Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01 Ran by dom (administrator) on DOM-KOMPUTER on 30-06-2015 16:41:42 Running from C:\Users\dom\Desktop Loaded Profiles: dom (Available Profiles: dom) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Polski (Polska) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-01-12] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-30 16:41 - 2015-06-30 16:41 - 00002075 _____ C:\Users\dom\Desktop\FRST.txt 2015-06-30 16:41 - 2015-06-30 16:41 - 00000000 ____D C:\FRST 2015-06-30 16:40 - 2015-06-30 16:39 - 02112512 _____ (Farbar) C:\Users\dom\Desktop\FRST64.exe 2015-06-30 16:06 - 2015-06-30 16:04 - 00552712 _____ C:\Users\dom\Desktop\CBS.log 2015-06-30 15:52 - 2015-06-30 15:52 - 00025600 ___SH C:\Windows\system32\config\BCD-Template.LOG 2015-06-30 14:59 - 2015-06-30 15:52 - 00015361 _____ C:\Windows\WindowsUpdate.log 2015-06-30 14:58 - 2015-06-30 14:58 - 00001437 _____ C:\Users\dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-06-30 14:58 - 2015-06-30 14:58 - 00000000 ____D C:\Users\dom\AppData\Roaming\Adobe 2015-06-30 14:57 - 2015-06-30 14:58 - 00000000 ____D C:\Users\dom 2015-06-30 14:57 - 2015-06-30 14:57 - 00000020 ___SH C:\Users\dom\ntuser.ini 2015-06-30 14:57 - 2015-06-30 14:57 - 00000000 _SHDL C:\Users\Public\Documents\Moje wideo 2015-06-30 14:57 - 2015-06-30 14:57 - 00000000 _SHDL C:\Users\Public\Documents\Moje obrazy 2015-06-30 14:57 - 2015-06-30 14:57 - 00000000 _SHDL C:\Users\Public\Documents\Moja muzyka 2015-06-30 14:57 - 2015-06-30 14:57 - 00000000 _SHDL C:\Users\dom\Ustawienia lokalne 2015-06-30 14:57 - 2015-06-30 14:57 - 00000000 _SHDL C:\Users\dom\Szablony 2015-06-30 14:57 - 2015-06-30 14:57 - 00000000 _SHDL C:\Users\dom\Moje dokumenty 2015-06-30 14:57 - 2015-06-30 14:57 - 00000000 _SHDL C:\Users\dom\Menu Start 2015-06-30 14:57 - 2015-06-30 14:57 - 00000000 _SHDL C:\Users\dom\Documents\Moje wideo 2015-06-30 14:57 - 2015-06-30 14:57 - 00000000 _SHDL C:\Users\dom\Documents\Moje obrazy 2015-06-30 14:57 - 2015-06-30 14:57 - 00000000 _SHDL C:\Users\dom\Documents\Moja muzyka 2015-06-30 14:57 - 2015-06-30 14:57 - 00000000 _SHDL C:\Users\dom\Dane aplikacji 2015-06-30 14:57 - 2015-06-30 14:57 - 00000000 _SHDL C:\Users\dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2015-06-30 14:57 - 2015-06-30 14:57 - 00000000 _SHDL C:\Users\Default\Ustawienia lokalne 2015-06-30 14:57 - 2015-06-30 14:57 - 00000000 _SHDL C:\Users\Default\Szablony 2015-06-30 14:57 - 2015-06-30 14:57 - 00000000 _SHDL C:\Users\Default\Moje dokumenty 2015-06-30 14:57 - 2015-06-30 14:57 - 00000000 _SHDL C:\Users\Default\Menu Start 2015-06-30 14:57 - 2015-06-30 14:57 - 00000000 _SHDL C:\Users\Default\Documents\Moje wideo 2015-06-30 14:57 - 2015-06-30 14:57 - 00000000 _SHDL C:\Users\Default\Documents\Moje obrazy 2015-06-30 14:57 - 2015-06-30 14:57 - 00000000 _SHDL C:\Users\Default\Documents\Moja muzyka 2015-06-30 14:57 - 2015-06-30 14:57 - 00000000 _SHDL C:\Users\Default\Dane aplikacji 2015-06-30 14:57 - 2015-06-30 14:57 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2015-06-30 14:57 - 2015-06-30 14:57 - 00000000 _SHDL C:\Users\Default User\Documents\Moje wideo 2015-06-30 14:57 - 2015-06-30 14:57 - 00000000 _SHDL C:\Users\Default User\Documents\Moje obrazy 2015-06-30 14:57 - 2015-06-30 14:57 - 00000000 _SHDL C:\Users\Default User\Documents\Moja muzyka 2015-06-30 14:57 - 2015-06-30 14:57 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2015-06-30 14:57 - 2015-06-30 14:57 - 00000000 _SHDL C:\ProgramData\Ulubione 2015-06-30 14:57 - 2015-06-30 14:57 - 00000000 _SHDL C:\ProgramData\Szablony 2015-06-30 14:57 - 2015-06-30 14:57 - 00000000 _SHDL C:\ProgramData\Pulpit 2015-06-30 14:57 - 2015-06-30 14:57 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy 2015-06-30 14:57 - 2015-06-30 14:57 - 00000000 _SHDL C:\ProgramData\Menu Start 2015-06-30 14:57 - 2015-06-30 14:57 - 00000000 _SHDL C:\ProgramData\Dokumenty 2015-06-30 14:57 - 2015-06-30 14:57 - 00000000 _SHDL C:\ProgramData\Dane aplikacji 2015-06-30 14:57 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-06-30 14:57 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-06-30 14:54 - 2015-06-30 14:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2015-06-30 14:53 - 2015-06-30 14:53 - 00267360 _____ C:\Windows\system32\FNTCACHE.DAT 2015-06-30 14:53 - 2015-06-30 14:53 - 00000000 ____D C:\Windows\CSC ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-30 16:41 - 2014-01-28 18:36 - 00380416 _____ C:\Users\dom\Desktop\gmer.exe 2015-06-30 16:32 - 2009-07-14 06:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-06-30 16:32 - 2009-07-14 06:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-06-30 15:52 - 2009-07-14 07:32 - 00032768 _____ C:\Windows\system32\config\BCD-Template 2015-06-30 15:25 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\restore 2015-06-30 15:04 - 2011-04-12 15:21 - 00739694 _____ C:\Windows\system32\perfh015.dat 2015-06-30 15:04 - 2011-04-12 15:21 - 00155268 _____ C:\Windows\system32\perfc015.dat 2015-06-30 15:04 - 2009-07-14 07:13 - 01668226 _____ C:\Windows\system32\PerfStringBackup.INI 2015-06-30 15:00 - 2015-04-16 21:49 - 00008228 _____ C:\Windows\setupact.log 2015-06-30 15:00 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-06-30 14:57 - 2015-01-15 15:05 - 00000000 ____D C:\Windows\Panther 2015-06-30 14:57 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default 2015-06-30 14:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2015-06-30 14:57 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Windows NT 2015-06-30 14:55 - 2015-04-16 21:50 - 00002297 _____ C:\Windows\TSSysprep.log 2015-06-30 14:55 - 2015-04-16 21:49 - 00001016 _____ C:\Windows\DtcInstall.log ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-06-30 15:18 ==================== End of log ============================