows\system32\Drivers\Rt86win7.sys 2014-04-11 10:45 - 2014-04-11 10:45 - 00000000 ____D () C:\Users\PTYLLO\AppData\Local\Intel_Corporation 2014-04-11 10:25 - 2014-04-11 10:25 - 00000943 _____ () C:\Users\Public\Desktop\Speccy.lnk 2014-04-11 10:25 - 2014-04-11 10:25 - 00000000 ____D () C:\Program Files\Speccy 2014-04-11 10:14 - 2014-04-11 10:14 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ICCWDT_01009.Wdf 2014-04-11 10:11 - 2014-04-11 10:11 - 00150232 _____ () C:\Windows\Minidump\041114-20794-01.dmp 2014-04-11 09:46 - 2014-04-11 09:46 - 00277900 _____ () C:\ProgramData\1397205909.bdinstall.bin 2014-04-11 09:44 - 2014-04-11 09:44 - 00062873 _____ () C:\ProgramData\1397205855.bdinstall.bin 2014-04-11 09:29 - 2014-04-11 09:29 - 00275310 _____ () C:\ProgramData\1397204946.bdinstall.bin 2014-04-11 08:51 - 2014-04-11 09:27 - 00000280 _____ () C:\Windows\Tasks\AdvancedDriverUpdater_UPDATES.job 2014-04-11 08:50 - 2014-04-11 08:50 - 00001045 _____ () C:\Users\Public\Desktop\Advanced Driver Updater.lnk 2014-04-11 08:50 - 2014-04-11 08:50 - 00000000 ____D () C:\Users\PTYLLO\AppData\Roaming\Systweak 2014-04-11 08:50 - 2014-04-11 08:50 - 00000000 ____D () C:\Program Files\Advanced Driver Updater 2014-04-11 08:48 - 2014-04-11 08:48 - 00858432 _____ (SlimWare Utilities, Inc.) C:\Users\PTYLLO\Downloads\slimdrivers-setup.ussafe.exe 2014-04-11 08:31 - 2014-04-11 08:31 - 01671267 _____ () C:\Users\PTYLLO\Desktop\cpu-z-1.64.1-en.rar 2014-04-11 08:31 - 2014-04-11 08:31 - 00001028 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk 2014-04-11 08:31 - 2014-04-11 08:31 - 00000000 ____D () C:\Program Files\CPUID 2014-04-11 08:10 - 2014-04-11 08:10 - 00000000 ____D () C:\Users\PTYLLO\SystemRequirementsLab 2014-04-08 11:54 - 2014-04-08 12:19 - 00000000 ____D () C:\Users\PTYLLO\Documents\Windows Updates Downloader 2014-04-08 11:53 - 2014-04-08 11:53 - 00001958 _____ () C:\Users\Public\Desktop\Windows Updates Downloader.lnk 2014-04-08 11:53 - 2014-04-08 11:53 - 00000000 ____D () C:\Users\PTYLLO\AppData\Local\Supremus Corporation 2014-04-08 11:53 - 2014-04-08 11:53 - 00000000 ____D () C:\Program Files\Windows Updates Downloader 2014-04-08 11:35 - 2014-04-08 11:35 - 00001605 _____ () C:\Users\PTYLLO\Desktop\Fix.bat 2014-04-08 11:05 - 2014-04-08 11:05 - 00277649 _____ () C:\ProgramData\1396951498.bdinstall.bin 2014-04-07 21:33 - 2014-04-07 21:33 - 00275726 _____ () C:\ProgramData\1396902819.bdinstall.bin 2014-04-07 20:42 - 2014-04-07 20:42 - 00001962 _____ () C:\Users\PTYLLO\Desktop\Raport zgodności z systemem Windows.htm 2014-04-07 20:40 - 2014-04-07 20:40 - 00002544 _____ () C:\Windows\diagwrn.xml 2014-04-07 20:40 - 2014-04-07 20:40 - 00001890 _____ () C:\Windows\diagerr.xml 2014-04-07 19:22 - 2014-04-07 19:22 - 00000000 ____D () C:\ProgramData\HPSSUPPLY 2014-04-06 21:15 - 2014-04-06 21:15 - 00275151 _____ () C:\ProgramData\1396815292.bdinstall.bin 2014-04-06 20:16 - 2014-04-06 20:16 - 00274752 _____ () C:\ProgramData\1396811718.bdinstall.bin 2014-04-06 20:14 - 2014-04-11 09:54 - 00020404 _____ () C:\Windows\PFRO.log 2014-04-06 20:13 - 2014-04-06 20:13 - 00062873 _____ () C:\ProgramData\1396811609.bdinstall.bin 2014-04-06 06:27 - 2014-04-06 06:27 - 00283977 _____ () C:\ProgramData\1396761892.bdinstall.bin 2014-04-06 00:00 - 2014-04-11 10:49 - 00004509 _____ () C:\Windows\setupact.log 2014-04-06 00:00 - 2014-04-07 20:40 - 00000000 _____ () C:\Windows\setuperr.log 2014-04-05 23:51 - 2014-04-05 23:51 - 00062873 _____ () C:\ProgramData\1396738311.bdinstall.bin 2014-04-05 23:49 - 2014-04-05 23:49 - 00278332 _____ () C:\ProgramData\1396738164.bdinstall.bin 2014-04-05 23:48 - 2014-04-05 23:48 - 00062061 _____ () C:\ProgramData\1396738082.bdinstall.bin 2014-04-05 23:47 - 2014-04-05 23:47 - 00280534 _____ () C:\ProgramData\1396738004.bdinstall.bin 2014-04-05 23:47 - 2014-04-05 23:47 - 00000000 ____D () C:\ProgramData\Bitdefender 2014-04-05 23:39 - 2014-04-05 23:39 - 00129232 _____ () C:\ProgramData\1396737444.bdinstall.bin 2014-04-05 18:48 - 2014-04-05 18:48 - 00000050 _____ () C:\Users\PTYLLO\Desktop\TADZIA IMEIE.txt 2014-04-05 16:34 - 2014-04-05 17:32 - 00000000 ____D () C:\Lenovo 2014-04-04 13:37 - 2014-04-11 11:00 - 00000000 ____D () C:\FRST 2014-04-03 18:51 - 2014-04-03 18:51 - 00000000 ____D () C:\Users\PTYLLO\AppData\Roaming\Oracle 2014-04-03 18:50 - 2014-04-03 18:50 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-04-03 18:50 - 2014-04-03 18:50 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-04-03 18:50 - 2014-04-03 18:50 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-04-03 18:50 - 2014-04-03 18:50 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2014-04-03 18:50 - 2014-04-03 18:50 - 00000000 ____D () C:\Program Files\Common Files\Java 2014-04-03 18:14 - 2014-04-03 18:14 - 00000000 ____D () C:\Users\PTYLLO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker 2014-04-03 14:43 - 2013-11-28 01:24 - 00108000 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys 2014-04-03 07:57 - 2014-04-03 07:57 - 00001020 _____ () C:\Users\PTYLLO\Desktop\Hard Disk Low Level Format Tool.lnk 2014-04-03 07:57 - 2014-04-03 07:57 - 00000001 _____ () C:\Users\PTYLLO\AppData\Local\llftool.4.40.agreement 2014-04-03 07:56 - 2014-04-03 07:57 - 00000000 ____D () C:\Program Files\HDDGURU LLF Tool 2014-04-02 18:23 - 2014-04-02 18:27 - 00000000 ____D () C:\Windows\Acronis 2014-04-02 18:23 - 2014-04-02 18:23 - 00000155 _____ () C:\Windows\system32\autopart.opt 2014-04-02 08:55 - 2014-04-02 08:55 - 00000000 ____D () C:\ProgramData\TomTom 2014-04-02 08:54 - 2014-04-02 08:54 - 00000000 ____D () C:\Users\PTYLLO\Documents\TomTom 2014-04-02 08:38 - 2014-04-02 08:59 - 00000000 ____D () C:\Program Files\TomTom HOME 2 2014-04-02 08:38 - 2014-04-02 08:38 - 00000000 ____D () C:\Users\PTYLLO\AppData\Roaming\TomTom 2014-04-02 08:38 - 2014-04-02 08:38 - 00000000 ____D () C:\Users\PTYLLO\AppData\Local\TomTom 2014-04-02 08:38 - 2014-04-02 08:38 - 00000000 ____D () C:\Program Files\TomTom International B.V 2014-04-02 08:17 - 2014-04-02 08:17 - 00000000 ____D () C:\Program Files\TomTom DesktopSuite 2014-03-31 21:22 - 2014-03-31 21:22 - 00000000 ____D () C:\Users\Public\Documents\Ashampoo 2014-03-31 21:17 - 2014-03-31 21:17 - 00001169 _____ () C:\Users\Public\Desktop\Ashampoo UnInstaller 5.lnk 2014-03-29 07:52 - 2014-03-29 07:52 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-03-24 18:42 - 2014-03-24 18:42 - 00001070 _____ () C:\Users\Public\Desktop\Picasa 3.lnk 2014-03-23 22:08 - 2014-03-23 22:08 - 00000000 ____D () C:\Users\PTYLLO\AppData\Local\Sygic 2014-03-23 22:07 - 2014-03-23 22:07 - 00001067 _____ () C:\Users\PTYLLO\Desktop\Sygic Assistant.lnk 2014-03-23 22:07 - 2014-03-23 22:07 - 00000000 ____D () C:\Program Files\Sygic Assistant 2014-03-18 10:46 - 2014-03-18 10:46 - 00007605 _____ () C:\Users\PTYLLO\AppData\Local\Resmon.ResmonCfg ==================== One Month Modified Files and Folders ======= 2014-04-11 11:00 - 2014-04-04 13:37 - 00000000 ____D () C:\FRST 2014-04-11 10:57 - 2014-01-29 15:31 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-11 10:56 - 2009-07-14 05:34 - 00015008 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-11 10:56 - 2009-07-14 05:34 - 00015008 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-11 10:54 - 2014-01-29 13:58 - 01669510 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-04-11 10:54 - 2009-07-19 13:08 - 00740008 _____ () C:\Windows\system32\perfh015.dat 2014-04-11 10:54 - 2009-07-19 13:08 - 00155616 _____ () C:\Windows\system32\perfc015.dat 2014-04-11 10:51 - 2014-04-11 10:51 - 00275722 _____ () C:\ProgramData\1397209841.bdinstall.bin 2014-04-11 10:51 - 2014-04-11 10:51 - 00000000 ____D () C:\Program Files\Bitdefender 2014-04-11 10:51 - 2014-01-29 23:24 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender 2014-04-11 10:51 - 2014-01-29 13:54 - 01275166 _____ () C:\Windows\WindowsUpdate.log 2014-04-11 10:49 - 2014-04-06 00:00 - 00004509 _____ () C:\Windows\setupact.log 2014-04-11 10:49 - 2014-02-03 13:00 - 00000000 ____D () C:\Users\PTYLLO\AppData\Local\HTC MediaHub 2014-04-11 10:49 - 2014-01-29 15:01 - 00000000 ____D () C:\Users\PTYLLO\AppData\Roaming\DMCache 2014-04-11 10:49 - 2014-01-29 14:16 - 00001032 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-04-11 10:49 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-04-11 10:45 - 2014-04-11 10:45 - 00000000 ____D () C:\Users\PTYLLO\AppData\Local\Intel_Corporation 2014-04-11 10:25 - 2014-04-11 10:25 - 00000943 _____ () C:\Users\Public\Desktop\Speccy.lnk 2014-04-11 10:25 - 2014-04-11 10:25 - 00000000 ____D () C:\Program Files\Speccy 2014-04-11 10:15 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF 2014-04-11 10:14 - 2014-04-11 10:14 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ICCWDT_01009.Wdf 2014-04-11 10:14 - 2014-01-29 13:58 - 00000000 ____D () C:\Program Files\Intel 2014-04-11 10:11 - 2014-04-11 10:11 - 00150232 _____ () C:\Windows\Minidump\041114-20794-01.dmp 2014-04-11 10:11 - 2014-02-11 10:08 - 00000000 ____D () C:\Windows\Minidump 2014-04-11 10:09 - 2014-02-07 20:04 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-623532874-284264790-1930585317-1000UA.job 2014-04-11 10:09 - 2014-01-29 14:16 - 00001036 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-04-11 09:54 - 2014-04-06 20:14 - 00020404 _____ () C:\Windows\PFRO.log 2014-04-11 09:52 - 2014-01-29 14:07 - 00000000 ____D () C:\Windows\system32\RTCOM 2014-04-11 09:46 - 2014-04-11 09:46 - 00277900 _____ () C:\ProgramData\1397205909.bdinstall.bin 2014-04-11 09:44 - 2014-04-11 09:44 - 00062873 _____ () C:\ProgramData\1397205855.bdinstall.bin 2014-04-11 09:29 - 2014-04-11 09:29 - 00275310 _____ () C:\ProgramData\1397204946.bdinstall.bin 2014-04-11 09:28 - 2014-01-30 18:02 - 00155913 _____ () C:\Windows\system32\bios.ini 2014-04-11 09:27 - 2014-04-11 08:51 - 00000280 _____ () C:\Windows\Tasks\AdvancedDriverUpdater_UPDATES.job 2014-04-11 09:27 - 2014-01-30 18:02 - 00017488 _____ (Windows (R) 2000 DDK provider) C:\Windows\gdrv.sys 2014-04-11 08:50 - 2014-04-11 08:50 - 00001045 _____ () C:\Users\Public\Desktop\Advanced Driver Updater.lnk 2014-04-11 08:50 - 2014-04-11 08:50 - 00000000 ____D () C:\Users\PTYLLO\AppData\Roaming\Systweak 2014-04-11 08:50 - 2014-04-11 08:50 - 00000000 ____D () C:\Program Files\Advanced Driver Updater 2014-04-11 08:48 - 2014-04-11 08:48 - 00858432 _____ (SlimWare Utilities, Inc.) C:\Users\PTYLLO\Downloads\slimdrivers-setup.ussafe.exe 2014-04-11 08:41 - 2014-01-30 18:05 - 00017488 _____ (Windows (R) 2000 DDK provider) C:\Windows\etdrv.sys 2014-04-11 08:31 - 2014-04-11 08:31 - 01671267 _____ () C:\Users\PTYLLO\Desktop\cpu-z-1.64.1-en.rar 2014-04-11 08:31 - 2014-04-11 08:31 - 00001028 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk 2014-04-11 08:31 - 2014-04-11 08:31 - 00000000 ____D () C:\Program Files\CPUID 2014-04-11 08:29 - 2014-01-29 15:01 - 00000000 ____D () C:\Users\PTYLLO\AppData\Roaming\IDM 2014-04-11 08:10 - 2014-04-11 08:10 - 00000000 ____D () C:\Users\PTYLLO\SystemRequirementsLab 2014-04-11 08:10 - 2014-01-29 13:54 - 00000000 ____D () C:\Users\PTYLLO 2014-04-10 19:09 - 2014-02-07 20:04 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-623532874-284264790-1930585317-1000Core.job 2014-04-09 23:12 - 2014-01-29 14:16 - 00002141 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-04-09 11:47 - 2014-01-30 12:01 - 00000000 ____D () C:\Windows\system32\MRT 2014-04-09 11:47 - 2014-01-30 02:01 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-04-09 11:46 - 2014-01-30 12:01 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-04-08 17:13 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache 2014-04-08 12:26 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pl-PL 2014-04-08 12:19 - 2014-04-08 11:54 - 00000000 ____D () C:\Users\PTYLLO\Documents\Windows Updates Downloader 2014-04-08 11:53 - 2014-04-08 11:53 - 00001958 _____ () C:\Users\Public\Desktop\Windows Updates Downloader.lnk 2014-04-08 11:53 - 2014-04-08 11:53 - 00000000 ____D () C:\Users\PTYLLO\AppData\Local\Supremus Corporation 2014-04-08 11:53 - 2014-04-08 11:53 - 00000000 ____D () C:\Program Files\Windows Updates Downloader 2014-04-08 11:35 - 2014-04-08 11:35 - 00001605 _____ () C:\Users\PTYLLO\Desktop\Fix.bat 2014-04-08 11:05 - 2014-04-08 11:05 - 00277649 _____ () C:\ProgramData\1396951498.bdinstall.bin 2014-04-07 21:33 - 2014-04-07 21:33 - 00275726 _____ () C:\ProgramData\1396902819.bdinstall.bin 2014-04-07 21:04 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\LogFiles 2014-04-07 20:42 - 2014-04-07 20:42 - 00001962 _____ () C:\Users\PTYLLO\Desktop\Raport zgodności z systemem Windows.htm 2014-04-07 20:40 - 2014-04-07 20:40 - 00002544 _____ () C:\Windows\diagwrn.xml 2014-04-07 20:40 - 2014-04-07 20:40 - 00001890 _____ () C:\Windows\diagerr.xml 2014-04-07 20:40 - 2014-04-06 00:00 - 00000000 _____ () C:\Windows\setuperr.log 2014-04-07 20:14 - 2014-01-29 14:55 - 00000000 ____D () C:\Users\PTYLLO\AppData\Roaming\vlc 2014-04-07 19:59 - 2014-01-30 18:54 - 00000000 ____D () C:\Users\PTYLLO\AppData\Roaming\Skype 2014-04-07 19:22 - 2014-04-07 19:22 - 00000000 ____D () C:\ProgramData\HPSSUPPLY 2014-04-07 09:39 - 2014-02-09 23:41 - 00000000 ____D () C:\Users\PTYLLO\AppData\Local\Nero_AG 2014-04-06 21:15 - 2014-04-06 21:15 - 00275151 _____ () C:\ProgramData\1396815292.bdinstall.bin 2014-04-06 20:16 - 2014-04-06 20:16 - 00274752 _____ () C:\ProgramData\1396811718.bdinstall.bin 2014-04-06 20:13 - 2014-04-06 20:13 - 00062873 _____ () C:\ProgramData\1396811609.bdinstall.bin 2014-04-06 06:27 - 2014-04-06 06:27 - 00283977 _____ () C:\ProgramData\1396761892.bdinstall.bin 2014-04-06 06:10 - 2014-01-29 13:54 - 00001427 _____ () C:\Users\PTYLLO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-04-05 23:51 - 2014-04-05 23:51 - 00062873 _____ () C:\ProgramData\1396738311.bdinstall.bin 2014-04-05 23:49 - 2014-04-05 23:49 - 00278332 _____ () C:\ProgramData\1396738164.bdinstall.bin 2014-04-05 23:48 - 2014-04-05 23:48 - 00062061 _____ () C:\ProgramData\1396738082.bdinstall.bin 2014-04-05 23:47 - 2014-04-05 23:47 - 00280534 _____ () C:\ProgramData\1396738004.bdinstall.bin 2014-04-05 23:47 - 2014-04-05 23:47 - 00000000 ____D () C:\ProgramData\Bitdefender 2014-04-05 23:42 - 2014-01-29 15:00 - 00000000 ____D () C:\Program Files\Internet Download Manager 2014-04-05 23:39 - 2014-04-05 23:39 - 00129232 _____ () C:\ProgramData\1396737444.bdinstall.bin 2014-04-05 18:48 - 2014-04-05 18:48 - 00000050 _____ () C:\Users\PTYLLO\Desktop\TADZIA IMEIE.txt 2014-04-05 17:32 - 2014-04-05 16:34 - 00000000 ____D () C:\Lenovo 2014-04-05 09:13 - 2014-02-14 09:18 - 00000000 ____D () C:\Users\PTYLLO\Desktop\Stare dane programu Firefox 2014-04-04 13:29 - 2009-07-14 08:48 - 00000000 ____D () C:\Windows\ShellNew 2014-04-04 13:18 - 2014-01-30 14:25 - 00000000 ____D () C:\Program Files\Ashampoo 2014-04-04 13:01 - 2014-01-30 02:11 - 00000376 _____ () C:\Users\PTYLLO\AppData\Roamingprivacy.xml 2014-04-03 18:51 - 2014-04-03 18:51 - 00000000 ____D () C:\Users\PTYLLO\AppData\Roaming\Oracle 2014-04-03 18:50 - 2014-04-03 18:50 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-04-03 18:50 - 2014-04-03 18:50 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-04-03 18:50 - 2014-04-03 18:50 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-04-03 18:50 - 2014-04-03 18:50 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2014-04-03 18:50 - 2014-04-03 18:50 - 00000000 ____D () C:\Program Files\Common Files\Java 2014-04-03 18:50 - 2014-02-23 15:08 - 00000000 ____D () C:\ProgramData\Oracle 2014-04-03 18:14 - 2014-04-03 18:14 - 00000000 ____D () C:\Users\PTYLLO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker 2014-04-03 18:14 - 2014-02-13 15:04 - 00000000 ____D () C:\Program Files\Unlocker 2014-04-03 07:57 - 2014-04-03 07:57 - 00001020 _____ () C:\Users\PTYLLO\Desktop\Hard Disk Low Level Format Tool.lnk 2014-04-03 07:57 - 2014-04-03 07:57 - 00000001 _____ () C:\Users\PTYLLO\AppData\Local\llftool.4.40.agreement 2014-04-03 07:57 - 2014-04-03 07:56 - 00000000 ____D () C:\Program Files\HDDGURU LLF Tool 2014-04-02 18:27 - 2014-04-02 18:23 - 00000000 ____D () C:\Windows\Acronis 2014-04-02 18:23 - 2014-04-02 18:23 - 00000155 _____ () C:\Windows\system32\autopart.opt 2014-04-02 08:59 - 2014-04-02 08:38 - 00000000 ____D () C:\Program Files\TomTom HOME 2 2014-04-02 08:55 - 2014-04-02 08:55 - 00000000 ____D () C:\ProgramData\TomTom 2014-04-02 08:54 - 2014-04-02 08:54 - 00000000 ____D () C:\Users\PTYLLO\Documents\TomTom 2014-04-02 08:38 - 2014-04-02 08:38 - 00000000 ____D () C:\Users\PTYLLO\AppData\Roaming\TomTom 2014-04-02 08:38 - 2014-04-02 08:38 - 00000000 ____D () C:\Users\PTYLLO\AppData\Local\TomTom 2014-04-02 08:38 - 2014-04-02 08:38 - 00000000 ____D () C:\Program Files\TomTom International B.V 2014-04-02 08:17 - 2014-04-02 08:17 - 00000000 ____D () C:\Program Files\TomTom DesktopSuite 2014-04-02 07:42 - 2014-01-30 16:58 - 00000000 ____D () C:\Users\PTYLLO\AppData\Local\Downloaded Installations 2014-04-01 09:30 - 2014-01-30 02:01 - 00000000 ____D () C:\Users\PTYLLO\AppData\Local\Microsoft Help 2014-03-31 21:22 - 2014-03-31 21:22 - 00000000 ____D () C:\Users\Public\Documents\Ashampoo 2014-03-31 21:17 - 2014-03-31 21:17 - 00001169 _____ () C:\Users\Public\Desktop\Ashampoo UnInstaller 5.lnk 2014-03-31 21:16 - 2014-01-30 14:25 - 00000000 ____D () C:\ProgramData\Ashampoo 2014-03-31 09:35 - 2014-01-29 14:10 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-03-30 22:25 - 2014-03-11 11:46 - 00000327 _____ () C:\Windows\system32\checkdnsid.xml 2014-03-30 14:40 - 2014-01-29 15:13 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-03-29 07:52 - 2014-03-29 07:52 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-03-24 18:42 - 2014-03-24 18:42 - 00001070 _____ () C:\Users\Public\Desktop\Picasa 3.lnk 2014-03-24 18:42 - 2014-01-29 14:16 - 00000000 ____D () C:\Users\PTYLLO\AppData\Local\Google 2014-03-24 18:42 - 2014-01-29 14:16 - 00000000 ____D () C:\Program Files\Google 2014-03-23 22:08 - 2014-03-23 22:08 - 00000000 ____D () C:\Users\PTYLLO\AppData\Local\Sygic 2014-03-23 22:07 - 2014-03-23 22:07 - 00001067 _____ () C:\Users\PTYLLO\Desktop\Sygic Assistant.lnk 2014-03-23 22:07 - 2014-03-23 22:07 - 00000000 ____D () C:\Program Files\Sygic Assistant 2014-03-19 18:45 - 2014-02-19 21:52 - 00000088 _____ () C:\Users\PTYLLO\Desktop\Do BETA.txt 2014-03-18 10:46 - 2014-03-18 10:46 - 00007605 _____ () C:\Users\PTYLLO\AppData\Local\Resmon.ResmonCfg 2014-03-15 01:44 - 2014-02-10 09:15 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-03-12 16:57 - 2014-01-29 15:31 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-03-12 16:57 - 2014-01-29 15:31 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\system32\winlogon.exe => MD5 is legit C:\Windows\system32\wininit.exe => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\services.exe => MD5 is legit C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-04-09 00:30 ==================== End Of Log ============================