Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:18-10-2015 Ran by SYSTEM on MININT-RRGOGQQ (18-10-2015 15:07:29) Running from D:\ Platform: Windows 7 Ultimate E (X86) Language: English (United States) Internet Explorer Version 11 Boot Mode: Recovery Default: ControlSet002 [b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b] Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9808488 2010-11-02] (Realtek Semiconductor) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [3080264 2011-09-22] (ESET) HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-30] (Microsoft Corporation) HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-30] (Microsoft Corporation) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation) HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [748256 2014-09-15] (Advanced Micro Devices, Inc.) HKU\Admin\...\Run: [AlcoholAutomount] => C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [33120 2009-11-15] (Alcohol Soft Development Team) HKU\Admin\...\Run: [AdMunchUDa.exe] => C:\Program Files\Ad Muncher\AdMunchUDa.exe [677415 2011-06-26] () HKU\Admin\...\Run: [] => [X] Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-09-18] ShortcutTarget: Dropbox.lnk -> (No File) GroupPolicyScripts: Restriction <======= ATTENTION ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2012-12-19] (Advanced Micro Devices, Inc.) S2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [974944 2011-09-22] (ESET) S2 HPSLPSVC; C:\Users\Admin\AppData\Local\Temp\7zS045D\hpslpsvc32.dll [701288 2011-11-14] (Hewlett-Packard Co.) S2 libusbd; C:\Windows\System32\libusbd-nt.exe [18944 2005-03-09] (http://libusb-win32.sourceforge.net) S2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [80896 2011-03-31] () S2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 AODDriver4.01; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [50400 2014-02-11] (Advanced Micro Devices) S2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [50400 2014-02-11] (Advanced Micro Devices) S2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [163424 2011-08-09] (ESET) S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [118104 2011-08-04] (ESET) S2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [103112 2011-08-04] (ESET) S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [62216 2012-04-13] (FTDI Ltd.) S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.) S3 libusb0; C:\Windows\System32\drivers\libusb0.sys [28672 2007-03-20] (http://libusb-win32.sourceforge.net) S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [99400 2012-05-12] (MotioninJoy) S3 RTCore32; C:\Program Files\MSI Afterburner\RTCore32.sys [5632 2011-09-06] () S3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [204448 2010-05-24] (Realtek Semiconductor Corp.) S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [89256 2008-05-16] (MCCI Corporation) S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [15016 2008-05-16] (MCCI Corporation) S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [120744 2008-05-16] (MCCI Corporation) S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [114216 2008-05-16] (MCCI Corporation) S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [25512 2008-05-16] (MCCI Corporation) S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [110632 2008-05-16] (MCCI Corporation) S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [115752 2008-05-16] (MCCI Corporation) S3 SE27bus; C:\Windows\System32\DRIVERS\SE27bus.sys [61600 2006-09-18] (MCCI) S3 SE27mdfl; C:\Windows\System32\DRIVERS\SE27mdfl.sys [9360 2006-09-18] (MCCI) S3 SE27mdm; C:\Windows\System32\DRIVERS\SE27mdm.sys [97184 2006-09-18] (MCCI) S3 SE27mgmt; C:\Windows\System32\DRIVERS\SE27mgmt.sys [88688 2006-09-18] (MCCI) S3 SE27obex; C:\Windows\System32\DRIVERS\SE27obex.sys [86560 2006-09-18] (MCCI) S3 se27unic; C:\Windows\System32\DRIVERS\se27unic.sys [90800 2006-09-18] (MCCI) S0 sptd; C:\Windows\System32\Drivers\sptd.sys [428088 2011-11-27] (Duplex Secure Ltd.) S3 StMp3Rec; C:\Windows\System32\Drivers\StMp3Rec.sys [19840 2007-01-04] (Generic) S3 GPU-Z; \??\C:\Users\Admin\AppData\Local\Temp\GPU-Z.sys [X] S3 lgbusenum; system32\DRIVERS\lgbtbus.sys [X] S3 usbbus; system32\DRIVERS\lgusbbus.sys [X] S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [X] S3 USBModem; system32\DRIVERS\lgusbmodem.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-10-18 15:07 - 2015-10-18 15:07 - 00000000 ____D C:\FRST 2015-10-18 13:35 - 2009-07-13 19:05 - 00193118 _____ C:\pending.xml ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-10-18 13:28 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\LogFiles 2015-10-18 04:58 - 2014-05-09 10:21 - 00000000 ____D C:\ProgramData\NVIDIA Some files in TEMP: ==================== C:\Users\Admin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpoppudf.dll C:\Users\Admin\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe C:\Users\Admin\AppData\Local\Temp\tmp6135.exe ==================== Known DLLs (Whitelisted) ========================= ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\dnsapi.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE Association (Whitelisted) ============= ==================== Restore Points ========================= ==================== Memory info =========================== Percentage of memory in use: 13% Total physical RAM: 4093.55 MB Available physical RAM: 3541.68 MB Total Virtual: 4091.83 MB Available Virtual: 3543.79 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:75.03 GB) (Free:1.78 GB) NTFS Drive d: () (Fixed) (Total:195.31 GB) (Free:43.08 GB) NTFS Drive e: () (Fixed) (Total:195.31 GB) (Free:51.1 GB) NTFS Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Drive y: (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 28.1 GB) (Disk ID: 41FC3D5C) Partition 1: (Active) - (Size=26.9 GB) - (Type=83) Partition 2: (Not Active) - (Size=1.2 GB) - (Type=05) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 5CE9939E) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=75 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=390.6 GB) - (Type=OF Extended) LastRegBack: 2014-11-05 23:42 ==================== End of FRST.txt ============================