Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:10-08-2014 01 Ran by SYSTEM on MININT-L19K8QG on 11-08-2014 22:11:42 Running from E:\ Platform: Windows 7 Ultimate (X86) OS Language: Polski (Polska) Internet Explorer Version 8 Boot Mode: Recovery The current controlset is ControlSet002 [b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b] The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\RunOnce: [*Restore] => C:\Windows\system32\rstrui.exe [262656 2010-06-04] (Microsoft Corporation) HKLM\...\Winlogon: [Userinit] HKLM\...\Policies\Explorer: [NoRemoteRecursiveEvents] 1 HKU\Janusz\...\Run: [ALLUpdate] => C:\Program Files\ALLPlayer\ALLUpdate.exe [1379840 2011-08-16] () HKU\Janusz\...\Run: [EA Core] => "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent HKU\Janusz\...\Run: [GG] => C:\Users\Janusz\AppData\Local\GG\Application\gghub.exe [4023360 2014-07-12] (GG Network S.A.) HKU\Janusz\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIILE.EXE [249440 2012-02-29] (SEIKO EPSON CORPORATION) ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY) S2 AMPPALR3; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [509448 2012-03-01] (Intel Corporation) S2 BTHSSecurityMgr; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [104208 2012-03-08] (Intel(R) Corporation) S2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) S2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) S2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5306504 2014-04-16] (COMODO) S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1663192 2014-03-25] (COMODO) S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [276248 2012-03-19] (Intel Corporation) S2 CxUtilSvc; C:\Program Files\Conexant\SA3\CxUtilSvc.exe [109184 2011-10-11] (Conexant Systems, Inc.) S2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation) S2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [457952 2012-01-10] (Intel(R) Corporation) S2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-01-21] (Intel Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [241936 2012-04-17] () S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2326288 2012-04-17] (Intel® Corporation) S2 BFE; %SystemRoot%\System32\bfe.dll [X] S2 DPS; %SystemRoot%\system32\dps.dll [X] S2 IKEEXT; %SystemRoot%\System32\ikeext.dll [X] S4 Mcx2Svc; %SystemRoot%\system32\Mcx2Svc.dll [X] S3 pla; %systemroot%\system32\pla.dll [X] S2 Power; %SystemRoot%\system32\umpo.dll [X] S4 SDRSVC; %Systemroot%\System32\SDRSVC.dll [X] S3 SessionEnv; %SystemRoot%\system32\sessenv.dll [X] S4 SysMain; %systemroot%\system32\sysmain.dll [X] S3 UmRdpService; %SystemRoot%\System32\umrdp.dll [X] S3 vds; %SystemRoot%\System32\vds.exe [X] S3 WinHttpAutoProxySvc; winhttp.dll [X] S3 WinRM; %SystemRoot%\system32\WsmSvc.dll [X] S3 WPDBusEnum; %SystemRoot%\system32\wpdbusenum.dll [X] S2 wudfsvc; %SystemRoot%\System32\WUDFSvc.dll [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [22656 2012-02-01] (Advanced Micro Devices, Inc.) S3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [141312 2012-03-01] (Windows (R) Win 7 DDK provider) S3 AMPPALP; C:\Windows\System32\DRIVERS\amppal.sys [141312 2012-03-01] (Windows (R) Win 7 DDK provider) S1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20072 2014-04-16] (COMODO) S1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [607168 2014-04-16] (COMODO) S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15384 2014-01-07] () S3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [172336 2012-03-14] (ELAN Microelectronics Corp.) S3 intelkmd; C:\Windows\System32\DRIVERS\igdpmd32.sys [13210624 2012-03-19] (Intel Corporation) S0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [13592 2012-02-27] (Intel Corporation) S3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [348440 2012-02-27] (Intel Corporation) S3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [792856 2012-02-27] (Intel Corporation) S3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [46080 2011-11-10] (Intel Corporation) S3 NETwNs32; C:\Windows\System32\DRIVERS\Netwsn00.sys [10339840 2012-03-12] (Intel Corporation) S3 RSUSBVSTOR; C:\Windows\System32\Drivers\RtsUVStor.sys [231528 2012-02-01] (Realtek Semiconductor Corp.) S0 sptd; C:\Windows\System32\Drivers\sptd.sys [721904 2013-04-05] (Duplex Secure Ltd.) S1 StarPortLite; C:\Windows\System32\DRIVERS\StarPortLite.sys [95592 2009-03-02] (Rocket Division Software) S2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [16120 2010-11-29] (Intel(R) Corporation) ========================== Drivers MD5 ======================= C:\Windows\system32\DRIVERS\1394ohci.sys 6D2ACA41739BFE8CB86EE8E85F29697D C:\Windows\System32\DRIVERS\ACPI.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\acpipmi.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit C:\Windows\system32\drivers\afd.sys DDC040FDB01EF1712A6B13E52AFB104C C:\Windows\system32\DRIVERS\agp440.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\djsvs.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\aliide.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\amdagp.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\amdide.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\atikmdag.sys 5499A56EBDFD09049858CE3E5D794C5C C:\Windows\System32\DRIVERS\atikmpag.sys 2A6E211445AC7E72F29E5D3EB7B6AE6B C:\Windows\System32\DRIVERS\amdkmpfd.sys FCD73554DD41A6A5C45424C7E3518525 C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\amdsata.sys 2101A86C25C154F8314B24EF49D7FBC2 C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\amdxata.sys B81C2B5616F6420A9941EA093A92B150 C:\Windows\System32\DRIVERS\AMPPAL.sys 943B78A8F57464A471F0FE4340C7A072 C:\Windows\System32\DRIVERS\amppal.sys 943B78A8F57464A471F0FE4340C7A072 C:\Windows\system32\drivers\appid.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\atapi.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\bxvbdx.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\b57nd60x.sys ==> MD5 is legit C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\bowser.sys FCAFAEF6798D7B51FF029F99A9898961 C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\BthEnum.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\bthpan.sys ==> MD5 is legit C:\Windows\System32\Drivers\BTHport.sys 4A34888E13224678DD062466AFEC4240 C:\Windows\System32\Drivers\BTHUSB.sys FA04C63916FA221DBB91FCE153D07A55 C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit C:\Windows\System32\CLFS.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\cmderd.sys D620158051DC6A9D65C863F6E7211F1E C:\Windows\System32\DRIVERS\cmdguard.sys 368DFF8B4EBD9002EB428C45759C3117 C:\Windows\system32\DRIVERS\cmdide.sys ==> MD5 is legit C:\Windows\System32\Drivers\cng.sys ==> MD5 is legit C:\Windows\System32\drivers\CHDRT32.sys 7E82C1CE05B1D50ABE6F876CB845FFCC C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit C:\Windows\System32\Drivers\dfsc.sys 8E09E52EE2E3CEB199EF3DD99CF9E3FB C:\Windows\System32\drivers\discache.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit C:\Windows\System32\drivers\dxgkrnl.sys 39806CFEDDCC55E686A49BCCD2972F23 C:\Windows\system32\DRIVERS\evbdx.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\errdev.sys ==> MD5 is legit C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys B6905802576D480505EE30D6DFE098A6 C:\Windows\System32\DRIVERS\ETD.sys A5991937598DFB9FFAA6CD62BB9F6C68 C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legitB C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit C:\Windows\System32\Drivers\Fs_Rec.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\fvevol.sys 5592F5DBA26282D24D2B080EB438A4D7 C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit C:\Windows\System32\drivers\HdAudio.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\HpSAMD.sys ==> MD5 is legit C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\iaStor.sys 76C3966183BD5382E14CEB6DF97D9709 C:\Windows\system32\DRIVERS\iaStorV.sys 934AF4D7C5F457B9F0743F4299B77B67 C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\IntcDAud.sys 7081EFE4EBF9CBBFF4EB5A3AC478DDC5 C:\Windows\system32\DRIVERS\intelide.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\igdpmd32.sys 0FEB90F92A8AB77A7E5E6BA052138351 C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\IPMIDrv.sys ==> MD5 is legit C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\isapnp.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\msiscsi.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\iusb3hcs.sys B5170AD27CD5AEA07BF763FED91D2E07 C:\Windows\System32\DRIVERS\iusb3hub.sys E2602F2D429F24E61EF77233A3FB0286 C:\Windows\System32\DRIVERS\iusb3xhc.sys A228090BC88479270279C93DB791EFE9 C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\kbdhid.sys ==> MD5 is legit C:\Windows\System32\Drivers\ksecdd.sys ==> MD5 is legit C:\Windows\System32\Drivers\ksecpkg.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\HECI.sys 240D715CFE4FB8F4CDA76F6863E62334 C:\Windows\System32\drivers\modem.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\mpio.sys ==> MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mrxsmb.sys F4A054BE78AF7F410129C4B64B07DC9B C:\Windows\System32\DRIVERS\mrxsmb10.sys DEFFA295BD1895C6ED8E3078412AC60B C:\Windows\System32\DRIVERS\mrxsmb20.sys 24D76ABE5DCAD22F19D105F76FDF0CE1 C:\Windows\System32\DRIVERS\msahci.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\msdsm.sys ==> MD5 is legit C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\msisadrv.sys ==> MD5 is legit C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit C:\Windows\System32\drivers\ndis.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\Netwsn00.sys 84266AA496A6299C638B5A096D01C922 C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit C:\Windows\System32\drivers\nmwcdnsu.sys 4F0DE685A96DC843CCC8A861B3FAC12D C:\Windows\System32\drivers\nmwcdnsuc.sys 578117C0C0CF10D99C8853E83C4BC63C C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit C:\Windows\System32\Drivers\Ntfs.sys 3795DCD21F740EE799FB7223234215AF C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\nvlddmkm.sys B0881DDA5A8160422561FFAB7F0008B1 C:\Windows\system32\DRIVERS\nvraid.sys 3F3D04B1D08D43C16EA7963954EC768D C:\Windows\system32\DRIVERS\nvstor.sys C99F251A5DE63C6F129CF71933ACED0F C:\Windows\system32\DRIVERS\nv_agp.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\ohci1394.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit C:\Windows\System32\drivers\partmgr.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\parvdm.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\pci.sys C858CB77C577780ECC456A892E7E7D0F C:\Windows\system32\DRIVERS\pciide.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rdbss.sys 835D7E81BF517A3B72384BDCC85E1CE6 C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\RDPCDD.sys 1E016846895B15A99F9A176A05029075 C:\Windows\System32\drivers\rdpdr.sys C5FF95883FFEF704D50C40D21CFB3AB5 C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit C:\Windows\System32\Drivers\RDPWD.sys 801371BA9782282892D00AADB08EE367 C:\Windows\System32\drivers\rdyboost.sys 4EA225BF1CF05E158853F30A99CA29A7 C:\Windows\System32\DRIVERS\rfcomm.sys CB928D9E6DAF51879DD6BA8D02F01321 C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit C:\Windows\System32\Drivers\RtsUVStor.sys 1CE8C7BB8529B81AFB866072E1AE8860 C:\Windows\System32\DRIVERS\Rt86win7.sys 568C33723F09B341A11800D5EEA02038 C:\Windows\system32\DRIVERS\vms3cap.sys 5423D8437051E89DD34749F242C98648 C:\Windows\system32\DRIVERS\sbp2port.sys 34EE0C44B724E3E4CE2EFF29126DE5B5 C:\Windows\System32\DRIVERS\scfilter.sys A95C54B2AC3CC9C73FCDF9E51A1D6B51 C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\sffdisk.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\sffp_mmc.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\sffp_sd.sys 4F1E5B0FE7C8050668DBFADE8999AEFB C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\sisagp.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit C:\Windows\System32\Drivers\sptd.sys 1A606A8D611816ADC47D2B25DBEDCB1F C:\Windows\System32\DRIVERS\srv.sys 2BA4EBC7DFBA845A1EDBE1F75913BE33 C:\Windows\System32\DRIVERS\srv2.sys DCE7E10FEAABD4CAE95948B3DE5340BB C:\Windows\System32\DRIVERS\srvnet.sys B5665BAA2120B8A54E22E9CD07C05106 C:\Windows\System32\DRIVERS\StarPortLite.sys 61B8922AFC74F1EBB31E34F43320D2CC C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vmstorfl.sys 957E346CA948668F2496A6CCF6FF82CC C:\Windows\system32\DRIVERS\storvsc.sys D5751969DC3E4B88BF482AC8EC9FE019 C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit C:\Windows\System32\drivers\tcpip.sys 2CC3D75488ABD3EC628BBB9A4FC84EFC C:\Windows\System32\DRIVERS\tcpip.sys 2CC3D75488ABD3EC628BBB9A4FC84EFC C:\Windows\System32\drivers\tcpipreg.sys E64444523ADD154F86567C469BC0B17F C:\Windows\System32\drivers\tdpipe.sys 1875C1490D99E70E449E3AFAE9FCBADF C:\Windows\System32\drivers\tdtcp.sys 7551E91EA999EE9A8E9C331D5A9C31F3 C:\Windows\System32\DRIVERS\tdx.sys CB39E896A2A83702D1737BFD402B3542 C:\Windows\System32\DRIVERS\termdd.sys C36F41EE20E6999DBF4B0425963268A5 C:\Windows\System32\DRIVERS\tssecsrv.sys 98AE6FA07D12CB4EC5CF4A9BFA5F4242 C:\Windows\System32\DRIVERS\tunnel.sys 3E461D890A97F9D4C168F5FDA36E1D00 C:\Windows\System32\DRIVERS\TurboB.sys 04F489BB7F0EAABAFDE7F2611ED4AD63 C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\udfs.sys 09CC3E16F8E5EE7168E01CF8FCBE061A C:\Windows\system32\DRIVERS\uliagpkx.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\umbus.sys 049B3A50B3D646BAEEEE9EEC9B0668DC C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit C:\Windows\System32\drivers\usbaudio.sys 2436A42AAB4AD48A9B714E5B0F344627 C:\Windows\System32\DRIVERS\usbccgp.sys 8455C4ED038EFD09E99327F9D2D48FFA C:\Windows\system32\DRIVERS\usbcir.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\usbehci.sys 1C333BFD60F2FED2C7AD5DAF533CB742 C:\Windows\System32\DRIVERS\usbhub.sys EE6EF93CCFA94FAE8C6AB298273D8AE2 C:\Windows\system32\DRIVERS\usbohci.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\usbscan.sys 576096CCBC07E7C4EA4F5E6686D6888F C:\Windows\System32\DRIVERS\USBSTOR.SYS D8889D56E0D27E57ED4591837FE71D27 C:\Windows\system32\DRIVERS\usbuhci.sys ==> MD5 is legit C:\Windows\System32\Drivers\usbvideo.sys F642A7E4BF78CFA359CCA0A3557C28D7 C:\Windows\System32\DRIVERS\usb8023x.sys D82F43D15FDAA666856C0190CB73E7C9 C:\Windows\System32\DRIVERS\vdrvroot.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit C:\Windows\System32\drivers\vga.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\vhdmp.sys 3BE6E1F3A4F1AFEC8CEE0D7883F93583 C:\Windows\system32\DRIVERS\viaagp.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\viac7.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\viaide.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\vmbus.sys 379B349F65F453D2A6E75EA6B7448E49 C:\Windows\system32\DRIVERS\VMBusHID.sys EC2BBAB4B84D0738C6C83D2234DC36FE C:\Windows\System32\DRIVERS\volmgr.sys 384E5A2AA49934295171E499F86BA6F3 C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\volsnap.sys 58DF9D2481A56EDDE167E51B334D44FD C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vwififlt.sys 7090D3436EEB4E7DA3373090A23448F7 C:\Windows\System32\DRIVERS\vwifimp.sys A3F04CBEA6C2A10E6CB01F8B47611882 C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wanarp.sys 692A712062146E96D28BA0B7D75DE31B C:\Windows\System32\DRIVERS\wanarp.sys 692A712062146E96D28BA0B7D75DE31B C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit C:\Windows\System32\drivers\Wdf01000.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\WinUsb.sys 30FC6E5448D0CBAAA95280EEEF7FEDAE C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit C:\Windows\System32\drivers\WudfPf.sys 6F9B6C0C93232CFF47D0F72D6DB1D21E C:\Windows\System32\DRIVERS\WUDFRd.sys F91FF1E51FCA30B3C3981DB7D5924252 ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-11 22:10 - 2014-08-11 22:11 - 00000000 ____D () C:\FRST 2014-08-11 20:49 - 2014-08-11 20:51 - 00000000 ____D () C:\Windows\System32\sr-Latn-CS 2014-08-11 20:49 - 2014-08-11 20:51 - 00000000 ____D () C:\Windows\System32\ru-RU 2014-08-11 13:09 - 2014-08-11 13:09 - 00118488 _____ () C:\spyhunter.log 2014-08-11 11:07 - 2014-08-11 13:09 - 00138884 _____ () C:\spyhunter.fix 2014-08-11 11:07 - 2013-10-18 14:01 - 00285747 _____ () C:\shldr 2014-08-11 11:07 - 2013-10-18 14:01 - 00008192 _____ () C:\shldr.mbr 2014-08-11 10:27 - 2014-08-11 10:27 - 00002253 _____ () C:\Users\Janusz\Desktop\SpyHunter.lnk 2014-08-11 10:27 - 2014-08-11 10:27 - 00000000 ____D () C:\sh4ldr 2014-08-11 10:26 - 2014-08-11 10:27 - 00000000 ____D () C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP 2014-08-11 10:22 - 2014-08-11 10:23 - 53288644 _____ () C:\Users\Janusz\Downloads\SpyHunter 4.17.6.4336 + SCREEN.rar 2014-08-11 10:11 - 2014-08-11 10:11 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP 2014-08-11 09:34 - 2014-08-11 09:34 - 00000000 _____ () C:\autoexec.bat 2014-08-11 09:33 - 2014-08-11 09:33 - 00000000 ____D () C:\Program Files\Enigma Software Group 2014-08-11 09:32 - 2014-08-11 10:26 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard 2014-08-08 16:56 - 2014-08-08 16:56 - 00000000 ____D () C:\Program Files\Skype 2014-07-24 10:56 - 2014-07-24 10:56 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-07-22 12:48 - 2014-07-22 14:11 - 00017408 _____ () C:\Users\Janusz\Desktop\sprawozdanie.xls 2014-07-18 21:47 - 2014-07-18 21:47 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_ZuneDriver_01_09_00.Wdf 2014-07-18 21:47 - 2014-07-18 21:47 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_Kernel_WinUsb_01009.Wdf 2014-07-18 21:47 - 2014-07-18 21:47 - 00000000 ____D () C:\Windows\System32\pt-PT 2014-07-18 21:47 - 2014-07-18 21:47 - 00000000 ____D () C:\Windows\System32\pt-BR 2014-07-18 21:47 - 2014-07-18 21:47 - 00000000 ____D () C:\Windows\System32\it-IT 2014-07-18 21:47 - 2014-07-18 21:47 - 00000000 ____D () C:\Windows\System32\fr-FR ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-11 22:11 - 2014-08-11 22:10 - 00000000 ____D () C:\FRST 2014-08-11 20:52 - 2009-07-14 00:53 - 00010752 _____ (Microsoft Corporation) C:\Windows\System32\wshirda.dll 2014-08-11 20:52 - 2009-07-14 00:38 - 00268800 _____ (Microsoft Corporation) C:\Windows\System32\Wldap32.dll 2014-08-11 20:52 - 2009-07-14 00:36 - 01037312 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll 2014-08-11 20:52 - 2009-07-14 00:16 - 00857088 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll 2014-08-11 20:52 - 2009-07-14 00:12 - 00288256 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll 2014-08-11 20:52 - 2009-07-14 00:12 - 00099840 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll 2014-08-11 20:51 - 2014-08-11 20:49 - 00000000 ____D () C:\Windows\System32\sr-Latn-CS 2014-08-11 20:51 - 2014-08-11 20:49 - 00000000 ____D () C:\Windows\System32\ru-RU 2014-08-11 20:51 - 2009-07-14 01:12 - 00158208 _____ (Microsoft Corporation) C:\Windows\System32\itircl.dll 2014-08-11 20:51 - 2009-07-14 00:58 - 02515968 _____ (Microsoft Corporation) C:\Windows\System32\dbgeng.dll 2014-08-11 20:51 - 2009-07-14 00:58 - 00854528 _____ (Microsoft Corporation) C:\Windows\System32\dbghelp.dll 2014-08-11 20:51 - 2009-07-14 00:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\System32\iphlpsvc.dll 2014-08-11 20:51 - 2009-07-14 00:46 - 00144896 _____ (Microsoft Corporation) C:\Windows\System32\iscsicli.exe 2014-08-11 20:51 - 2009-07-14 00:46 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\hbaapi.dll 2014-08-11 20:51 - 2009-07-14 00:42 - 20268032 _____ (Microsoft Corporation) C:\Windows\System32\imageres.dll 2014-08-11 20:51 - 2009-07-14 00:41 - 00705536 _____ (Microsoft Corporation) C:\Windows\System32\imagesp1.dll 2014-08-11 20:51 - 2009-07-14 00:39 - 00591360 _____ (Microsoft Corporation) C:\Windows\System32\gpsvc.dll 2014-08-11 20:51 - 2009-07-14 00:39 - 00194560 _____ (Microsoft Corporation) C:\Windows\System32\ListSvc.dll 2014-08-11 20:51 - 2009-07-14 00:39 - 00165376 _____ (Microsoft Corporation) C:\Windows\System32\provsvc.dll 2014-08-11 20:51 - 2009-07-14 00:26 - 00304640 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll 2014-08-11 20:51 - 2009-07-14 00:25 - 00118272 _____ (Microsoft Corporation) C:\Windows\System32\imm32.dll 2014-08-11 20:51 - 2009-07-14 00:25 - 00070656 _____ (Microsoft Corporation) C:\Windows\System32\fontsub.dll 2014-08-11 20:51 - 2009-07-14 00:24 - 00005632 _____ (Microsoft Corporation) C:\Windows\System32\KBDUS.DLL 2014-08-11 20:51 - 2009-07-14 00:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\System32\MuiUnattend.exe 2014-08-11 20:51 - 2009-07-14 00:11 - 00194640 _____ (Microsoft Corporation) C:\Windows\System32\hal.dll 2014-08-11 20:51 - 2009-07-14 00:11 - 00000000 _____ () C:\Windows\System32\halmacpi.dll 2014-08-11 20:50 - 2009-07-14 00:44 - 01495040 _____ (Microsoft Corporation) C:\Windows\System32\ExplorerFrame.dll 2014-08-11 20:50 - 2009-07-14 00:38 - 00550912 _____ (Microsoft Corporation) C:\Windows\System32\samsrv.dll 2014-08-11 20:50 - 2009-07-14 00:38 - 00028672 _____ (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe 2014-08-11 20:50 - 2009-07-14 00:33 - 01684992 _____ (Microsoft Corporation) C:\Windows\System32\esent.dll 2014-08-11 20:50 - 2009-07-14 00:33 - 01086464 _____ (Microsoft Corporation) C:\Windows\System32\wevtsvc.dll 2014-08-11 20:50 - 2009-07-14 00:33 - 00204800 _____ (Microsoft Corporation) C:\Windows\System32\efscore.dll 2014-08-11 20:50 - 2009-07-14 00:28 - 00828928 _____ (Microsoft Corporation) C:\Windows\System32\d2d1.dll 2014-08-11 20:50 - 2009-07-14 00:27 - 00377856 _____ (Microsoft Corporation) C:\Windows\System32\wer.dll 2014-08-11 20:50 - 2009-07-14 00:25 - 00108544 _____ (Microsoft Corporation) C:\Windows\System32\t2embed.dll 2014-08-11 20:50 - 2009-07-14 00:25 - 00093696 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\System32\fms.dll 2014-08-11 20:50 - 2009-07-14 00:22 - 00230912 _____ (Microsoft Corporation) C:\Windows\System32\clusapi.dll 2014-08-11 20:50 - 2009-07-14 00:21 - 00071168 _____ (Microsoft Corporation) C:\Windows\System32\resutils.dll 2014-08-11 20:50 - 2009-07-14 00:15 - 00148992 _____ (Microsoft Corporation) C:\Windows\System32\ifsutil.dll 2014-08-11 20:50 - 2009-07-14 00:12 - 00269824 _____ (Microsoft Corporation) C:\Windows\System32\dnsapi.dll 2014-08-11 20:50 - 2009-07-14 00:12 - 00253440 _____ (Microsoft Corporation) C:\Windows\System32\dhcpcore.dll 2014-08-11 20:50 - 2009-07-14 00:12 - 00132608 _____ (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll 2014-08-11 20:49 - 2009-07-14 01:20 - 00640000 _____ (Microsoft Corporation) C:\Windows\System32\advapi32.dll 2014-08-11 20:49 - 2009-07-14 01:20 - 00309248 _____ (Microsoft Corporation) C:\Windows\System32\actxprxy.dll 2014-08-11 20:49 - 2009-07-14 01:03 - 00194048 _____ (Microsoft Corporation) C:\Windows\System32\winmm.dll 2014-08-11 20:49 - 2009-07-14 00:57 - 00154624 _____ (Microsoft Corporation) C:\Windows\System32\imagehlp.dll 2014-08-11 20:49 - 2009-07-14 00:45 - 01412608 _____ (Microsoft Corporation) C:\Windows\System32\ole32.dll 2014-08-11 20:49 - 2009-07-14 00:39 - 00486912 _____ (Microsoft Corporation) C:\Windows\System32\comdlg32.dll 2014-08-11 20:49 - 2009-07-14 00:39 - 00010240 _____ (Microsoft Corporation) C:\Windows\System32\browseui.dll 2014-08-11 20:49 - 2009-07-14 00:38 - 00202752 _____ (Microsoft Corporation) C:\Windows\System32\activeds.dll 2014-08-11 20:49 - 2009-07-14 00:34 - 01151488 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll 2014-08-11 20:49 - 2009-07-14 00:33 - 00088064 _____ (Microsoft Corporation) C:\Windows\System32\AxInstSv.dll 2014-08-11 20:49 - 2009-07-14 00:16 - 00294400 _____ (Microsoft Corporation) C:\Windows\System32\umpnpmgr.dll 2014-08-11 20:49 - 2009-07-14 00:16 - 00145920 _____ (Microsoft Corporation) C:\Windows\System32\cfgmgr32.dll 2014-08-11 20:49 - 2009-07-14 00:14 - 00292352 _____ (Microsoft Corporation) C:\Windows\System32\apphelp.dll 2014-08-11 20:49 - 2009-07-14 00:13 - 00049664 _____ (Microsoft Corporation) C:\Windows\System32\setbcdlocale.dll 2014-08-11 20:49 - 2009-07-14 00:12 - 00072704 _____ (Microsoft Corporation) C:\Windows\System32\cabinet.dll 2014-08-11 20:49 - 2009-07-14 00:11 - 00442920 _____ (Microsoft Corporation) C:\Windows\System32\winresume.exe 2014-08-11 20:49 - 2009-07-14 00:11 - 00044032 _____ (Microsoft Corporation) C:\Windows\System32\basesrv.dll 2014-08-11 20:48 - 2010-08-02 23:04 - 00000000 ____D () C:\Windows\System32\Drivers\pl-PL 2014-08-11 20:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\System32\LogFiles 2014-08-11 13:09 - 2014-08-11 13:09 - 00118488 _____ () C:\spyhunter.log 2014-08-11 13:09 - 2014-08-11 11:07 - 00138884 _____ () C:\spyhunter.fix 2014-08-11 13:08 - 2013-11-10 07:40 - 00000000 ____D () C:\ProgramData\eSafe 2014-08-11 11:07 - 2013-11-10 07:42 - 01474832 _____ () C:\Windows\System32\Drivers\sfi.dat 2014-08-11 11:07 - 2013-07-06 16:16 - 00000000 ____D () C:\Users\Janusz\AppData\Roaming\OpenCandy 2014-08-11 11:07 - 2012-07-13 13:03 - 01895904 _____ () C:\Windows\WindowsUpdate.log 2014-08-11 10:47 - 2009-07-14 05:34 - 00016944 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-08-11 10:47 - 2009-07-14 05:34 - 00016944 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-08-11 10:40 - 2013-03-04 23:30 - 00000000 ____D () C:\Users\Janusz\AppData\Roaming\GG 2014-08-11 10:39 - 2012-07-13 13:01 - 00186734 _____ () C:\Windows\setupact.log 2014-08-11 10:27 - 2014-08-11 10:27 - 00002253 _____ () C:\Users\Janusz\Desktop\SpyHunter.lnk 2014-08-11 10:27 - 2014-08-11 10:27 - 00000000 ____D () C:\sh4ldr 2014-08-11 10:27 - 2014-08-11 10:26 - 00000000 ____D () C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP 2014-08-11 10:26 - 2014-08-11 09:32 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard 2014-08-11 10:23 - 2014-08-11 10:22 - 53288644 _____ () C:\Users\Janusz\Downloads\SpyHunter 4.17.6.4336 + SCREEN.rar 2014-08-11 10:11 - 2014-08-11 10:11 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP 2014-08-11 09:34 - 2014-08-11 09:34 - 00000000 _____ () C:\autoexec.bat 2014-08-11 09:33 - 2014-08-11 09:33 - 00000000 ____D () C:\Program Files\Enigma Software Group 2014-08-11 09:15 - 2013-03-25 18:28 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe 2014-08-11 09:15 - 2013-03-25 18:28 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl 2014-08-11 08:53 - 2009-07-14 05:52 - 00000000 ____D () C:\Windows\System32\FxsTmp 2014-08-10 03:17 - 2010-08-02 23:05 - 00737480 _____ () C:\Windows\System32\perfh015.dat 2014-08-10 03:17 - 2010-08-02 23:05 - 00154136 _____ () C:\Windows\System32\perfc015.dat 2014-08-10 03:17 - 2010-06-21 12:39 - 02523724 _____ () C:\Windows\System32\PerfStringBackup.INI 2014-08-10 03:17 - 2009-07-14 09:41 - 00713824 _____ () C:\Windows\System32\perfh019.dat 2014-08-10 03:17 - 2009-07-14 09:41 - 00148866 _____ () C:\Windows\System32\perfc019.dat 2014-08-09 14:20 - 2013-05-17 14:02 - 00000000 ____D () C:\Users\Janusz\Documents\VirtualDJ 2014-08-08 16:56 - 2014-08-08 16:56 - 00000000 ____D () C:\Program Files\Skype 2014-08-05 20:10 - 2013-03-25 18:35 - 00029042 _____ () C:\Users\Janusz\Desktop\JANUSZ.ods 2014-08-02 00:50 - 2014-05-26 11:58 - 00000000 ____D () C:\Users\Janusz\Downloads\impreza 07.06.2014 2014-07-25 14:36 - 2012-07-14 11:54 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-07-24 23:08 - 2014-06-28 09:43 - 00000000 ____D () C:\Users\Janusz\Desktop\Wesele Aga i Łukasz 2014-07-24 10:56 - 2014-07-24 10:56 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-07-22 20:14 - 2014-06-01 00:17 - 00000000 ____D () C:\Users\Janusz\Desktop\rap 2014-07-22 14:11 - 2014-07-22 12:48 - 00017408 _____ () C:\Users\Janusz\Desktop\sprawozdanie.xls 2014-07-19 23:27 - 2014-02-27 21:48 - 00017053 _____ () C:\Users\Janusz\Desktop\opis bmw.odt 2014-07-18 21:47 - 2014-07-18 21:47 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_ZuneDriver_01_09_00.Wdf 2014-07-18 21:47 - 2014-07-18 21:47 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_Kernel_WinUsb_01009.Wdf 2014-07-18 21:47 - 2014-07-18 21:47 - 00000000 ____D () C:\Windows\System32\pt-PT 2014-07-18 21:47 - 2014-07-18 21:47 - 00000000 ____D () C:\Windows\System32\pt-BR 2014-07-18 21:47 - 2014-07-18 21:47 - 00000000 ____D () C:\Windows\System32\it-IT 2014-07-18 21:47 - 2014-07-18 21:47 - 00000000 ____D () C:\Windows\System32\fr-FR 2014-07-18 21:47 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\System32\nl-NL 2014-07-18 21:47 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\System32\de-DE 2014-07-12 10:44 - 2013-03-04 23:30 - 00000000 ____D () C:\Users\Janusz\AppData\Local\GG Some content of TEMP: ==================== C:\Users\Janusz\AppData\Local\Temp\SHSetup.exe ==================== Known DLLs (Whitelisted) ============ C:\Windows\System32\Setupapi.dll IS MISSING <==== ATTENTION!. C:\Windows\System32\SHLWAPI.dll IS MISSING <==== ATTENTION!. ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe [2009-07-14 00:41] - [2010-08-03 14:39] - 3144704 ____A (Microsoft Corporation) 08029ADC4B734BF36B7C17A1C2DBC54E C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll [2009-07-14 00:24] - [2010-06-04 08:53] - 0808448 ____A (Microsoft Corporation) 3D7778DA786063D589EA56D928A39FB1 C:\Windows\System32\userinit.exe IS MISSING <==== ATTENTION!. C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== Restore Points ========================= Restore point made on: 2014-03-29 13:15:48 Restore point made on: 2014-04-10 18:28:21 Restore point made on: 2014-04-18 08:17:04 Restore point made on: 2014-04-29 20:50:10 Restore point made on: 2014-05-07 18:44:04 Restore point made on: 2014-05-15 19:52:55 Restore point made on: 2014-05-23 14:06:25 Restore point made on: 2014-06-06 14:16:31 Restore point made on: 2014-06-12 17:52:44 Restore point made on: 2014-06-23 18:37:24 Restore point made on: 2014-07-05 13:50:06 Restore point made on: 2014-07-06 05:55:20 Restore point made on: 2014-08-01 14:46:22 Restore point made on: 2014-08-02 18:11:24 Restore point made on: 2014-08-11 09:33:27 Restore point made on: 2014-08-11 10:11:04 Restore point made on: 2014-08-11 10:26:42 ==================== BCD ================================ Nie moľna otworzy† magazynu danych konfiguracji rozruchu. Nie moľna odnale«† ľĄdanego urzĄdzenia systemowego. ==================== Memory info =========================== Percentage of memory in use: 7% Total physical RAM: 8094.36 MB Available physical RAM: 7509.49 MB Total Pagefile: 8092.63 MB Available Pagefile: 7517.27 MB Total Virtual: 2047.88 MB Available Virtual: 1950.21 MB ==================== Drives ================================ Drive c: (SYSTEM-R7) (Fixed) (Total:195.31 GB) (Free:136.4 GB) NTFS Drive e: () (Fixed) (Total:736.1 GB) (Free:688.53 GB) NTFS Drive f: (Win7pl-w-code5-patch) (CDROM) (Total:3.41 GB) (Free:0 GB) UDF Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Drive y: (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 161127E2) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=195 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=736 GB) - (Type=07 NTFS) LastRegBack: 2014-07-28 13:42 ==================== End Of Log ============================