Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-04-2014 01 Ran by Marta (administrator) on DELLMARTA on 16-04-2014 18:07:32 Running from H:\ Windows 7 Professional Service Pack 1 (X64) OS Language: Polish Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Validity Sensors, Inc.) C:\Windows\system32\vcsFPService.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe (Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe (Conexant Systems, Inc.) C:\Program Files\Conexant\SA3\CxUtilSvc.exe (Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe (Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe (DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe (Atheros Communications) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe (Conexant Systems, Inc.) C:\Program Files\Conexant\SA3\SmartAudio3.exe (Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DPAgent.exe () C:\Program Files (x86)\Launchy\Launchy.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe (Dell) C:\Users\Marta\AppData\Local\Apps\2.0\KN5P2JYO.88K\9C3ALHN3.54D\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Marek Jasinski - www.FreeCommander.com) C:\Program Files (x86)\FreeCommander\FreeCommander.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe (TeamViewer GmbH) C:\Users\Marta\AppData\Local\Temp\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH) C:\Users\Marta\AppData\Local\Temp\TeamViewer\Version8\tv_w32.exe (TeamViewer GmbH) C:\Users\Marta\AppData\Local\Temp\TeamViewer\Version8\tv_x64.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation) c:\program files\windows defender\MpCmdRun.exe (Microsoft Corporation) C:\Windows\system32\wbem\WMIADAP.EXE ==================== Registry (Whitelisted) ================== HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\btvstack.exe [1023104 2012-10-16] (Atheros Communications) HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\athbttray.exe [801920 2012-10-16] (Atheros Commnucations) HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [682904 2012-09-20] (Alps Electric Co., Ltd.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SA3\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [4391072 2012-06-11] (Dell Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3567800 2013-10-18] (AVAST Software) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [290688 2012-10-24] (Intel Corporation) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2014-02-11] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039240 2013-12-26] (Adobe Systems Incorporated) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe, Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2785496558-2735700387-205125986-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd) HKU\S-1-5-21-2785496558-2735700387-205125986-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21822128 2014-01-30] (Google) HKU\S-1-5-21-2785496558-2735700387-205125986-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20924064 2014-02-10] (Skype Technologies S.A.) HKU\S-1-5-21-2785496558-2735700387-205125986-1000\...\Run: [Google Update] => C:\Users\Marta\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-03-31] (Google Inc.) HKU\S-1-5-21-2785496558-2735700387-205125986-1000\...\Run: [DellSystemDetect] => C:\Users\Marta\AppData\Local\Apps\2.0\KN5P2JYO.88K\9C3ALHN3.54D\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe [258160 2014-04-15] (Dell) HKU\S-1-5-21-2785496558-2735700387-205125986-1000\...\RunOnce: [Application Restart #2] - C:\Users\Marta\AppData\Local\Temp\\Creative Cloud Helper.exe [346000 2014-03-09] (Adobe Systems Incorporated) HKU\S-1-5-21-2785496558-2735700387-205125986-1000\...\MountPoints2: F - F:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-2785496558-2735700387-205125986-1000\...\MountPoints2: {05b7a609-4b82-11e3-abc3-0c84dc8e0980} - F:\AutoRun.exe HKU\S-1-5-21-2785496558-2735700387-205125986-1000\...\MountPoints2: {05b7a618-4b82-11e3-abc3-0c84dc8e0980} - F:\AutoRun.exe HKU\S-1-5-21-2785496558-2735700387-205125986-1000\...\MountPoints2: {1e6d1507-3bed-11e3-b88b-0c84dc8e0980} - F:\Setup.exe HKU\S-1-5-21-2785496558-2735700387-205125986-1000\...\MountPoints2: {4f2247fa-4525-11e3-bbea-0c84dc8e0980} - F:\Windows/AutoRun.exe HKU\S-1-5-21-2785496558-2735700387-205125986-1000\...\MountPoints2: {59286fa2-af3b-11e3-a0bb-0c84dc8e0980} - F:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-2785496558-2735700387-205125986-1000\...\MountPoints2: {66c5a6db-3799-11e3-867b-0c84dc8e0980} - G:\SETUP.EXE HKU\S-1-5-21-2785496558-2735700387-205125986-1000\...\MountPoints2: {c919549d-53a0-11e3-b57f-364b50b7efa2} - F:\AutoRun.exe HKU\S-1-5-21-2785496558-2735700387-205125986-1000\...\MountPoints2: {c91956c6-53a0-11e3-b57f-364b50b7efa2} - F:\AutoRun.exe HKU\S-1-5-21-2785496558-2735700387-205125986-1000\...\MountPoints2: {c9195743-53a0-11e3-b57f-364b50b7efa2} - F:\AutoRun.exe AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [247144 2012-10-03] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [203112 2012-10-03] (NVIDIA Corporation) Lsa: [Notification Packages] DPPassFilter scecli ==================== Internet (Whitelisted) ==================== BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - No File Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 FireFox: ======== FF ProfilePath: C:\Users\Marta\AppData\Roaming\Mozilla\Firefox\Profiles\3njkjexp.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Marta\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Marta\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Marta\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Marta\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Marta\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Marta\AppData\Roaming\mozilla\plugins\npo1d.dll (Google) FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-18] FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [] Chrome: ======= CHR Extension: (Dokumenty Google) - C:\Users\Marta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-18] CHR Extension: (Dysk Google) - C:\Users\Marta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-18] CHR Extension: (YouTube) - C:\Users\Marta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-18] CHR Extension: (Szukaj w Google) - C:\Users\Marta\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-18] CHR Extension: (avast! Online Security) - C:\Users\Marta\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-10-18] CHR Extension: (Google Wallet) - C:\Users\Marta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-18] CHR Extension: (Gmail) - C:\Users\Marta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-18] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-10-18] ==================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-10-18] (AVAST Software) R2 CxUtilSvc; C:\Program Files\Conexant\SA3\CxUtilSvc.exe [109184 2013-10-18] (Conexant Systems, Inc.) R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [327296 2012-10-16] (Atheros) R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2012-10-25] (Atheros) ==================== Drivers (Whitelisted) ==================== R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-10-18] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-10-18] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-18] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-18] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-10-18] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-11-12] (AVAST Software) R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-10-18] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-10-18] () R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-10-18] (Disc Soft Ltd) S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114560 2009-07-24] (Huawei Technologies Co., Ltd.) R3 L1c; C:\Windows\System32\DRIVERS\L1C60x64.sys [120520 2013-04-03] (Qualcomm Atheros Co., Ltd.) R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [68208 2012-05-21] (STMicroelectronics) S3 TDKLIB; C:\Users\Marta\AppData\Local\Temp\TdkLib64.sys [19336 2013-12-05] () ========================== Drivers MD5 ======================= C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit C:\Windows\system32\drivers\afd.sys 79059559E89D06E8B80CE2944BE20228 C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49 C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048 C:\Windows\System32\DRIVERS\Apfiltr.sys B05D249879ED6B04D4C4C9C88AF2BD44 C:\Windows\system32\drivers\appid.sys ==> MD5 is legit C:\Windows\system32\drivers\arc.sys ==> MD5 is legit C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit C:\Windows\system32\drivers\aswFsBlk.sys 79EB7B1733F0EA220C95335795C806EB C:\Windows\system32\drivers\aswMonFlt.sys 9FB1012D9EE3B9510FAA4C8D34DECD1C C:\Windows\system32\drivers\aswRdr2.sys 679712B7A353EE665B9301592164A172 C:\Windows\System32\Drivers\aswRvrt.sys C04F7B373881009D7994D9BF55D24AB4 C:\Windows\system32\drivers\aswSnx.sys DF97409EBD35C5A40AF5594806724F75 C:\Windows\system32\drivers\aswSP.sys 79ADA401A6E2054F110E7FBDFAC71942 C:\Windows\system32\drivers\aswTdi.sys 47BC12AC7D5B4F8D2086C6EAD759355E C:\Windows\System32\Drivers\aswVmm.sys 59787B95DD9CA44CB139D96863438587 C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\btath_flt.sys 78B183A794A08978EA0A8D017054352B C:\Windows\System32\DRIVERS\athrx.sys AABDE4567518EAE8E0C1E4BB8837E209 C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit C:\Windows\System32\drivers\btath_a2dp.sys 26D5F579D12FA37224CC32F2F4BB4FA8 C:\Windows\System32\drivers\btath_avdt.sys 38B5D9ACC7BC80E737F8F86127B6B47B C:\Windows\System32\DRIVERS\btath_bus.sys 3FE1E64011BF4EA727AD0C8A26C303C2 C:\Windows\System32\DRIVERS\btath_hcrp.sys 6EFA8C93009E0BE0886C2422C7D20BC5 C:\Windows\System32\DRIVERS\btath_lwflt.sys E6BAD29E234AA5BDF003479DC33AC553 C:\Windows\System32\DRIVERS\btath_rcp.sys 5DDA87869BBCEC62A866211CB7B5DE9E C:\Windows\System32\DRIVERS\btfilter.sys AB85FB6A9B4E778666B3E87B65F84A62 C:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315 C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4 C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37 C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit C:\Windows\System32\CLFS.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706 C:\Windows\System32\drivers\CHDRT64.sys D154861655575786335549F3208B133F C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit C:\Windows\System32\drivers\csc.sys ==> MD5 is legit C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit C:\Windows\System32\drivers\discache.sys ==> MD5 is legit C:\Windows\System32\drivers\disk.sys ==> MD5 is legit C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415 C:\Windows\System32\DRIVERS\Dot4.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\Dot4Prt.sys E9F5969233C5D89F3C35E3A66A52A361 C:\Windows\System32\DRIVERS\Dot4Scan.sys 488669CD1CD3BDCFDD9A5FDA72209069 C:\Windows\System32\DRIVERS\dot4usb.sys ==> MD5 is legit C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\dtsoftbus01.sys 6A0E850DDCB136AA3D2FB7234382DF12 C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52 C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0 C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ewusbmdm.sys 8F9B0FC4EC3A8194BD4CBC5ED3E7ABEB C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ewusbdev.sys 230C041AF8DF1D2308C3AC5146E3FF4F C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366 C:\Windows\System32\DRIVERS\igdkmd64.sys A1CF07D24EDCDC6870535471654D957C C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\IntcDAud.sys F5495B38BFB9149925F54F65AB40EFBF C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6 C:\Windows\System32\DRIVERS\iusb3hcs.sys C8A3C909F0EFF13CAE0C17503B1F5DB2 C:\Windows\System32\DRIVERS\iusb3hub.sys BB47E889BA2ADB7D1A438F9824F5899B C:\Windows\System32\DRIVERS\iusb3xhc.sys 7971B368F36042A0EC31FEA15945187B C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit C:\Windows\System32\Drivers\ksecdd.sys 8F489706472F7E9A06BAAA198703FA64 C:\Windows\System32\Drivers\ksecpkg.sys 868A2CAAB12EFC7A021682BCA0EEC54C C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\L1C60x64.sys 42460D5D830CFD253AA26EFCB6AF0F85 C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\HECIx64.sys 772A1DEEDFDBC244183B5C805D1B7D85 C:\Windows\System32\drivers\modem.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404 C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163 C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88 C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2 C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\nvlddmkm.sys BF511EA915B5AB3347AC134A2D0DD176 C:\Windows\System32\DRIVERS\nvpciflt.sys 6DCFF47AD5B596563404413FBF6FD39D C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit C:\Windows\system32\drivers\parport.sys ==> MD5 is legit C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C C:\Windows\System32\drivers\pci.sys ==> MD5 is legit C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit C:\Windows\system32\drivers\processr.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932 C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit C:\Windows\System32\Drivers\RtsUVStor.sys 8EB6DCEB7473C232D8BC9A886E3183AC C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit C:\Windows\system32\drivers\serial.sys ==> MD5 is legit C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28 C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3 C:\Windows\System32\DRIVERS\stdcfltn.sys E4EA2412FB1B8AEE33667A9CC6D456A4 C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ST_ACCEL.sys 8BA37304516F9B637FB140DD58B5D88C C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit C:\Windows\System32\drivers\tcpip.sys 40AF23633D197905F03AB5628C558C51 C:\Windows\System32\DRIVERS\tcpip.sys 40AF23633D197905F03AB5628C558C51 C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC C:\Users\Marta\AppData\Local\Temp\TdkLib64.sys 4124DE3CB72F5DFD7288389862B03F2A C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8 C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09 C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit C:\Windows\system32\drivers\TsUsbGD.sys 9CC2CCAE8A84820EAECB886D477CBCB8 C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31 C:\Windows\System32\DRIVERS\usbehci.sys 18A85013A3E0F7E1755365D287443965 C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6 C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3 C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7 C:\Windows\System32\DRIVERS\usb8023x.sys 7B28E2FBE75115660FAB31079C0A9F29 C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit C:\Windows\System32\drivers\vga.sys ==> MD5 is legit C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit C:\Windows\system32\drivers\wd.sys ==> MD5 is legit C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8 C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\WinUSB.sys FE88B288356E7B47B74B13372ADD906D C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659 ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-16 18:07 - 2014-04-16 18:07 - 00000000 ____D () C:\FRST 2014-04-15 13:41 - 2014-04-15 13:53 - 53706480 _____ () C:\Users\Marta\Desktop\prezentacja_se_3.mov 2014-04-15 13:09 - 2014-04-15 13:10 - 56964695 _____ () C:\Users\Marta\Desktop\prezentacja_se_2.mov 2014-04-15 12:49 - 2014-04-15 12:49 - 00000000 ____D () C:\Users\Marta\Desktop\trailer 2014-04-15 11:57 - 2014-04-15 11:57 - 03972256 _____ () C:\Users\Marta\Desktop\prezentacja_se_v3.zip 2014-04-15 11:27 - 2014-04-15 11:58 - 00000000 ____D () C:\Users\Marta\Desktop\prezentacja_se_v3 2014-04-15 09:41 - 2014-04-15 09:41 - 00000000 ___RD () C:\Users\Marta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2014-04-15 09:19 - 2014-04-15 09:35 - 00000000 ____D () C:\Users\Marta\Desktop\analiza systemu 2014-04-15 09:12 - 2014-04-15 09:13 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask 2014-04-15 09:12 - 2014-04-15 09:12 - 00000000 ____D () C:\Users\Marta\AppData\Roaming\Dell 2014-04-15 09:11 - 2014-04-15 09:11 - 00000000 ____D () C:\ProgramData\PCDr 2014-04-15 09:11 - 2014-04-15 09:11 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows 2014-04-15 09:11 - 2014-04-15 09:11 - 00000000 ____D () C:\Program Files\Dell Support Center 2014-04-15 09:10 - 2014-04-15 09:11 - 00000000 ____D () C:\Program Files\My Dell 2014-04-15 09:07 - 2014-04-15 09:07 - 00000000 ____D () C:\Users\Marta\AppData\Roaming\PCDr 2014-04-15 09:06 - 2014-04-15 09:07 - 00000000 ____D () C:\Users\Marta\AppData\Local\Deployment 2014-04-15 09:06 - 2014-04-15 09:06 - 00000000 ____D () C:\Users\Marta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell 2014-04-15 09:06 - 2014-04-15 09:06 - 00000000 ____D () C:\Users\Marta\AppData\Local\Apps\2.0 2014-04-15 08:59 - 2014-04-15 08:59 - 00046652 _____ () C:\Users\Public\Documents\cc_20140415_085911.reg 2014-04-11 11:55 - 2014-04-11 12:08 - 00067072 _____ () C:\Users\Marta\Desktop\Budzet_Wsparcie_sprzedazy_2014-04-11.xls 2014-04-09 09:23 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-04-09 09:23 - 2014-03-31 03:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-04-09 09:23 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-04-09 09:23 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-04-09 09:17 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-04-09 09:17 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2014-04-09 09:17 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2014-04-09 09:17 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2014-04-09 09:17 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2014-04-09 09:17 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2014-04-09 09:17 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2014-04-09 09:17 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2014-04-09 09:17 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2014-04-09 09:17 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2014-04-09 09:17 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2014-04-09 09:17 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-04-09 09:17 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-04-09 09:17 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2014-04-09 09:17 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll 2014-04-09 09:17 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll 2014-04-09 09:17 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2014-04-08 20:00 - 2014-04-09 08:36 - 58360916 _____ () C:\Users\Marta\Desktop\DSC09294b.psd 2014-04-07 13:16 - 2014-04-07 13:21 - 00000000 ____D () C:\test 2014-04-07 11:36 - 2014-04-07 11:36 - 00041183 _____ () C:\Users\Marta\Desktop\Projekty_2014-04-07.xlsx 2014-04-04 18:14 - 2014-04-04 18:39 - 00000000 ____D () C:\Users\Marta\Desktop\MSP 2014-04-03 11:34 - 2014-04-03 11:34 - 00000000 ____D () C:\Users\Marta\Desktop\prezentacja_se_ 2014-04-02 12:20 - 2014-04-16 17:25 - 00001058 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2785496558-2735700387-205125986-1000UA.job 2014-04-02 12:20 - 2014-04-16 12:25 - 00001006 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2785496558-2735700387-205125986-1000Core.job 2014-04-02 12:20 - 2014-04-02 12:20 - 00004028 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2785496558-2735700387-205125986-1000UA 2014-04-02 12:20 - 2014-04-02 12:20 - 00003632 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2785496558-2735700387-205125986-1000Core 2014-03-31 12:17 - 2014-03-31 12:18 - 06964080 _____ (TeamViewer GmbH) C:\Users\Marta\Desktop\TeamViewer_Setup.exe 2014-03-28 17:00 - 2014-03-28 17:00 - 00000000 ____D () C:\Users\Marta\Desktop\prezentacja_se 2014-03-28 09:30 - 2014-03-28 09:30 - 00000000 ____D () C:\Users\Marta\AppData\Local\Skype 2014-03-26 12:25 - 2014-03-26 12:33 - 00000000 ____D () C:\Users\Marta\AppData\Local\Thunderbird 2014-03-24 16:01 - 2014-04-07 13:53 - 00042883 _____ () C:\Users\Marta\Desktop\Projekty_2014-03-24.xlsx 2014-03-24 15:04 - 2014-03-24 15:04 - 00040459 _____ () C:\Users\Marta\Desktop\analiza wsparcie sprzedazy_2014-03-18 (Automatycznie zapisany).xlsx 2014-03-20 14:56 - 2014-03-20 14:56 - 21383168 _____ () C:\Users\Marta\Desktop\Oferta_gra_SzkoleniowaOczyszczalniaSciekow.ppt 2014-03-20 14:20 - 2014-03-20 14:20 - 00000000 ____D () C:\Users\Marta\Desktop\pzu 2014-03-20 14:11 - 2014-03-20 14:11 - 21896564 _____ () C:\Users\Marta\Desktop\pzu.zip 2014-03-19 10:02 - 2014-03-19 10:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-03-18 15:42 - 2014-03-31 15:22 - 00040472 _____ () C:\Users\Marta\Desktop\analiza wsparcie sprzedazy_2014-03-18.xlsx 2014-03-18 12:09 - 2014-03-19 09:51 - 00000000 ____D () C:\Users\Marta\AppData\OICE_15_974FA576_32C1D314_3B68 2014-03-18 12:08 - 2014-04-15 14:16 - 00013490 _____ () C:\Users\Marta\Desktop\raport_wg_uzytkownikow_i_projektow.xls 2014-03-17 15:16 - 2014-03-17 15:29 - 00000000 ____D () C:\Users\Marta\AppData\OICE_15_974FA576_32C1D314_938 ==================== One Month Modified Files and Folders ======= 2014-04-16 18:07 - 2014-04-16 18:07 - 00000000 ____D () C:\FRST 2014-04-16 18:02 - 2013-10-18 14:07 - 00000000 ____D () C:\Users\Marta\AppData\Roaming\Skype 2014-04-16 18:01 - 2013-10-18 11:13 - 01114563 _____ () C:\Windows\WindowsUpdate.log 2014-04-16 17:59 - 2013-10-18 13:08 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-16 17:40 - 2013-10-18 13:15 - 00001046 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-04-16 17:25 - 2014-04-02 12:20 - 00001058 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2785496558-2735700387-205125986-1000UA.job 2014-04-16 14:44 - 2014-03-04 11:07 - 00005106 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for DELLMARTA-Marta DellMarta 2014-04-16 14:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-04-16 13:40 - 2013-10-18 13:15 - 00001042 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-04-16 12:58 - 2013-10-19 14:48 - 00000000 ____D () C:\00_oferta 2014-04-16 12:25 - 2014-04-02 12:20 - 00001006 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2785496558-2735700387-205125986-1000Core.job 2014-04-16 08:55 - 2011-02-04 19:38 - 00740446 _____ () C:\Windows\system32\perfh015.dat 2014-04-16 08:55 - 2011-02-04 19:38 - 00155988 _____ () C:\Windows\system32\perfc015.dat 2014-04-16 08:55 - 2009-07-14 07:13 - 01669606 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-04-16 08:53 - 2013-11-13 09:16 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-04-16 08:53 - 2013-10-18 13:07 - 00000000 ____D () C:\Users\Marta\AppData\Local\Adobe 2014-04-15 14:16 - 2014-03-18 12:08 - 00013490 _____ () C:\Users\Marta\Desktop\raport_wg_uzytkownikow_i_projektow.xls 2014-04-15 13:53 - 2014-04-15 13:41 - 53706480 _____ () C:\Users\Marta\Desktop\prezentacja_se_3.mov 2014-04-15 13:10 - 2014-04-15 13:09 - 56964695 _____ () C:\Users\Marta\Desktop\prezentacja_se_2.mov 2014-04-15 12:54 - 2013-10-21 08:50 - 00000000 ___RD () C:\Users\Marta\Dysk Google 2014-04-15 12:49 - 2014-04-15 12:49 - 00000000 ____D () C:\Users\Marta\Desktop\trailer 2014-04-15 11:58 - 2014-04-15 11:27 - 00000000 ____D () C:\Users\Marta\Desktop\prezentacja_se_v3 2014-04-15 11:57 - 2014-04-15 11:57 - 03972256 _____ () C:\Users\Marta\Desktop\prezentacja_se_v3.zip 2014-04-15 09:41 - 2014-04-15 09:41 - 00000000 ___RD () C:\Users\Marta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2014-04-15 09:41 - 2013-10-18 13:40 - 00000000 ____D () C:\Users\Marta\Documents\Bluetooth Folder 2014-04-15 09:41 - 2009-07-14 06:45 - 00031296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-15 09:41 - 2009-07-14 06:45 - 00031296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-15 09:40 - 2013-10-18 13:59 - 00000000 ____D () C:\Intel 2014-04-15 09:40 - 2013-10-18 11:16 - 00000000 ____D () C:\3DP 2014-04-15 09:35 - 2014-04-15 09:19 - 00000000 ____D () C:\Users\Marta\Desktop\analiza systemu 2014-04-15 09:13 - 2014-04-15 09:12 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask 2014-04-15 09:12 - 2014-04-15 09:12 - 00000000 ____D () C:\Users\Marta\AppData\Roaming\Dell 2014-04-15 09:11 - 2014-04-15 09:11 - 00000000 ____D () C:\ProgramData\PCDr 2014-04-15 09:11 - 2014-04-15 09:11 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows 2014-04-15 09:11 - 2014-04-15 09:11 - 00000000 ____D () C:\Program Files\Dell Support Center 2014-04-15 09:11 - 2014-04-15 09:10 - 00000000 ____D () C:\Program Files\My Dell 2014-04-15 09:07 - 2014-04-15 09:07 - 00000000 ____D () C:\Users\Marta\AppData\Roaming\PCDr 2014-04-15 09:07 - 2014-04-15 09:06 - 00000000 ____D () C:\Users\Marta\AppData\Local\Deployment 2014-04-15 09:06 - 2014-04-15 09:06 - 00000000 ____D () C:\Users\Marta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell 2014-04-15 09:06 - 2014-04-15 09:06 - 00000000 ____D () C:\Users\Marta\AppData\Local\Apps\2.0 2014-04-15 08:59 - 2014-04-15 08:59 - 00046652 _____ () C:\Users\Public\Documents\cc_20140415_085911.reg 2014-04-15 08:54 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-04-15 08:54 - 2009-07-14 06:51 - 00052410 _____ () C:\Windows\setupact.log 2014-04-15 08:15 - 2010-11-21 05:47 - 00136730 _____ () C:\Windows\PFRO.log 2014-04-11 12:36 - 2013-10-18 11:26 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-04-11 12:08 - 2014-04-11 11:55 - 00067072 _____ () C:\Users\Marta\Desktop\Budzet_Wsparcie_sprzedazy_2014-04-11.xls 2014-04-10 11:12 - 2014-03-06 13:32 - 00067584 _____ () C:\Users\Marta\Desktop\Budzet_NazwaKlienta_NazwaProjektu_RRRR-MM-DD.xls 2014-04-09 08:36 - 2014-04-08 20:00 - 58360916 _____ () C:\Users\Marta\Desktop\DSC09294b.psd 2014-04-08 19:45 - 2014-03-09 17:48 - 00000000 ____D () C:\Users\Marta\AppData\Roaming\NVIDIA 2014-04-08 11:59 - 2013-11-27 10:03 - 00000000 ____D () C:\Users\Marta\AppData\Local\CrashDumps 2014-04-07 13:53 - 2014-03-24 16:01 - 00042883 _____ () C:\Users\Marta\Desktop\Projekty_2014-03-24.xlsx 2014-04-07 13:21 - 2014-04-07 13:16 - 00000000 ____D () C:\test 2014-04-07 11:36 - 2014-04-07 11:36 - 00041183 _____ () C:\Users\Marta\Desktop\Projekty_2014-04-07.xlsx 2014-04-04 18:39 - 2014-04-04 18:14 - 00000000 ____D () C:\Users\Marta\Desktop\MSP 2014-04-03 11:34 - 2014-04-03 11:34 - 00000000 ____D () C:\Users\Marta\Desktop\prezentacja_se_ 2014-04-02 12:20 - 2014-04-02 12:20 - 00004028 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2785496558-2735700387-205125986-1000UA 2014-04-02 12:20 - 2014-04-02 12:20 - 00003632 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2785496558-2735700387-205125986-1000Core 2014-04-02 12:20 - 2013-10-18 13:15 - 00000000 ____D () C:\Users\Marta\AppData\Local\Google 2014-04-02 12:20 - 2013-10-18 11:28 - 00000000 ____D () C:\Users\Marta\AppData\Roaming\Mozilla 2014-03-31 15:22 - 2014-03-18 15:42 - 00040472 _____ () C:\Users\Marta\Desktop\analiza wsparcie sprzedazy_2014-03-18.xlsx 2014-03-31 13:35 - 2013-10-18 13:15 - 00004042 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-03-31 13:35 - 2013-10-18 13:15 - 00003790 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-03-31 12:19 - 2013-10-21 15:37 - 00000000 ____D () C:\Users\Marta\AppData\Roaming\TeamViewer 2014-03-31 12:18 - 2014-03-31 12:17 - 06964080 _____ (TeamViewer GmbH) C:\Users\Marta\Desktop\TeamViewer_Setup.exe 2014-03-31 03:16 - 2014-04-09 09:23 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-03-31 03:13 - 2014-04-09 09:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-03-31 02:13 - 2014-04-09 09:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-03-31 01:57 - 2014-04-09 09:23 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-03-28 17:00 - 2014-03-28 17:00 - 00000000 ____D () C:\Users\Marta\Desktop\prezentacja_se 2014-03-28 11:33 - 2014-03-07 16:24 - 00000000 ____D () C:\Users\Marta\Desktop\ZUS 2014-03-28 09:30 - 2014-03-28 09:30 - 00000000 ____D () C:\Users\Marta\AppData\Local\Skype 2014-03-28 09:30 - 2013-10-18 14:06 - 00000000 ____D () C:\ProgramData\Skype 2014-03-28 09:29 - 2013-10-18 14:06 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-03-28 09:23 - 2013-10-18 11:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-03-26 12:33 - 2014-03-26 12:25 - 00000000 ____D () C:\Users\Marta\AppData\Local\Thunderbird 2014-03-24 15:04 - 2014-03-24 15:04 - 00040459 _____ () C:\Users\Marta\Desktop\analiza wsparcie sprzedazy_2014-03-18 (Automatycznie zapisany).xlsx 2014-03-20 14:56 - 2014-03-20 14:56 - 21383168 _____ () C:\Users\Marta\Desktop\Oferta_gra_SzkoleniowaOczyszczalniaSciekow.ppt 2014-03-20 14:20 - 2014-03-20 14:20 - 00000000 ____D () C:\Users\Marta\Desktop\pzu 2014-03-20 14:11 - 2014-03-20 14:11 - 21896564 _____ () C:\Users\Marta\Desktop\pzu.zip 2014-03-19 10:02 - 2014-03-19 10:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-03-19 09:51 - 2014-03-18 12:09 - 00000000 ____D () C:\Users\Marta\AppData\OICE_15_974FA576_32C1D314_3B68 2014-03-18 10:13 - 2009-07-14 06:45 - 05107120 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-03-18 10:12 - 2013-10-25 08:54 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-03-18 10:12 - 2013-10-25 08:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-03-18 09:19 - 2009-07-14 04:34 - 00000478 _____ () C:\Windows\win.ini 2014-03-17 15:29 - 2014-03-17 15:16 - 00000000 ____D () C:\Users\Marta\AppData\OICE_15_974FA576_32C1D314_938 Some content of TEMP: ==================== C:\Users\Marta\AppData\Local\Temp\Creative Cloud Helper.exe C:\Users\Marta\AppData\Local\Temp\DataCard_Setup64.exe C:\Users\Marta\AppData\Local\Temp\ose00000.exe C:\Users\Marta\AppData\Local\Temp\ResetDevice.exe C:\Users\Marta\AppData\Local\Temp\SkypeSetup.exe C:\Users\Marta\AppData\Local\Temp\xmlUpdater.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== BCD ================================ Menedľer rozruchu systemu Windows --------------------------------- Identyfikator {bootmgr} device partition=\Device\HarddiskVolume3 description Windows Boot Manager locale pl-PL inherit {globalsettings} default {current} resumeobject {353ee1c8-37a1-11e3-bc73-b0c822549288} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Moduˆ ˆadujĄcy rozruchu systemu Windows --------------------------------------- Identyfikator {current} device partition=C: path \Windows\system32\winload.exe description Windows 7 locale pl-PL inherit {bootloadersettings} recoverysequence {353ee1ca-37a1-11e3-bc73-b0c822549288} recoveryenabled Yes osdevice partition=C: systemroot \Windows resumeobject {353ee1c8-37a1-11e3-bc73-b0c822549288} nx OptIn Moduˆ ˆadujĄcy rozruchu systemu Windows --------------------------------------- Identyfikator {353ee1ca-37a1-11e3-bc73-b0c822549288} device ramdisk=[C:]\Recovery\353ee1ca-37a1-11e3-bc73-b0c822549288\Winre.wim,{353ee1cb-37a1-11e3-bc73-b0c822549288} path \windows\system32\winload.exe description Windows Recovery Environment inherit {bootloadersettings} osdevice ramdisk=[C:]\Recovery\353ee1ca-37a1-11e3-bc73-b0c822549288\Winre.wim,{353ee1cb-37a1-11e3-bc73-b0c822549288} systemroot \windows nx OptIn winpe Yes Wznawianie ze stanu hibernacji ------------------------------ Identyfikator {353ee1c8-37a1-11e3-bc73-b0c822549288} device partition=C: path \Windows\system32\winresume.exe description Windows Resume Application locale pl-PL inherit {resumeloadersettings} filedevice partition=C: filepath \hiberfil.sys debugoptionenabled No Moduˆ testujĄcy pami©† systemu Windows -------------------------------------- Identyfikator {memdiag} device partition=\Device\HarddiskVolume3 path \boot\memtest.exe description Diagnostyka pami©ci systemu Windows locale pl-PL inherit {globalsettings} badmemoryaccess Yes Ustawienia usˆug EMS -------------------- Identyfikator {emssettings} bootems Yes Ustawienia debugera ------------------- Identyfikator {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Uszkodzenia pami©ci RAM ----------------------- Identyfikator {badmemory} Ustawienia globalne ------------------- Identyfikator {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Ustawienia moduˆu ˆadujĄcego rozruchu ------------------------------------- Identyfikator {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Ustawienia funkcji hypervisor ----------------------------- Identyfikator {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Ustawienia moduˆu ˆadujĄcego wznawiania --------------------------------------- Identyfikator {resumeloadersettings} inherit {globalsettings} Opcje urzĄdzenia ---------------- Identyfikator {353ee1cb-37a1-11e3-bc73-b0c822549288} description Ramdisk Options ramdisksdidevice partition=C: ramdisksdipath \Recovery\353ee1ca-37a1-11e3-bc73-b0c822549288\boot.sdi LastRegBack: 2014-04-09 10:46 ==================== End Of Log ============================